Public
- Public
- Network
- Groups
- Featured
- Popular
- People

screenshot of a linkedin post by ryan castellucci 23 hours ago Involve developers in threat modeling with "abuser stories": "As a thief, I want to be able to reset passwords using SMS verification, so that I can compromise any account by bribing a telco employee." "As a spammer, I want to know immediately when my content is blocked/removed, so that I can quickly learn to evade detection." "As an stalker, I want to track my ex's every move, so that I can 'coincidentally' run into them at any time."

Download link

screenshot of a linkedin post by ryan castellucci 23 hours ago Involve developers in threat modeling with "abuser stories": "As a thief, I want to be able to reset passwords using SMS verification, so that I can compromise any account by bribing a telco employee." "As a spammer, I want to know immediately when my content is blocked/removed, so that I can quickly learn to evade detection." "As an stalker, I want to track my ex's every move, so that I can 'coincidentally' run into them at any time."
https://media.infosec.exchange/infosec.exchange/media_attachments/files/112/166/580/853/578/971/original/fe3c2d28656840d0.png

Notices where this attachment appears

Embed this notice
Ryan Castellucci :nonbinary_flag: (ryanc@infosec.exchange)'s status on Wednesday, 27-Mar-2024 16:59:14 JST Ryan Castellucci :nonbinary_flag:
in reply to

@ulf Of a sort, yes. I posted a more fleshed out version that said as much on linkedin a few minutes after I posted here.

In conversation about a year ago from infosec.exchange permalink