The Cheapest Defense
npub1klkk3vrzme455yh9rl2jshq7rc8dpegj3ndf82c3ks2sk40dxt7qulx3vt
hex
9888aa3cbb5a940826e58901afd8adc928655c2b403d61e3f1cb9ae60f7746ddnevent
nevent1qqsf3z928ja449qgymjcjqd0mzkuj2r9ts45q0tpu0cuhxhxpam5dhgprpmhxue69uhhyetvv9ujuem4d36kwatvw5hx6mm9qgst0mtgkp3du662ztj3l4fgts0purksu5fgek5n4vgmg9gt2hkn9lq8rmxrenaddr
naddr1qqgrydenvg6nye3kvcmnjwpcvvmnsqgcwaehxw309aex2mrp0yhxwatvw4nh2mr49ekk7egzyzm7669svt0xkjsju50a22zurc0qa589z2xd4yatzx6p2z64a5e0cqcyqqq823cww39evKind-30023 (Article)
John Boyd spent his career studying why some fighters won and others died. The Air Force colonel, who earned the nickname "Forty Second Boyd" for defeating any opponent in simulated combat within forty seconds, distilled his insights into what became known as the OODA loop: Observe, Orient, Decide, Act. The pilot who cycled through this loop faster disrupted his enemy's decision-making, generating confusion and exploiting the resulting hesitation.
Boyd's framework found applications far beyond the cockpit. Business strategists adopted it for competitive positioning. Military planners used it to design doctrine around tempo and initiative. The common interpretation emphasizes speed: cycle faster than your opponent, get inside their loop, keep them perpetually reacting.
Speed is the common reading, but Boyd's deepest insight points elsewhere. The entire loop depends on the first step. Observation is the foundation; orient, decide, and act all follow from it. An adversary deprived of observation cannot begin the loop at all. The most devastating attack on an opponent's OODA loop bypasses speed entirely and strikes at the source: deny observation, and the rest collapses.
Privacy accomplishes exactly this. Encryption makes your adversary unable to begin, stalling the loop before the first step.
Consider the economics of surveillance. Mass observation works when data flows freely, when communications cross networks in plaintext and metadata accumulates in centralized databases. Under these conditions, watchers enjoy economies of scale. The marginal cost of adding one more target to the surveillance apparatus approaches zero. One analyst can monitor thousands; one algorithm can process millions.
Encryption shatters this economy. When communications are encrypted end-to-end, the watcher sees only ciphertext, indistinguishable from random noise without the key. The marginal cost of surveillance climbs toward the impossible. Each target becomes a separate cryptographic problem, requiring either key compromise through targeted attack or computational resources that exceed what the universe will provide before heat death.
The numbers are stark. Encrypting a message costs a few milliseconds of computation, often hardware-accelerated to the point of invisibility. Breaking that encryption through brute force is computationally impossible. A 256-bit key represents more possible combinations than atoms in the observable universe. Clever attacks can reduce this margin, but they require specific conditions: known plaintext, implementation flaws, side-channel access. They require targeting. And targeting is precisely what mass surveillance cannot afford.
Government programs designed around bulk collection have discovered this the hard way. The Privacy and Civil Liberties Oversight Board examined the NSA's phone metadata program and found it delivered little counterterrorism benefit. Congressional reviews of fusion centers concluded they produced no valuable intelligence. Post-mortems of attacks like Fort Hood revealed that threat information was buried in data floods, invisible due to insufficient filtering. Mass surveillance generates haystacks.
The mathematics compound the problem. When searching for rare events, even highly accurate detection systems drown in false positives. A test that correctly identifies 99.9 percent of threats, applied to 330 million people, generates 330,000 false alarms for every actual threat detected. Analysts consumed by these leads lose the signals they were meant to find.
Meanwhile, the defender's economics improve with every adoption. VPN services cost a few dollars monthly. Signal protocol costs nothing and ships on every major platform. Full-disk encryption is standard on modern devices. Each deployment raises the attacker's costs while keeping the defender's costs near zero, and the asymmetry compounds.
