Air Gaps
An air gap is a security measure that physically or logically isolates a computer system or network from unsecured networks, particularly the internet. By eliminating direct connections between sensitive systems and external networks, air gaps remove a primary attack vector for remote compromise. This isolation prevents unauthorized access and data exfiltration by ensuring that attackers cannot reach protected systems through network-based attacks, regardless of the vulnerabilities present in connected infrastructure.
Implementation Methods
Air gaps can be implemented through physical separation, where systems are kept on entirely isolated networks with no cables or wireless connections to external networks. Logical air gaps use software and network controls, such as firewalls, virtual machines, or network segmentation, to create isolated environments within shared infrastructure. The level of isolation required depends on the sensitivity of the data or criticality of the system being protected.
Practical Applications and Limitations
Air gaps are commonly used in high-security environments including military installations, critical infrastructure control systems, and financial institutions handling sensitive transactions. However, air gaps introduce operational challenges: transferring data between isolated and connected systems requires careful procedures using removable media or secure gateways, which can be time-consuming and limit system functionality. Complete isolation also makes remote monitoring and updates difficult, potentially creating maintenance burdens that can ironically introduce new security risks if not managed carefully.
Source Notes
- 2026-04-07: Karpathy
- 2026-04-10: Karpathys LLM Wiki Beyond RAG for Persistent Knowledge Bases · ▶ source
- 2026-04-12: Heres what it actually does how to build it yourself
- 2026-04-20: Knowledge Graphs Advancing Karpathys LLM Wiki for Deeper Insights · ▶ source