What is a threat model?

A threat model is a simple map of who might identify you, what data they can access, and which mistakes would expose you.

Why this matters

Without a threat model, people apply random tips. With one, you pick defenses that match real risk instead of maximum complexity.

Safe default steps

1. Write down who you are worried about.
2. List what they can realistically access (device logs, network logs, account history).
3. Choose the minimum safe workflow that addresses those risks.
4. Practice once with a non-sensitive file.

Common mistakes

• Copying advanced tactics without understanding tradeoffs.
• Ignoring local laws and organizational policies.
• Overlooking timing signals (when and where actions happened).

Limits

Threat models change. Re-check when your risk level, device, or channel changes.

Related

• Can any tool guarantee anonymity?
• Should I use a work device?
• Using PDF Changer offline