From dd1cbcf79011ce7ae724cc6a43555b4064bd8ffa Mon Sep 17 00:00:00 2001 From: urist Date: Fri, 31 Jan 2025 11:28:23 +0100 Subject: [PATCH] formatting fix --- opsec/cloud_provider_adversary/index.html | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/opsec/cloud_provider_adversary/index.html b/opsec/cloud_provider_adversary/index.html index 4587a9c..f167992 100644 --- a/opsec/cloud_provider_adversary/index.html +++ b/opsec/cloud_provider_adversary/index.html @@ -72,7 +72,7 @@ If clandestinity is a requirement, there also are cryptocurrency-based options i

-But, what if the adversary is already inside?
+But, what if the adversary is already inside?
in this post we are going to do a threat modelling exercise:

@@ -139,13 +139,13 @@ in this post we are going to do a threat modelling exercise:

-
+#

Alice's threat model

Alice is very happy with her new deployment. The platform runs great and her team has started using it in earnest. Still, the bond of implicit trust that now exists between her and Bob bothers here. She decides to do a quick threat modelling exercise to calm her mind: instead of wondering about whatifs, she is going to identify the risks associated with her current setup and find ways to mitigate them.

Threats to Confidentiality

If Bob was dishonest (or compelled into acting dishonestly), he would be able to harvest information directly from her server's memory! (She doesn't know Leo is already hard at work)

- Impacted assets
+ Impacted assets
  • decryption keys (eg: her https private key, allowing for complete decryption of her team's traffic)
  • sensitive data (ephemeral private messages on her forum that arer only kepy in RAM in an unencrypted form)