Who and what you trust is key to your security privacy and anonymity.

The less you trust the lower your risk.

You want to minimize the number of things that you trust including yourself.

This is the zero trust model to protect our assets.

We have to make choices about trust.

We have to select software operating systems encryption storage Internet service provider password
managers

download We want to download and even people that we need to trust to protect our assets evaluate
instead

of trusting everything will present a level of risk some acceptable some not.

We can mitigate the risk by distributing the trust.

This is a zero trust model.

It should be applied to everything we go through in the course trust nothing trust no one evaluate and

distribute the trust.

So what does that really mean.

Well let me give you an example.

Say you want to store files on line you want to sync your files on line.

You need to select a provider that offers the sinking service.

Dropbox is a popular choice and many people use you should not trust that they will not get hacked.

You should not trust that they won't view your files.

You should not trust that they will not lose or change your files so you have to make a risk based choice

based on that zero trust.

So you ask yourself how important is it that the files remain private without being changed and to be

always available.

You decide that it is important.

So you choose to back up the files as well.

In a separate location and encrypt the files or use a service to encrypt the files client side with
a decryption key.

The only you have this way you have distributed the trust to the alternative Balko and to yourself via

encryption Krypton and encryptor are examples of what are called zero knowledge systems.

Zero Knowledge is when the provider literally has zero knowledge about what it is that they are hosting

for their clients.

So zero knowledge system goes some way towards providing a system that you don't necessarily need to

trust too much in terms of confidentiality and privacy.

You still would have to trust them to keep your files available and to not change them if they were

indeed hosting files as an example of a zero knowledge service.

If your files are extremely sensitive I still wouldn't trust a claim of a zero knowledge system because

they could always change something they could recoat it as they have control of the application.

If it was important I would always add an extra layer of encryption.

Let me give you another example.

Applications can have secret back doors.

You may choose to run an application in an isolated virtual machine to stop it being able to communicate

out.

Applications can have malware.

Again you may sandbox that application instead of trusting it you're evaluating or mitigating the risk

distribution the trust.

Or you might adopt a different application completely and go with a free and open source FOSS
application

that has had security or auditing as an alternative Trost says the zero trust model you will hear me

mention the use of the zero tools model throughout the course evaluate instead of trusting mitigate

the risk by distributing the trust.