The Cranky Admin

Give Me IT Liberty or Give Me Death?

It's an old battle being fought in new ways.

• By Trevor Pott
• 08/17/2017

If history has taught us two things, it is that humans yearn to be free while also seeking to restrict the freedom of others. We want safety, security, and the right to say and do as we please. We also want the "right" to tell others how they must live their lives and to force them to speak, think and behave as we feel is appropriate. We're kind of a screwed up species.

Threaten our freedom and we will fight back. Try to suppress speech and you will only amplify it. Attempts by criminals or governments to scare people into conformity only drives "unwanted" activities and speech underground. In the fullness of time, a revolution occurs, there is an explosion of creativity and then the cycle begins anew.

The World Wide Web was born at a time when progressive values were gaining strength in the western world. A generation raised on noble -- if lofty -- ideals came of age just as humanity went from the telephone to all of humanity's knowledge on a small glass slab in our pockets. The explosion of creativity occurred. Now the clampdown has begun.

If you want to know what the stock-market-breaking technologies of the next decade will be, look to those technologies which enable and counteract digital oppression. Look for technologies that seek to impose restrictions on what people can say and do, how and where they can express themselves, and most especially, technologies that automate the identification and apprehension of individuals involved in the posting of unsanctioned content or the use of unsanctioned communications.

Similarly, look to the technologies that allow all of us to evade the all-seeing eye. We've danced around this topic for a decade, and been given hints already of what this particular civil liberties battle will look like, but outright winner-take-all technological warfare has yet to occur.

Both sides -- those who would control information and those would exchange it freely -- stand on the razor's edge. Each is aware a clash is coming. Both sides are engaged in fundamental research and development aimed at ensuring that when the balloon goes up they're ready to start rapidly constructing and implementing technologies.

At the same time, both sides are extraordinarily wary of revealing what they've developed until there is a need to actually use it. Ahead of the coming battle, secrecy is key.

Corporate Defenses
The digital version of "fight the battle over there so you don't have to fight it here at home" is the ongoing battle between corporations and criminals. When the civil liberties infowars begin in earnest, we'll certainly see something new; but in the meantime, we're developing all sorts of really interesting technologies trying to defend corporate networks.

Today's most modern IT defenses are acronym heavy. There are Cloud-Based Application Security (CBAS) solutions which aim to help you secure Software as a Service (SaaS) applications that you might use. There are Cloud Access Security Brokers (CASBs) that serve as intermediaries between on-premises solutions and cloud solutions allowing on-premises security to be extended in to the cloud and/or on-premises solutions to interoperate with multiple clouds.

Isolation is a core concept. This includes microsegmentation, application isolation, hypervisors and microvisors.

Modern security relies on bringing to an end the perimeter-focused eggshell security model and accepting that compromise is inevitable. It focuses on detection of compromise, not merely prevention, and demands investments in automated incident response. It has even been codifed in law.

Then there are the "Next Generation Security" vendors that are all too often more claim than fame. These solutions are evolutions of traditional antivirus approaches to security, evolved over decades with a dash of Artificial Intelligence (AI) and a pinch of both machine learning and Big Data.

For each of these defenses the attackers have counters. They too use machine learning, AI, clouds, brokers, virtualization and isolation. Today's malware can detect when it's boxed in and when it's free to roam.

Punch and counter punch. A frenetic, trillion-dollar arms race that is part distraction, part practice arena.

Acts of Sedition
The real fight in IT is evolving more slowly. The stakes are far higher than a ransomwared hospital or a ransacked customer database. The infowars are being fought in legislatures and courts, in the dark places of the Internet and in offline information space as well.

The real fight is one of state control vs. individual liberty. It's over how much visibility nations and their law enforcement agencies should have into the lives of everyday citizens. How much of what we say or do should be monitored, catalogued, recorded and ultimately held against us?

How much liberty should the individual have to defy the state, to speak out against the ruling regime, to challenge social mores, defy taboos, flaunt beliefs and test radical hypotheses? It's a battle that humanity has fought since long before there was an Internet; computers merely raise the stakes, for all parties involved.

Computers theoretically allow governments the ability to root out dissidents, identify political opponents and their sympathizers. They also offer the promise of virtually impenetrable anonymity and security of communications, at least to those who know how to use them.

Many of the same technologies and techniques used by malicious actors attacking corporations to hide what their malware is doing are used by those seeking to build private spaces online or secure methods of communication. Many of the tools used to root out malware authors in turn are turned against those seeking to hide from the all-seeing eye.

Similarly, governments have empowered themselves to compromise the systems of others, meaning those who want to hide what they do or say from the state must also employ the latest in defensive technologies.

Opportunity Knocks
In the end, we must each make our own choices about where we believe the balance between liberty and security should lie. That debate has been raging for as long as humanity has been recording history, and none of us alive today will be the ones to settle it.

What is important to technologists and the vendors that sell to them, however, is that the security technologies, tools and techniques of our everyday lives are becoming ever more important beyond the cloistered walls of our datacenters. Our knowledge of infrastructure, cloud solutions, cryptography, scripting -- all of it -- matters. Given the growing civil unrest around the world, it might matter a lot more in a right hurry.

As automation and cloud computing shrink opportunities for traditional systems administrators, it's worth looking beyond the datacenter for your next job. Orthogonal thinking and a knowledge of technology will provide whole new careers to administrators seeking change, regardless of the side you pick.