Taking a break from "micronational spook country" (and everything else) this week - we are on holiday and will return to the silliness next week. In the meantime, we wish you and yours the very best of the season, and a happy and healthy new year!
 |
| This is what you get when you ask a Generative AI system for "A llama dressed like Santa Claus" |
Last week, we talked about how MicroCon seems to suit the bill as a good venue for diplomacy. However, what if you can't get to MicroCon, or are not sure where/how to start with diplomacy? Not everyone is a born diplomat, after all! Well, as with so many things in the Internet age, there are online courses you can take for that! I'm sure this sort of post is why Google claims my blog is "low-content", since it's basically just a number of links leading elsewhere, but whatever. I've given up on them ever agreeing to let me actually make money off of ads here anyway.
A good place to start seems to be the US Institute for Peace, disregarding their recent "rebranding". They sponsor something called the "Ghandi-King Global Academy" which has self-paced courses that are both free of charge and open to the public. According to one online document I found, they offer courses such as "Introduction to Peacebuilding", "Nonviolent Action", "Conflict Analysis", and several courses in "Civil Resistance". I've signed up for an account but I'm currently waiting for approval. Oh, and for the mobile-device-inclined, they seem to have apps in both the Apple and Google app stores.
Alison also offers a number of free courses to help learn diplomacy, such as "International Relations", "An Introduction to Foreign Policy", and "Conflict Management: Resolving Conflicts with Confidence".
I found this course on Coursera easily - "Global Diplomacy - Diplomacy in the Modern World", but I'm sure there's more. It has five modules, including "What is diplomacy?", "Success and Failure in Diplomacy", "The Qualities of a 'Good' Diplomat", "Diplomacy in Action", and "Reflections and Futures of Diplomacy". That seems like a pretty good first-glance treatment of the subject to me.
Finally, there are a bunch of United Nations bodies that offer online learning courses. There's a "meta-list" of the bodies (with links to each one's specific learning page) here.
 |
| Yalta Conference, 1945 - Churchill, Roosevelt, and Stalin This Photo by Unknown Author is licensed under CC BY-NC-ND |
If you're hanging around the intelligence community, or watching too many spy movies, then sooner or later you're going to hear the term "counter-intelligence". But what is it, and why would you need it?
Simply put, if intelligence is how you find stuff out, then counter-intelligence is how you prevent the other guys from finding out stuff. How do you do that? There are two basic techniques: obfuscation, and increasing the "noise" (if you've ever heard the term "signal-to-noise ratio"). As an aside, and broadly speaking, those are the same two basic techniques used in cryptography.
Obfuscation means hiding what your opponent wants to see. This includes things like fences and barriers to keep prying eyes away from your facilities (blocking HUMINT), covered or underground facilities to foil GEOINT, and encrypting communications to block SIGINT. Classification and control of information also falls under obfuscation, by (hopefully) making it harder for the other people to get the information. By extension, vetting your people before providing them access to that information would also fall here, although it's now stretching the definition of "obfuscate" beyond all reasonable use...
Adding noise means creating additional false data points to force your opponent to spend more time on analysis, and hopefully to draw incorrect conclusions. For example, this might include creating fake military sites or vehicles to fool air reconnaissance. There was a famous (alleged) instance in WWII where the Germans built a fake air field with ersatz planes and equipment manufactured of wood to fool the British, or so they thought. The British waited until the fake facility was completed, then sent over a single plane that dropped a single wooden bomb. (I will note that Snopes rates the anecdote as "unproven".)
Another even more famous example from the same conflict was Operation Mincemeat, in which the British used a deceased homeless man (dressed in a military uniform) to feed false plans to the German intelligence machine. Incredibly, the plan for Operation Mincemeat was conceptualized by none other than Ian Fleming, who would later go on to write the James Bond books.
 |
| Picture from Microsoft Word ClipArt |
Micronations are still nations of a sort, and where nations meet is the stuff of diplomacy (Will Rogers notwithstanding). Diplomacy is how international relations are managed, through means such as dialogue, negotiation, and communication, rather than by force or the threat of force. (Again, micronational war is dumb, and anyone who threatens or proposes it is also dumb.)
A lot of new micronations seem to think that diplomacy means signing treaties. There really isn't a point in signing treaties, though - treaties are generally focused on trade or mutual defense, but micronational trade is virtually nonexistent and micronational defense is sort of, well, pointless - see my previous comment about micronational war.
According to Saaida (2023), there are four core principles of diplomacy, including negotiation, communication, building relationships, and promoting interests. Saaida further states that these "serve as the foundation for effective diplomatic interactions."
