We’re living in a present that makes surveillance, coercion and manipulation look like integral parts of our future. Extrapolating the evolution and growth of current technologies of control can lead to a bleak outlook. This doesn’t have to be so…
Security & Safety are fundamentals for human existence and they often form the backdrop on which politics rests. We want to be safe from starvation and natural disaster, and we want to be secure against humans that aim to undermine our safety and physical well-being.
While this has always been true, we are also so much more than just biological units that survive and thrive solely based on physical factors. We want to be productive, we want to think, we want to feel and experience, and not least actualize ourselves. Without that inner expansion our distinct “human-ness” is empty.
A lot of security politics today is considering humans primarely as faceless units that are managed as numbers, not as individuals. This often leads to our higher aspirations to go unfilled or even actively suppressed. In the name of security (and its brothers “unity”, “conformity” and “coherence”) we experience laws and procedures that reduce the human experience to that of industrial cattle management.
One of the reasons for this misguided approach is the assumption that security needs to be provided by a semi-static, central authority that alone has the means of offensive and defensive violence. This view is not without justification, though justifications have to be tested when the environment changes.
The centralized security view is based on technological and economic factors that have held true for several hundred years and it has deeply entrenched itself into our thinking.
19th-20th Century Security
Absent of mitigating factors conflict is expressed and resolved by violence. Violence is employed by humans. Humans create technology to become more effective and efficient in exercising their will. The tools to increase a human’s ability to exercise offensive or defensive violence is called a weapon. Humans develop weapons. The state of technology of weapons influences the politics of security.
When the cost of procurement and deployment of effective weapons is high, people must coordinate to procure the resources for arming themselves. High costs of procurement require bigger numbers of productive people to come together to share the burden for defending themselves against potential attackers. The higher the costs of deployment - including the skill required to yield a weapon, the less armed security personnel is available and feasible to employ. Due to the increasing cost of relatively effective weapons in both deployment and procurement the security services (including military) demanded a growing number of resources from growing populations during the age of industrialization. This necessitates the creation of a centralized command for funding and deployment.
Furthermore, a long term view on defense makes it necessary to not just fend off an attack, but to ultimately dominate an attacker to the point where further attacks become unlikely. For the same reason, the number of potential attackers should be as low as possible to decrease complexity of diplomacy, information gathering and maneuvering. This leads to the formation of alliances which, to decrease information cost, require the formation of centrally organized groups. To increase the stability and reliability of these groups, internal unity and coherence become critical factors.
For sake of brevity I have only touched on these factors. However, it is reasonable to conclude that the cost and complexity of weapons technology, as well as the complexity of inter- and intra-group relationships supports centralization as long as relatively effective weapons are very costly or even increasing in cost.
Both the management of forces and that of political relationships in such a scenario emphasizes the view as Security as a state that is maintained by a centralized command drawing from a passive group of value creators and serves to protect the relationship between commanders and creators. In this environment, the commanders are observing the borders of their territory and the actors beyond that border. Security is split into external security to defend against other groups, and internal security that is primarily focused on maintaining unity and coherence to preserve the ability to mobilize.
The monolithic construction of security can demand and mobilize enormous capital in a short time to be used in coordinated exercises of violence. However, this construction is also slow to adapt to new technologies and strategies. The monolith quickly becomes a monoculture that only allows synchronized change and is vulnerable to systemic failure - for example by an attacker that undermines the assumptions of a defender on how conflict is to be conducted, or what technologies and strategies are to be expected.
21st Century Security Environment
In the 21st century the means of production are moving from regional or national industrialization to global, finance driven, and automated. Knowledge becomes highly dispersed, and is often torn out of its context of creation and reapplied quickly for new purposes. The driving factors are global logistics, global instant digital communication, international financial markets and the infusion of everything with digital computer technology.
This has already lead to consumer and weapon technology sharing a growing amount of components, and the knowledge to create and produce weapons has widely spread. At the same time, automation and even autonomy in weapon systems is dramatically increasing while the cost of relatively effective weapon systems is dropping.
At the extreme end of the spectrum of available technology we see the development of highly efficient and effective areal denial systems with unprecedented kill ratios, and on the other extreme end we witness the weaponization of consumer goods in insurgent warfare theaters. We are reaching a scenario of wide spread, highly amplifying means of violence.
