Cyber Dissonance: The Struggle for Access, Privacy & Control in our Networked World

Back in the day when I was doing IT full time (pre-2004), we were doing a lot of local area networking builds for big companies.  There was web access, but never for enterprise software.  All that mission-critical data was locked down tight locally on servers in a back room.  When I returned from Japan in 2000, one of my jobs as IT Coordinator at a small company was to do full tape backups off our server at the end of each day and drop off the tapes in our offsite data storage centre.  Network technology has leapt ahead in the fifteen years since, and as bandwidth has improved the idea of locally stored data and our responsibility for it has become antiquated.


We were beginning to run into security headaches from networked threats in the early zeroes when our sales force would come in off the road to the main office and plug their laptops into the network.  That’s how we got Code Redded, and Fissered, and it helped me convince our manager to install a wireless network with different permissions so ethernet plugged laptops wouldn’t cronk our otherwise pristine and secure network where all our locally stored, critical business data lived.  We had internet access on our desktops, but with everyone sipping through the same straw, it was easy to manage and moderate that data flow.  Three years later I was helping the library at my first teaching job install the first wireless router in Peel Board so students could BYOD – that was in 2005.


Back around Y2K,  IT hygiene and maintenance were becoming more important as data started to get very slippery and ubiquitous.  In a networked world you’re taking real risks by not keeping up with software updates. This is still an issue in 2019, at least in education.  We’re currently running into all sorts of headaches at school because our Windows 7 image is no longer covered by Microsoft.  Last year one of our math teachers got infected by a virus sent from a parent that would be unable to survive in a modern operating system, but thanks to old software still infesting the internet, even old trojans get a second and third chance.  Our networked world demands a degree of keep-up if everyone is going to share the same online data – you can’t be ten paces behind and expect to survive in an online environment like that, you’re begging to be attacked.


Last summer I took Cisco’s Cyber Operations Instructor’s Program, which was a crash course in just how fluidly connected the modern world is, and how dangerous that can be.  After logging live data on networks and seeing just how much traffic is happening out there from such a wide range of old and new technology, it’s a wonder that it works as well as it does.  Many cybersecurity professionals feel the same way, our networks aren’t nearly as always on as you think.


This past week I attended Cisco’s Connect event which once again underlined how much IT has changed since I was building LANs in the 90s and early 00s.  The drive to cloud computing where we save everything into data centres connected to the internet comes from a desire for convenience, dependability and the huge leap in bandwidth on our networks – and you ain’t seen nothing yet.  There was a time when you had to go out and buy some floppy disks and then organize and store them yourself when you wanted to save data.  Now that Google and the rest are doing it for you, you can find your stuff and it’s always there because you’ve handed off that local responsibility to professionally managed multi-nationals who have made a lot of money from the process, but there is no doubt it’s faster and more efficient than what we did before with our ‘sneaker-nets‘.

You probably spend most of your day with
a browser open.  Ever bothered to understand
how they work?  Google’s Chrome Intro Comic
is a great place to start.

If you ever look behind the curtain, you’ll be staggered by how many processes and how much memory web based applications like Google Chrome use.  Modern browsers are essentially another operating system working on top of your local operating system, but that repetition will soon fade as local operating systems atrophy and evolve into the cloud.


At Cisco Connect there was a lot of talk around how to secure a mission critical, cloud based business network full of proprietary IP when the network isn’t physically local, has no real border and really only exists virtually.

Cisco Umbrella and other full service cloud computing security suites do this by logging you into their always on, cloud based network through specific software.  Your entire internet experience happens through the lens of their software management portal.  When you lookup a website, you’re directed to an Umbrella DNS server that checks to make sure you’re not up to no good and doing what you’re supposed to be doing.  Systems like this are called IaaS – infrastructure as a service, and they not only provide secure software, but also integrate with physical networking hardware so that the IaaS provider can control everything from what you see to how the hardware delivers it.



In 2019 the expectation is for your business data to be available everywhere all the time.  It’s this push towards access and connectedness, built on the back of our much faster network, that has prompted the explosion of cloud based IT infrastructure.  In such an environment, you don’t need big, clunky, physically local  computer operating systems like Windows and OSx.  Since everything happens inside one of the browser OSes, like Chrome, all you need is a thin client with fast network access.