Does MicroCon serve as a venue for fostering diplomatic relations? Using the four core principles of diplomacy outlined by Saaida (2023), I argue here that a strong case can be made that it does. (Note that I'm focusing on MicroCon since that's the event that I'm familiar with, but most similar events will bring similar attributes.)
 |
| The attendees of MicroCon 2025 |
First, we have negotiation. While MicroCon is not inherently a negotiating body, the face-to-face opportunities presented by MicroCon help to "put a face to a name", which is helpful in reaching agreement.
Next, we have communication. MicroCon facilitates communication in several ways, including the presentations and the socializing opportunities before and after the conference.
After that, we have building relationships. I can personally attest to the value of MicroCon in this regard, having formed multiple lasting friendships through this event.
Finally, we have promoting interests. Here, again, MicroCon offers multiple opportunities to do so, including doing a presentation on whatever your interest is as well as using your table display - every MicroCon since the first has provided space (usually a half-table's length) for displays. I've been lucky that at the last several MicroCon gatherings I've been able to have a separate display area for MEDALS, one of my own pet projects.
 |
| "Behind the scenes" - setting up the MEDALS display at MicroCon 2025 |
So, in summary, I would argue that a micronation interested in diplomacy would do well to attend MicroCon (or similar events).
(Sympathy for the Devil by The Rolling Stones - Lyrics by Mick Jagger and Keith Richard)
References
Saaida, M. B. E. (2023). The Four Core Principles of Diplomacy. Science for All Publications, 1(1), 1-12. Link.
This wasn't supposed to be an intelligence blog, but here we are...
Today, I want to talk about a very powerful technique of intelligence analysis called "Analysis of Competing Hypotheses" (ACH). And, crucially, this isn't something that needs to stay in the halls of Langley, VA (home of the CIA) - it's something you can probably use.
Previously I talked about "all-source intelligence" - where you take intelligence from a bunch of different sources to form a more holistic picture of what's happening. We also mentioned the possibility of contradictory evidence, i.e. your HUMINT source was saying that the Hostilian (we were still calling it XYZ then) fleet was undergoing retrofit, but your GEOINT was showing that the naval yards were empty.
The point of ACH is to prevent intelligence analysts from developing "tunnel vision" - from being so focused on "proving" some presupposed "fact" that they ignore any other evidence. One famous example of this confirmation bias is how the US intelligence community handled information about the Iraqi chemical weapons program - they decided that there were two possibilities, that either Iraq had a large chemical weapons program, or they had a small one, and all of their evidence was forced to fit into one of those two possibilities. They completely ignored the third possibility, that Iraq had actually done what they had committed to and shut down those programs, with tragic results.
So, how is ACH done?
It starts with identifying your competing hypotheses. Remember that these are competing hypotheses, meaning that they should be very distinct, almost opposites from each other. ACH isn't so useful in identifying degrees of difference in two similar options.
Next, you want to gather all relevant information - your all-source intelligence.
Draw up a matrix with all of your hypotheses along the top, and all of your information items along the side. For each intelligence item, assess whether it supports (S), refutes (R), or is neutral for each hypothesis. If you have intelligence that doesn't provide any value for any of the items (it's neutral all the way across), discard it.
Assess each hypothesis on the basis of the evidence you have. Possibly counter-intuitively, you want to disprove hypotheses, not prove them. This can help you identify a "tentative conclusion" - the one with the least amount of disproving data associated with it.
See whether there's any key pieces of evidence that are crucial - this is a measure of the "sensitivity" of the conclusion. If, for example, your conclusion depends completely on a single piece of intelligence, and that item turns out to be wrong, then so are your conclusions.
Finally, report your conclusions. This doesn't just mean you present the most likely hypothesis - it means you present all of your hypotheses (that haven't been completely discounted), along with any additional lines of questioning that should be pursued to solidify your conclusions.
So let's see what this looks like in practice. Returning to our example about the Hostilian fleet, our government wants to know if they're poised to attack us. We start with two hypotheses here that are (at least for now) pretty contradictory: that either they are on their way to attack us (we'll call this hypothesis 1, or H1 for short), or that they are undergoing refit (H2). Next, we gather as much information as we can: we've already talked about the HUMINT and GEOINT, but we also have MASINT (which doesn't show unusual levels of communication or activity at their Naval headquarters) and an OSINT report from the Hostilian newspaper about their government signing a big contract with a private shipyard earlier this year. So we put all of that together into a matrix as below:
 |
| ACH Matrix example |
Looking at the available data, it seems that H2 is more likely (and suggests that we need to get some GEOINT coverage of that private company's shipyards to confirm). So, based on the above, we can report to the government that it's unlikely that we will be attacked by the Hostilian Navy any time soon (although, once they're done with the refits, the situation could change).
So, how could you use this in your own life? If you've got a decision to make, you can use ACH to assess the pros and cons of each decision (and if any factors are key - remember what I said before about "sensitivity" to key data).
Apparently I'm not done speaking about micronational intelligence services - you know, that thing I said you probably didn't need, and then wouldn't shut up about?