This amplification is however not limited to nation state organizations. The cost of attack are decreasing constantly, which multiplies the number of potential violent actors of relevance dramatically.
As a result, the view that security is a maintainable state that falls into the domain of a few centralized command and control structures becomes less tenable every day. Instead, security must be understood as a process of ongoing competition between an ever shifting number of actors.
Monolithic constructs are ill-suited for such an environment. Their field of perception towards the borders of territory makes them blind for insurgent and low intensity conflict. Their slowness in adapting to new circumstances leaves them vulnerable to sudden attacks yielding unexpected weapons and strategies.
Since the driving factors for this change are technology and economics, there is no immediately plausible argument that this development should slow down or even reverse. Quite the contrary, it must be expected to accelerate.
Surveillance as Security
Surveillance has recently become the main cure employed against security threats. The reason for this is obvious.
Existing security organizations are modeled on a 20th century understanding of the environment. They are monolithic and aimed at maintaining the ability to mobilize. They focus on unity, coherence, conformity and low complexity of society.
However, they are confronted with explosive growth of technology, change of ideologies, economic turmoil, and rapid movement of populations.
The security relics of the past find themselves in a world for which they aren’t a good fit. They must suddenly look both inward and outward of their territorial borders, and promise to maintain security with a small number of specialists with low degrees of local knowledge. Deploying widespread surveillance and militarized rapid response units is the only strategy choice they have if they want to maintain their institutional existence.
At the same time the media environment is fractioning. Social media and a myriad of news outlets lead to highly diverging reality assumptions within a population. Without a coherence and unity of world perception it becomes unlikely that a unity and coherence of society is possible. This strongly contributes to a growing alienation between security services and the populations they are claiming to serve and protect. The use of surveillance only widens this gulf.
21s Century Security Strategy
The monolithic security services of the past are an ill fit for the current environment.
- The notion of clearly defined territories and populations loses relevance and undermines conflict coordination.
- The spread of low-cost high-effective weapons and their distributed production undermines the justification for central command.
- The fractioning of populations due to loss of unity, coherence and guiding ideologies undermines mobilization capabilities.
- The monolithic, centralized command structures are too slow to adapt to a rapidly changing environment, making them vulnerable to systemic attack.
However, the need for security and safety by all people remains. This makes new approaches to security necessary.
If it is correct that the driving force for security organization is the cost and effectiveness of weapons technology, then the conclusion from this must be that defensive capabilities must be deployed in depths, close to the persons and assets that are in need of protection. This also applies to the command and control structures as well as economic and personnel mobilization. In short, this results in a decentralized security infrastructure that ideally empowers individuals to rapidly respond to threats and draw from highly mobile, on-demand defense specialists when the local rapid response is deemed insufficient.
This also means that territories of defense and mobilization dramatically shrink in size and multiply in number. The result of that is an exponential increase of relationships between territories. The number of potential attackers and allies explodes. While this adds fuel to the fire, it is in any case inevitable due to technological trends. Instead of desperately trying to prevent the multiplication of actors, both the awareness of the fact and the strategies to contain this should be openly admitted and embraced.
The way out of this conundrum is the emphasis on passive and short-range active defensive technologies that not only cover the response to immediate force but also aim at undermining the ability of an attacker to select a target and execute pre-deployment reconnaissance.
Furthermore a radical decentralization of persons, assets and resources is prudent to mitigate the effects of attacks and to maintain survivability. Instead of large, contiguous territories a patchwork of widely distributed territories is more resilient.
However, the transition from centralized to decentralized defense must happen cooperatively and gradually. A sudden switch between models risks uncontrollable exposure while lacking mitigating - if only insufficiently - capabilities. Instead progress should start with the addition of defensive capabilities in depths, that is on the local or asset level, before reducing capabilities on a territorial level. Such a switch will take time to completion. One should not ignore that dependencies, ideas and persons need time to change and adapt, and overwhelming change can easily turn into new sources of conflict. That makes it necessary to begin such a transition sooner rather than later to not risk falling behind and being overcome by hostile actors.
The relevance of decentralized territories and cryptoanarchy
Any security strategy must focus on the protection of defined assets. On a societal level these are persons (body, abilities and freedoms), capital and goods.
