Anonymous Communications Threat-Model for a Whistleblower Platform
Overview
What this challenge is about.
Document the current stack's threat model using the LINDDUN framework (linkability, identifiability, non-repudiation, detectability, disclosure of information, unawareness, non-compliance) with explicit attacker capabilities (network adversary, hosted-server compromise, client-side compromise, malicious recipient). Evaluate 3 alternatives (SecureDrop, Briar-style mesh, OnionShare-ephemeral-link) against the same threat model. Recommend a target architecture and a 3-phase migration. Deliver a threat-model document, alternatives-comparison matrix, and a 6-page hardening recommendation for the CTO. Honestly mark threats none of the candidates fully mitigate.
The Brief
What you'll do, and what you'll demonstrate.
Produce a defensible threat model of an anonymous whistleblower intake and recommend a hardened architecture with a phased migration path.
Earning criteria — what you'll demonstrate
- Apply LINDDUN methodology to a real privacy-critical system
- Reason about network-adversary and server-compromise threat models
- Compare anonymous-communication architectures on common criteria
- Recommend a phased migration that respects audit + legal constraints
Program Fit
Where this fits in your program.
Sharpens the same skills your degree expects you to demonstrate.
Skills
Skills you'll demonstrate.
Each one shows up on your verified credential.
Careers
Roles this prepares you for.
Real titles. Real skill bridges. Pick the one closest to your trajectory.
Career mappings coming soon.