Today I want to talk about sources, which are part of "sources and methods". First, I'll throw this out there: while we previously talked about intelligence classification schemes as part of this post, it's important to remember that most information is classified to protect the source, not because of the information itself. For example, if you've got a source inside the naval strategic planning office of your main opponent (let's call them the Hostilians), you don't want to accidentally "burn" that source, so you want to protect everything that comes from them (i.e. "need to know", "eyes only", "NOFORN" - that last one meaning basically "No foreigners"), and filter it carefully before disseminating it. As another example, if your information is coming from SIGINT (see below) because you've cracked the Hostilian codes and you're reading their emails before they do, you certainly don't want them finding out and changing those codes!
Broadly speaking, intelligence sources are described in terms of where they came from, and usually they are abbreviated. For example, OSINT is "open-source intelligence", which means intelligence that is gathered or derived from freely-accessible sources. Despite the free availability, it's frequently a very valuable source of information, with some estimates saying that up to 80% of intelligence being derived from OSINT. For example, if the Hostilian press is suddenly full of editorials slagging on your country, and their leader is at the podium saying what a horrible place your country is and that your government is full of crooks, well, it's pretty obvious that they don't have the best of intentions for you.
HUMINT, or "human intelligence", is derived from human sources - like the aforementioned mole in the Hostilians' naval strategic planning office. This can also be intelligence you gather from prisoners you've taken from the other side, from refugees running from the Hostilian regime, from your border security patrols, from debriefing travelers that have returned from visiting Hostilia, and so on. This is probably the oldest form of intelligence gathering.
GEOINT is "geospatial intelligence" - this can be Google Earth imagery or your own drone reconnaissance footage, for example. Aerial reconnaissance actually predates powered flight, with the use of tethered hot air balloons for spotting troop movement as well as directing artillery fire.
Signals Intelligence (SIGINT) often works closely with cryptanalysis. SIGINT will capture the transmissions, and then the cryptanalysis team will try to break the codes and determine what is actually being said (assuming your enemy isn't just transmitting in the clear!).
Measurement and Signature Intelligence (MASINT), which is distinct from SIGINT, can tell you a lot about what's happening even without being able to understand the enemy's transmissions. For example, if you can triangulate the position of a transmitter, you know where it is (and thus, over time, if it is moving). You may also be able detect what kind of equipment they're using to transmit, and this can yield additional information. Suppose, for example, that the Hostilian Navy has suddenly started using X-band radar. This is useful to know, because X-band radar is shorter range, but higher resolution, and it suffers in poor weather. This, in turn, could help form a battle strategy if it becomes necessary to engage the Hostilian fleet - use the weather to your advantage.
Finally, Technical Intelligence, or TECHINT, is information about the equipment and weapons being used by your opponent. For example, if you've discovered that the Hostilian Navy just bought a bunch of Motorola Talkabout T210 radios for their people, TECHINT will tell you that the maximum range for those radios under optimal conditions is about 32km (20 miles, for the metrically-declined), as well as which frequency ranges that family of radios operates in. The previous insight about X-band radar would also be TECHINT - MASINT identifies the use of the radar, and then TECHINT tells you its limitations, basically.
There's also FININT, or financial intelligence, which looks at financial transactions and the flow of money, but this is generally more useful in law enforcement contexts.
All of the above are ideally combined using something called "all-source intelligence" to create a holistic view of what your opponents are doing/planning.
 |
| All-source Intelligence |
This post is the 100th post on this blog - a bit of a milestone, to be sure. So this will be a bit of a meta-post, talking about the blog itself.
Of those 100 posts, about 40 were made between April 19, 2019 (when the blog started) and June of this year (just before MicroCon), which averaged about 8 posts a year. After MicroCon, I decided to get "serious" (for certain values of the word) about my social media presence, and decided on (among other things) a regular posting schedule. Originally I had a Monday-Wednesday-Friday schedule, but switched it to Tuesdays and Fridays so that I could also do twice-weekly Instagram posts (MEDALS Mondays and Travel Thursdays), plus minor Wednesday posts on Tumblr and Facebook (where I currently have zero and six followers respectively). And, when I remember, I post a link to the newest blog post over on Bluesky (where I have 25 followers).
My blog posts seem to average around 20 to 25 views, although a blog post I did that provided some advice on starting your own micronation has 74 views, last time I checked. This is probably because, whenever anyone in the micronational Facebook groups posts "How do I start my own micronation?" I respond with a link to that post.
I usually try to include at least one related picture in each post, like the one at the bottom of this post. I started doing this so the blog post thumbnail wouldn't just be the first letter of the text in the post, but it also helps when I repost somewhere else - things with pictures always seem to garner more attention than things that don't have a visual accompaniment. I think I've used an AI-generated picture exactly once in a post, because I didn't have any other pictures to hand that fit the theme of the post.