Protection must be aimed against accidents and natural disasters, criminals (individual, organized and as mobs), oppressive outside organizations including foreign hostile nation states.
With the boundless reach of highly mobile, and partially autonomous, remote weapons technologies foreign organized actors (including nation states) develop into a domestic security threat. To be exact, all security threats become domestic and global at the same time - no matter the actor.
A strategy in eight phases is suggested:
- Prevent target selection by an attacker by minimizing visibility and exposure, especially in relation to outward relationships, conflict creation and profit prospects for an attack.
- Prevent pre-attack intelligence gathering of an attacker.
- Deter attacks by limiting success as defined by an attacker, specifically economic payout and long-term ability to dominate.
- Prepare for post-attack recovery by distributing assets.
- Harden all assets by deploying passive defense technologies.
- Detect attacks early.
- Initiate immediate response starting with local self-defense and potentially escalating towards the deployment of highly mobile additional defense specialists.
- Maintain operational effectiveness and efficiency outside of security tasking, especially also in relation to human goals of higher order.
Phases 1-5 strongly correlate with cryptoanarchist ideas. The high insulation between communities, the suppression of surveillance. the distribution of assets, and defense in depths reflect the strategies used by cryptoanarchist projects: Access control, confidentiality, anonymization, plausible deniability, digital abstraction and distribution.
There are more obvious reasons for the adoption of cryptoanarchist technologies however. Most clearly we are progressing towards a world that is dominated by digital communication, computerization, fractioning societies, and high mobility of persons, capital and goods. Adopting a digital first approach towards security threats is a logical choice. Only highly adaptable societal institutions and exceptional cyber-security [sic] are a match for the future. With societal unity based on territory weaning, new forms of political organization that are highly flexible and allow members to quickly associate or disassociate in an orderly fashion become a necessity. This does not mix well with top-down organizations but instead favors bottom-up spontaneous networks. Our future is one of fluid networks, much more than one of static territorial structures. Certainly these forms will mix and coexist to some degree, but the friction between technology and societal change on the one hand, and relevance of territory on the other, favor small units of organization for people, and large units only for geography-bound functions like resource extraction.
Out of this we can assemble a list of necessary technologies that could help stabilize our futures:
Computing & Communication
Trustable Computing Devices
The foundation of distributed, in-depths defense societies are reliable and secure computing devices. They need to be trustable even if they cannot be physically observed since they are widely distributed for reliability and resilience purposes. This makes direct physical control hard and requires some form of assurance when inspected remotely.
- They have to be free of hardware backdoors, which requires the use of open source hardware designs that are physically verifiable.
- They need to be capable of local encryption of RAM and persistent storage to counter the extraction of secrets by physically present attackers.
- They have to be remotely attestable to verify the integrity and identity of hardware and software.
Tamper-detecting physical enclosures for computing devices
Computing devices must support the detection of physical attacks and be able to both signal remote personnel as well as respond directly by destroying local secrets before they can fall into the hand of attackers. They also have to be able to destroy their own attestability to prevent attackers from undermining the integrity of the processing resources.
Anonymous and confidential communication
Machines and humans must be able to communicate securely without leaking intelligence to an attacker.
This requires the end-to-end encryption of all traffic as well as the concealment of senders and recipients of a communication.
Anonymization prevents attackers to unravel the location of resources to stage disruptive attacks. It also allows the participants to deny their affiliations in a plausible manner, preventing retaliatory actions of an attacker. This corresponds to phase 2 and 3 of the defense strategy.
The means of communication need to be tiered as necessary. Low bandwidth, low latency for command and control functions, high bandwidth, high latency for data acquisition, backups, and communication that is not time critical. Ideally, the presence of such communication systems can be concealed if surrounding territories are known hostile and would resort to suppression attacks against vital communication links.
Delay&Disruption tolerant networking with local caching hubs
Attacks against communication infrastructure are a highly likely first move by hostile parties. Disruption of communication can potentially cripple even purely local processes. This makes it necessary to focus on delay and disruption tolerant networks for data exchange and communication.
The presence of local caching hubs that store data until communication is possible again allows maintaining local processes in case of attack.
Delay tolerance allows fallback to different mediums of data transfer, up to the ability to use UAVs as data transport devices.
