Cyber Dissonance: The Struggle for Access, Privacy & Control in our Networked World

Back in the day when I was doing IT full time (pre-2004), we were doing a lot of local area networking builds for big companies.  There was web access, but never for enterprise software.  All that mission-critical data was locked down tight locally on servers in a back room.  When I returned from Japan in 2000, one of my jobs as IT Coordinator at a small company was to do full tape backups off our server at the end of each day and drop off the tapes in our offsite data storage centre.  Network technology has leapt ahead in the fifteen years since, and as bandwidth has improved the idea of locally stored data and our responsibility for it has become antiquated.


We were beginning to run into security headaches from networked threats in the early zeroes when our sales force would come in off the road to the main office and plug their laptops into the network.  That’s how we got Code Redded, and Fissered, and it helped me convince our manager to install a wireless network with different permissions so ethernet plugged laptops wouldn’t cronk our otherwise pristine and secure network where all our locally stored, critical business data lived.  We had internet access on our desktops, but with everyone sipping through the same straw, it was easy to manage and moderate that data flow.  Three years later I was helping the library at my first teaching job install the first wireless router in Peel Board so students could BYOD – that was in 2005.


Back around Y2K,  IT hygiene and maintenance were becoming more important as data started to get very slippery and ubiquitous.  In a networked world you’re taking real risks by not keeping up with software updates. This is still an issue in 2019, at least in education.  We’re currently running into all sorts of headaches at school because our Windows 7 image is no longer covered by Microsoft.  Last year one of our math teachers got infected by a virus sent from a parent that would be unable to survive in a modern operating system, but thanks to old software still infesting the internet, even old trojans get a second and third chance.  Our networked world demands a degree of keep-up if everyone is going to share the same online data – you can’t be ten paces behind and expect to survive in an online environment like that, you’re begging to be attacked.


Last summer I took Cisco’s Cyber Operations Instructor’s Program, which was a crash course in just how fluidly connected the modern world is, and how dangerous that can be.  After logging live data on networks and seeing just how much traffic is happening out there from such a wide range of old and new technology, it’s a wonder that it works as well as it does.  Many cybersecurity professionals feel the same way, our networks aren’t nearly as always on as you think.


This past week I attended Cisco’s Connect event which once again underlined how much IT has changed since I was building LANs in the 90s and early 00s.  The drive to cloud computing where we save everything into data centres connected to the internet comes from a desire for convenience, dependability and the huge leap in bandwidth on our networks – and you ain’t seen nothing yet.  There was a time when you had to go out and buy some floppy disks and then organize and store them yourself when you wanted to save data.  Now that Google and the rest are doing it for you, you can find your stuff and it’s always there because you’ve handed off that local responsibility to professionally managed multi-nationals who have made a lot of money from the process, but there is no doubt it’s faster and more efficient than what we did before with our ‘sneaker-nets‘.

You probably spend most of your day with
a browser open.  Ever bothered to understand
how they work?  Google’s Chrome Intro Comic
is a great place to start.

If you ever look behind the curtain, you’ll be staggered by how many processes and how much memory web based applications like Google Chrome use.  Modern browsers are essentially another operating system working on top of your local operating system, but that repetition will soon fade as local operating systems atrophy and evolve into the cloud.


At Cisco Connect there was a lot of talk around how to secure a mission critical, cloud based business network full of proprietary IP when the network isn’t physically local, has no real border and really only exists virtually.

Cisco Umbrella and other full service cloud computing security suites do this by logging you into their always on, cloud based network through specific software.  Your entire internet experience happens through the lens of their software management portal.  When you lookup a website, you’re directed to an Umbrella DNS server that checks to make sure you’re not up to no good and doing what you’re supposed to be doing.  Systems like this are called IaaS – infrastructure as a service, and they not only provide secure software, but also integrate with physical networking hardware so that the IaaS provider can control everything from what you see to how the hardware delivers it.



