Tag Archives: security

Cybersecurity: After Ashley, Sony, and Target

There have been several high profile cyber attacks over the last two years, some for financial gain, some out of malice, and some from hacktivists trying to right what they see as moral wrongs. Has anything changed since these security breaches? Do we take security more seriously now? Do company leaders pay more attention to technology and security?

Grey Hat Hacktivism

I wrote about grey hat hacktivism after the breach of the Ashley Madison website. Hackers threatened to publish the names of Ashley Madison members unless the site was taken down. They did this under the guise of moral outrage that the website was encouraging and enabling adultery by matching members. The hackers later published a few of the names, and then the full list. Whether the full list was published purposefully or accidentally is still unclear.

While the hack and the revelation of member names has interrupted many lives, Ashley Madison and its parent company, Avid Life Media, are still operating as usual. The CEO resigned last year after the breach, but the company states it “continues to have strong fundamentals with tens of thousands of new members joining AshleyMadison.com every week.” If the company claims are true then the hackers did not succeed in their objective. Hopefully it has caused people to be more careful about their own security and dealings on the internet. There is no evidence that Ashley Madison has changed its security policy to prevent future hacks.

Right on Target

In December 2013, Target was breached and 40 million debit and credit card accounts were exposed. In the aftermath, Target hired cybersecurity experts to probe the network and they found that once inside, hackers had access to every single cash register in every store. Target has taken steps to ensure this particular breach will not be repeated. It is thought that the initial entry came through a heating and air conditioning contractor who had a virtual private network (VPN) tunnel into Verizon for the purposes of exchanging contracts and work orders. Once the contractor was breached, the hackers had access to Verizon through the VPN and once in Verizon, they could go out to the point of sales systems to collect customer information. Even one weak link can cause incredible damage.

It is not clear how much customer information was actually used or sold but Target suffered, at least temporarily. Short-term earnings were down after customers lost confidence in the company. The CEO and CIO both resigned over the incident and Target has since worked to examine every aspect of their network for possible security holes. In short, security is serious business now, even at the highest levels.

Sony Hack

In November 2014, hackers breached the Sony Studios network and made public information about personnel, including salaries, unreleased films, and e-mail correspondence between Sony employees. They demanded that the upcoming movie, “The Interview” not be released. The movie was a spoof about North Korea, which led to the conjecture that the North Koreans were behind the hack. I will go on record as saying that I believe that the hack was an inside job, either by disgruntled employees or perhaps even orchestrated by the company to create publicity around a potentially bad movie. In any case, the movie was not released to theaters right away and Sony Pictures chief Amy Pascal was fired. It is not clear what Sony has done to shore up their defenses from further attacks but this is a case where limited and targeted inside information was exposed instead of customer information.

Thoughts

These are just three of the recent high profile attacks perpetrated for financial gain, moral outrage or embarrassment. High-level executives lost their positions and organizations lost credibility in the eyes of customers. Here are three take away messages for me:

Security does matter and it should matter in the highest levels of an organization. In the old days, the shop proprietor locked the front door when she went home at night, but it is not that simple anymore. With the increase in cloud computing and storage, there are a lot more doors to secure. It is complex and it is important.
Organizations need to evaluate their security threats from both the outside and the inside. Employees know the systems and networks better than hackers. Are they with you or against you? How do you know?
Security matters to each individual. We need to be diligent about our own digital presence and tracks on the Internet. Are your transactions secure? Are you using solid passwords? Are you encrypting your personal information when necessary? We all have a personal responsibility in that regard.

Those are my thoughts. Let me know what you think.

About Kelly Brown

Kelly Brown is an IT professional and assistant professor of practice for the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.

The Beauty of Blockchains

2 Replies

Last year I wrote about the Bitcoin revolution and some of the implications to our financial, currency, and trading systems. At that time, a single Bitcoin was worth $1,100 but now is only worth $379. There are wild price swings and talk of dissent among Bitcoin developers, as outlined in a recent Wall Street Journal article. Whether Bitcoin or some other crypto-currency survives in the long run, I think the most interesting story is the blockchain technology behind the rise of Bitcoin and the wide-ranging uses for this development.