Backhaul satellite systems are useful additions to mitigate the effect of non-local attacks that disrupt, intentionally or unintentionally, communication routes between distributed localities of the same territory. They primarily qualify as high-bandwidth downstreams for broadcasting shared state data.
Message registries for distributed state machines
A potential approach to process transactions relevant for societal institutions and commerce is the parallel execution on distributed machines operated by diverse parties. This lowers the risk of both corruption by insiders and subversion by outsiders, preserving the integrity of the function.
This requires distributed software to operate on an agreed on order of messages over which a consensus must exist. The processing itself can yield comparable outputs that are accepted by quorum rules. It is noteworthy that for such an architecture the content of the messages does not have to be public, thus preserving the necessary confidentiality.
In this model a software would be hosted on multiple computers independently, operated by different parties. Each installation would consume messages in order from the message registry, change their own state, and commit the new internal state and the new output on the message registry. The message registry itself would be publicly accessible and serve as the method of communication between both for the hosted software as well as for users of the service. One approach to implement this is the use of a blockchain or a distributed log with leader.
Long-range, unidirectional messaging
A self-defense first strategy of security will likely require the availability of highly mobile, on-demand support units that are specialized in defense.
These units however become a primary first target of any sophisticated attacker. Localizing these units can delay their response to the point that it becomes ineffective.
It is therefor necessary to conceal the current location of these units and their membership. This poses a problem for signaling these units and placing emergency calls.
A possible solution here are long-range, unidirectional, radio based messaging systems that prevent the localization of the units while also being resistant to intercept and recipient identification.
Untraceable, uncensorable, digital cash
The ability to trade is crucial for the survival of any advanced society. Both internally as well as with foreign parties, people have to be able to quickly and reliably exchange goods and money in payment. Since economic attacks are developing into a weapon of choice for economic hegemons, it is necessary for the independence of distributed societies to be able to transact with privacy and without the risk of being censored (financial blockades).
Modern cryptography provides the means to develop untraceable, uncensorable, instantaneous, digital payment methods that have the functional flexibility of cash and allow the creation of complex financial instruments. If settlement speed and transaction costs are sufficiently low, this also provides the backbone for mobile person-to-person, person-to-machine, and machine-to-machine payments that can facilitate economic integration while reducing the need for complex identity-, anti-fraud, and conflict-resolution mechanisms.
Low trust all-or-nothing escrow systems
Highly distributed societies place a high cost on conflict-resolution mechanisms and justice systems. Apprehension and punishment are costly, complex, disruptive and error-prone. Instead, modern societies should focus on crime and error prevention methods.
For remote trade, all-or-nothing escrow systems are one of these technologies. They rely on all parties committing a security amount for the execution of the trade in addition to the payment itself. They can be bound to physically verifiable factors of exchange and allow complex chains of custody and insurance. This decreases the possibility for criminals to profit from fraud while also increasing the economic pressure on all participants to effectively and efficiently operate their trade processes.
Contract and evidence registries
Streamlining the fact-finding aspects of conflict resolution and decreasing the possibility of honest mistakes in communication can contribute substantially to the coherence of society and economy. When designed and deployed correctly, relevant technology can substantially equalize the positions of market participants and citizens vs bureaucracies.
One of these technologies are contract and evidence registries. Participants can use these systems to register facts in a time-ordered manner. This allows for a shared record between parties that can, on demand, be revealed to mediators and arbitrators. If no need for arbitration arise, the data in these registries is unreadable to third parties, preventing attackers to gather intelligence.
Disposable anonymous identities with biography
Access to systems and localities requires access control to prevent unauthorized use and trespassing. Furthermore, some form of temporary persistent identities appear to be a requirement to prevent and punish physical crimes.
However, identities are a primary attack vector for infiltration, fraud, and targeting of organizations. Identity theft, impersonation, and select attacks on identifiable key personnel are viable strategies for attackers.
To reconcile these conflicting aspects the use of disposable, anonymous identities with biography can be implemented.
These identities are embodied in identification tokens that are issued to authorized persons in such a way that the connection between token issuance and person is untraceable. The identification tokens remain valid for a limited amount of time and carry the necessary authorization credentials to allow access to designated areas and systems. After expiration, the token remains bound to the person long enough to allow for a time span in which potential abuse and crime can be detected.
