You and your family are sipping hot cocoa, gathered around the [holiday object of your choice], and your family member suddenly asks: “Can you help me with my [insert device here]?”
They need a question answered about their computer, phone, tablet, video game console, or internet-connected device. Maybe they have related questions about their online accounts.
Or maybe there is a teenager or college student in your family that posts intensely personal information online, and has just realized that they should probably maintain more privacy in their online lives—but isn’t sure how to start.
Or perhaps the conversation of data breaches comes up around the dinner table, and Uncle Navid insists that the only way to protect yourself is to never go online at all.
Congratulations, you are now responsible for threat modeling for the holidays!
This is a good time to take a step back, consider some common concerns and threat models, and talk to your family about digital security. Congratulations, you are now responsible for threat modeling for the holidays!
Before you begin, try to take a harm reduction approach to answering their problems. Take a moment to think about what devices and operating systems they use, what workflows they already have in place, and what kind of advice might they be receptive to.
Then, you can start to narrow down on their concerns. A good way to start is by asking: “What would you like to do, and what are you worried about?”
Threat Modeling for the Holidays
-
Did your friend get a new phone? Are they scared of losing it or someone stealing it? Show them how to password-protect their device, and help them to set up full-disk encryption. (And for fun, watch our “unboxing” video to start a discussion around fair use, closed technologies, and facial recognition.)
-
Does your family member already have a strong password protecting their encrypted device? Are they interested in bolstering their security further? Determine what their next steps might be. What do they already know? Do they know what they don’t know? Help them level up!
-
Are your friends eager to protect their online accounts? Are you friends worried about the latest password breach? Show them how to enable two-factor authentication and try out the Security Education Companion’s module. (And if you get in a conversation about data breaches like the one that happened to Equifax, point them toward our blog post about what Congress can do to protect against future breaches.)
-
Is your family member applying to schools or applying for jobs? Are they worried about prospective administrators and employers finding their social media accounts? Show them how to lock down their social media account settings!
-
Are your friends eager to get the holiday shopping deals, but are they annoyed by being tracked across their purchases? Show them how to install Privacy Badger.
-
Does your family member send sensitive information, like social security numbers or medical information, through text messages? Are they worried about someone accessing this information? Show them how to use an end-to-end encrypted chat app, like Signal.
As you are teaching your friends and family, you might encounter one of the following attitudes:
“I have nothing to hide, so why do I need to protect privacy?”
“I am worried about my digital security to the point of being overwhelmed. I don’t know where to start.”
“I’m ready to take action, but not until I have a perfect handle on how all of these technical concepts fit together.”
“There’s no such thing as perfect security, so why even bother? If someone wants to hack me, they’ll figure out a way to do it.”
If you’re struggling with keeping them motivated to learn, try out some of these ideas.
Help your friends and family move into the new year with added security. Let us know how these lessons go by submitting feedback to the Security Education Companion, and by using the hashtags #TheSafestConversationYoullHaveThisHoliday or #BadgerYourFamily.