Blockchain Explained

A blockchain can best be described as a ledger or database that exists simultaneously on hundreds or even thousands of systems. All of these copies are cryptographically connected to ensure data security.

In the case of a Bitcoin, every time a coin or a fraction of a coin is used, that transaction is recorded on the ledger. The database or registry records who had the coin and who now has the coin, which prevents a coin holder from spending the same coin multiple times. Because this registry is replicated in several identical databases simultaneously, someone attempting to hack into a system to steal the coin would have to hack into all of the systems at the same time. Changing only one instance of the registry alerts the other systems of the fraud and blocks the transaction. If blockchains can be used for currency, what are other possible uses for this technology?

Title Chains

Anything that requires a title could make use of blockchains. When you purchase a home or a vehicle, you need to know the person selling that property really owns it. A title tracks ownership through the life of the property. When you purchase the property, you are added to the title. This process takes a lot of resources, both human and computer, and is not immune to fraud.

When I sold stock, I had to send my paper certificate to a broker to prove that I was indeed the owner. When I bought stock, the broker sent me a newly issued certificate to prove that I was the owner. Now the exchange is executed electronically, but it can still take up to three days to complete a transaction because of all of the systems and humans involved in the process. All of these transactions could be simplified by secure blockchain technology, which would be quicker and would reduce risk and amount of paperwork.

Developing Countries

I think that developing countries could benefit greatly by using blockchain technology. Many of them do not have a secure title transfer infrastructure which limits their ability to buy and sell goods and services. Blockchains can be registered in small increments, even cents, so they can be used by entrepreneurs wanting to sell locally and worldwide without employing costly brokers.

Thinking on a larger scale, if an entrepreneur wanted to start a company, they could sell fractional shares in the company with each share secured by a blockchain transaction. The computing infrastructure does not need to reside in the community or even in the country but could be anywhere in the world. The transaction costs can be a lot lower, thus ensuring that more of the profit is kept in the community and reinvested for future growth and opportunities.

Thoughts

I am excited by the fact that technologies such as blockchains can create new opportunities. Coupled with other emerging advances, such as green power and wireless communications, this has the potential to be a game changer. Let me know your thoughts.

About Kelly Brown

Implementing Privacy Policy Across Borders

1 Reply

Digital privacy and security often go hand in hand and the two will continue to be center stage in terms of information management in 2016. As we continue to work through the freedoms and accessibility that come with our connected world, we need to take a broader view than just our community and country. How will digital policy in other parts of the world affect the way we conduct business and how we protect our digital identity? An article this week about emerging policy in the European Union (EU) helped me understand the implications for my own digital persona.

Secondary Use

The EU has developed privacy and data protection reforms that could be enacted within two years. According to the new legislation, a European citizen’s information cannot be used for a secondary purpose without their consent. For example, if I agree to reveal my current location to use Google Maps or to find the nearest Olive Garden, that piece of information cannot also be used to target me for a local gym membership advertisement. Anyone intending to sell personal data would need to know the potential buyers ahead of time and must get permission from all individuals whose data may be sold. Because it will be difficult to limit this to EU citizens it could become wide-ranging. This also has implications for anyone doing data mining and analytics to create and sell information or profiles.

Profiling

Personal profiling is also covered in this recently passed legislation. While not prohibited, it places the burden on the profiler to reveal the information collected and algorithms used to create the portrait. If I eat out every Tuesday night, shop for groceries every Thursday night, and have recently searched online for chef schools, someone could conclude that I am tired of restaurant food and could target me with an ad for a local kitchen store. Before that happens however, I have the right to know just how that data mined profile is created, according to the new legislation. While this helps me as a consumer, as an IT professional I have to be careful conducting any data mining or analytics and now have to be transparent in my work and intent.

