Modern secure messaging focuses on encrypting content while leaving the act of communication itself observable. In high-risk environments, this metadata observability is the primary vulnerability.
I'm proposing an alternative: Low-Observability Context Synchronization. Instead of transmitting explicit symbols, participants synchronize context through ordinary, non-salient interactions.
The goal is to shift the cost of surveillance from decryption to large-scale semantic inference. It’s a trade-off: we sacrifice scalability for reduced observability. I’d love to hear your thoughts on the economic feasibility of this model
schoen•1mo ago
There have been some asynchronous secure messenger projects in the past (Pond and Secure Scuttlebutt come to mind). High latency is really important for defeating traffic analysis, but people are so unaccustomed to it now because of all the engineering work that's gone into successfully reducing the latency of almost all of our communication systems. Accepting high-latency messaging as a defense against traffic analysis might involve psychology even more than engineering: cultivating patience.
aebtebeten•1mo ago
How "high" ought high-latency be? days? months? years?
justinjeff•1mo ago
There’s no single “correct” latency. It’s not a fixed parameter but a variable tied to the threat model and the economics of surveillance.
For low-risk, everyday coordination, minutes might be sufficient. For high-value intelligence, latency needs to be long enough to break the temporal correlation between input and outcome.
If monitoring a 24-hour window costs an adversary $X, the goal is to stretch the window until the cost of semantic inference exceeds the value of the information being inferred. Beyond that point, surveillance becomes economically irrational.
In that sense, latency functions like a currency: users “spend” time to buy lower observability. How much they’re willing to spend depends entirely on what they’re protecting and from whom.
justinjeff•1mo ago
Latency stops being a technical parameter and becomes a side effect of interaction. What matters is not delivery speed, but how meaning accumulates over time.
justinjeff•1mo ago
I think both points connect to the same underlying issue.
High latency isn’t a fixed number (days vs months), and it’s not something users are simply asked to tolerate. It’s a variable tied to both the threat model and how latency is experienced.
From a security perspective, latency only needs to be long enough to break meaningful temporal correlation. Once the cost of inferring “when coordination happened” exceeds the value of that inference, surveillance becomes economically irrational. In that sense, latency is a currency: time is spent to buy lower observability.
From a human perspective, the problem isn’t patience per se, but idle waiting. If latency is experienced as dead time, users reject it. If it’s embedded in ordinary interaction—play, participation, progression—then the wait stops feeling like a delay and starts feeling like part of the system’s normal operation.
So the model isn’t about slow messaging. It’s about replacing explicit message delivery with gradual context alignment. Latency becomes a side effect of interaction, not a parameter users stare at.
At that point, the limiting factor really is psychological—but less about endurance, and more about whether people can operate without expecting immediacy as a signal of meaning.
justinjeff•1mo ago
I'm proposing an alternative: Low-Observability Context Synchronization. Instead of transmitting explicit symbols, participants synchronize context through ordinary, non-salient interactions.
The goal is to shift the cost of surveillance from decryption to large-scale semantic inference. It’s a trade-off: we sacrifice scalability for reduced observability. I’d love to hear your thoughts on the economic feasibility of this model
schoen•1mo ago
aebtebeten•1mo ago
justinjeff•1mo ago
For low-risk, everyday coordination, minutes might be sufficient. For high-value intelligence, latency needs to be long enough to break the temporal correlation between input and outcome.
If monitoring a 24-hour window costs an adversary $X, the goal is to stretch the window until the cost of semantic inference exceeds the value of the information being inferred. Beyond that point, surveillance becomes economically irrational.
In that sense, latency functions like a currency: users “spend” time to buy lower observability. How much they’re willing to spend depends entirely on what they’re protecting and from whom.
justinjeff•1mo ago
justinjeff•1mo ago
High latency isn’t a fixed number (days vs months), and it’s not something users are simply asked to tolerate. It’s a variable tied to both the threat model and how latency is experienced.
From a security perspective, latency only needs to be long enough to break meaningful temporal correlation. Once the cost of inferring “when coordination happened” exceeds the value of that inference, surveillance becomes economically irrational. In that sense, latency is a currency: time is spent to buy lower observability.
From a human perspective, the problem isn’t patience per se, but idle waiting. If latency is experienced as dead time, users reject it. If it’s embedded in ordinary interaction—play, participation, progression—then the wait stops feeling like a delay and starts feeling like part of the system’s normal operation.
So the model isn’t about slow messaging. It’s about replacing explicit message delivery with gradual context alignment. Latency becomes a side effect of interaction, not a parameter users stare at.
At that point, the limiting factor really is psychological—but less about endurance, and more about whether people can operate without expecting immediacy as a signal of meaning.