In 2019 the expectation is for your business data to be available everywhere all the time.  It’s this push towards access and connectedness, built on the back of our much faster network, that has prompted the explosion of cloud based IT infrastructure.  In such an environment, you don’t need big, clunky, physically local  computer operating systems like Windows and OSx.  Since everything happens inside one of the browser OSes, like Chrome, all you need is a thin client with fast network access.

The irony in Chromebooked classrooms is that the fast network and software designed to work on it aren’t necessarily there, especially for heavy duty software like Office or Autocad, so education systems have migrated to thin clients and found that they can’t do what they need them to do.  If you’ve ever spent too much time each day waiting for something to load in your classroom, you know what I’m talking about.  A cloud based, networked environment isn’t necessarily cheaper because you should be building network bandwidth and redundancy out of the savings from moving to thin clients.  What happened in education was a cash grab moving to thin clients without the subsequent network and software upgrades.  This lack of understanding or foresight has produced a lot of dead ended classrooms where choked networks mean slow, minimalist digital skills development.  Ask any business department how useful it is teaching students spreadsheets on Google Sheets when every business expectation starts macros in Excel.

Seeing how business is doing things before diving back into my classroom is never wasted time.  The stable, redundant wireless networks in any modern office put our bandwidth and connectivity at school to shame.  In those high speed networks employees can expect flawless connectivity and collaboration regardless of location with high gain software, even doing complex, media heavy tasks like 3d modelling and video editing in the cloud – something that is simply impossible from the data that drips into too many classrooms onto emaciated thin clients.  Data starvation for the less fortunate is the new normal – as William Gibson said, the future is already here, it’s just not evenly distributed.


Seeing the state of the art in AI driven cybersecurity systems is staggering when returning to static, easily compromised education networks still struggling to get by with out of date software and philosophies.  The heaps of students on VPNs bypassing locks and the teachers swimming through malware emails will tell you the truth of this.  The technicians in education IT departments are more than capable of running with current business practices, but administration in educational IT has neither the budget nor the vision to make it happen.  I have nothing but sympathy for IT professionals working in education.  Business admin makes the argument that poor IT infrastructure hurts their bottom line, but relevant, quality digital learning for our students doesn’t carry the same weight for educational IT budgets.


In addition to the state of the ICT art display put on at Cisco’s conference, I’m also thinking about the University of Waterloo’s Cybersecurity & Privacy Conference from last month.  The academic research in that conference talked at length about our expectations of privacy in 2019.  Even a nuanced understanding of privacy would probably find some discomfort with the IaaS systems that cloud computing is making commonplace.  The business perspective was very clear: you’re here to work for us and should be doing that 24/7 now that we’ve got you hooked up to a data drip (smartphone) in your pocket.  Now that we can quantify every moment of your day, you’re expected to be producing. All. The. Time.  I imagine education technology will be quick to pick up on this trend in the next few years.  Most current IaaS systems, increasingly built on machine learning in order to manage big data that no person could grasp, offer increasingly detailed analysis (and control) of all user interaction.  Expect future report cards to show detailed time wasted by your child data on report cards, especially if it can reduce the number of humans on the payroll.


These blanket IaaS systems are a handy way of managing the chaos that is an edgeless network, and from an IT Technician and Cybersec Operator point of view I totally get the value of them, but if the system gives you that much control over your users, what happens when it is put in the hands of someone that doesn’t have their best interests at heart?

WIRED had an article on how technology is both enabling and disabling Hong Kong protestors in the latest edition.  While protestors are using networked technology to organize themselves, an authoritarian government is able to co-opt the network and use it against its own citizens.  I wonder if they’re using business IaaS software that they purchased.  I wonder if many of the monitoring systems my students and I are becoming familiar with in our cybersecurity research is being purchased by people trying to hurt other people.




