Threat Modeling
Threat modeling is the practice of deciding what you are trying to protect, from whom, how likely the threat is, what failure would cost, and how much inconvenience you are willing to accept in order to reduce that risk. It is the planning layer underneath every serious security decision.
The Core Questions
The EFF framing is simple and durable:
- What do I want to protect?
- Who do I want to protect it from?
- How bad are the consequences if I fail?
- How likely is the threat?
- How much trouble am I willing to go through?
- Who are my allies?
Those questions matter because tools are never universal. The right system for an activist facing state surveillance is not the same as the right system for someone mainly worried about account theft or device loss.
Why It Prevents Bad Security
Without threat modeling, people tend to overbuy complexity, underprotect obvious weak points, or chase abstract maximum security that does not fit real life. They may use one very strong encrypted tool while leaving everything else exposed, or adopt a workflow so cumbersome that they stop following it.
Threat modeling is what turns security from gadget collecting into design. It decides whether the right answer is better account hygiene, device encryption, safer communications, or sometimes a simpler nontechnical practice.