Speaking of AI, I don't use AI to generate the post - these are my words, not those of some "answer machine". I know some people seem to think that AI is the inevitable future. Well, if that does happen, then maybe human-generated content will be a valuable niche, like how handmade products are in vogue in an era of factory-manufactured goods?
I don't currently make any money off of this, or any other social media. I did try to "monetize" this blog via Google Ad Network - twice. Both applications were rejected because Google considered this to be a "low-content blog". They don't provide any guidance as to what that means, they just say "Fix it and you can re-apply." As near as I can tell, they came to that decision because I often include external links to other sites, which is bizarre to me - in my academic career, providing references is a must, but apparently bloggers aren't supposed to do that?
When I started, I had a good list of blog post ideas, and I was able to build up a queue of posts. Those have all been posted now, and some days it's a bit of a struggle to find something to say - which is probably not helped by Google's claim that this is a "low-content blog". (But, you know, I'm not bitter or anything like that.) With the recent sequence of posts about micronational intelligence services, I've got a few new ones queued up now, just about to the end of the year in fact.
Anyway, 100 posts later, I'm still here, and I haven't run out of things to say yet! As I said, I'll probably delve more into micronational intelligence services in the near future, because (even though you probably don't need one) it's something I have some knowledge of (for, you know, reasons) and something that seems to be interesting to others.
 |
| Picture Source: Microsoft Word ClipArt Finder |
There are at least a few micronations that have popped up in the Facebook groups that are not merely "online-only", but they only claim real estate in the game Minecraft. Here's my thoughts on that...
First, Slabovia sort of started as an online micronation - specifically, in a forum on a bulletin board system back in the 1980s. We've since built up somewhat of a real-world presence, but we haven't forgotten our roots. In fact, the silver in our flag (below) pays homage to cyberspace and our roots there.
 |
| The silver bar in the middle of Slabovia's flag symbolizes our origin in "cyberspace" |
Second, I'm reminded of the "Uncensored Library" which is a repository in Minecraft of banned articles from countries that don't have complete freedom of the press, such as Russia, Saudi Arabia, and Iran. Accessing the library is done by either downloading a map from the Minecraft website, or by connecting to the library's Minecraft server. So, there can certainly be value in online-only infrastructure.
I'm also reminded of the novel Snow Crash (Neal Stephenson, 1992), which features both physical micronations called "distributed republics" (franchised, no less!) and a virtual world called the "Metaverse" which reportedly inspired both "Active Worlds" and "Second Life". If you haven't read Snow Crash, I recommend it (although it does have some fairly graphic violence, sexual content, etc., so isn't for younger audiences).
So, given all of the above, it might come as no real surprise that I have no inherent objection to a Minecraft-based micronation per se, although I do think that their citizens should find time to get off the computer and do things together in the real world, if only to form lasting bonds of real friendship.
I just rediscovered this video that was published during the pandemic lockdowns, and heavily features Slabovia (and yours truly). It's on the "This Exists" YouTube channel:
That video also references this one, on the "Not Exactly Normal" YouTube channel - he came to MicroCon 2019 in Hamilton:
Enjoy!
My thoughts on "micronational war" (being a very silly concept) are, I think, well known.
And, as documented here recently, I don't think micronations really need "intelligence agencies".
Thus, it might surprise some to learn that (with certain caveats) I think that a micronation should consider having a military!
I'll precede the rest of this with a pair of caveats: first, as I've discussed before, you want to beware of "stolen valour" (or valor, for the Americans) accusations, so avoid using any real-world uniforms or insignia. And, second, I will remind you again that micronational war is a silly idea, and therefore you certainly shouldn't be running around in the woods playing "silly bugger" and risk being mistaken for a "militia".
With that out of the way, yes, I think your micronation (if large enough) should consider having a military. Why? Well, for several reasons, actually!
First, with a military you generally get uniforms, and having several people representing your micronation all wearing the same uniform establishes a "look" that (in my opinion) heightens the apparent professionalism.
 |
| Slabovian Navel officers (plus the queen-consort) at MicroCon 2025 |
Second, having that body of uniforms to draw on can be handy to provide a visible presence. For example, we had a number of Slabovian navel (sic) officers on hand for MicroCon 2019, as well as providing a uniformed presence for the treaty signing and transfer of equipment for Operation Pole Dance in October.
 |
| A few of our Navel officers "hamming it up" with Grand Duke Travis of Westarctica at MicroCon 2019 |
 |
| Slabovian Navel personnel provide security for the signing of the Micronational Space Cooperation Treaty from West Who |
Additionally, depending on the circumstances of your micronation, your military can also form the core of an emergency response plan in the event of natural disasters, etc.