In The Cloud

While I applaud the EU for its sweeping reforms I think they will be difficult to enact and enforce. Here is the dilemma for me: how do I reconcile geographical boundaries with cloud boundaries, which by definition are ethereal? For example, as an EU citizen, the data collected about me could be housed on cloud servers in Frankfurt or Mumbai or Buenos Aires or Atlanta. Do the laws refer to me as a citizen living within the European geographical boundaries? Or do they refer to the location of my data? What if I am a German resident but my data is housed and mined outside of the EU? What then?

Thoughts

The European legislation is still at least two years away from being enacted. In that time we need to broaden our thinking beyond government boundaries and create worldwide policies regarding security and privacy. It would be difficult to specifically mark all data belonging to citizens of a particular country, but it would be easier to apply the same standard for users worldwide. It will take a concerted effort to think beyond controlled boundaries and work together to consider what is best for all digital citizens. Do you think we will ever be able to agree on global digital policies? Let me know your thoughts.

About Kelly Brown

A Hat of a Different Color

2 Replies

It used to be that computer hackers came in two shades, black hat and white hat. Black hat refers to the nefarious hacker illegally trying to exploit network and computer security holes for gain or simple malice. White hat refers to hackers trying to highlight security lapses in order to warn others and work to patch vulnerabilities. With the recent hack of Ashley Madison, it appears that there is a third type of hacker trying to right moral or political wrongs instead of or in addition to potential economic gain.

History

In the early days of hacking I read about the exploits of Kevin Mitnick. As a teenager, he hacked into the networks and systems of technology and telecommunications companies and spent over five years in prison on two different occasions after being sentenced on federal wire fraud charges. Much of his success he attributes to social engineering, or the ability to charm passwords out of unsuspecting people. Now he is an information security consultant. He is a case of a black hat turned into a white hat.

I also enjoyed the 1989 book “The Cuckoo’s Egg,” by astrophysicist Clifford Stoll, which relates the tale of tracking a hacker who broke into Lawrence Berkeley National Laboratory and used it as a jumping off point to burrow into military and defense systems. The hacker was eventually caught, with Stoll’s help, and it was discovered that he was selling stolen information to the KGB.

Computer hacking has existed since computers were connected together in a network and people sought vulnerabilities in the technology. As computer code becomes ever more complicated, it raises the possibility of errors that can and will be exploited by either the black hats for monetary gain or malice or the white hats trying to highlight the vulnerability.

Ashley Madison

The Ashley Madison hack seems at first blush to be a hack of a different color. AshleyMadison.com is a website that matches people seeking adulterous affairs. Hackers identifying themselves as The Impact Team took over the site and announced they had stolen identity information of 33 million subscribers and threatened to publish that information unless the parent company, Avid Life Media (ALM), agreed to shut down the site. It appears the hackers were angry over the content and purpose of the site but in their manifesto they also blasted the practice of ALM charging $19 to have a profile removed from the site. To prove that a profile was not completely removed from databases, they released the names of two members who had paid to be eliminated from the site.

Whether the hackers were incensed with the moral foundation of the site or the economical injustice against members, this seems to be a different type of exploit. The Impact Team could still demand ransom for the stolen information, in which case I would put them squarely in the black hat camp, or they could use this hack as a platform for their cause, whatever that may be. Either way, this will no doubt be a topic of conversation at the upcoming information security conference sponsored by the likes of Microsoft and Cisco, which is oddly named the Black Hat Conference.

Thoughts

What do you think? While hacks of this type are still clearly illegal, their aim seems to be to prove a point instead of seeking monetary gain or notoriety. I wonder what’s next? Other dating websites? Perhaps gambling sites? Let me know your thoughts.

About Kelly Brown

Travel Tech: How Do I Pay for My Croissant in Paris?

3 Replies

Summer vacations allow us to unwind, see new things, and even meet new people. As you plan your vacation, it is important to think how you are going to pay for it. With more Americans traveling overseas, you’ll need to plan for currency exchange and whether your credit cards will work in a foreign country. This post will sort out the facts of foreign travel and will hopefully prepare you for a stress-free vacation.

