Below is the intro to the second issue of my short-form newsletter on weird stuff in cybersecurity; you can read the rest of it and subscribe if you like here.
“When a storm is at its peak, and the world outside seems on the verge of tearing itself apart, a kind of radical openness comes briefly into view, as if, with each blanching of the view out the front window, something else, a more essential state of existence, draws that much closer to being unveiled.” – John Langan, Bor Urus, The Year’s Best Weird Fiction
It’s been a long week in the information technology space. We’ve been dealing with a Windows print spooler vulnerability, details on a major LinkedIn breach, a massive supply chain attack, a major security industry conference posting block chain snake oil, and more. The deeper I move into security the more it can feel at times like an unending storm that peaks, recedes, and peaks again. Multiple storms sometimes merge and microbursts can appear with little warning. But as Langan states above there’s a sort of unveiling at each flash and crack. We’re able – if only for an instant – to see the nature of the thing rather than its form.
It occurs to me that these moments of overlapping storms of all sorts, in their intense and destructive flashes, illuminate a landscape we traverse mostly by feeling our way through it in the dark, tripping and trying not to curse loudly. And so even as I pivot from Chrome 0-day to print spooler vulnerability to ransomware threat I try to keep perspective by listening to my senses and learning what I can amidst the sound and fury.
Philosopher Eugene Thacker has developed a fantastic body of work in the horror of philosophy – he presents horror as a way humans think about the unthinkable and understand where the limits are in our ability to comprehend and interact with the world. “Whereas traditional occult philosophy is a hidden knowledge of the open world,” Thacker writes in In the Dust of This Planet, “occult philosophy today is an open knowledge of the hiddenness of the world.”
So it is with security. The more learned about the tea, the emptier the cup – and the less solid. As with notional spaces mentioned in Issue #1, the boundary of the cup is nullified by everything moving in and out of it. Information security becomes a kind of occult practice shared (often ecstatically) with others about what we know, what we don’t know, and what we can’t know. And how to deal with it. Because, as Thacker continues, “The hiddenness of the world… puts forth the greatest challenge, which is how to live in and as part of such hiddenness.”