Just remember that these are volunteers; you shouldn't be ordering them around as a dictator or you'll quickly find you have fewer citizens (and possibly fewer friends).
Last time, we started talking about cryptography. After all, if you're going to have a micronational spy agency, you need to know how to keep your secrets, well, secret.
Enigma was a cryptography system used by the Germans in World War Two. Actually, it was a whole family of ciphers, including different strengths for business, diplomatic, and military use. It had a series of internal rotors that changed positions in a defined pattern with every letter typed on the machine's keyboard. When a letter key was depressed, a circuit was completed through the rotors and a corresponding ciphertext letter would light up above the keyboard. Using the same rotor settings, entering ciphertext would result in the corresponding cleartext. The history of Enigma is fascinating, but you can ignore U-571 in terms of historical accuracy. The Imitation Game is somewhat more fact-based, but ignores that Poland had cracked the code as early as 1932. There are a number of "Enigma Emulators" available online, such as this one.
 |
| A Military Model Enigma I, in use from 1930 By Alessandro Nassiri - Museo della Scienza e della Tecnologia "Leonardo da Vinci", CC BY-SA 4.0, https://commons.wikimedia.org/w/index.php?curid=47910919 |
We talked previously about symmetric and asymmetric encryption. Until the 1970s, symmetric encryption was the only option available. The problem with symmetric encryption is that the receiver needs to also have a copy of the key in order to be able to decrypt the message. So, you need to send the key to the receiver, but without anyone else being able to capture/copy it. The Data Encryption Standard (DES) used symmetric encryption, but with a key length of only 56 bits, it is pretty easy to crack on modern computers. Triple DES, or 3DES, gets a bit more clever by using three keys - first it encrypts the data with one key, then decrypts it with a different key (which would really be a second round of encryption) and then a third key is used to encrypt it again (again). 3DES is considered to be fairly secure, but very slow due to the three rounds required.
DES and 3DES are also examples of what's called a "block cipher", meaning it works on "blocks" of data of a defined size (64 bits in the case of DES/3DES) - if you don't have enough data the block needs to be padded out to the defined size, which in some cryptographic systems can be a weakness. Some cryptographic systems are "stream ciphers", meaning that each character coming in is acted upon separately. They tend to be faster than block ciphers, but may be more susceptible to certain forms of attack.
Modern cryptography tends to use systems such as AES, the Advanced Encryption Standard, which is derived from Rijndael, which was developed by Rijmen and Daemen, two Belgian cryptographers. Like DES and 3DES, it's a symmetric-key algorithm, so it's faster but requires keys be communicated.
"Public key" encryption systems expose part of the secret as the "public" part of the key, and keep the rest of the secret as the private key. They do this by exploiting a trick of mathematics - it's very easy to multiply two numbers together, but it's much harder to figure out what two numbers were multiplied together to make a number (i.e., "factoring"). Recall that prime numbers are only divisible by themselves and 1. A product of two primes (say, for example, 3 x 7 = 21) can only be factored into those two primes. Now, 21 is pretty easy, but what about the number 212583? The larger the primes, the harder it is to factor the product and determine the prime numbers used, and public key encryption uses VERY large numbers, like 1024 bits. (A 1024-bit number represents values between 1 and 179769313486231590772930519078902473361797697894230657273430081157732675805500963132708477322407536021120113879871393357658789768814416622492847430639474124377767893424865485276302219601246094119453082952085005768838150682342462881473913110540827237163350510684586298239947245938479716304835356329624224137216.)
As an aside, one of the promises/threats of quantum computing is that it makes this sort of factoring of very large numbers MUCH easier. In response, the National Institute of Standards and Technology (NIST), the US government agency that certifies cryptographic algorithms for use, has already released "quantum-resistant cryptography" standards.
In practice, when you visit a website protected by Transport Layer Security (TLS)(*), your web browser is using a mixture of public key (asymmetric) and private key (symmetric) encryption. When your web browser first connects to a web server, it looks up the server's public key based on its digital certificate, and uses that public key to initiate communication with the web server, perform the "TLS handshake", and set up a session-specific encryption channel. Once that encryption channel is established, a private key is shared (or independently computed by both sides), and that private key is what's used to transmit most of the data (since, recall, symmetric encryption is generally much faster).
Is there such a thing as an unbreakable cipher? Actually, yes - the one-time pad (OTP), when properly prepared and distributed, is provably unbreakable. You need a pre-shared key that's larger than the message being sent - a long sequence of randomly generated characters, for instance. Then you add each character of your message's cleartext to the next character in the OTP to generate the ciphertext. The receiver does the same in reverse with the ciphertext, subtracting characters from the OTP to generate the cleartext. However, you need to distribute the one-time pads. As long as the OTP is never re-used, it was truly randomly generated, and nobody else has managed to get a copy of it, your message will be unbreakable. If you want to try generating your own one-time pads, I find that random.org does a good job of generating randomness.