The implications extend beyond frustrating intelligence agencies. Adversarial OODA loops pervade commercial and criminal contexts as well. Data harvesters build profiles for advertising, pricing discrimination, and influence operations. Criminal enterprises pursue financial fraud, identity theft, and ransomware deployment. Each adversary relies on observation as the foundation of their operations. Each faces the same wall when targets encrypt.
Boyd understood that victory came through collapsing the opponent's ability to function coherently. Deprived of observation, adversaries fail to orient to circumstances, fail to decide on courses of action, fail to act with purpose. Resources exhaust on noise, effort shifts toward softer targets, and the organization loses coherence under the weight of its own false positives.
Privacy's strategic logic follows directly: impose costs so extreme that surveillance becomes economically irrational. An adversary who cannot afford to observe you will stop trying, drawn by easier targets, defeated by arithmetic before engagement begins.
The cypherpunks understood this thirty years ago when Eric Hughes wrote that the act of encryption removes information from the public domain. They built tools to make this removal routine, automatic, ubiquitous. They understood that code enforces in ways that law cannot, that mathematics does not bend to jurisdiction or warrant.
The fight is ongoing: governments press for backdoors, corporations resist encrypting by default, and most people still communicate in plaintext because convenience outweighs abstract threat assessment. The economics have not changed, though. Defense through privacy remains the cheapest defense available, and attack through surveillance scales poorly against populations that adopt the available tools.
Boyd's fighter pilots won because their cockpit visibility and control responsiveness let them cycle faster than opponents still orienting. Privacy offers something better than faster cycling. It offers the end of cycling entirely, for your adversary. Blinded at the Observe step, he can spend whatever he wishes on Orient, Decide, and Act, and arrive nowhere.
Raw JSON
{
"kind": 30023,
"id": "9888aa3cbb5a940826e58901afd8adc928655c2b403d61e3f1cb9ae60f7746dd",
"pubkey": "b7ed68b062de6b4a12e51fd5285c1e1e0ed0e5128cda93ab11b4150b55ed32fc",
"created_at": 1777543606,
"tags": [
[
"d",
"273b52f6f7988c78"
],
[
"image",
"https://image.nostr.build/ff24f6f5224f09a5bb0a011ae964383818b50a7361eca6d3567adb46e8ce398a.jpg"
],
[
"title",
"The Cheapest Defense"
],
[
"summary",
"Privacy blinds the adversary's OODA loop at observation. When defense costs pennies and attack costs millions, surveillance becomes unprofitable."
],
[
"published_at",
"1767958563"
],
[
"t",
"ooda-loop"
],
[
"t",
"privacy"
],
[
"t",
"encryption"
],
[
"t",
"surveillance"
],
[
"t",
"strategy"
],
[
"t",
"defense"
],
[
"t",
"cryptography"
],
[
"t",
"austrian-economics"
],
[
"t",
"freedom-tech"
]
],
"content": "John Boyd spent his career studying why some fighters won and others died. The Air Force colonel, who earned the nickname \"Forty Second Boyd\" for defeating any opponent in simulated combat within forty seconds, distilled his insights into what became known as the OODA loop: Observe, Orient, Decide, Act. The pilot who cycled through this loop faster disrupted his enemy's decision-making, generating confusion and exploiting the resulting hesitation.\n\nBoyd's framework found applications far beyond the cockpit. Business strategists adopted it for competitive positioning. Military planners used it to design doctrine around tempo and initiative. The common interpretation emphasizes speed: cycle faster than your opponent, get inside their loop, keep them perpetually reacting.\n\nSpeed is the common reading, but Boyd's deepest insight points elsewhere. The entire loop depends on the first step. Observation is the foundation; orient, decide, and act all follow from it. An adversary deprived of observation cannot begin the loop at all. The most devastating attack on an opponent's OODA loop bypasses speed entirely and strikes at the source: deny observation, and the rest collapses.\n\nPrivacy accomplishes exactly this. Encryption makes your adversary unable to begin, stalling the loop before the first step.\n\nConsider the economics of surveillance. Mass observation works when data flows freely, when communications cross networks in plaintext and metadata accumulates in centralized databases. Under these conditions, watchers enjoy economies of scale. The marginal cost of adding one more target to the surveillance apparatus approaches zero. One analyst can monitor thousands; one algorithm can process millions.