Foreign Exchange

I have traveled to various countries and continents around the world and my approach to money has changed dramatically. Years ago I used to go to my local bank and get all of the cash I thought I needed, in the local currency. If I were to visit multiple countries I would have to estimate the cash needed for each country. Before the Euro, I had to carry marks, pounds, and francs at the same time. If I ran out before I left the country, then I had to navigate the local currency exchange (often with a hefty fee) or the local banking system. This system was clumsy at best.

The Miracle of ATMs

The first time I used an ATM in a foreign country was in a dark alley in Dublin. I was totally amazed when the screen flashed my name and asked me the nature of my transaction. I knew then that technology was totally awesome. I was in a foreign country far from home, yet the machine knew who I was and gave me money in local currency after determining I had that money in my account. The system, the networking, and the applications all had to work together to make this magic. That was the last time I visited a currency exchange at my bank, the airport, or a train station. I was hooked.

Who Carries Cash?

Fast-forward to today and I rarely carry cash. With the worldwide network of credit card and debit card receiving terminals there is no need to carry large sums of cash. I usually get enough cash at the foreign airport ATM to pay the taxi driver and for small purchases, but outside of that I rely on my credit and debit cards. For foreign travel though, that brings up the question of whether the American issued credit card will work. Possibly not.

Chip and PIN vs. Chip and Signature vs. Magnetic Swipe

Many countries, including those in Europe and Asia, adhere to the EMV (Europay, Mastercard, Visa) standard of electronic transactions. This requires a chip and PIN type card, but many still accept chip and signature and possibly, but not necessarily, the old magnetic swipe cards. A chip and PIN system requires a PIN number to unlock the information embedded in the card. A chip and signature terminal can decode the information on the chip but does not ask for a PIN number and requires a live signature instead. The magnetic swipe has the user information embedded on the magnetic strip and requires a swipe and a signature. The newer cards being issued in America generally are the chip and signature variety. While it is a step in the right direction towards EMV standards, it is only a half measure and may not always work abroad. Consider the situation of needing to purchase a train ticket from a kiosk in Vienna in the middle of the night. That kiosk has no way to collect your signature so you could be spending a cold night in the station while waiting for the ticket office to open in the morning.

What About RFID?

One of the concerns about travel is rogue Radio Frequency Identification (RFID) scanners. Some credit cards have embedded RFID with credit card information. All U.S. passports since 2007 also have an embedded RFID chip. To be clear, this is not the same thing as the chip in a chip and PIN or chip and signature card. Popular RFID credit cards are Visa PayWave, MasterCard PayPass, American Express ExpressPay, and Discover Zip, and they generally carry a symbol of four wavy lines. You will find the same chip in many electronic lock systems. The advantage of these is that you can bump the card against or near the transaction scanner without having to remove it from your wallet. The disadvantage is that others with a scanner close enough to you, generally two feet, can also read and copy your information. There are a lot of solutions for blocking that data collection, from special wallets to Tyvek and aluminum card sleeves. My favorite is the homemade duct tape wallet with built in RFID block (tin foil). Before you invest in anything, make sure that your card even has an RFID embedded chip. I believe that with the advent of electronic pay systems such as Apple Pay and Android Pay, these cards will fade from use, as will the security concerns.

Thoughts

These are some things to think about as you plan your travels this summer. The world is a big place but it is becoming smaller through technology. Just when you think you may be in unchartered territory you will be surprised, as I was years ago when I walked into the terminal at the Frankfurt airport and was greeted by a big sign that said “American Express Welcomes You To Frankfurt.” They obviously got there before me.

I hope you will share your travel experiences this summer and any tips that you have to make the process uneventful so that you can fully enjoy the experience.

About Kelly Brown

Pervasive Computing: Lifelogging and the Quantifiable Self

Leave a reply

We recently shared an article on our Facebook page about a new mobile app developed to analyze and detect whether a person is stressed or even depressed. This app falls under the category of “lifelogging,” which is tracking personal activity data like exercising, sleeping, and eating. Going one step further, if you take the raw data and try to draw correlations to help you improve your life, you are entering into an area called “quantified self.” Personally, I like my life fairly unquantified, even though I am always trying to improve.