After the end of the detection time span, the tokens are exchanged with the issuer again and can be repurposed at a later date. If however the bearer of such a token is identified as the perpetrator of a crime, the token exchange can be prevented and the person has to either face court proceedings or permanently lose authorization to enter a location or use a system.
While such a system certainly does not implement a perfect identity, it reconciles the need for some form of on-demand attributable identity with the need to prevent crime and other attacks that target identities themselves.
Since it is privacy preserving and prevents individual targeting, this allows more widespread automated access control gates that can significantly reduce the mobility of hostile actors while at the same time not hindering citizens.
Physical anti-surveillance and targeting prevention
Anti-Biometrics and Privacy Enhancing Clothing
Autonomous weapons combined with biometric identification pose a realistic threat to individuals and societies, making selective areal denial weapons as well as targeted, autonomous retaliation and decapitation attacks possible. It is likely that such weapons already exist and are stockpiled, and within a few years these technologies will become available for non-state criminal actors.
Furthermore, automated biometric tracking poses a high risk to organizations and societies by enabling attackers to automate intelligence gathering in the physical space in an unprecedented scale. Social graphs, movement patterns, and behaviors are efficiently collectible, making attacks economically viable for an increasing number of attackers.
Legal means to reign in this threat are going to fail. The ability to hide and miniaturize sensors and conceal their ownership prevents effective enforcement of laws prohibiting the offensive use of biometric tracking.
This makes it necessary to develop technologies and cultural norms that defend against involuntary biometric capture. Biometric features need to be hidden from sensors, either through masking, blinding, jamming, or decoy.
The dramatic decrease in price and size for sensor systems makes wide-spread intelligence gathering by hostile actors feasible and increasingly economical. Audio-, video-, EM/RF- recording and analysis are in everybody’s reach, and increasingly in every criminal’s toolkit.
This opens attack vectors such as hostile intelligence analysis, blackmail, disinformation (esp when combined with deep fakes), and target preparation for autonomous weapons.
The existence and utility of these sensors cannot be regulated sufficiently, especially also because they possess strong dual-use characteristics and are already widely available.
This makes it necessary to create spaces in which active microphone jamming, audio concealing, and video blocking are employed. Furthermore EM/RF protection through wide range jamming, spectral analysis, and Faraday cage constructions should be deployed.
Only if these “black box spaces” exist is it possible to make hostile intelligence gathering expensive enough to prevent wide-range attacks by low- and medium-resource hostile actors.
Physical transferable storage
A radically distributed society poses challenges for the physical storage and exchange of goods. Since physical security strongly depends on structural security and responsive guards, the cost of small-scale storage operations is not economical. Bigger storage facilities that are shared by multiple parties are a necessity.
Furthermore, smaller societies make the coincidence of both parties to a transaction at the same location less likely and less economical.
This leads to the requirement of physical storage mechanisms that allow the transfer of storage containers (and goods contained therein). Such a transfer must be enabled for remote operations, so that only one party has to be physical present at a given time.
Current technology for automated self storage systems, including high security safe deposit boxes, already exists. They could easily be combined with the “anonymous disposable identities” mentioned above to allow privacy preserving transfer of goods between authorized parties.
Furthermore, a wide network of these storage facilities enables both individuals and societies to distribute assets widely and make total loss of goods and capital less likely. This dramatically increases the survivability of a society in case of localized attacks.
Uncloneable, attestable, updateable ownership tags
Distributed societies face increasing cost for apprehension and punishment after a crime is committed. To remedy this fact they have to increase their efforts to prevent crime in the first place.
Property crimes are among the most frequent and have a devastating effect on the health of a society.
To prevent crime and make it easily detectable, a clear and immediate system of property titles can be useful. However, these systems usually present a privacy risk and become means for hostile parties to collect intelligence.
Ownership tags are a technical solution that can help here. Such a tag is permanently attached to an object and contains a contact-less smartcard.
The smartcard holds physical properties of the object (such as engraved serial numbers), as well as an updateable cryptographic key that allows the legitimate owner to prove ownership. This key can be updated by current owner and next owner by executing a simple protocol.
To prevent fraud, the tags are attestable and uncloneable. When combined with All-or-Nothing escrows these also allow the timed transfer of ownership of a physical good so that coercive transfers become prohibitively costly for a criminal.
Long range autonomous cargo drones
Widely distributed and small territories depend strongly on efficient logistics between localities, both inter- and intro-territorial.
