[Cryptography] When your security is too secure

Douglas Lucas dal at riseup.net
Tue Nov 25 19:33:26 EST 2025 

This is a thought-provoking email. As a humble enduser, I can only
contribute the following analogy. In the United States, people are
direct in their insulting of journalists: "Lol, you think too hard, you
care too much, I deserve to just be happy, being a civic freeloader
rules!" The outcome is homeless in the streets and overcharged
pharmaceuticals thanks to patents baking in the organized crime
corruption. Here in Chiapas where I live now, people are indirect in
their response to journalists. They look the other way, demand I show
some of the secret hand signs (things like that still exist in rural
areas), but at the end of the day -- on the one hand -- they do have
quite a bit more dignity in their body language and things like, say,
mothers being able to breastfeed in public without being harassed, but 
also -- on the other hand -- they still have homeless in the streets and
I still get overcharged on my lithium in the pharmacies and the reason
is pretty obvious. So after a while the question has to arise: does
infinite confidentiality, and even infinite integrity, really mean jack
when nearly everyone globally is deeply, deeply committeed to never
being available for anything except "I DESERVE TO HIDE UNDER THE BED MY
WHOLE LIFE" when asked about those sorts of activism that might get one
punched in the face or worse? So how does this connect to cryptography?
Idk, except just about every client I have nowadays wants to go through
a whole song-and-dance where we find The Perfect Cryptography Systems
that take all risk away. It is not very logical, but very psychological.
Then of course Assadnge (sic d) said all this and that went downhill
fast (ugh Russia, ugh CCP), but he wasn't a particularly empathy-driven
person, rather he did interviews with a Cheshire Cat smile and that went
downhill fast, to repeat myself. He wasn't really someone who shared
anything of himself and when I gave interviews, such as at an anarchist
bookstore, I would get questions like "How do I browse the internet
securely" (I would shrug and say install an adblocker and look at the
EFF guide) but really I was trying to encourage people to show up in the
streets, that is, to be Available.
 
So idk, maybe it is a problem of differentiated disciplines. If C and I
are left to cryptography professors, and A is left to street medics and
black bloc, then there is no cross-think. Someone should start an
interdisciplinary program or whatever it is academics do to solve the
world's problems.
 
Douglas
 
> On 2025-11-24 00:24, Jon Callas wrote:
>> There's a classic model of security: confidentiality, integrity, and availability. Hahahaha, CIA, get it, CIA! As I get older and more experienced, the more I think that A is more important than C or I. If you don't need Availability, why not just put things into /dev/null for Confidentiality? That's just the digital form of burn after reading.
>> 
>> 	Jon
>> 
>> _______________________________________________
>> The cryptography mailing list
>> cryptography at metzdowd.com
>> https://www.metzdowd.com/mailman/listinfo/cryptography

More information about the cryptography mailing list