The app to detect depression was developed by a group of Dartmouth researchers, and their findings were presented at the ACM International Joint Conference on Pervasive and Ubiquitous Computing, held last month in Seattle. This is a fairly new area and one that interests me, so I went through the proceedings to see what I could learn. I think that some such apps and devices could be helpful to those willing to use the data they collect to work towards a goal, but other people might go overboard in data collection, with no plan to act on what they learn. Some of them are technologies to deal with other technologies that are already deployed.

Ongoing Research

Also at the recent ACM conference, there was a presentation titled “Promoting Interpersonal Hand-to-Hand Touch for Vibrant Workplace with Electrodermal Sensor Watch.” This uses a simple wrist-mounted thermal detection device to record high-fives and rewards the user with points for multiple touch encounters. It is designed to encourage more touch in the workplace, which the researchers equate with higher employee satisfaction. Basically, this is the gamification of personal touch.

There was also research on methods for detecting public restrooms to automatically turn off the data-logging feature for devices such as Google Glass and other video logging systems. Apparently there are some areas of lifelogging that are still socially taboo.

Other research focused on Internet-connected, video logging home security systems and how receptive parents and teens are to them. Not surprisingly, the study found that parents liked the ability to remotely monitor their homes, while teens felt that it was an invasion of privacy for a parent to remotely monitor their movements.

We have the technology to perform pervasive computing, but I think that we will continue to struggle with the appropriateness of lifelogging, particularly when it involves others. There are issues of privacy and issues of personal space and freedom that we need to deal with as this technology becomes more prevalent.

Thoughts

Socrates is reported to have said, “A life unexamined is not worth living.” I wonder, what is the value of a life TOO examined? It appears that technology is making that possible. Are we losing the mystery and surprise in life? Are we losing some of the spontaneity that makes life interesting when we plot and calculate and manage every twist and turn? The technology makes a hyper-examined life possible but the choice is still ours as to how or if we want to use it.

Have you used a lifelogging application or device? Did it help you, or was it more noise than value? Were you able to change your habits or behavior because of it? Let me know. I would love to hear about your experiences.

About Kelly Brown

Kelly Brown is an IT professional, adjunct faculty for the University of Oregon, and academic director of the UO Applied Information Management Master’s Degree Program. He writes about IT and business topics that keep him up at night.

How Safe is the Cloud?

Leave a reply

A lot of attention lately has been paid to the security of the cloud, particularly Apple’s iCloud service. There have been recent high profile celebrity hacks resulting in the sharing of photos that were thought to be private. The question I have been reading in the last couple of weeks, even in my local newspaper, is this: Is the cloud safe? The answer, maddeningly, is yes and no. This blog post will cover the definition of the cloud and how you can make the answer to that question “yes.”

Defining the Cloud

The cloud is really just a term for offsite storage. It is a convenient place to store files, whether they are photos, contact lists, or e-mails, so that you can access them from multiple devices in multiple locations. Say, for example, you take a picture from your smartphone and wish to view those same pictures from your tablet or your laptop or share them with friends. Rather than carrying those pictures around on a hard drive to view them on different devices or show friends, those pictures are stored in a common place, in the cloud storage. The cloud goes by different names such as iCloud, Google Drive, Google+, and Microsoft OneDrive. It also goes by names such as Pinterest, Tumblr, Facebook, and Twitter. Basically it is a common place to store, retrieve, and manipulate your files. The question then becomes: What if you want to take a picture but NOT store it in the cloud?

It’s All in the Sync

The key is to understand when your device is synchronizing with the cloud or with another device. In Android, for example, there is a Google Drive app that is an interface to help you download and sync files between your Android device and the cloud. You can also swap files between Android and your Google+ account or between Android and your Dropbox or Box account using a simple app.