Current developments in unmanned autonomous vehicles will make this feasible. Cargo drones that can fly at a low altitude can easily carry high value goods and connect dispersed supply chains. Similar technology exists for swimming and driving vehicles.
Given these small and efficient transport vehicles, timely and cost effective transport between localities becomes possible. Even if a location is under blockade in the case of conflict can these drones serve as a means of last resort to increase the survivability.
Passive defense in the form of strong structures and resistive perimeters dramatically lower the probability of attack, and the probability of successful attack. Breach of perimeter serves as initial warning and delays the attacker so that local defense can be mounted.
In the face of wider spread violence, defensive structure can serve against attacks by arson, explosives and small guns fire. Wide spread access control infrastructures prevent access by hostile actors and slow down infiltration.
Modular, hypermobile and embedded container villages
Changes in the environment surrounding a locality can pose significant risks to capital. Changing weather patterns, or changes in the friendliness of neighbors, pose threats to settlements. If the capital is immobile, inhabitants are incentivizes to stay put in place which exposes them to unnecessary risks.
Alternatively structures can be built to maintain both high density and high mobility by exploiting the concept of intermodal shipping containers. These containers can be outfitted cheaply and with high flexibility, allowing complex buildings and whole villages being built in such a way that they can be quickly disassembled and transported by standard means of mass goods transport.
This preserves capital while allowing a flexible response to threats and changes in demography or social structure.
Non-lethal, high-manstop, self-defense weapons
In the future, defense must be in-depths. Ideally every person has to be able to defend himself against criminal attacks.
However, this individual approach to defense also increases the likelyhood of criminal use of defensive weapons and accidents.
It is therefor prudent to develop self-defense weapons that are non-or less-lethal while maintaing a high manstop power. Various technologies in this field exist, from taser-guns, pepper-gel guns, rope- and net-throwers and glue guns. Further research and development in this field is required and anticipated.
Short-range, remotely controllable kinetic anti-material defense stations
While defense against low-intensity criminal violent attacks with self-defense weapons is feasible, there still remains the risk of high-intensity attacks for organized hostile actors. However, defensive weapons suitable in this scenario are easily abused, require trained personnel and can fall into enemy hands.
One approach would be the deployment of semi-autonomous, remotely armed and controlled defense stations that possess limited mobility. Specialized defense personnel would remotely arm the weapon in case of a confirmed attack and cooperate with local civilians in operating the unit.
Using smart munitions, these defense stations can be multi-purpose while also carrying safe-guards against abuse - such as geofencing and semi-autonomous target selection that suppresses fire commands against civilians or persons in general. This reduces the capabilities of such a weapons system so that it only functions as a defense tool and lowers the risk of abuse for offensive means.
The development of weapons and intelligence technologies makes it increasingly impossible to distinguish between nation-state attackers and criminals. Potential attacks become so effective and efficient that only a radical response is able to defend persons and other assets.
Such a radical response must rest on the principles of defense in depths, distribution of assets, and anti-intelligence tactics.
Cryptoanarchist methodology and technology can serve as a blueprint for such a comprehensive security strategy that can cope with the wave of change and unprecedented threats that breaks into modern societies.
Previous structures of security and control, as well as societal organization, are far too brittle and pose increasing risks themselves.
It is necessary for a timely discussion, and development, to prevent potentially catastrophic consequences.
Such a development can be executed in phases, first by strengthening defense in depths, then restructuring territories into distributed spaces, and lastly forming strong federal structures with strong local and regional precedences.
Otherwise liberal societies and the rule of law are likely going to disappear. They are caught between the accelerating spread of highly effective weapon systems, and dramatic changes in society and technology on the one hand, and on the other side kept immobile by centralized security structures that are incapable to adapt to new threats and alienate people by their ill fitting attempts to preserve themselves in this new environment. If security is not radically distributed the future will decay into omni-violence, surveillance and militarized top-down security that must fail to prevent overreach and subversion by authoritarian actors.
The preservation of rule of law and liberal societies however requires us to give up 19th century security architecture and embrace the new world we are living in, and which does give us a plethora of options to thrive peacefully.
Like my work? Want to give back? Donate bitcoin: 1MkSbGdox3qkUcNH3YaRe45ut41bjy8Hvs