The irony in Chromebooked classrooms is that the fast network and software designed to work on it aren’t necessarily there, especially for heavy duty software like Office or Autocad, so education systems have migrated to thin clients and found that they can’t do what they need them to do.  If you’ve ever spent too much time each day waiting for something to load in your classroom, you know what I’m talking about.  A cloud based, networked environment isn’t necessarily cheaper because you should be building network bandwidth and redundancy out of the savings from moving to thin clients.  What happened in education was a cash grab moving to thin clients without the subsequent network and software upgrades.  This lack of understanding or foresight has produced a lot of dead ended classrooms where choked networks mean slow, minimalist digital skills development.  Ask any business department how useful it is teaching students spreadsheets on Google Sheets when every business expectation starts macros in Excel.

Seeing how business is doing things before diving back into my classroom is never wasted time.  The stable, redundant wireless networks in any modern office put our bandwidth and connectivity at school to shame.  In those high speed networks employees can expect flawless connectivity and collaboration regardless of location with high gain software, even doing complex, media heavy tasks like 3d modelling and video editing in the cloud – something that is simply impossible from the data that drips into too many classrooms onto emaciated thin clients.  Data starvation for the less fortunate is the new normal – as William Gibson said, the future is already here, it’s just not evenly distributed.


Seeing the state of the art in AI driven cybersecurity systems is staggering when returning to static, easily compromised education networks still struggling to get by with out of date software and philosophies.  The heaps of students on VPNs bypassing locks and the teachers swimming through malware emails will tell you the truth of this.  The technicians in education IT departments are more than capable of running with current business practices, but administration in educational IT has neither the budget nor the vision to make it happen.  I have nothing but sympathy for IT professionals working in education.  Business admin makes the argument that poor IT infrastructure hurts their bottom line, but relevant, quality digital learning for our students doesn’t carry the same weight for educational IT budgets.


In addition to the state of the ICT art display put on at Cisco’s conference, I’m also thinking about the University of Waterloo’s Cybersecurity & Privacy Conference from last month.  The academic research in that conference talked at length about our expectations of privacy in 2019.  Even a nuanced understanding of privacy would probably find some discomfort with the IaaS systems that cloud computing is making commonplace.  The business perspective was very clear: you’re here to work for us and should be doing that 24/7 now that we’ve got you hooked up to a data drip (smartphone) in your pocket.  Now that we can quantify every moment of your day, you’re expected to be producing. All. The. Time.  I imagine education technology will be quick to pick up on this trend in the next few years.  Most current IaaS systems, increasingly built on machine learning in order to manage big data that no person could grasp, offer increasingly detailed analysis (and control) of all user interaction.  Expect future report cards to show detailed time wasted by your child data on report cards, especially if it can reduce the number of humans on the payroll.


These blanket IaaS systems are a handy way of managing the chaos that is an edgeless network, and from an IT Technician and Cybersec Operator point of view I totally get the value of them, but if the system gives you that much control over your users, what happens when it is put in the hands of someone that doesn’t have their best interests at heart?

WIRED had an article on how technology is both enabling and disabling Hong Kong protestors in the latest edition.  While protestors are using networked technology to organize themselves, an authoritarian government is able to co-opt the network and use it against its own citizens.  I wonder if they’re using business IaaS software that they purchased.  I wonder if many of the monitoring systems my students and I are becoming familiar with in our cybersecurity research is being purchased by people trying to hurt other people.




As usual, after an interesting week of exploring digital technology I’m split on where things are going.  We’ve seen enough nonsense in cybersecurity by criminals and government supported bad actors on the international stage that there is real concern around whether the internet can survive as an open information sharing medium.  Between that and business pushing for greater data access on increasingly AI controlled internets of their own that could (and probably are) used by authoritarian governments to subjugate people, I’m left wondering how much longer it’ll be before we’re all online through the lens of big brother.  If you’re thinking this sounds a bit panicky, listen to the guy who invented the world wide web.


The internet might feel like the wild west, but I’d rather that than blanket, authoritarian control.  Inevitably, the moneyed interests that maintain that control will carve up the internet, reserving clean, usable data for those that they think deserve it and withholding it, or leaving polluted information from everyone else.  I get frustrated at the cybercriminals and state run bad actors that poison the internet, but I get even more frustrated at the apathy of the billions who use it every day.  If we were all more engaged internet citizens, the bad actors would be diminished and we wouldn’t keep looking for easy answers from self-serving multinationals looking to cash in on our laziness.  I’ve said it before and I’ll say it again, if I could help make a SkyNet that would protect the highest ideals of the internet as its only function, I’d press START immediately.


The internet could be one of the most powerful tools we’ve ever invented for resolving historical equity issues and allowing us to thrive as a species, but between criminality, user apathy and a relentless focus on cloud computing and the control creep it demands, we’re in real danger of turning this invention for collaboration and equity into a weapon for short term gain and authoritarian rule.



“It’s astonishing to think the internet is already half a century old. But its birthday is not altogether a happy one. The internet — and the World Wide Web it enabled — have changed our lives for the better and have the power to transform millions more in the future. But increasingly we’re seeing that power for good being subverted, whether by scammers, people spreading hatred or vested interests threatening democracy.”

– Tim Berners Lee



“The internet could be our greatest collaborative tool for overcoming historical inequity and building a fair future, or it could be the most despotic tool for tyranny in human history.  What we do now will decide which way this sword will fall.  Freely available information for all will maximize our population’s potential and lead to a brighter future.  The internet should always be in service of that, and we should all be fighting for that outcome in order to fill in the digital divide and give everyone access to accurate information.  Fecundity for everyone should be an embedded function of the internet – not voracious capitalism for short term gain, not cyber criminality and not nation state weaponization.  Only an engaged internet citizenship will make that happen.”

– my comment upon signing a contract for the web.

from Blogger https://ift.tt/2Nc23AI
via IFTTT

Bikers & Motorcyclists

Bikers

 The other week I posted a discussion on the Concours Owners Group asking how to pass a large group of bikers on the road.  That discussion sparked an angry rebuttal condemning me for mocking the happy pirate look that a large portion of the (especially) North American motorcycle community identifies with.  Personally, I’d say people can dress however they want and ride whatever they want, but I get the sense that the pirate types don’t feel that way.  On COG I was trying to be funny, but with an edge.  On the Georgian Bay circumnavigation I ran into some corporately attired Harley riders who wanted to point out how much unlike them I looked.  It felt like hazing with the intent of getting me to look like a proper biker.  Nothing will get my back up faster than someone telling me I have conform to their standard, especially when it’s a stupid standard.  The irony wasn’t lost on me that these rebels without a clue whose look is predicated on nonconformity were uncomfortable with a motorcyclist not in proper uniform.

 One of the reasons I make a point of reading British biking magazines is because they are free of (and willing to make fun of) this dominant North American biking culture.  They don’t worship Harley Davidson as the one and only motor company, and they try to look at the breadth of motorbiking rather than forcing a single version of it down everyone’s throats.  Had I the boat load of money that they cost I would happily buy an HD V-Rod (not considered a ‘real’ Harley by purists because it’s liquid cooled).  It’s a fine machine and I’d get one for that reason, but I don’t think I’d ever buy a motorcycle because of the manufacturer alone, I’m not that politically driven.

When I first started riding I was shiny and new about it and told one of my colleagues who rode that I was just starting out.  He asked me what I got and when I told him a Ninja he put his nose in the air and said, “hmm, isn’t that like riding tupperware?”  Just recently I told him I was thinking about getting a dual sport.  He said, “why would you want that?  It’d be like riding a toolbox!”  In the biker ethos there is only one kind of bike with a single aesthetic. If you don’t conform expect criticism.

In talking to other motorcyclists I’ve noticed a consensus that the cruiser crowd tends to be holier-than-thou, not returning a wave or giving you the gears at a stop for not conforming to the dress code.  Motorcyclists tend to be iconoclasts.  They have to be or they’d be doing what everyone else does – riding around in the biggest cage they could afford.  Yet the act of riding isn’t enough for some.  There are also social expectations that these rebellious non-conformists expect all riders to conform to.

At the end of the day I’m a fan of two wheeling.  I’d call myself a motorcyclist.  I get as excited about looking at historical Harleys as I do at racing tupperware or riding toolboxes.  I only wish more bikers would be less critical of anything other than their singular view of the sport.  I refuse to conform to their nonconformity.

ECOO 2016 Reflections: maker spaces and iteration

The maker movement isn’t a fad to
engage students.  The people who
believe in it live it.

Back from the 2016 ECOO Conference, I’ve let things mull over for a couple of days before reflecting:  

On maker spaces…

Last year’s conference was very excited about Maker Spaces, and that focus seems to have died down.  To develop meaningful maker spaces means believing in and adopting the thinking behind it.  The people behind the maker movement believe in it passionately, they live it. Education’s ADD means that making was never going to go that far in the classroom.  The moment I heard teachers complaining about the extra work makerspaces created I knew it was doomed.  Most teachers aren’t curious about how things work and don’t want to play with reality, they’re concerned about delivering curriculum.  

I suspect many maker spaces in classrooms have become either dusty corners or play areas.  It was nice to see the monolithic educational system flirt with something as energetic and anarchistic as the maker movement though, even if it was only for a short while.

On Iteration…

This came up a several times in the conference.  A couple of years ago Jaime Cassup gave an impassioned keynote on the value of iteration.  His argument, based on the software industry’s approach to building code, was to fail early and fail often.

This time around Jesse Brown brought it up again, citing Edison’s, I didn’t fail a thousand times, I found a thousand ways that didn’t work quote.  He then (strangely) went on to compare his being let go as a radio broadcaster and lucking in to a tech startup as an example of iteration, which it isn’t.  Doing one thing and then stumbling into something completely unrelated when it ends isn’t iteration.

In education this misunderstanding is rampant.  Good students learn to do what they’re told as efficiently as possible in order to succeed in the classroom (‘lower level’ students are much more willing to take risks – they’re not as invested in the system).  A misunderstanding of iteration is what we use to justify and even encourage failure.   It has become another way to let digital natives’ video-game driven process of learning have its way, but it isn’t very efficient.

There is iteration in the engineering process, but it’s never
a fail early, fail often approach. If you don’t know why you
failed then you shouldn’t be rushing off to fail again.

The other week I gave my grade 12 computer engineers detailed explanations of how to build a network cable, a video showing it being done and then posted wiring diagrams showing the proper order.  The most capable students followed engineering process (a directed iterative process, rather than a random one) and produced working network cables more and more quickly.  The end result was no real cost for me (all my ends and wires were made into functional cables).

The majority of the students, perhaps because they live in our brave new Google world of fail often and fail early, or because people keep misquoting Edison at them, didn’t read the instructions (who does any more, right?) and just started throwing ends on cables, crimping them badly and producing failure after failure.  This is great though because they’re engaged, right?

When I got angry at them they were belligerent in return.  How dare I stifle their creativity!  Unfortunately, I’m not assessing their creativity.  They are trying and that’s all I should be asking for!  I’m not grading them on engagement either.  I have been brandishing the engineering process throughout their careers in computer technology, but these video-game driven iterators think their die early, die often approach in games is perfectly transferable to the real world.  Bafflelingly, many educators are gee-whizzing themselves into this mindset as well.  You’ll quickly find that you run out of budget if you do.

from Blogger http://ift.tt/2eQcaqx
via IFTTT

Autumn Colours Motorcycle Photography

On bike photos courtesy of a Ricoh Theta V on a flexible tripod attached to the rear view mirror of my trusty Triumph Tiger 955iThe route was from my home in Elora up through Beaver Valley to the shores of Georgian Bay before coming back through Duntroon and up the Noisy River out of Creemore before heading back down the Grand River home.  The interesting bits were tracing the Niagara Escarpment, the only vaguely interesting roads anywhere near me.


If you want a primer on how to take on-bike photos like this, you can find it here.  It has also been published on Adventure Motorcycle Rider here.

That time I got stuck behind a blockade of Polaris Slingshots on the Noisy River Road…

Google Photos Album here.

from Blogger https://ift.tt/32Qfxre
via IFTTT

Thanksgiving Moments





Thanksgiving Weekend in Canada is early (winter is coming), but this one was pretty rideable.  The Honda is calling from a mechanical perspective, but that can wait until the Canadian motorcyclist’s hibernation.


In the meantime, I’m getting the rides in where I can find them…





Some digital art…




… and some on-bike 360 photos…

 

 














from Blogger https://ift.tt/2oNhQwQ
via IFTTT

Motorcycle Lift Table Instructions

A friend and colleague retired but kindly left his DIY motorcycle stand with me when he moved to the West Coast.  Here’s the construction of it back in 2016:

HERE are the plans he worked from in PDF format.  Now that I’ve got the plans I can find a properly spec’d lift to use on it.  My old lift is leaky and over two decades old, so the replacement will work the motorcycle lift as well as the odd car tire change.