Developers have done their best to make these apps intuitive and user friendly, but they have also masked the complexity of moving files back and forth to the cloud or to another device. As a result, some smartphone users just push the “sync all” button, which duplicates all files to the cloud. This is great for backup, but it also means that your files are now in a less secure area than just your phone. As recent events show, there are still some vulnerabilities in the cloud, and occasionally a cloud service is breached and personal data is compromised. One answer to this is to employ an application such as Encdroid for the Android OS, which encrypts your files and makes them more difficult to hack. Another solution is to understand where your files are and how they are getting there.

Thoughts

My challenge to you this week is to review your files and take an inventory of where you are storing everything. You may have signed up for a Google+ account and forgotten about it. When you get that new Android phone, however, you can bet the good folks at Google have a record of that account and would be happy to send all of your files to be backed up there. Be a savvy technology user and make sure you understand whether you are vulnerable and in what areas. In the end, that knowledge will make you and your data safer.

About Kelly Brown

IT Trends: How Will You Access Your Data in the Years to Come?

Leave a reply

I have been thinking lately about information technology trends and I want to highlight a few in the blog this week. This helps me to keep up on the latest in technology and I hope that it helps you as well.

The Cloud

According to a recent list from Gartner, one of the emerging trends over the next couple of years is that the cloud will become the most important data repository. This will have significant impact on IT organizations in the fact that devices such as PCs and laptops will be merely a window into the data and the applications. The computer will not actually house information; it will all be hosted in the cloud. Laptops could become simple terminals and more computing will be pushed to the tablet, which could serve the same function. With this push to mobile devices, the desktop PC could drop out of the scene completely. Device management will change dramatically, especially as employees become even more mobile.

Mobile

Another trend identified by Gartner is an increasingly mobile workforce. This includes not only telecommuters, but also those working in a progressively 24/7 world on company-issued devices as well as on personal devices. The line is blurring between the two, and IT organizations need to get a handle on who and what devices have access to their proprietary information. This goes beyond a Bring-Your-Own-Device (BYOD) policy and enters into the area of network design with an eye toward mobile security.

Security

With the movement towards the cloud and mobile devices, Sophos—the network and server security vendor—predicts there will be more attacks on personal and corporate data. They also predict mobile devices will leave personal data more vulnerable to theft, particularly through the use of apps. With larger numbers of employees working remotely and passing corporate data across their mobile devices, this trend spells trouble for the IT organization. The spotlight will be on them to keep the corporate data safe on the inside and keep viruses and intruders on the outside. More emphasis will be put on security, particularly the mobile variant. The upside to all of this is an increase in opportunities for security professionals. According to Robert Half, the staffing specialists, security professionals are one of the technical specialties in highest demand. If the trend towards mobile and cloud computing continues, this demand will become even more acute.

Thoughts

One of the benefits of trend spotting is that it points to where future opportunities lie. There is a need now for security professionals, cloud computing professionals, and those that can integrate mobile platforms with enterprise applications. If you are at a crossroads in your career, I would explore one of these areas. If you are just starting your IT career or education, I think any of these will be solid fields for years to come, with options to branch out into the periphery. Have you seen any other IT trends worth noting? Let me know. I will highlight other trends in future blog posts.

About Kelly Brown

WANTED: More Cybercrime Sleuths

2 Replies

Last week, a report released by the Center for Strategic and International Studies and McAfee suggested that “… likely annual cost to global economy from cybercrime is more than $400 billion. A conservative estimate would be $375 billion in losses, while the maximum could be as much as $575 billion.” This amount includes hard figures such as money stolen from a bank account or charged to a credit card. It also includes soft figures such as the loss of intellectual property, which is much harder to estimate. In any case, the estimated loss is more that the gross domestic product (GDP) of most countries. The good news is that IT solutions exist that will help reduce this figure.

