@strypey no it doesn't. they're talking about evaluating your threat model, as in actual security field http://ur1.ca/ql6ik