(1) Threat-modeling is commonly oversimplified.

Susan
- Manages a business
- Relies on contacting several clients a day
- Wants to protect her personal phone number
- Needs compartmentalization across several VOIP numbers

Let’s break this down...

(2) The privacy community tends to immediately push towards open source solutions. The problem? According to Plexus, no VOIP apps seems to work even with MicroG (RIP MySudo) In other words, Susan is forced to choose between an iPhone and an Android device w/ Google Play Services.

(3) Improving privacy & security doesn’t exclusively mean better privacy from Google, Apple, Governments, etc. it’s better privacy from the thing(s) an individual wants to protect.

If Susan has a mission of protecting her number from clients, that’s priority #1.

(4) If someone’s threat model involves avoiding government backdoors and preventing the commodification of user data from the greedy fingers of companies like Google, then we prioritize that.

But for Susan, an iPhone that supports mySudo protects her better than FOSS OSes

(5) 3 Lessons Here:

1) The individual comes first. We may want people to delete Facebook & use FOSS, but we need to think of their threat model first.

2) In order to safely push people (like deleting facebook), we need to convince people how that violates their threat model.

(6)
3) Because of point 2, we share equal responsibility for users who have yet to delete privacy-invasive services. If 2 billion people don’t see why Facebook is a threat, then we are the ones failing at our job.