(*) = You may sometimes hear people refer to TLS as "SSL". This is wrong. Secure Sockets Layer (SSL) was what was in place before TLS, but it's been deprecated since 2015 because it's pretty convincingly broken. Also, only TLS 1.2 and/or TLS 1.3 should be in use, TLS 1.0 and TLS 1.1 have been deprecated for about five years as of time of writing
First, apparently I missed my posting on Tuesday last week - I was in a cybersecurity competition all weekend and forgot to make sure I had postings queued up here, as well as on Instagram (MEDALS Monday and Travel Thursday posts) and on Tumblr (Wednesday Slabovian factoid) and Facebook (Wednesday meme post). Oops. Let's see if we can get back on track this week!
So, let's keep talking about micronational spy agencies, because it's fun. Today, I want to talk about cryptography, because what good's a spy if they don't have their codes, right?
Let's start with some terminology.
First the obligatory etymology: the word "cryptography" comes to us from the Greek words kryptos (hidden or secret) and graphein (to write), so it literally translates to "secret writing".
Basically, cryptography is the technique of making unreadable gibberish out of a message, but in a way that can be undone later so the original message can be read. (This is unlike a "hashing function" like MD5, which is a one-way function; there's no easy way to determine the original message from the hash.)
The method or algorithm we use to encrypt and decrypt the message is called the cipher. The unencrypted message is usually referred to as plaintext, while the encrypted message is called ciphertext.
 |
| The encryption/decryption flow |
Historically, cryptographic systems were either substitution ciphers or transposition ciphers. A substitution cipher literally just substitutes a letter for a different letter (or a symbol) in a known way. Morse code is a substitution cipher of sorts, as is ASCII encoding. One of the first known substitution ciphers in history was the Caesar cipher, invented by Julius Caesar himself. He just shifted each letter by three positions in the alphabet, and the last three letters "wrapped around" to the front. So A would become D, B would become E, and so on, and when you got to X, Y, and Z, they would become A, B, and C respectively. A more modern version of the Caesar cipher is "ROT-13", which rotates each letter by 13 places in the alphabet.
As an aside, a lot of "alien languages" in science fiction movies and television shows tend to just be substitution ciphers - basically they write the message in English and then change the font to the galactic equivalent of "Wingdings". Aurebesh (the language used in the Star Wars films) is a bit better, as it uses 34 symbols rather than 26, adding specific symbols for sounds such as "Ch", "Sh", and "Th".
All substitution ciphers suffer from the same basic problem: predictability. We know that, for instance, E is a much more common letter in the English language than, say, X, so a "frequency analysis" of symbols will quickly help us determine which letter is probably an E. Also, short words such as "the" occur very frequently in English, so if we already suspect that H is the ciphertext for E, and we see WKH several times in our ciphertext, then WKH is probably the encoded THE, and now we have a couple more letters. By proceeding in this way, given enough ciphertexts you can always crack a substitution cipher.
Transposition ciphers, on the other hand, try to "scramble" the plaintext (albeit in a predictable way, so the scrambling can be undone) to generate the ciphertext as a permutation. For example, you could just write all of your text backward. Historically, these might have been tough to crack without knowing the key, but not impossible - if you have some idea of which words should appear in the plaintext, and you can identify the corresponding letters in the ciphertext, that can help you determine how the scrambling occurred (and how to reverse it). Modern computers can generally apply brute-force solving methods to quickly crack such ciphers. (When I run across such ciphers during cybersecurity competitions, I usually go to dcode.fr as my first stop - it can often identify the cipher AND solve it in a matter of seconds, by trying various permutations and combinations and looking for English-language words in the results.)
Based on the above, you can probably determine that more effective cipher systems will combine substitution and transposition...
Next time we'll continue talking about cryptography, including more modern systems.
I forgot to mention a couple of things in last week's posting about micronational spy services.
First off, some techniques commonly depicted in spy movies (like planting listening devices) can be illegal in some areas, as is planting an "air tag" to monitor someone's movements. Don't break the law.
Second, a lot (I think I've seen estimates as high as 80%) of intelligence is actually "OSINT", or open-source intelligence. In other words, it's all about knowing where to look, usually online. Sometimes this is as simple as browsing the website of your target. If they publish photos, you can examine the image attributes - if they haven't sanitized the photo, those attributes can reveal where the photo was taken, the kind of device used, and other interesting information. Another trick is to look for a file called ROBOTS.TXT - it's used to discourage a web crawler for looking in certain directories/files, but it can also tell you where you should look. However, this is starting to blur the line of "hacking", so use this trick with caution - again, don't break the law.