As usual, after an interesting week of exploring digital technology I’m split on where things are going.  We’ve seen enough nonsense in cybersecurity by criminals and government supported bad actors on the international stage that there is real concern around whether the internet can survive as an open information sharing medium.  Between that and business pushing for greater data access on increasingly AI controlled internets of their own that could (and probably are) used by authoritarian governments to subjugate people, I’m left wondering how much longer it’ll be before we’re all online through the lens of big brother.  If you’re thinking this sounds a bit panicky, listen to the guy who invented the world wide web.


The internet might feel like the wild west, but I’d rather that than blanket, authoritarian control.  Inevitably, the moneyed interests that maintain that control will carve up the internet, reserving clean, usable data for those that they think deserve it and withholding it, or leaving polluted information from everyone else.  I get frustrated at the cybercriminals and state run bad actors that poison the internet, but I get even more frustrated at the apathy of the billions who use it every day.  If we were all more engaged internet citizens, the bad actors would be diminished and we wouldn’t keep looking for easy answers from self-serving multinationals looking to cash in on our laziness.  I’ve said it before and I’ll say it again, if I could help make a SkyNet that would protect the highest ideals of the internet as its only function, I’d press START immediately.


The internet could be one of the most powerful tools we’ve ever invented for resolving historical equity issues and allowing us to thrive as a species, but between criminality, user apathy and a relentless focus on cloud computing and the control creep it demands, we’re in real danger of turning this invention for collaboration and equity into a weapon for short term gain and authoritarian rule.



“It’s astonishing to think the internet is already half a century old. But its birthday is not altogether a happy one. The internet — and the World Wide Web it enabled — have changed our lives for the better and have the power to transform millions more in the future. But increasingly we’re seeing that power for good being subverted, whether by scammers, people spreading hatred or vested interests threatening democracy.”

– Tim Berners Lee



“The internet could be our greatest collaborative tool for overcoming historical inequity and building a fair future, or it could be the most despotic tool for tyranny in human history.  What we do now will decide which way this sword will fall.  Freely available information for all will maximize our population’s potential and lead to a brighter future.  The internet should always be in service of that, and we should all be fighting for that outcome in order to fill in the digital divide and give everyone access to accurate information.  Fecundity for everyone should be an embedded function of the internet – not voracious capitalism for short term gain, not cyber criminality and not nation state weaponization.  Only an engaged internet citizenship will make that happen.”

– my comment upon signing a contract for the web.

from Blogger ift.tt/2Nc23AI
via IFTTT

Roads to Ride: Arizona

We just left Sedona and headed south to Phoenix.  The Sedona area is astonishingly beautiful, and there isn’t anything like a South West Ontario dull road to be seen.  The interstates have more twists and turns than the most interesting roads where I live.  Coming back here on two wheels is a must do.  Not only are the roads fantastic, but the scenery is otherworldly.

We stayed at the Arroyo Roble Best Western on the north edge of town and it made for a excellent base for exploring the area.  The on site hot tubs, sauna and steam room would also ease sore muscles after a long day of leaning into corners on the byzantine surrounding roads.

Here are some of the highlights from Sedona:


The view just south of Sedona
Looking down into the Oak Creek Canyon…
Local micro breweries abound, America is no longer the land of Bud Light.
The Black Ridge Brewery in Kingman make a lovely IPA, while the Oak Creek Brewery
in Sedona make a fantastic Nut Brown Ale.
Any direction you look, Sedona is magical.
Top of Cathedral Rock Trail – it was worth a sweaty climb
Boynton Canyon, a lovely drive in, then a secluded canyon spoiled by constantly running machinery from the golf course
stuffed up the middle of it.  There was an Apache ceremony at the vista coming in – flute sounds over a quiet desert
was much preferred to heavy equipment thumping away around the corner.  Still petty though.

Trans Canada

Last summer I was driving past the bike on the right over and over again.  Had I the means to ride it home, I suspect I would have snapped it up (they were only asking six hundred bucks and everything on it worked).

The idea of picking up an old bike, getting it going and then hitting the open road with it on a long trip has a lot of romantic appeal.