\n\nEncryption shatters this economy. When communications are encrypted end-to-end, the watcher sees only ciphertext, indistinguishable from random noise without the key. The marginal cost of surveillance climbs toward the impossible. Each target becomes a separate cryptographic problem, requiring either key compromise through targeted attack or computational resources that exceed what the universe will provide before heat death.\n\nThe numbers are stark. Encrypting a message costs a few milliseconds of computation, often hardware-accelerated to the point of invisibility. Breaking that encryption through brute force is computationally impossible. A 256-bit key represents more possible combinations than atoms in the observable universe. Clever attacks can reduce this margin, but they require specific conditions: known plaintext, implementation flaws, side-channel access. They require targeting. And targeting is precisely what mass surveillance cannot afford.\n\nGovernment programs designed around bulk collection have discovered this the hard way. The Privacy and Civil Liberties Oversight Board examined the NSA's phone metadata program and found it delivered little counterterrorism benefit. Congressional reviews of fusion centers concluded they produced no valuable intelligence. Post-mortems of attacks like Fort Hood revealed that threat information was buried in data floods, invisible due to insufficient filtering. Mass surveillance generates haystacks.\n\nThe mathematics compound the problem. When searching for rare events, even highly accurate detection systems drown in false positives. A test that correctly identifies 99.9 percent of threats, applied to 330 million people, generates 330,000 false alarms for every actual threat detected. Analysts consumed by these leads lose the signals they were meant to find.\n\nMeanwhile, the defender's economics improve with every adoption. VPN services cost a few dollars monthly. Signal protocol costs nothing and ships on every major platform. Full-disk encryption is standard on modern devices. Each deployment raises the attacker's costs while keeping the defender's costs near zero, and the asymmetry compounds.\n\nThe implications extend beyond frustrating intelligence agencies. Adversarial OODA loops pervade commercial and criminal contexts as well. Data harvesters build profiles for advertising, pricing discrimination, and influence operations. Criminal enterprises pursue financial fraud, identity theft, and ransomware deployment. Each adversary relies on observation as the foundation of their operations. Each faces the same wall when targets encrypt.\n\nBoyd understood that victory came through collapsing the opponent's ability to function coherently. Deprived of observation, adversaries fail to orient to circumstances, fail to decide on courses of action, fail to act with purpose. Resources exhaust on noise, effort shifts toward softer targets, and the organization loses coherence under the weight of its own false positives.\n\nPrivacy's strategic logic follows directly: impose costs so extreme that surveillance becomes economically irrational. An adversary who cannot afford to observe you will stop trying, drawn by easier targets, defeated by arithmetic before engagement begins.\n\nThe cypherpunks understood this thirty years ago when Eric Hughes wrote that the act of encryption removes information from the public domain. They built tools to make this removal routine, automatic, ubiquitous. They understood that code enforces in ways that law cannot, that mathematics does not bend to jurisdiction or warrant.\n\nThe fight is ongoing: governments press for backdoors, corporations resist encrypting by default, and most people still communicate in plaintext because convenience outweighs abstract threat assessment. The economics have not changed, though. Defense through privacy remains the cheapest defense available, and attack through surveillance scales poorly against populations that adopt the available tools.\n\nBoyd's fighter pilots won because their cockpit visibility and control responsiveness let them cycle faster than opponents still orienting. Privacy offers something better than faster cycling. It offers the end of cycling entirely, for your adversary. Blinded at the Observe step, he can spend whatever he wishes on Orient, Decide, and Act, and arrive nowhere.\n",
"sig": "760c18aa72c3f55a8e7754c5259c5638ff740616eb060217dd1b21c8069395b96c57b62b638cd3d2b3c023b6ac3624c72521dcb5a92ab0919c76c865fac9babe"
}