You can also set up various tools to periodically update you on topics of interest. For example, in my "day job" in cybersecurity, I set up a Google keywords alert search that fires every morning at 6am and delivers a summary of news articles in the last 24 hours that included various keywords such as "zero-day" and "hacker", but you could set one up that monitors for mentions of (for example) "micronation" and "Slabovia". You can set up your own Google Alert here.
There are many tools and videos you can use for OSINT - when you start getting into it, it's somewhat scary how much information can be gathered on someone. Please, use this information for good, and don't break the law.
 |
| Stock photo from Microsoft O365 |
I'll preface today's blog posting with this: while I do not claim to have worked for any intelligence agencies, I've taken multiple courses in intelligence analysis, and I've been both a producer and consumer of intelligence in my "day job" in cybersecurity, so this is all coming from a place of some experience.
Some micronations establish spy agencies. They probably don't need them.
First, why do spy agencies exist? Simply put, the way it's supposed to work is that intelligence informs policy. Policy-makers rely on intelligence to make decisions, support or change policies, and gain a knowledge advantage.
Thus, since micronations for the most part don't have policies beyond who they are friends with, they don't need intelligence agencies.
However, if you decide that your micronation really MUST have a spy agency, at least learn the basics. For starters, there's something called the Intelligence Cycle.
 |
| The Intelligence Cycle |
Next is gathering - this starts with a plan based on the requirements. For example, given the question, "what is the strength of the navy of country XYZ?", you might rely on satellite imagery, human intelligence (maybe you have someone on the inside?), open-source intelligence (maybe they publish the information on their website!) and so on.
Then you have to process the information - this may include translation from other languages as well as assessing the reliability and accuracy of the information and its sources. Do you trust your person working for the navy of XYZ, or have they been compromised and used to feed you false information? Often, this assessment is done using the Admiralty Code, which assigns values to both the source reliability (A = completely reliable, F = completely unreliable) and the reliability of the information itself (1 = verified accurate, 6 = known to be false), and plots the results on a table similar to the below.
 |
| Admiralty Code for assessing information reliability |
Analysis involves taking all of the disparate pieces of information you've gathered and determining the "big picture". If your source in the XYZ navy is saying their fleet is in the harbour for refit, but the satellite imagery shows the docks are empty, that's a mismatch that needs to be taken into account.
Finally, dissemination is the act of reporting your findings back to the policy makers - answering their original questions. This almost invariably leads to more questions, which is why the whole thing is a cycle.
Classification is about assigning a level of secrecy to intelligence. Often, this is more about protecting the source, rather than the information itself. For example, if you've got a mole in XYZ's navy, you want to keep that fact protected, both to protect the mole and to ensure the information keeps coming, so information coming from that source would be highly classified.
Typically there are several levels of classification:
If you want to know more, there are various online sources to pursue. For example, here is a US Army Intelligence Analysis field manual, and here is a manual from the United Nations Office on Drugs and Crime (UNODC) on criminal intelligence (which focuses on what criminal groups are doing, rather than nation states, but the basic techniques are similar). You can also find reprints of both modern and historical intelligence manuals on sites like Amazon, although a lot of that tends to be stuff that you could find online anyway, if you looked for it.
Oh, and you can take a look at West Who's spy agency - they're having fun with it anyway.
Part of the reason I set up this blog is to help people "put a little royalty into their life". To that end, I've kicked off this semi-regular series of postings about bringing the castles of Europe to you, sort of. Similar to the "Gothic Homemaking" series of videos that were put out by Aurelio Voltaire (over on YouTube), this will be a recurring series on how to make your own life, well, a bit more royal.
To bring you up to speed, part one of this series can be found here, part two of this series can be found here, part three is here, part four is here and here is the fifth part. Finally, part six is here.
We've talked about setting your table (part five) and planning the banquet (part six), but so far I've sort of hand-waved about the actual food. Well, there are a few options if you're looking for somewhat regal recipes and inspiration...
Assuming your monarchy is Euro-centric, there are a number of online options, including recipes from the Royal Collection Trust and some recipes from Max Miller's "Tasting History" YouTube channel (see below).
There are a number of YouTube video channels that focus on historical recipes, which often include more royal dishes, such as Max Miller's Tasting History and the English Heritage channel.
If you prefer cookbooks, Max Miller also has a cookbook called Tasting History: Explore the Past Through 4,000 Years of Recipes (Amazon link, non-affiliate - I don't make any money off of it!), and the Royal Collection Trust has a couple of cookbooks available here. A quick check of Amazon shows various cookbooks based off of shows such as Bridgerton and Downton Abbey.
 |
| The dessert sponsored by Westarctica at MicroCon 2019. Yes, I know, I've used it before, but I don't seem to have many pictures of the food served at MicroCons! |
I'd previously mentioned the MicroCon 2025 commemorative book here, and from there you can access a PDF copy of the book. However, I'm very much an old-school, "dead tree" type of person, so I had to order a physical copy. It arrived last night!
 |
| The MicroCon 2025 Commemorative Book |
Slabovia gets "name-checked" several times in it, and my photo of the audience (a MicroCon tradition I've been doing since the first one back in 2015) made it into the book. Also, if you haven't read the abstract for my presentation (which is in the book), you should go check it out at the link above. As a reminder, you should be able to see the talk itself here.
