Threat Model

A threat model is a structured answer to four questions: 1. What am I protecting? (financial data, conversations with a source, location history, identity itself) 2. Who am I protecting it from? (advertisers, ISPs, employer, ex-partner, organized crime, intelligence services) 3. What is the consequence of failure? (annoying ads, social embarrassment, financial loss, physical danger) 4. What am I willing to give up to protect it? (convenience, money, time, social compatibility) Most "privacy" recommendations fail because they answer the second question with "everyone" — which is technically impossible and practically expensive. A realistic threat model narrows the scope: I want to protect *these specific things* from *these specific actors* and I am willing to spend *this much friction* to do it. Some example threat models: "I want to stop advertisers from following me across sites" (use Brave + uBlock + a privacy DNS — done in 10 minutes). "I am a journalist talking to a source about a corporate scandal" (Tor or Mullvad Browser + Signal or SimpleX + GrapheneOS or a burner phone, no cloud sync). The right tools depend entirely on which model you actually live in.