How IT Is Battling Cyber Crime

IT is battling cybercrime in two ways. One is education of the public on safe computing and the other is through better IT security applications both for server and mobile platforms. Law enforcement agencies around the globe are starting to add more IT security specialists to their organizations. They realize that cybercrime is not a physical crime but a virtual one, although real money or property is lost. They often are not equipped to detect or enforce this type of crime so they are turning to IT specialists to provide that expertise. Credit card companies and banks are also working to devise new IT solutions to detect cybercrime before it happens. I have been issued a new credit card twice in the last few years because of activities that I did not initiate. The first was caught because there was activity at online stores that I do not or would not frequent and the security filters flagged that and notified me. The second time, it appeared that my physical card had been used within twenty minutes in Oregon and Texas. Again, that was flagged as an impossibility, so I was notified. These are examples of how IT can and does play a significant role in stopping cybercrime.

Career Opportunities as a Cyber Crime Fighter

As mentioned above, law enforcement such as the FBI and local agencies are increasing their force dedicated to cybercrime. They are looking for IT specialists in the area of IT security. They are looking for those individuals that have a degree in IT security such as Carnegie Mellon’s master’s degree in Information Security and Technology Management or certifications such as the CISSP or Certified Information Systems Security Professional. This additional training prepares you to take on the challenge of fighting cybercrime. There are growing opportunities for those who have skills in the IT security field. If your current skillset is becoming obsolete, this would be an emerging field that you should definitely consider.

Thoughts

Have you ever been a victim of cybercrime? Did you lose anything or was it detected before a loss occurred? Do you have people in your organization that are dedicated to monitoring and fighting cybercrime? Let me know your story.

About Kelly Brown

The Not So Flat World

Leave a reply

Thomas Friedman wrote a book in 2005 called The World Is Flat in which he painted a borderless world. It would be borderless in terms of trade, information exchange, resource sharing, politics, and workflow. His premise was that the Internet and associated periphery would level the playing field so that all countries could enjoy prosperity and the full employment. Nine years later, we are certainly further down that path, but there have been some setbacks and roadblocks.

Rebuilding Walls

A recent article suggests that not only is the world not flat, but borders are reappearing that indicate that countries and cultures are closing their doors, as opposed to opening them. In the article, the author suggests “the burst [of the Internet] is leading to a world that is disconnected from physical and political geography.” In other words, there are two developing worlds—one physical and one virtual—and they are not necessarily in lockstep. This idea aligns with recent blogs that I have written on virtual currencies and the retrenchment of countries after the revelation of National Security Agency spying.

Borders in the Physical World

In his book, Friedman cites the 1989 fall of the Berlin Wall as evidence that borders are opening and the world is becoming flatter. He argues that this event ushered in a new era of cooperation and a homogenization of communist and capitalist ideals. It was indeed a momentous occasion and did much to introduce western thought into former communist East Germany and beyond. The eastern block countries struggled mightily as western marketers suddenly discovered untapped consumers. They struggled to build their own industry to compete in this new, flat world. This great change aside, borders are still rising and falling as evidenced by the recent integration of Ukraine back into Russia. I think we will see more countries follow as they decide which combinations will bring them the most prosperity and stability.

Borders in the Digital World

Much of Friedman’s book focuses on the Internet as the great leveler. As people have broadened access to thought leaders, they expand their thinking beyond their geopolitical borders and are influenced by a host of outside sources. If we consider this a separate world outside of physical boundaries, then the possibilities are unlimited. Virtual currency is trying to accelerate this growth of the digital world by creating a trading mechanism, uncontrolled and independent of the currency attached to a physical country. Even the digital world has borders however, generally where it intersects with the physical world. Europe, Russia, and China are all talking about creating a local Internet where citizens trade within their own borders and are protected from influences outside of their borders. Thus, the world is becoming less flat as countries and regions struggle with how to keep their citizens secure from threats that were not supposed to develop in a flat world.

Thoughts

Two things intrigue me about this idea of a flattening world. One, the idea that there may be two independent developing worlds, and two, the fact that borders fall and borders rise in both worlds. Again, independent of each other, or at best, loosely connected.

Do you think the world is getting flatter, or do you think it is getting spikier? What do you think of the notion of two separate worlds? Let me know your thoughts.