One of the things Slabovia has become known for over the years is our patches. And, full credit where it's due, a lot of that is due to the efforts of our chancellor, Rankin. Here's a few that might be of interest:
 |
| The patch for the recently-completed Operation Pole Dance |
 |
| The patch for Operation Pole Vault, which got the flag poles from Chicago to Montreal earlier this year |
 |
| The patch for the Micronational Outer Space Taskforce (MOST) This was a joint taskforce operation involving Westarctica, the Aerican Empire, and Slabovia during the pandemic |
 |
| The Micronational Anti-Squirrel Task Force If you know Grand Duchess Mortitia of Ruritania, you'll understand. Otherwise, well, you had to be there. |
In the run-up to Operation Pole Dance, I'd reached out to Emperor Eric of the Aerican Empire to ask him to bring me an item from Quebec. He indicated that he would do so, and give it to me as a gift.
Generosity cannot go unanswered, so we obtained a reciprocal gift for the imperial residence. And, as we were going to be travelling to the rendez-vous with a member of the press, we got them those "Press" patches (large and small) with hook-and-loop fastener, so they could look the part.
 |
| Note the "Press" individual appropriately labeled on the right |
That then left Grand Duke Travis of Westarctica... I certainly didn't want to snub him, so I needed to find a suitable gift for him as well. Then, inspiration struck me! Earlier this year, I'd found a nice "swagger stick" or baton (effectively a short staff of office, formerly carried by certain members of the military), but for some reason it was sold in sets of two, so I had a spare. So, I wrapped it up with the other items, took everything with me to Niagara Falls, and presented everyone with their gifts.
Well, it turned out that this was EXACTLY the right gift for Travis, as he'd been looking for one for his uniform for a number of years!
 |
| Presenting Grand Duke Travis with his new stick |
 |
| Same presentation, slightly different view |
Sometimes things align just so, and we really can't say why. Maybe it's fate or random chance or some higher design, I can't say. But, in this case, everything worked out well.
Yes, I know, I didn't get a post up yesterday. I'm going to claim that it was because I was waiting to announce this, and not because a) I've been sick with a head cold since Wednesday and/or b) I'm in the middle of a cybersecurity competition. Anyway, here is an important announcement! To quote Eric Lis, Emperor of the Aerican Empire and chair of MicroCon 2025:
"The MicroCon 2025 Commemorative Book is now available for purchase on Amazon. Links to Amazon US and Amazon Canada are below but it should be available in your regional shop. To make it as accessible as possible, the price has been set to the lowest possible point; I will not earn so much as a penny from book sales.
If you don't want to pay for the physical book, or if you want to see what it looks like before you buy, here's the complete pdf version, absolutely free." (Google Drive Link)
 |
| The MicroCon 2025 Logo from the Facebook group |
 |
| But first, lunch! |
 |
| Signed, sealed, and delivered! |
 |
| This stick floats! (It wood.) |
 |
| Unloading the poles |
 |
| Reloading the poles |
 |
| Ensuring the load is secure |
I've previously documented my search for a suitable throne. Today, I'm happy to reveal that I've found one! While rummaging through the local charity store, I found a wonderful medieval-looking chair:
 |
| The new throne of Slabovia |
That won't be its final resting place - in that picture, it's blocking access to the basement stairs (on the left) AND the downstairs bathroom (on the right). I'm also still contemplating potential modifications to make it more "royal". And, of course, if I find an even better throne at some point in the future, then so be it.
But, for now, We have Our throne. đź‘‘
Part of the reason I set up this blog is to help people "put a little royalty into their life". To that end, I've kicked off this semi-regular series of postings about bringing the castles of Europe to you, sort of. Similar to the "Gothic Homemaking" series of videos that were put out by Aurelio Voltaire (over on YouTube), this will be a recurring series on how to make your own life, well, a bit more royal.
Part one of this series can be found here. Part two of this series can be found here. Part three is here. Part four is here. And, of course, part five is here.
Setting a royal table (as briefly discussed in part five) is one thing, but you can't serve blue-box-brand macaroni and cheese to royalty. Well, you CAN, if you're the king/queen, and it would certainly be memorable, but maybe not in the way you'd hope.
Royal banquets are usually in the format of a "full-course meal". In modern society, these are typically either three or five courses.
A three-course meal consists of:
 |
| The desserts we served at MicroCon 2019 (They were sponsored by Westarctica, hence the flag) |
