Hacker News new | past | comments | ask | show | jobs | submit login

Sounds expensive and complicated.

What's a valid "threat model"?

Hosting wireguard on a VPS is neither expensive nor complicated. However, you then must trust a VPS provider, and the other tenants. If you use a dedi host you still have to trust the machine, network to not be tampered or bugged. If you use a colo you still have to trust the network and the staff.

If you start your own data center, lay your own fiber, and peer with ISPs and hosts, well, everyone knows who you are again.

There’s no escaping trust issues 100%. The idea of a threat model is all about the trade offs, what things you will decide to trust or how you will defend yourself in depth.

Once I started really paying attention to security I thought I was being quite paranoid; you're right, there are threats that exist at every level, and tradeoffs to be made. Once I started learning about things like this I realized that tradeoffs are a must:


The threat model is figuring out what you're protecting yourself from. If you're just worried about someone snooping on public Wi-Fi, creating a VPN connection to your home router and using your ISP connection should be fine.

Trying to be completely secure often is both expensive and complicated. That's why you figure out your threat model first, to avoid spiraling costs and complexity.

Hint: You're probably not trying to thwart the most sophisticated branches of a nation state.

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact