Tag: Edtech

 ***

I made this graphic for my action research project with Canadian School Libraries. You can’t understand the medium if you’re oblivious to the message. I developed a multi-award winning program that produced some of the top digital skills in Canadian students. In thanks for that I’m told I should got back to teaching English if I return to the classroom, giving you an idea of how seriously Ontario is at meaningful cyber-education.

from Blogger https://ift.tt/Ig5mW8e
via IFTTT

 I’ve been blogging extensively for the past fifteen years. In that time I’ve accumulated millions of views, had posts republished on professional, academic and news sites and honoured an early internet ideal of freely sharing my thinking with the hopes of engaging others and perhaps making things a bit better. Dusty World was also an essential part of my teaching practice; an opportunity to critically review what I’m doing and provide perspective in order to improve my practice. In the process it prompted conversations with colleagues and (I hope) moved the needle on how we teach and use technology in education.

You may have noticed some posts have vanished recently. I’m in the process of backing them all up off-line and bringing down the tent. Reader numbers have tumbled in our brave new world of paid-for content delivered by ‘influencers’ who post for eye balls rather than quality. A blog about pedagogy was never going to compete in that sordid attention market. (Human) reader numbers have fallen as a result.

In the meantime I’m seeing bot traffic, most likely from AI engines, hoovering up my content so big tech can reproduce my voice for everyone and anyone to do with as they see fit.  I’d been willing to weather this storm because I was still reaching real educators trying to improve their practice in a technological quagmire, but public education is in survival mode these days and those looking for a fairer future with edtech have surrendered to marketing.

What pushed me into action was reading Cory Doctorow’s Enshittification. I’d urge you to buy it from your local independent book shop. If you get it from Amazon you’ll regret it by chapter five. Having wrapped it up now, I know that things are bad (I knew that before), but I also know that things could improve, though these days I’m just hoping we avoid World War Three as many countries seem to have forgotten who they are.

If you’ve been reading Dusty World for awhile, thank you for your support. If you’re one of the vanishing minority still working to create digitally literate graduates who have the tools to protect themselves in a vicious disinformation mediascape on digital devices increasingly limited by design for the benefit of billionaires, I’m a keen ally and can still be found online, though for how long I don’t know.

The urge to become a ghost in the machine is strong.

from Blogger https://ift.tt/EJ3cg1e
via IFTTT

 Background

Canada’s history and ultimately its emergence as a nation
depended heavily on citizen led militias who were willing to take up arms to
defend Canadian interests.[1]  In its early years Canada was under constant
threat from foreign invasion, and it was through militias that key battles such
as the Siege of Quebec in 1775 were won.

Figure 1 Citizen militias in action at the Siege of Quebec (1775)

Without the combined support of both French and English
citizen militias in Quebec, the lower town barricades would have fallen to
American invaders and Canada as we know it may never have been.[2]
This is one of many moments where citizen militias, in this case those from
formerly opposing colonies, joined forces and supported the regular military in
protecting an emerging Canada.

Context

Due to the complexities of modern warfare, we leave physical
military conflict to professional soldiers in the 21^st Century, but
cyber conflict is an emergent problem that every Canadian faces so passing this
responsibility to professionals has proven ineffective. From skirmishes with
cyber criminals to all out attacks by professional foreign cyber militaries on
missions to diminish Canada’s effectiveness as a society, modern cyber warfare
is aimed squarely at a citizenry who has been made helpless by deference to
central authority. This helplessness makes cyber-resiliency difficult to develop
as we have atrophied our citizens’ expectations of empowered personal
engagement.

With criminal and foreign interests focused on disinformation
aimed squarely at unprepared Canadian hearts, minds and wallets, an approach in
keeping with our militia rich past is called for.

 Looking at the
rapidly rising rate of cyber attacks (Figure 2) below, it quickly becomes
obvious that existing centralized attempts at improving cyber-literacy have
failed because with centralized authority comes the expectation that this is
someone else’s problem. The borderless nature of cyberattacks ties our police
services in knots.[3] Our
failure to monitor or effectively respond to online crime suggests dependence
on any central ‘pre-digital’ authority is problematic.

The concept of citizen led militias are fundamental to
Canada’s history and identity. By enabling modern localized cyber training and response
Canada would resolve previous failed attempts by placing the responsibility
where it belongs: with citizens.  A
localized cyber militia would also resolve several other challenges our country
faces when it comes to developing our own cyber talent[4].
Failure to act or simply repeating previous approaches puts Canada at risk of ongoing
deterioration from foreign digital attacks.

Figure 2 Statistics Canada. Table 35-10-0002-01  Police-reported cybercrime, number of
incidents and rate per 100,000 population, Canada, provinces, territories,
Census Metropolitan Areas and Canadian Forces Military Police https://www150.statcan.gc.ca/t1/tbl1/en/tv.action?pid=3510000201

Leveraging
Canada’s History of Militias to Create a Modern Citizen Based Cyber Defence

With recent increases in support for the Canadian military
due to changes in the geopolitical status quo[5],
plans for the creation and support of a citizen led cyber militia would resolve
an ongoing problem that centralization of responsibility has failed to address.

The vast majority (over 88%[6])
of data breaches in Canada ’s defences come as the result of user ignorance and
error. Canada loses over five billion dollars a year to cyber-criminal and
foreign digital interference[7].
One of the first duties of Canada’s Cyber Militia would be to peer educate
citizens on the importance of disinformation and cyber security preparedness
and make them aware of the challenges they face. This change is essential
because reported cyber criminal activity has increased over 600% since 2014[8]
while remaining one of the least reported crimes (estimates suggest over 90% go
unreported). This data makes it clear that a centralized government approach is
ineffective in developing the cyber resilience our citizens need.

Canada also suffers from a shortage of experienced cyber specialists[9].
Academic programs have proven ineffective in resolving this problem because,
like policing, cybersecurity operations are an experiential/skills-based job
rather than an academic one. The best way to produce these applied experts is
through a trades-based apprenticeship and experiential training model that
local cyber militias could provide. In doing so these units would also uncover
regional talent and reduce Canada’s cyber-gaps by spreading cyber-opportunities
evenly across the country instead of centralizing it in a few urban areas.

A Canadian cyber militia would work with and through
industry, government and civil society spheres of influence by leveraging
citizens locally and establishing individuals as responsible for Canada’s
shared digital defence. Like a militia of old these groups would depend on
grassroots support. In a field like cybersecurity which suffers from
longstanding dominance by privileged groups,[10]
supporting local militias that are protecting their home communities would
create a Canadian shield the truly covers the country.

Canada spends billions to provide centralized
cyber-awareness prevention programs[11]
that are obviously ineffective against an onslaught of increasingly automated[12]
and well funded foreign campaigns. One only need look at the data to see this. To
make cyber and foreign disinformation awareness the responsibility of every
Canadian we need to de-centralize ineffective programs and pivot to a local
militia model that places cyber-readiness in the hands of grassroots groups at
the local level. Federal services that do advanced research and active defence
are not part of this change in focus, but the programs designed to spread
cyber-awareness and access to the field that aren’t working are.

The Canadian Shield is also a weapon

The final piece of the puzzle is organizing and indirectly
supporting the most advanced cyber militias to provide reconnaissance and
arms-reach offensive cyber operations against foreign interlopers. A government
response brings diplomatic strings and bureaucracy, but this arms length approach
to offensive cyber operations has already been effectively employed by many
other countries, including those doing the most egregious harm to Canada.

Other countries have approached this in different ways.
Awash in resources, China[13]
has more people working in offensive cyber operations in their military than
Canada has in its entire Forces. Russia offers a more resource limited approach
that is also very effective with arms-length former military and industry
groups performing offensive cyber operations that are incredibly effective
without getting tangled in government expectations.

Many cyber ‘powers’ utilize decentralized approaches to make
agile, effective use of digital systems for intelligence gathering and foreign
interference.[14] Canada
has not only fallen behind in developing offensive cyber capabilities but also
finds itself trying to defend against this astonishing array of approaches. Trying
to play a game with no offence leaves you with at best a draw and most likely a
loss. The development of cyber militias would quickly reverse that trend while
rapidly enabling a full suite of options for both defensive and offensive
operations.

Conclusion

Canada has a long history of self defence using local
militias. In 2025 Canadian citizens find themselves alienated from a
responsibility that should be placed squarely in their hands. In a world where
automated, state sponsored cyber attacks are something everyone will face,
leaving awareness and responsibility to people thousands of miles away is both
ineffective and ultimately frustrating.

Every Canadian who is online will face foreign
disinformation and potential harm from state sponsored criminal cyber campaigns
in the next year, yet most Canadians think it’s someone else’s job to be aware
of them and stop them. The most astonishing aspect is that it’s Canadians
themselves who open the door to many of these attacks. It’s time to put
responsibility for cyber awareness and literacy where it belongs, locally with
citizens.

By changing its focus from a wagging finger coming from
Ottawa to a supporter of locally based cyber-awareness and future talent
development, federal (and provincial) governments would reverse decades of
damage caused by cyber illiteracy, empower Canadians to defend our country
against foreign attacks that will only grow in the coming years, and ultimately
place cyber awareness and skills development where they belong: in the
communities that so desperately need it.

Figure 3  A
Canadian Citizen Cyber Militia for the 21st Century.

from Blogger https://ift.tt/Q3UKGdO
via IFTTT

I did a research piece for Canadian School Libraries last winter that looked at how you might develop the complex, multi-disciplinary digital skills you find in cybersecurity in a relatively short period of time. When I first put it together I found myself spending a lot of the time at the front of the paper trying to define the digital skills we find ourselves lacking. I came to the conclusion that adopting high abstraction digital tools such as those you find in cyber, A.I. and other emerging technologies makes for an impossible leap when we don’t have the basics in place.

How we’ve missed this in education is a good question. Anyone with a background in the field knows that there is no such thing as a ‘digital native‘ and that this myth, which has caused so much damage as it prevents education from building meaningful digital pedagogy, kicked off what has become a multi-generational skills shortage that is doing real damage to both the economy and students’ future prospects.

Digital technology has worked its way into everything in 2025, so being unable to make productive use of it damages our ability to compete in a digitally connected world. That we continue to hum and haw about what digital fluency is and how to build it suggests that we’re not going to resolve this problem any time soon in Canadian classrooms.

We’ve seen coding and computational thinking finally worm their way into education curriculums, but this is the tip of a much bigger iceberg when it comes to understanding what digital skills are and how we should approach them.

Originally created for this post on why education is seemingly unwilling to address a persistent digital skills shortage (from 2023).

I’ve been pushing the boundary of what constitutes digital skills ever since I first got knocked out of digital technology by the compsci grads who had claimed the keys to the kingdom. It took me decades to recover and come around to the approach I have now that nurtures my hacking mindset rather than dismissing it.

A few weeks ago I attended a STEM space technology event put on by a partner of ours in Mississauga. Moonshot was designed to introduce students to the interdisciplinary nature of STEM careers – something we go out of our way to avoid in our departmentalized schools. If you’re building space technology as an electronics engineer your job doesn’t end where the wires stop, it also involves collaborating with all the other teams to ensure the electronics are working in conjunction with mechanical, communications, logistics and many other systems. Why do schools insist on siloing subjects like they do?

That siloing is also hobbling digital literacy development. The current coding/computational thinking fixation is just the latest in a long line of compsci blinkered approaches to addressing digital technology literacy. What would it look like if we represented the true breadth of digital and taught that wider scope of understanding in our classrooms? We use this technology daily to do everything from operate our schools to deliver learning across all subjects, but then avoid teaching how it all works at all costs.

At the Moonshot event I was introduced to the CEO of MineConnect, an organization that represents and works to promote the mining industry in Ontario. Our chat at Moonshot led to introductions with Science North over their Mine Evolution game. I’m hoping to get a web based version of that running on UBC’s Quantum Arcade – perhaps with a quantum add-on as quantum sensing is going to drastically improve s in how we mine in the next decade.

What does this have to do with digital literacy? The fact that you’re asking this question shows how little most people understand about where digital technologies come from, and that understanding should be a part of their literacy, don’t you think? If you look up ‘digital supply chain’ you don’t get what we need to build digital technologies, instead you only information on how to ‘go digital’. Even industry goes out of its way to ignore what digital technology is… except in rare mineral mining, hence my work with Mine Connect and Science North.

It’s incredible to me that this late in our adoption of this technology that we still go out of our way not to teach what is needed to make digital happen. The current wholesale adoption of A.I. in education is a great example of this ignorance, as was the rush to the cloud. There is no cloud (it’s someone else’s computer) and A.I. isn’t intelligent, but we’ll grasp at digital straws with willful ignorance if we think it’ll make our lives easier.

In the CSL research I created a pyramid that showed how I taught digital awareness from the ground up in my rural high school. The assumption is that ‘kids nowadays’ know all of this, but that simply isn’t the case. If you want to disable a ‘digital native’ it’s as easy as flipping a switch they don’t usually use. If you want to send a room of them into a panic unplug the Wi-Fi router (assuming you know what that is and where to find it).

Start with the physical substrata and work your way up into the more abstract realms of digital technology; starting digital fluency at coding is like starting literacy at poetry.

In grade 9 I got a lot of digitally engrossed students who thought they knew it all because adults who lack even basic digital familiarity have been telling them that for years. Revealing that this perceived expertise is merely familiarity with a couple of devices and specific software doesn’t take long. In many cases these kids had owned a series of game consoles and phones and that’s it. Familiarity with software is limited to games and social media. Very few knew what an operating system was let alone the firmware that kick start it; this is literally how all computers work yet almost no one seems to know it.

Last week I was in Ottawa doing an introduction to OSes on our cyber range. The grade 5s didn’t know what an OS was, but by the end of our 90 minutes they certainly did. They also learned the boot process any digital device goes through from firmware start-up to OS loading to where most users think computers start – when the desktop appears. They also got to interact with Linux as well as Windows on their Chromebooks (we use a cloud based cyber range so you’re not limited to the restrictive OS on your local device). None of the students knew what Linux was, but they use it everyday because their Chromebook ChromeOS is Linux based. By the end of our afternoon they were navigating the settings in multiple OSes and understood how you could interrupt boot sequences to gain control and interrupt processes.

That we hand students tools like these without any understanding of what they are or how they work is a great failure in modern education, especially as we are only accelerating our use of these machines in classrooms. Considering how widespread their use is now, digital skills have become an ignored foundational literacy.

***

How did I tackle this ever widening digital divide in my program? We started by making our lab DIY. My seniors and I built the first iteration out of e-waste and then kept improving it as we found resources. In 2015 I returned tens of thousands of dollars in board run desktops which then got converted into half a dozen chromebook carts for other classes to use. In that first year our DIY conversion saved the board over tens of thousands of dollars.

In 2016 I contacted AMD and asked if they’d provide CPUs for our next upgrade, and they did! Our board’s SHSM program provided additional funding and for a fraction of the cost of a board run computer lab we had significantly better hardware and control over installing our own OSes and software, which allowed us to provide digital learning opportunities others couldn’t reach.

By 2018 we had a mix of AMD APUs that could handle the graphic modelling we were doing in our game-dev class. This meant they were also more than capable of running any other software we needed to build digital fluency from scratch. In the process my one teacher department went on to win multiple national awards across a staggering range of digital domains ranging from coding and electronics to IT & Networking, 3d modelling and cybersecurity. DIYing is essential if we’re to build digital skills without those compsci coding blinkers on. Even worse is buying a ready-made ‘edtech solution’ which does it all for you and doesn’t teach anyone (staff or students) how technology works. It also tends to trap you in a single brand rather than striving for agnostic digital comprehension.

Having a flexible digital learning environment that we built ourselves allowed us to create unique student projects. In grade 9 that means starting with Arduino micro-controllers. Not only did these open source electronics allow us to develop an understanding of the circuits that all digital technologies depend on, it also offered a tangible approach to programming where the lines of code would produce direct outputs like turning on lights or making music. By the end of the Arduino unit students were confident in building circuits and for many it was also their first opportunity to code in text as opposed to blocks.

As you can see by the gif, getting into Arduino in grade 9 means that by grade 10 students are building customized electronics solutions to everything from the PC temperature system you see to various robotics and digital art installations. One of my seniors worked out an Arduino based fuel management system for his pickup that he then sold to others. Understanding the electronics substrata that digital operates in is imperative for well rounded digital literacy.

From that basis in electronics and introductory coding we moved to information technology and networking – two subjects studiously ignored in schools even though every one of them depends on both to operate every day. We begin I.T. by walking students through PC parts in our recently delivered Computers For Schools desktops. After covering the safety requirements for tools and working with machines that can contain enough electricity to knock you out if you don’t treat them with respect, we dug in.

The biggest point I make in PC building is about static management. As long as students respect the delicacy of the electronics (which they already understand thanks to Arduino), they quickly gain confidence and are never again tyrannized by this technology. After this unit no one calls a desktop PC a “CPU”, because that’s just one part of a much bigger device. Calling a desktop a CPU is like calling a car an engine.

We typically spend a week taking a part desktops and putting them back together. Getting them is no problem because no one wants desktops these days and CFS has piles of them they’re aching to give to classrooms. When we wrap up the IT unit anyone who wants to take their computer home can – you’d be surprised how many students (and teachers) don’t own a home computer. The best part? If it ever goes wrong they know how to fix it because the built it from the hardware up.

Once we got the hardware figured out we installed operating systems. This involves interrupting boot processes and learning how to navigate BIOSes and other types of firmware. Everyone gets to the point where they have Windows and Linux installed, but some students want to build an epic stack. This can involve adding extra hard drives and going through install processes on up to a dozen OSes. By the end of week two we’ve got OSes installed and students have explored many more than the one that came on their phone or game system (which are often Linux based). We’ve even had our share of Hackintoshes in the lab.

Our final step in the IT/Networking unit is to connect the desktops together on a local network and figure out IP addressing and all those other connectivity details most people have no concept of even though they use them daily. Building a network like this takes it out of theory and into tangible practice, as does the PC building. By the end of the week no one is calling connectivity ‘WIFI’ any more. Ethernet is ethernet and wireless is wireless and everyone knows how to configure and troubleshoot both. The motivation is that once we’ve got our network up and running on a domain where everyone can see each other we cue up a LAN party and everyone plays networked games on their DIY systems.

Our wide ranging and borderless approach to digital skills created interesting opportunities to mash up different technologies that are typically taught in siloed departments (if at all). In this case a student leveraged Arduino electronics, PC building and networking with robotics to build a whimsical LAN party robotrain.

We do eventually get to coding of course, but starting that far up the tech pyramid is absurd. High level coding languages (the only ones schools teach) are resource heavy because they spell out commands in easy to understand English (easier for humans = harder for machines). We did HTML and associated languages in grade 9 so the internet didn’t baffle anyone anymore. In grade 10 it was Python simply because it’s in such wide use. In the senior grades students choose their own coding focus, but not before I drag them through an introduction to low level ‘machine language’ programming so they have an appreciation for all the work those high level languages are doing for them. After you’ve had to do your own memory addressing, it changes you.

Leveraging this digital literacy, my seniors helped keep the tech in our building running smoothly. This not only saved money but also gave students invaluable public facing support experience. Perhaps the best example of this was our Chromebook graveyard. We would take in broken machines and then repair them with bits from others. After a couple of years of service most high schools in our board had lost over a quarter of their Chromebooks to abuse and accidents – we enjoyed a 90%+ active rate meaning more computers for more students at no extra cost.

The ‘that’s not your job’ thinking that most boards operate under prevents this kind of innovation and cost savings. I always am left wondering to whose benefit.

The other benefit was that our digital fluency made us resilient. When COVID struck and everyone else folded up their classes and went home early, the digitally fluent students in my program didn’t want to lose their semester’s work and we went online, created our own Discord and landed it remotely. It took a bit of re-culturing because the students needed reminding that this isn’t a gaming Discord – you’re at school, but they quickly adapted and were sharing 3d models, Unity code snippets, circuit designs and network details back and forth to build complex demonstrations of their skills. In many cases they were doing it on the PCs they’d built when they were in grades 9 or 10 because many parents thinking digital technology is a toy.

So what’s stopping us from graduating digitally fluent students with a wide range of skills who are ready to go into any field they choose because every one of them these days involves some kind of digital technology? I come from a time when home computers were brand new and no one had worked out how to ‘do them’ yet. In that primordial binary goo I hacked my own software and learned how to build my own hardware. My millwright apprenticeship turned to IT because of my familiarity with this new technology but I never came at it as a scientist might, but rather as a mechanic would. Hacking isn’t bad, it’s humans finding ways to approach digital technology as agents rather than consumers.

If we’re going to tackle complex interdisciplinary digital technologies like artificial intelligence with anything other than willful ignorance, we need to start building an understanding of digital from the ground up so students and teachers can see beyond the box tech companies want to keep you in. If we’re putting children on it, we should be showing them how it works so that they become more than what most of us are: consumers.

This is from a decade ago. FB has faded from relevance, but every ‘tech’ we use follows the same approach: your attention is the product being sold.

It might sound counter-intuitive, but cybersecurity offers a unique approach to tech that other subjects lack. Cyber is inherently about edge cases and encourages a ‘meta’ mindset when approaching digital environments. You’re not a component inside the system, you’ve recognized its limitations and are working beyond it where being human is not only a benefit but essential. With all the ‘AI doing it for you’ going on these days does being human matter? Other approaches seem easier and wear ‘academic credibility’ better, but what is academic credibility but another system meant to contain your thinking? If we keep our current status quo we will, at best, produce another generation of passive consumers. We’ve tried that and it isn’t going well. Time to hack this problem by putting students back in control of the technology we are using to control them. It’s time to embrace your inner hacker.

from Blogger https://ift.tt/gGkQlWP
via IFTTT

*** Simposio de Ciberseguridad de la OEA

Cyber Pirates of the Caribbean. Sorry, couldn’t help myself.

In September I got an invite to sit on a panel at the GFCE’s annual meeting. Then the Organization of American States got in touch and asked if I’d sit on their emerging tech panel at the regional pre-meeting. I guess that went well because they then asked if I’d be willing to cover for their quantum cyber specialist who couldn’t make a Cybersecurity Symposium in the Dominican Republic at the end of the month. My approach to this sort of thing is to always say yes; that’s how I found myself in Ghana last year.

Most Canadians think of Punta Cana and an all inclusive week on a resort when it comes to the Dominican Republic, but I was headed to Santo Domingo which can be a bit rough around the edges. It was an intense week of coming to understand the cybersecurity needs of a region facing the results of climate instability head on while also rapidly developing their digital economy.

Our panel was set to go on the first day, which was good – I like to get them done sooner. Co-panelist Heather happened to be coming in on a flight right behind mine so we met at the airport and shared a cab across the city to the hotel, which felt a bit like the first 20 minutes of Fury Road. Having not eaten since 5am, I sat in the empty hotel restaurant and ate a poor club sandwich that cost an eye watering $30USD while wondering what I was doing here. There is nothing like hunger and exhaustion to make you doubt yourself.

I finally got into the room and collapsed for a couple of hours and awoke feeling more like my usual, confident self; food and rest resolves most anxiety. I went for a wander around the hotel and found Heather on the pool deck watching the sun going down (dramatic sunsets in the DR). She works in AI research and we had a good chat about how it’s being used in cybersecurity and both left with enough context to take on the panel in the morning.

Our moderator got switched right before the event but Donavon was agile, knowledgeable and did a great job chasing down themes as they came up rather than following a script. The conversation dove into AI but also left space for IoT and quantum in a cyber context.

I came away from the GFCE event in DC earlier in the month cognisant of the need to keep technical detail out of these kinds of high level talks, especially if you’re talking to most of the people in the room through a translator. The technical side of cyber isn’t necessarily what you need to focus on because it doesn’t really change how most people interact with it. An easier to grasp example might be to ask if you need to have a strong understanding of the metallurgy involved in casting your car’s engine in order for you to drive it. This isn’t to say you need to simplify the the point of absurdity, but getting into the technical weeds tends to be an academic back-patting exercise rather than being helpful to the audience.

On this panel (as I’ve done in all of them), I don’t pretend I’m something I’m not. I’m a teacher, an I.T. technician and a cyber operations instructor and often refer to anecdotal cyber teaching situations to land a point. People seem to appreciate this approach because presenting material as a teacher is something everyone can relate to, and there is enough intellectual intimidation in cyber as it is. There is also enough marketing misinformation that a clear eyed, education focused approach resonates.

Our talk mainly focused on artificial intelligence but quantum did get some airtime, though many questions (as at the GFCE) orbited the complexities of trying to teach cybersecurity. As mentioned at the Serious Play Conference in August, teaching a subject that few people have the basic digital media literacy to even contextualize is a challenge. The fear that arises from this ignorance is real and makes teaching cyber especially difficult.

I’m always conscious of the Canadian perspective I bring to an international event like this. Canada seldom participates at the international cybersecurity events I’ve attended. We fund a lot of them (including this one), but finding Canadians willing to make the trip and talk the talk seems difficult. I was the only Canadian on any of the panels at this one too, though I’m hoping to change that. If international cooperation is about relationships, having Canadians talking at events like these is essential.

When asked about IoT threats I brought up two Canadian instances that resonated with the room (I was asked about them repeatedly across the week). One was my visit to the Canadian Institute for Cybersecurity in Fredericton last spring which included a look at their IoT lab. The curiosity this generated has me wondering if an OAS event in Fredericton at UNB wouldn’t go amiss. Does Canada ever host these things?

The second Canadian cyber challenge was the rash of car thefts Canada is experiencing. It’s tempting to define this under traditional criminal activity but these are new vehicles with ‘state of the art’ electronics that are being hacked, making this an IoT cyber problem. When you know enough about cybersecurity you start to think differently about how it’s integrated into your day to day life. My cunning solution is to drive manual vehicles that are ‘pre-smart’. They’re unhackable and also undrivable for most thieves. If you don’t expect technology to do everything for you, you’re not beholden to its weaknesses.

With our panel in the rearview, I made it a point of understanding the context through which Caribbean and Latin American states are tackling cybersecurity. Our very nice hotel provided bottled water because you’re not supposed to drink what comes out of the taps. It’s astonishing to me that people without available drinking water are going after digital transformation and the cybersecurity that enables it, but if you want to participate in the 21st Century economy that’s the price of admission. Perhaps digitization will solve the water problem too.

One of the first speakers at this event did a deep dive into misinformation and how it is generated using the latest in deepfake technology. Extremists are using this tech in propaganda campaigns. The corrosive effect this has on our shared media is interesting. I had a number of chats with Daniel throughout the conference and discovered that his motivating interest is in the nature of online communities and how they work in terms of social norms and expectations. This kind of decentralized, narrow (as opposed to broad) band media transmission is becoming the new norm, yet no one seems to be teaching how it is influencing society in media theory classes. It’s something I want to go after in terms of updating digital media education in Canada.

The theme of the symposium was, DisruptX:Redefining the future of cybersecurity in Latin America and the Caribbean”, so many of the talks revolved around the impact A.I. is having in cybersecurity. As in most places, it’s a force leveller. People writing phishing emails now write with perfect grammar and spelling, and don’t use form letters anymore because AI can generate targeted, articulate messages specifically for individuals. This enabling of cyber criminals by automated systems targets our ongoing cyber-illiteracy because that’s the easiest target, but that’s just the tip of the iceberg. Automated malware as a service can be purchased by anyone who can turn on a computer. The days of technically talented hackers are far behind us as AI serves to elevate anyone looking to create havoc online.

To further complicate the landscape, you’ve got state actors (including world superpowers) performing offensive cyber operations against governments, businesses and even individuals. At this cost-no-object end of the spectrum you’ve got cyber militaries operating on budgets in the billions possibly taking aim at your company or government.  If you’re a developing economy with minimal digital infrastructure, how do you possibly keep it secure against that? The short answer is you don’t, sometimes you just get pwned.

OK, so what do I do, you ask? You’ve got a couple of options when it comes to protecting your internet facing systems (in this case critical systems that make society work and provide things like electricity):

1) Put money up front building the most secure network you can, but this requires talented people who are in short supply (the cyberskills shortage isn’t just happening in Canada). It also means paying up front for something that hasn’t happened yet, and can’t be guaranteed secure no matter what you throw at it. The case for preemptive cyber capacity building remains a struggle and not just in the Caribbean, it’s a problem in Canada too.

2) The other option is to design full backup systems so you can recover when the inevitable happens, but this too requires technical talent, forethought and a willingness to invest in the future – all aspects of cyber that humans everywhere struggle with.

Like the GFCE event in Washington, a lot of time was spent thinking about governance and policy. These frameworks are vital, especially if we want to push back against human nature that isn’t likely to invest in anything precautionary. A purely passive/defensive mindset doesn’t work in cyber any more than it would in sports. The nature of this one sided game means that some of these limited resources also need to be reserved for active cyber operations, both offensive and defensive. 

I hope there is room in policy and governance to ensure that there are resources left over to support this kind of agility. This ‘just-in-time’ work often happens in companies and government agencies rather than in university research labs and needs to be more accessible to the people on the ground doing the work. So much of the research funding in Canada is tied to post-secondary institutions and is inaccessible to anyone else. This is an area where developing cyber systems have an advantage.  Agile action research in cyber by practitioners rather than solely by academics is essential if we’re to retain the ability to deal with emerging threats.

This confusion around the nature of cybersecurity (is it an apprenticeable skillset or an academic pursuit?) is another one of those evolving understandings still somewhat out of focus as we continue to define what cybersecurity is. It was nice to see one of my favourite cyber graphics come up in one of the RICET education talks reminding everyone that cyber is a complex, multi-modal field of study ranging from apprenticelike hard technical roles through management and logistics to academically intensive legal and human facing work in subjects ranging from policy and HR to education.

Like any other field of study, cybersecurity is full of nuance. We’re just not there yet because we’re still figuring out what it is.

*** Extracurriculars

Fascinating conversations and an opportunity to network without a schedule or talking points. These ‘extracurricular’ evening events are often the most informative!

The conference had a couple of extracurricular events where I often hear the most enlightening things. A delegation from the South Pacific was attending this event under the idea that they they are facing many of the same challenges that the Caribbean states are. Tim from the Cook Islands and I had many great talks about the sudden change they are going through. About two weeks before the conference Elon flipped a switch and suddenly everyone on the islands could afford high speed internet for the first time through Starlink. The rest of us have been in the digital pot as the heat has been slowly turned up over the past two decades and don’t realize it’s boiling. Can you imagine going from 90’s dial up to 2024’s AI/social media/fake-news cyber-nightmare in one week? Tim’s managing the IT there. Someone should be writing a book about this time travelling digital experiment.

The fortress in colonial Santo Domingo at sunset. The DR’s relationship with its past, like Canada’s, is complicated and unfinished.

On the final evening we got taken out to the colonial tourist area for a look around Fortaleza Ozama. Being me, I found watching the chaos of the evening commute around the castle distracting. Like the social the night before, this was an opportunity to chat with people working in cyber from many different perspectives. I’d run into Franklin from Suriname who I’d met in Ghana last year and we picked up right where we’d left off. Suriname is about to go through some dramatic changes.

When you find yourself having a drink with the head of Mastercard’s security division and the entourage from Columbian cyber, you wonder how you got here. Tim from Cook Islands’ wife messaged him asking what he was up to expecting another conference update. His response was, ‘I’m drinking rum at a castle at sunset!” Indeed.

The tour included a projection onto the fortress of the DR’s history. It reminded me of the projection show they were doing on the Houses of Parliament in Ottawa a few years ago and raised some interesting questions about how digital is insinuating itself into island life.

The seemingly incongruous VR experience at the fortress was complimented by animated digital projections throughout, to the point where it was easy to forget you were in a centuries old fortress, which is the point of being there, isn’t it?  A few times in the conference the corrosive effect of AI on regional culture was noted (AI’s fixation on large datasets tends to stamp out anything but the biggest producers of data). I suspect digitization (itself a byproduct of globalization) has a generally corrosive effect on people’s ability to be where they are. We spend an awful lot of our time taking photos to share online instead of being where we are (like the ones in this post? -ed).

*** RICET

The final day switched gears and became RICET, the Regional Initiative for Cybersecurity Education and Training, put on by the OAS and Florida International University. This focus on education and training is essential if we’re to establish sustainable and effective cybersecurity. It’s also a vital part of both figuring out what cyber is and framing it so the public better understands it.

I’ve said it before and I’ll say it again, the vast majority of cyber incidents are the result of human failure. No matter how you want to frame it, our current cyber woes arise from a multi-generational failure to develop effective digital media literacy of which cybersecurity is perhaps the most interdisciplinary and complex because it’s all about the edge cases. You can’t hack something you don’t fundamentally understand. You can’t defend against those hacks without it either.

We’ve been fixated on coding as a solution to the digital skills crisis, but digital media literacy is about much more than coding. In cyber you need flexible, stochastic approaches with familiarity across a much wider range of digital technology. I’ve met too many compsci specialists who are sidelined by simple technical issues to believe that this is the epitome of digital literacy. I also heard the dreaded term ‘digital native‘ during some of these talks, but I’m not going to get into that nonsense again here. 

RICET panels talked about the usual worries around the lack of talent, though like everyone else they spent much of the time on bandaid solutions like adult retraining instead of looking at strategic fixes like implementing nationwide cyber skills talent discovery and development in public schools that would not only address the user negligence problem, but would also resolve our cyber-professional shortage.

We’ll never resolve this global digital skilling failure with stop gap solutions. We need both short term and long term strategies, but like the funding for seemingly obvious things like network security and data backups, getting anyone to finance the future is a struggle.

Watching these earnest cyber developers working on shoestring budgets trying to make this work while Canadians literally watch drinkable water go down the toilet has me wondering why we face so many of the same challenges they do. On my way back home I messaged a colleague in cyber education and lamented the fact that cyber expertise in Canada seems to be more about marketing than it does cybersecurity. I summarized the problem with genuine cyber-education in simple terms: there’s no money in it.  That observation extends to cyber in general. One of the reasons for the high burnout rate is asking the few people who know what they’re doing to do it without the necessary resources.

I enjoyed learning about the regional challenges being faced in the Caribbean, but what always surprises me about these glimpses into international cybersecurity is just how similar the problems we all face are. In a discipline where the bad guys only have to get it right once but the defenders have to get it right every time, the only hope for cybersecurity professionals is to develop connections, build international cyber-diplomacy and work together. Circling the wagons and sharing intelligence, tools and best practices is the only advantage we have against the cyber pirates (see what I did there?) that surround us.  This event was a prime example of that kind of networking. I hope to be a part of future ones and not the only Canadian talking.

Winging out of Santo Domingo at sunrise on Delta’s A320 Airbus. What a beautiful country. Wish I’d had the opportunity to see more of it…

The Bermuda Triangle on a sunny Friday morning in October.

from Blogger https://ift.tt/VRwyqd0
via IFTTT

 I got an invite to speak on a panel at the Global Forum for Cybersecurity Excellence‘s Annual Meeting last week. It was my first time in DC since I went on a trip there with Air Cadets in the 1980s, so it was an exciting prospect. More so when I saw it was going to be taking place in the Organization of American States’ building.

Attending these things is a high wire act for me as it looked like I was going to have to self fund my way there, but then the OAS’s Cybersecurity directorate got in touch and asked if I’d sit on one of their emerging technology panels for the region of the Americas pre-GFCE meeting too, so I got hotel and flights covered.

I got in on Sunday and my hotel was in Georgetown, so I got out and about and soaked up some Washington area history – the place is thick with it! 

Day 1

The next morning, after breakfast at the Fairmont (!), we walked to the Organization of American States building only to discover it was the wrong one. We ran into Alex from Ghana who was on the OAS panel with me later that morning and he knew where we needed to go, so we backtracked four blocks to where we should have been in the first place.

I got there sweaty (DC got up to about 30°C each day) but cooled off and our talk that morning about emerging technology impacting cybersecurity was wide ranging. Kerry-Ann, our moderator, surprised me with a question about how approaching cyber challenges as a technician gives me a different (and valuable thanks to how she framed the question) insight into the rapidly changing state of things.

Talking to engineers and the legal experts doing policy is one thing, but talking to the trades people who do the operational work of keeping the lights on does offer an interesting angle. I’d been expecting to talk about quantum technology emergence, but an opportunity to speak about the value of hands-on, applied skills in the field was appreciated and well received.

Many of the panels focused on the clear and present danger in cyber at the moment: artificial intelligence. From the automation of big data analysis that humans never excelled at on the defensive side to how criminals are leveraging GenAI to produce customized phishing material well beyond grammatically incorrect emails (stretching to include deepfake video, voice, photos and other digital media), these talks were designed to assist policy makers with understanding what has come out of Pandora’s box of AI.

One theme that resonated with me was how people don’t want deep technical explanations of these emerging technologies. What they want is an easy to grasp explanation of how these technologies will impact the digital spaces they work in. This remains a problem in cybersecurity and an even bigger one in the quantum world where I just finished my secondment. The urge for academics to obfuscate and complicate their explanations of these rapidly emerging technologies doesn’t make them ideally suited for presenting on them, especially to the operations and policy people who are entirely focused on real world impacts and couldn’t care less how the maths looks.

I’ve gotten a lot of static for how I’ve simplified deep technical details in quantum in order to get concepts across, but you honestly don’t need to start neck deep in linear algebra any more than you need to have knowledge of the metallurgy involved in casting your car’s engine in order to drive it. Guess what background is really helpful in bridging this information divide: 22+ years as a teacher! Early in my career I came across a quote that described teachers as, “public facing intellectuals” and took that to mean we’re not about ivory towers and knowing more and more about less and less, but about the democratization of knowledge. Part of that comes with knowing what to keep out of the mix in order to help people get a handle on emerging technologies.

My age is also handy. Being a genuine digital immigrant who remembers a time before personal computers and the internet (I got my first PC, a Vic 20, in 1979 when I was 10), I have a big picture outlook that those who have always lived in this chaos find helpful. My other secret weapon is a university background focused on thinking and communications (philosophy & English).

After the OAS event we had an evening meet and greet at the Museum of the Americas right behind the main building, which had a permanent collection of powerful pieces looking at colonialism and culture. Upstairs they had a Spanish diaspora collection featuring the people who fled Spain during the Franco period; powerful stuff.

At the meet and greet I got to introduce Juan to Michelle and Nina from CyberLite, one of my favourite international cyber education organizations. We did an around the world webinar with them for Safer Internet Day in February, but it’s always nice to see people in 3d rather than on a screen, and introductions like this are what GFCE is all about.

Another good example of this networking was running into Christina from Global Affairs Canada. From our talks I’ve come to understand the complexities and difficulties of international cyber policy. I’m also particularly aware of how important it is to shed better light on the work our federal government does internationally. Some of this needs to be kept on the down low for security reasons, but much of it (and especially on the diplomacy side) needs more media coverage so Canadians better understand the work that their representatives are doing on their behalf. Being purely insular and defensive doesn’t work in sport and it won’t work in cybersecurity either. If we can help other countries develop better cyber capacities, we all win, and that starts by doing the hard work and developing trust.

Day 2

The next day we were up early again and this time took an Uber to the right building (kind of, it still took us to the wrong one first), and began the Global Forum for Cybersecurity Expertise Annual Meeting.

Our panel came up quickly and Juan brought in a fantastic angle focusing on the Global South and the formation of a ‘quantum divide‘ that will, like the digital one, further separate developed countries from everyone else. I’ve seen this happening with tightening restrictions on public facing quantum education resources. In some cases this may be under the auspices of national security, but the end result remains: countries that have the resources to develop quantum technologies will have capabilities that the others can only dream of.

There is also an academic ownership of quantum that favours those with the resources to spend most of their lives in post-secondary. Quantum mechanics is how the universe works, yet most schools stick to Newtonian physics because it’s intuitive and easier to deliver, except that Newtonian truth is a fiction caused by our scale. If you look closer, it is (as Brian Cox says) quantum all the way. We need to demystify our best understanding of how the universe works so that everyone can grasp the technologies that are emerging out of this science.

Our panel couldn’t have happened without a secure internet because our moderator was virtual in Europe and one of the panelists was in Central America. This highlights the importance of the awareness I’ve been doing in Canada and beyond around quantum encryption readiness in cybersecurity. In a few years that secure internet may be a thing of the past.. After we wrapped up our panel I showed Juan the William Gibson quote about the future already being here, but not evenly distributed.

The idea of a growing quantum divide is another indicator of the state of maturity of rapidly improving quantum computers. I’m motivated to continue my ‘technology literacy for all’ approach (which includes quantum and AI) because no one should make the technologies that have the best chance of helping us save ourselves from ourselves proprietary. I also have a nagging urge to help everyone reach their maximum potential regardless of how much they have in their bank accounts.

The end of day event on day two was both uplifting (it was a retirement party for founding GFCE president, Chris Painter), but also profoundly insightful. When someone with extensive, top draw international research resources tells me that they aren’t worried about AI taking us down because climate collapse will get us first, I listen. Moments like this make me vividly aware of just how fragile the house of cards we’re standing on is. If we don’t come together to make it accessible, secure and safe, that house of cards is coming down.

This observation feels even more perilous because of the book a colleague suggested that I’m two-thirds through. Advocating for long term thinking in human societies that only reward short term gain is a challenge, but the most recent chapter is about how all civilizations collapse. Historically this happened regionally (Roman Empire, etc), but the global civilization we’ve built this time is going to crash harder, and when it collapses we’re going to be wishing we had made some of Asimov’s Foundations in order to recover more quickly (assuming we don’t make our only habitable planet uninhabitable in the process). That’s the thing about attending a GFCE event – it makes you reflect on the big things (kinda like Tamara’s book recommendations).

Day 3

All of the delegates from dozens upon dozens of countries coming together in DC to make digital transformation secure and accessible.

Day three began with the women in cybersecurity breakfast. The moderator at our table told hair raising stories of her being in the first female engineering cohort in South Africa and the overt sexism they faced. I told them about Canada’s tragic history with this kind of sexism, which the table found astonishing – Canada is considered forward thinking until we’re a bit more forthcoming about the dark currents in our history. I also told the story of the quiet sexism that made founding the first all-female cybersecurity team in our school so difficult. It amazes me that half our population experiences these systemic prejudices and that equality isn’t something we’re likely to get to before the 22nd Century.

These GFCE events are thick with insights and opportunities that lift your head out of your personal context and prompt you to consider the big problems we face. I’ve tried to cover the main pieces here, but there are so many more that I’m still subconsciously noodling on.

The emerging tech panel on AI towards the end of the day was another of those eureka moments. The policy expert from France’s advanced technologies department had a good response to my question about how we devise policy for near future AIs that will have the agency and resources to ignore them, not out of spite, but because even considering them isn’t in their programming. She referenced the US Section 230 law that let social media run rampant and pointed out that if we recognized this cautionary tale we’d be able to better direct AI use now. A sharp response, but I think the AI horses are out of the barn and will shortly have the capabilities to do real damage to our digital infrastructure. I remain curious as to when AI policy to try and restrict development turns into defensive policies designed to mitigate the damage that self-directed AIs will do to our piecemeal global network.

I ended the event having lunch with Abdul, my swimming buddy from Accra, and Juan, my co-conspirator. What do you talk about at a Nigerian/Canadian/Mexican table? Abdul told me he is in ‘legacy mode’, which is a great way of framing your closing professional years. I enjoyed our talks in the pool at Accra City Hotel because Abdul always seems to see beyond the horizon. Taking a minute to soak up that wisdom is never wasted time. He was going to see his friend’s grave and visit his cousin after the event. These seemingly technical meetings can be profoundly human, if you let them be.

We wrapped up our time at the OAS HQ, but we weren’t quite done yet. At the museum event Monday night we met a Spanish attaché and that prompted an invite to the embassy for a Wednesday evening networking event. It was a short walk from the hotel and I talked to a lot of people but really got into it with Jose Manuel who runs telecoms and startups in Spain including a new one that helps you park your boat in a marina you haven’t visited before. Besides travel, work life balance and entrepreneurship, we also had a good chat about the innovative quantum key distribution research around mesh networking QKD into live networks that he is in the vicinity of. I’m hoping to follow up and develop some transatlantic connections that move us all forward.

***

I must have covered 20+ kms on foot over the week (in dress shoes!), but I have no regrets about the schlepping or having to self fund some of this. Hope is hard to find in 2024, but the GFCE exhales it like plants give off oxygen. Just as the GC3B in Ghana did last fall, my mind is left turning over the complex challenges and opportunities that this meeting highlighted. If you’re looking for organizations that improve your practice, expand your context, and challenge (and enable!) you to take on the seemingly insurmountable global issues we face, meeting the OAS and experiencing my second live GFCE event has done just that.

DC looking like a postcard on the ascent out of Reagan Airport.

Just over 500kms as the crow flies from DC, I was back in The Six before I knew it!

from Blogger https://ift.tt/gCkRlGf
via IFTTT

The Serious Play Conference took place in August at University of Toronto’s Mississauga (Erindale) campus. Even though I’d fallen off the end of my secondments, gamification has also been a central tenant of my teaching practice and I’ve been actively researching cyber-education using immersive simulations for the past four years, so I took this opportunity to present what I’d found.

Paul Darvasi runs this conference. I met him last summer when we did a quantum training week together at UBC in hopes of building a quantum game that takes the academic privilege out of how the subject is presented. That hasn’t yet come to be, but I did manage to recently get our quantum arcade idea funded (from Finland because finding that kind of support for emerging technology education in Canada isn’t easy). Canada likes to be surprised by emerging technology in education rather than getting in front of it.

Quantum Arcade Pitch Deck for Unitary Fund.pptx

Games have played a central role in my life. I got into Dungeons & Dragons in a big way in my teens and my first long distance road trips were with friends to GENCON in Milwaukee in the late 1980s (where I got to play a tournament round of D&D with Gary Gygax!!!). As a result my teaching practice has always been informed by those early years dungeon mastering. If I have an opportunity to create a simulation or immersive gaming experience in my classroom, I’ll go out of my way to arrange that rather than falling back on worksheets peddling dimensionless knowledge transmission. My experience has shown me that suspension of disbelief can be a powerful learning tool if the gamified learning experience is pedagogically viable.

My presentation at Serious Play was specifically about how immersive simulation can help learners tackle subjects that might scare them into disengagement. By using suspension of disbelief, subjects like cybersecurity can be approached without out the risk aversion prompted by worries about breaking technology almost no one understands because we seem to have given up on modern media literacy about two decades ago.

I’ve put students on Field Effect’s Cyber Range in classrooms across Canada. In some cases they were competitive CyberTitan teams containing students with the top 1% of digital skills in the country, but in most cases it was with the other 99% who had never touched cybersecurity at any time in their learning journey. With the right scaffolding and support even the newest of n00bs can get their hands dirty iteratively learning essential cyber skills in this digital sandbox:

Engaging Canadian education with cybersecurity remains an uphill struggle, but cyber sandboxes like Field Effect’s Cyber Range offer a solution.

The Serious Play Conference had a wide range of educators working in digital and analogue simulation across a staggering range of subject areas. From museums engaging patrons to a think tank designing war games for the Canadian Forces, it was a tour de force of what immersive simulation and gaming can do to engage and teach in every learning context.

I was absolutely thrilled to learn that our all Canadian made simulation that offers a key to cyber-education – one that is more advanced than the systems we use when our CyberTitans take part in CyberPatriot south of the border because it allows for interactive networking between virtual machines instead of just putting students into isolated desktop VMs – won the gold medal for K12 immersive learning simulation.

ICTC and Field Effect have worked hard to get this world class immersive learning opportunity in front of Canadian students. The trick now, as it has always been, is to get insular Canadian education systems who have taken a head-in-the-sand approach to cyber education to pick up this federally funded, world-class tool we’ve built and use it to get past their own fear and ignorance and begin teaching essential defensive 21st Century digital skills.

Join the competition and sign up student teams of 4-6. There are middle and high school divisions and community groups are also welcome to participate.

from Blogger https://ift.tt/owIO9YQ
via IFTTT

What have I learned from working inside the AI black box with Aman & Henry?

I’ve been working with generative artificial intelligence with students in my computer technology program since 2018 when we were fortunate to get a new grade 9 whose dad was on the team that brought IBM Watson to Jeopardy. That got us connected to IBM cloud and building AI chatbots five years before the “AI revolution” everyone has been caught out by.

That wasn’t our first point of contact with AI though. I’d been keeping an eye on AI dev as far back as 2015 because we launched our gamedev course then and getting handle on building intelligent responses to player actions in our games immediately became our biggest challenge. Thanks to Gord and IBM we were able to get our juniors familiar with AI prior to asking them to take on significant software engineering challenges with it in the senior grades.

I presented on AI use in the classroom at the ECOO conference pre-COVID in fall of 2019. Gord from IBM even came all the way down to Niagara Falls to offer world class suppport. The room was all but empty:

This is how many Ontario educators (already interested in edtech because this is ECOO!) you get in an introduction to gnerative AI in 2019 (yes, it was four in an otherwise empty room). Ahead of our time (again)? Four years later it’s an emergency and suddenly there are education AI experts everywhere. I wonder where they were in 2019.

If you ever wonder why education always seems two steps behind emerging technologies that will have profound impacts on classrooms, here’s a fine example. Except you won’t even see four people sitting in an empty room in 2024 because all edtech conferences like ECOO focused on teacher technology integration have evaporated in Ontario.

***

OK, so I’ve been banging my head against pedagogically driven AI engagement in education for almost a decade only to see it swamp an oblvious education system anyway, so what’s happening now? I’m ressearching the leading edge of this technology to see if we can’t still rescue a pedagogically meaningful approach to it.

In the summer Katina Papulkas from Dell Canada put out a call for educators interested in action research on AI use in learning. I’ve been talking to Aman Sahota and Henry Fu from Factors Education over the past year looking for an excuse to work on something like this, so I pitched this idea: De-blackboxing AI technology and using it to understand how it works.

Our plan is to use the Factors AI engine that Henry himself has built and Aman administrates to build custom data libraries that will support an AI agent that will interact with students and encourage them to ask questions to better understand how generative AI works. As mentioned before on Dusty World, GenAI isn’t intelligent and it’s important that people realize what it is and how it works to demystify it and then apply it effectively. Getting misdirected by the marketing driven AI hype isn’t helpful.

So far we’ve built modules that describe the history and development of AI, how AI works and the future of AI. In the process of doing this I’ve come across all sorts of public facing research material that breaks down generative AI for you (like Deep Learning from MIT Press), but it’s technically dense and not accessible to the casual reader.

During the last week of August Factors had a meeting with interested educators through UofT OISE (their AI system came out of the OISE edtech accelerator). I demonstrated in the presentation how the AI engine might be used to break down a complex article for easier consumption through agent interaction. The example was WIRED’s story on how Google employees developed the transformers that moved generative AI from a curiosity to real world useful in the late teens. I picked this one because it explains some of what happens in the ‘blackbox’ that AI is often hidden in.

With some well crafted prompting and then conversational interaction, students can get clear, specific answers to technical details that might have eluded them in the long form article. The reading support side of GenAI hasn’t been fully explored yet (though WIRED did a recent interesting piece on cloning famous authors to become AI reading buddies as you tackle the classics which is in the ballpark).

What have I learned from working in the engine room (BTW, that image at the top is Adobe Firefly’s AI image generator) building an AI data library and then tuning it? AI isn’t automatic at all. It demands knowledgable people providing focus and context to aim it in the right direction and maximize productive responses with users. An interesting example of this was finding documents that provided relevant data on the subjects we wanted the AI to respond to. When I couldn’t find specific ones Henry suggested using Perplexity, an AI research tool that coalates online sources and then gives you concise summaries along with a bibliography of credible sources.

I thought I was being perverse asking Factors to design an AI that expalins AI using AI, but Henry’s always a step ahead. His suggstion is to use an AI to build a library of information to feed the AI engine that then uses AI to interact with the user… about AI. It’s turtles all the way down!

from Blogger https://ift.tt/Txde0sn
via IFTTT

 This was originally posted on the Canadian Cybersecurity Network’s CyberVoices page: Stay With Me, this is Going to Get Quantum Weird 

Canadian Cybersecurity Network’s CYBERVOICES.

***

Science and technology were making great strides at the end
of the nineteenth century, to the point where we were beginning to discover
problems with the reality we thought we lived in. Newtonian physics does a
great job of describing what we see around us, but it turns out this is an
illusion created by the scale at which we operate. It’s like thinking the earth
is flat because it looks that way, but it only looks that way because we’re not
big enough to see it; reality is in the eye of the beholder.

What we discovered as we looked closer with better
technology was that the universe isn’t a deterministic machine. The double slit
experiment caused great confusion because it looked like light was both a wave
and a particle. Rutherford’s gold foil experiment suggested that the recently
discovered atom was almost entirely empty space. Most of what you breathe in is
vacuum! The universe is much stranger than we first thought, and it isn’t
deterministic at all, but very much probabilistic. Einstein hated this ‘spooky
action at a distance’ quantum nonsense, but through the 20^th Century
we’ve come to understand that this is how the universe works.  Most people don’t know this because education
finds teaching science in a Newtonian way easier. Professor Brian Cox has a
good quote in his book, The
Quantum Universe: “It’s not Newton for big things and quantum for small
things, it’s quantum all the way.”

This emerging quantum awareness created the first quantum
revolution. Once we recognized that quantum effects happen around us all the
time, we started designing technology that made use of these newly discovered natural
phenomena. If you think this is only for exotic university labs, you’re wrong. The
flash memory that you’re likely reading this through depends on quantum
tunnelling to work, as do lasers, MRIs and super conductors.

So, what’s all this talk about quantum computing and what
the heck does this have to do with cybersecurity? In the 1970s many researchers
started theorizing about quantum computing and Richard Feynman put it together
in the early 80s, then the race was on to build the theory. What’s the
difference between this and passive 20^th Century quantum technology?
We’ve developed the technology and theory now to engineer quantum outcomes
rather than just using what nature gives us. As you might imagine, this is
incredibly difficult.

I had an intense chat with Dr. Shohini Ghose, the CTO of the
Quantum Algorithms
Institute at the end of our quantum cybersecurity readiness training day
this week in BC. She was (quite rightly) adamant that we can’t know quantum
details without observing them and when we observe them, we change them, but my
philosophy background has me thinking that I’m going to try anyway. An
unobserved universe is entirely probabilistic. It only becomes the reality we
see when we perceive it. It reminds me of the crying angels in my favourite Doctor Who episode.
This bakes most people’s noodles, but the math clearly indicates that in
measuring a photon’s location we can’t also know its velocity and direction –
that’s the uncertainty
principle in action. I’m probably wrong about all of that, but I’d rather
people take a swing at understanding this strangeness rather than being afraid
of being wrong.

Alright, we’re halfway through this thing and you haven’t
mentioned anything cyber once! If you think about the electronic systems we
use, they’re entirely Newtonian. They reduce information to ones and zeroes and
produce the kind of certainty we all like, but this is a low-resolution approach
that is about to hit its limit. We’re building transistors so small now that electrons
are tunnelling through the nanometer thick walls (atoms are mainly empty space,
remember?) between transistors, rendering future miniaturization impossible;
we’re nearing the limits of our Newtonian illusion. That means the end of
Moore’s Law! Panic in the disco!

Quantum computers don’t use electronics as a common base. A
quantum computer processor might be ionized particles, or photons, or nanotech engineered
superconductors, and those are just a few of the options. By isolating these
tiny pieces of the cosmos away from the chaos of creation and applying energy
to them in incredibly intricate ways, we can create probability engines that
use astonishing mathematics to calculate solutions to problems that linear
electronic machines could never touch, but unlike classic computers we need to
do this without observing the process or all is lost. Imagine if you had to
design the first microprocessors in the dark and you’re a fraction of the way
towards understanding how difficult it is to build a quantum computer, but it’s
happening!

We’re currently in what’s called the NISQ (noisy
intermediate scale quantum) computing stage. We’re still struggling with
applying just enough energy to get a particle to polarize how we want it to,
all while keeping the noise (heat, radiation) of reality out. That’s why you
see quantum computers in those big cylinders as a chandelier. The cylinders are
radiation shields and containers to cool everything down to near absolute zero
(gotta keep that thermal noise out), and the chandelier is to keep the electronic
noise of the control systems (old school electronics) away from the quantum
processor.

My favourite quote from the PhDs I’ve talked to is, “a
viable quantum computer is five years out. And if I’m wrong, it’s four years.”
What does that mean for ICT types? Quantum computers don’t do linear. When you
give them a problem, they leverage that state of being everywhere at once to
produce massively parallel computing outcomes completely foreign to what we’re
familiar with in our multi-core processors. Quantum algorithms are designed to
blackbox the calculation, so observation doesn’t spoil quantum processes and
then spit out answers as probabilities.

What does that mean for cybersecurity? Peter Shor came up
with an elegant idea in the mid-90s that uses a Quantum Fourier Transformation
to calculate the periodicity in prime number factoring. If you can calculate
the period of two large, factored primes (there is a repeating pattern), you
can reverse engineer those primes. In RSA encryption or anything else that uses
factoring you could calculate the private key and tear apart the encrypted
transport layer handshakes rendering secure internet traffic a thing of the
past. From there you could imitate banks or governments or simply decrypt
traffic without anyone knowing you’re there. You won’t see cybercriminals doing
this because the tech’s too tough, but nation states will, though you won’t see
them either because they will be quietly collecting all of that encrypted
online data Imitation Game
style. This process may already have begun with harvest now, decrypt later (HNDL).

There is much more to quantum technologies in cybersecurity
than the encryption panic though. Recent research suggests that instead of running
into limits with electron tunnelling in transistors, our new quantum 2.0
engineering could leverage this quantum effect to create Qtransistors
magnitudes smaller and much faster than what we have now. Cybersecurity will
have to integrate that technology as it evolves. Quantum communication is
another challenge. NIST
is making mathematical quantum resistant algorithms as I type this, but you
could also leverage quantum entanglement itself to create quantum key encryption.
China has an entire network of satellites testing these hack proof comms links
now. There could be quantum locked portions of the internet in 15 years where
high security traffic goes. Guess who is going to have to manage those secure networks.

If you’re in cybersecurity there is much more to quantum
than panicking about encryption. Anyone in the field would be well served by
digging in and researching this fascinating technological emergence. My
colleague, Louise Turner, and I presented at the Atlantic Security Convention
on this in April. Give
our presentation a look. There are lots of links to fascinating resources.
It’s time to free your mind, Neo.

from Blogger https://ift.tt/qsxtof7
via IFTTT

 It’s been one of those months when possibilities for the future keep going in and out of focus. My secondment ends in August. There might be a possibility of an extension, but there are questions around whether or not I’m allowed to do it contractually. There are also questions around whether or not I want to go back into the classroom at all. Here are some of the things that have happened in the past few weeks that have me up at 5am after a14+ hour work day that should have knocked me out for a full night of sleep…

I did a ten day run across the Maritimes a couple of weeks ago. This involved a teacher PD day in Nova Scotia on a Saturday and then in class enhanced technology training days in schools across New Brunswick which mainly focused on trying to leverage the national CyberTitan cyber range competition images from previous years with students with varying backgrounds in cybersecurity. This isn’t edtech as you know it, it’s leading edge technology being leveraged to teach complex, interdisciplinary ideas that we can’t usually get anywhere near in the classroom.

The first day in Fredericton was frustrating due to technical difficulties and pedagogical challenges. Using state of the art cloud based cyber range simulations is always going to be a stretch in classrooms. Doing it on the IT infrastructure in schools is like trying to drive a Formula One car on a dirt road. The range of student skill made it impossible to sufficiently differentiate in order to land everyone in Vygotsky’s zone of proximal development and technical issues only complicated matters further. I finished the day exhausted and frustrated.

Day two completely restored my faith in this experiment. Oromocto High School has a brilliant computer technology instructor who has built a strong community of CyberTitans and the computer lab we were in was fit for purpose. We had a great day on the range where I got to see students grasp concepts that even CyberPatriot can’t address due to it’s old-school desktop virtual machine approach. On top of that I learned I am not alone! Blair, who runs the program at OHS is also Cyber Operations qualified, making us the only two I know of in Canada. Teachers like to invent their own certifications (and degrees) for education technology rather than explore relevance with what everyone else is doing, so it was nice to meet another willing to take on the challenge of a globally recognized industry cert.

Over the week I got to iterate with schools with little to no CyberTitan experience and even a middle school. There are edge cases around exceptional teachers where this kind of enhanced learning is not only possible but essential if we’re to develop students capable of surviving the very technologically disruptive future we all face. One of my key takeaways in that week was to emphasize the importance of tending to these unicorns, they are few and far between.

I wrapped up the trip in Charlottetown where our local partner and I had a great chat with CBC radio about how to build genuine cyber-fluency. This is like starting a fire with wet wood. It takes skill, determination and collaboration to make it work, and none of these things are easily found in Canadian education. Having now taught in classrooms from BC to Newfoundland, I’ve been fortunate enough to experience the wildly inconsistent landscape of Canadian education (there is no such thing, we are the only developed country in the world without a national educaiton strategy), but there are commonalities, like the staggering lack of digital skills we graduate students with. Nurturing local expertise is a way to scale this up. I hope administrators from coast to coast recognize and focus on that.

I finally cracked the TV egg and found myself on CBC Compass. The final question there was a big one, but I stand by my answer: we need to be teaching meaningful digital literacy so that our students can operate safely and effectively in an increasingly technology dependant world. We indeed face global challenges that threaten our future. If we don’t start learning the tools at our disposal effectively, we’re not going to solve them.

The frozen sea on an empty PEI shore…

from Blogger https://ift.tt/msoNLAz
via IFTTT