q: security model

brian carroll electromagnetize at gmail.com
Wed Feb 4 18:44:54 PST 2015

third and last observation: the other day i was considering how
'security' seems to be achievable only by putting someone in a secure
area or box, and keeping the world outside this box, and how absurd
that seems to be because it requires removing the world in order to
try to attain security, if indeed this is an accurate assessment.

the thing that struck me about this is that the world changes outside
the box, and so this could either force detachment from the world,
which then increasingly becomes out of touch with the external realm
not included in the box, or that only people who are inside the same
box can safely communicate, as long as they are modeled or entirely
known in their parameters.

in other words, if a person is all alone in the box they may be
secured, yet the moment anything changes, or the world itself changes,
this situation could be effected within this supposedly safe and
secure zone. in that, if the person is inhabit or engage with the
world they need to be able to interface and interact with the world.
and thus perhaps the boundary or threshold issue, of entropic
balancing, should anything change or the two realms somehow begin to
crossover into one another.

in this way, interaction beyond the box of security then potentially
allows vulnerabilities into this secure zone, via the unknowability or
inaccurate accounting for how these external relations exist, both
outside and inside the once secure box.

so too, any persons that are also included in the safe zone of the box
inherently carry with them unknowns if not modeled and accounted for
accurately that potentially jeapordize this internal condition,
presumably more secure than no security, though with more interaction
and access to 'the outside world' the more vulnerable in various
dimensions, parameters, dynamics, known and unknown.

so it just seemed like security itself would be impossible to achieve
if the idea involves keeping out the world, or not accounting for
things within a security context, yet having this be a hive of
activity likewise, unless security accounting were happening to the
Nth-degree beyond what may be external signifiers of security, 'the
sign of security' versus its indepth practice in undocumented terms
that may not even be mentioned or perceivable, given the advanced
context that could exist in certain scenarios.

it is somewhat like the scenario: a person walks into a bar... except
that it is a supposedly secure box where they exchange secret messages
and meet at conferences and function in industries (boxes within
boxes) where various vulnerabilities are interwoven with activities
and how could this occur in a real context of actual security unless
much more was happening than meets the eye or ear.

maybe this leads back to the idea of unknowability as the threshold
for security, beyond a realm of awareness, where it cannot be deducted
because things do not add up beyond a threshold condition and sensory
awareness fails to provide a framework to evaluate what conditions
feasibly need to exist for security to exist, which tends towards the
metaphysical, the invisible, the utterly alien, etc.

More information about the cypherpunks mailing list