I’ve been trying to work out how to do a coast to coast Trans Canada trip when I live in the middle of the country.  Riding one way and then flying to the other coast seems a bit heavy handed.  To resolve the issue I’ve decided to plan it empty handed.  I’ll fly out to the East Coast, find a used bike for sale somewhere on the Island, get it sorted out and then head west.

Go West Young Man

2008 VTX

One of the nice things about shopping the classifieds (besides not paying the rolling off the lot premium) is that you might pick up a bike that you otherwise wouldn’t.

Browsing the classifieds in St. John’s NFLD today I came across this Honda VTX.  I’ve never even heard of this bike, but that is one cool looking ride.  I’m the furthest thing from a cruiser fan, but you have to wonder what kind of relationship you’d have with that Honda as you ride coast to coast.

Maxim

It’d certainly hold its value well, I might even break even on the other side, and it would have long legs for that epic journey.

The Maxim on the right costs less than it would cost to ship a bike across Canada. It has just had new mufflers, tires and battery.  With some minor fix ups I’d probably be well on my way for less than two grand.  It might not have the style and presence of the VTX, but it would bring its own history with it and offer its own unique experience.

The nice thing about doing it this way is the trip itself is dictated by what’s out there, and the bike might be something you wouldn’t otherwise develop a riding relationship with.  From thousand dollar cheapies to expensive chromed out blingers, on a quiet Tuesday morning in July there was an interesting mix of bikes available in the St. John’s area, and each one would make your cross country ride a completely different experience.

When it’s a one trip bike, you might ignore some of the must haves you usually think about when buying a long term bike.  Those must haves often lead to a lot of compromises.  Here is a bike you’ll ride for a few weeks one summer.  Without the weight of a long term relationship, what would you want to try out that you wouldn’t otherwise?

I imagine I could fly out with my plates and find the bike, call back for insurance and be ready to go in only a couple of days.  At the other end I could put it up for sale on consignment and have it settled out while I’m flying home. The only complication might be if you fell in love, then an extension on the trip might be in order.

Trans Canada

From St. John’s NFLD on the Atlantic coast to Tofino BC on the Pacific Coast

Leave at Sunrise over the Atlantic, ride to sunset in the Pacific…

Coast to Coast, from St/ John’s Newfoundland to Tofino BC

The only planned stop would be a home for a rest stop in Ontario on my way across.  7813kms across if I stay the course, but I’d be hard pressed to pass through places I’ve never been before without having a look around.  Conservatively I’d guess that this would be a 10,000km trip.

At a couple of tanks of gas a day, covering 5-600kms would be easy and allow for some wandering time as well.  I’d throw a goal that far up the road and see how it went.  It’d be two weeks at 500kms/day, but with other stops and breaks, three weeks wouldn’t be a bad guess.

Roughing out costs, with gas at $40/day, hotels at $140/day average and food etc at $50/day, I’d be looking at $230/day on the road, $4830 for expenses over three weeks, and then whatever the bike costs/sells for.  Through in a $1000 for the flight out to St. John’s and home from Vancouver.

Going lean I could probably manage under $100/day for hotels and shave $20-30 off the food/gas costs (bike choice would play in there).  It would be conceivable to do it for ~$150/day ($2100 if done in 2 weeks).  I like the idea of a tighter schedule with more saddle time, I’d probably see if I can do it in 10 days…

Three ferry rides (off  The Rock, across a Great Lake and over to Vancouver Island), the Atlantic Ocean, the East Coast, across Quebec and Ontario, through the Prairies, over the Rocky Mountains and onto Vancouver Island for a final push to the Pacific Ocean.  Coast to coast across Canada by motorbike!

Now I can’t stop looking at used bikes…

1983 Suzuki GS in Guelph, only about $1000.

1986 Kawasaki Concourse, about $2500

I guess I like the more angular style of ’80s bikes…

Agony!  ‘84 Honda Interceptor: Had this been available in March when I was looking for my first bike, Tim’s Motorcycle Diaries would have started off way differently!  I’ve had a crush on these bikes since I was a kid, and only $1500!