Currently it’s home to the Honda Fireblade project:


The garage is a nice place to work (though small) for 10 months of the year, but during Ontario’s deep freeze in January/February, as outdoor temperatures often dip to -30°C and beyond, the cold emanating, even through the rubber lined floor, makes it torturous.  Even with a propane heater running, working on the floor isn’t any fun for my fifty year old bones.  The stand, even when lowered, has been nice to work on.  Now that I’ve got access to the specs, I can source the right kind of hydraulic lift and have everything at an even more ergonomic height.

from Blogger https://ift.tt/33OsqCz
via IFTTT

Mid-November Last Gasps

The Tiger’s still purring to the
edge of winter! 

Mid November and I’m still commuting in to work!  It was -2°C while riding past frost covered grass on the way in, but a comfortable 12°C and sunny on the way home.

I should be able to two wheel it in and back for the rest of the week, but come the weekend things take a turn for the worse.  If there’s salt down and icy roads this may finally be the end.  Still, riding from the end of March (it would have been sooner but for a carb-dead Concours) until Mid-November is no bad thing.

In a perfect world I’ll be back in the saddle in March some time, and might even steal a ride or two in between,weather permitting.  That’s four months of waiting… unless I can convince my lovely wife to let me get… THE VAN (it’s still for sale).  If that happened there’s no telling where we might get to over the cold months.


That don’t look good, but it was inevitable.

In the meantime, there was a super moon!



via Blogger http://ift.tt/2f2iApP

Ongoing 360° On-Bike Photography

With some second generation parts I’ve got the on-bike portrait down to a fine art.  The Lammcou durable flexible tripod is a solid, dependable thing compared to the cheap and terrible flexible tripod I used before that I had to keep gluing back together.  The light, inexpensive and easy to use Ricoh Theta is still my favourite go to camera.  I’d like to try the higher resolution ThetaV but they aren’t cheap.

Here are the latest round of photos and video from the ThetaSC.  On the afternoon of the longest day of the year my wife and I went for a romantic ride over to where we got married almost twenty years ago.  On a rainy Saturday I put the waterproof cover on the camera and tried to get rained on.  I didn’t get wet, but I did see a ghost on the covered bridge in West Montrose.  That was a weird, atmospheric ride.

Solstice Romantic Ride:



Creepy, Atmospheric, Rainy Saturday Ride:

OK, so it’s not a ghost.  A young old-school mennonite woman was walking across the bridge complete with bonnet and black dress.  This is the covered bridge they used in the Stephen King movie, IT.  Creepy, right?

Staying ahead of the end of the world.

Dark and sinister…





from Blogger https://ift.tt/2KkLNgj
via IFTTT

Cybersecurity and the AI Arms Race

We had a very productive field trip to the University of Waterloo for their Cybersecurity and Privacy Conference last week. From a teacher point of view, I had to do a mad dance trying to work out how to be absent from the classroom since our school needs days got cut and suddenly any enrichment I’m looking for seemingly isn’t possible.  I managed to find some board support from our Specialist High Skills Major program and pathways and was able not only arrange getting thirty students and two teachers out to this event, but also to do it without touching the school’s diminished cache of teacher out of the classroom days.

We arrived at the conference after the opening keynote had started.  The only tables were the ones up front (adults are the same as students when it comes to where you sit in a room).  Sarah Tatsis, the VP, Advanced Technology Development Labs at BlackBerry, kindly stopped things and got the students seated.  The students were nervous about being there, but the academic and industry professionals were nothing but approachable and interested in their presence.


What followed was an insightful keynote into Blackberry’s work in developing secure systems in an industry famous for fail fast and early.  Companies that take a more measured approach to digital technology can sometimes seem out of step with the rock-star Silicon Valley crowd, but after a day of listening to software engineers from various companies lamenting ‘some companies’ (no one said the G-word), who tend to throw unfinished software out and then iterate (and consider that a virtue), the hard work of securing a sustainable digital ecosystem seems further and further out of reach.  The frustration in the air was palpable and many expressed a wish for more stringent engineering in online applications.

From Sarah Tatsis I learned about Cylance, Blackberry’s AI driven cybersecurity system.  This reminded me of an article I read in WIRED recently about Mike Beck, a (very) experienced cybersec analyst who has been working on a system called Darktrace, that uses artificial intelligence to mimic his skills and experience as a cybersecurity analyst in tracking down incursions.

 I spent a good chunk of this past summer becoming the first high school teacher in Canada qualified to teach Cisco’s CCNA Cyber Operations course which, as you can gather from the name, is focused on the operational nature of cybersecurity.  After spending that time learning about the cyber-threatscape, I was more and more conscious of how attackers have automated the attack process.  Did you know criminals with little or no skill or experience can buy an exploit kit that gives them a software dashboard?  From that easy to use dashboard, complex attacks on networks are a button push away.

So, bad actors can perform automated attacks on networks with little or no visibility, or experience.  On the other side of the fence you’ve got people in a SOC (so much of this is the acronyms – that’s a Security Operations Centre), picking through anomalies in the system and then analyzing them as potential threats. That threat analysis is based on intuition, itself developed from years of experience.  Automating the response to automated attacks only makes sense.

In the WIRED article they make a lot of hay about how AI driven systems like Darktrace or Cylance could reduce the massive shortage of cybersecurity professionals (because education seems singularly disinterested in helping), but I don’t think that will happen.  In an inflationary technology race like this, when everyone ups their technology it amplifies the complexity and importance of jobs, but doesn’t make them go away.  I think a better way to look at this might be with an analogy to one of my other favourite things.

Automating our tech doesn’t reduce our effort.  If
anything it amplifies it.  The genius of Marc Marquez
can only be really understood in slow motion as he
drifts a 280hp bike at over 100mph.  That’s what an

AI arms race in cybersec will look like too – you’ll only
be able to watch it played back in slow motion to
understand what is happening.
What’s been happening to date is that bad actors have automated much of their work, sort of like how a bicycle automated the pedaling by turning into a motorcycle.  If you’re trying to race a bicycle (human based cyber-defence) against a motorcycle (bad actors using automated systems) you’re going to quickly find yourself dropping behind – much like cybersecurity has.  As the defensive side of things automates, it will amplify the importance of an experienced cybersec operator, not make it irrelevant.  The engines will take on the engines, but the humans at the controls become even more important and have to be even more skilled since the crashes are worse.  Ironically, charging cyber defence with artificial intelligence will mean fewer clueless script kiddies running automated attack software and more crafty cybercriminals who can ride around the AI.  I’ve also been spending a bit of time working with AI in my classroom and can appreciate the value of machine learning, but it’s a data driven thing, and when it’s working with something it has never seen before you quickly come to see its limitations.  AI is going to struggle, especially with things like zero day threats.  There’s another vocab piece for you – zero day threats are attacks that have never been seen before, so there is no established defence!

Once a vulnerability is found in software it’s often held back and sold to the highest bidder.  If you discovered a backdoor into banking software, imagine what that might sell for.  Did you know that there is a huge market for zero day threats online?  Between zero day attacks, nation-state cyberwar on a level never seen before and increasingly complex cybercriminals (some of whom were trained in those nation state cyber war operations), the digital space we spend so much of our time in and more and more of our critical infrastructure relies on is only going to get more fraught.  If you feel like our networked world and all this cybersecurity stuff is coming out of nowhere, you ain’t seen nothing yet.  AI may very well help shore up the weakest parts of our cyber-defence, but the need for people going into this underserved field isn’t going away any time soon.


***


Where did the Cybersecurity & Privacy Conference turn next?  To privacy!  Which is (like most things) more complicated than you think.  The experts on stage ranged from legal experts to sociologists and tackled the concept from many sides, with an eye on trying to expose how our digitally networked world is eroding expectations of private information.


I found the discussion fascinating, as did my business colleague, but many of the students were finding this lecture style information delivery to be exhausting.  When I asked who wanted to stick around in the afternoon for the industry panel on ‘can we fix the internet’, only a handful had the will and interest.  We had an interesting discussion after about whether or not university is a good fit for most students.  Based on our time at the conference, I’d say it isn’t – or they just haven’t grown into the brain they need to manage it yet.  What’s worrying is that in our increasingly student centred, digital classrooms we’re not graduating students who can handle this kind of information delivery.  That kind of metacognitive awareness is gold if you can find it in high school, and field trips like this one are a great way to highlight it.


The conference (for us anyway) wrapped up with an industry panel asking the question, “Can the Internet be saved?”  In the course of the discussion big ideas, like public, secure internet for all (ie: treating our critical ICT infrastructure with the same level of intent as we do our water, electrical and gas systems) were bandied about.  One of my students pointed out that people don’t pirate software or media for fun, they do it because they can’t afford it, which leads to potential hazards.  There was no immediate answer for this, but many of the people up there were frustrated at the digital divide.  As William Gibson so eloquently said, “the future is already here – it’s just not evenly distributed.”  That lack of equity in entering our shared digital space and the system insecurity this desperation causes was a recurring theme.  One speaker pointed out that a company only fixated on number of users has a dangerously single minded obsession that is undermining the digital infrastructure that increasingly manages our critical systems.  If society is going to embrace digital, then that future better reach everyone, or there are always going to be people upsetting the boat if they aren’t afforded a seat on it.  That’s also assuming the people building the boats are more interested in including everyone rather than chasing next quarter earnings.


This conversation wandered in many directions, yet it always came back to something that should be self-evident to everyone.  If we had better users, most of our problems would disappear.  I’ve been trying to drive this ‘education is the answer‘ approach for a while now, but interest in picking up this responsibility seems to slip off everyone from students and teachers to administration at all levels.  We’re all happy to use digital tools to save money and increase efficiencies, but want to take no individual responsibility for them.


I’ve been banging this drum to half empty rooms for over a year now.  You say the c-word (cybersecurity) and people run away, and then get on their networked devices and keep doing the same silly things they’ve always done.  Our ubiquitous use of digital technology is like everyone getting a new car that’s half finished and full of safety hazards and then driving it on roads where no one can be bothered to learn the rules.  We could do so much better.  How digital skills isn’t a mandatory course in Ontario high schools is a mystery, especially when every class uses the technology.



I was surprised to bump into Diana Barbosa, ICTC’s Director of Education and Standards at the conference.  She was thrilled to see a troop of CyberTitans walk in and interrupt the opening keynote.  The students themselves, including a number of Terabytches from last year’s national finalist team who met Diana in Ottawa, were excited to have a chat and catch up.  This kind of networking is yet another advantage of getting out of the classroom on field trips like this.  If our pathways lead at the board hadn’t helped us out, all of that would have been lost.


We left the conference early to get everyone back in time for the end of the school day.  When I told them we’d been invited back on the bus ride home they all gave out a cheer.  Being told you belong in a foreign environment like an industry and academic conference full of expert adults is going to change even more student trajectories.  If our goal is to open up new possibilities to students, this opportunity hit the mark.


From a professional point of view, I’m frustrated with the lack of cohesion and will in government and industry to repair the fractured digital infrastructure they’ve made.  Lots of people have made a lot of money driving our society onto the internet.  The least they could do is ensure that the technology we’re using is as safe as it can be, but there seems to be no short term gain in it.


The US hacked a drone out of the sky this summer.

Some governments have militarized their cyber-capabilities and are building weapons grade hacks that will trickle down into civilian and criminal organizations.  In this inflationary threat-scape, cybersecurity is gearing up with AI and operational improvements to better face these threats, but it’s still a very asymmetrical situation.  The bad actors have a lot more going for them than the too few who stand trying to protect our critical digital infrastructure.  


Western governments have stood by and let this happen with little oversight, and the result has been a wild west of fake news, election tampering, destabilizing hacks and hackneyed software.  There are organizations in this that are playing a long game.  If this digital revolution is to become a permanent part of our social structure, a part that runs our critical infrastructure, then we all need to start taking networked infrastructure as something more than an entertaining diversion.


One of the most poignant moments for me was when one of the speakers asked the audience full of cybersecurity experts who they should call, police wise, if their company has been hacked.  There was silence.  In a room full of experts no one could answer because there is no answer.  That tells you something about just how asymetrical the threat-scape is these days.  Criminals and foreign powers can hack at will and know there are no repercussions, because there are none.


Feel safer now?  Reading this?  Online?  I didn’t even tell you about how many exploit kits drop hidden iframe links into web pages without their owners even knowing and then infect any machine that looks at the page anonymously.  Or the explosion of tracking cookies designed to sell your browsing habits to any interested party.

***

I’m beating this drum again at ECOO’s #BIT19 #edtech Conference in Niagara Falls on November 6, 7 and 8…

from Blogger https://ift.tt/2IHHQjL
via IFTTT