Walled Cities & Gunpowder, Firewalls & Hackers: Ways to Think About Cyber Security & Piracy

The Walled City of Carcassonne

Defensive walls have been built around cities since before Joshua fought the battle of Jericho. For literally thousands of years, if you wanted to protect a collection of assets (people, livestock, intellectual property, real estate, etc.), you put them in a city and built a fortified wall. If you were really serious about protecting your investment, you added a moat or ditch or other obstacle and, where possible, built on the high ground.

This method of defense worked great… right up to the 7th or 8th Century in China and the 11th through the 13th Centuries in Europe. That’s when the gunpowder-powered cannon made defensive walls useless. What good is a wall with a big hole in it?

If you were a city owner, city builder or city dweller in 13th century Europe, you might have thought that the best way to survive was to scatter your people (or livestock, intellectual property, real estate, etc.) so that it would not be susceptible to invasion from cannon-wielding invaders. After all, a cannon (especially a 13th Century cannon) capable of blowing a hole in a city wall is big and the army that has to move it must stay with it to protect it. Scattering about the countryside would protect you from a serious army that used a big cannon to enter a city and pillage it.

The funny thing is… that’s not what happened. The technology (the gunpowder-powered cannon) forced changes in military strategy, political strategy and consumer behavior. It also had a profound impact on the “doing of life” for both the aristocracy and the proletariat. Cities did not get smaller – they got bigger. Since cities no longer needed walls, all kinds of things were empowered to change. Land ownership, land use, commerce, human interaction, the distance between the “country” and the “city,” even site selection for town centers adapted to the new paradigm.

Learning From the Past

So what can we learn from the relationship between walled cities and gunpowder?

There are myriad lessons, but today I’m interested in Cyber-security, Cloud Storage and Firewalls. There are several parallels one can draw with respect to the use of walls to guard things. A wall can keep primitive invaders at bay for a while… but siege engines are the “anti-wall” and the arms race can go either way on any given day.

Which begs for the question: How should one defend a collection of bits in the 21st Century? If walls can be breached with “virtual” gunpowder-powered weapons, how should we think about defense in an open environment?

Is it possible to defend a collection of bits when the bits are openly available to everyone on the Internet? If it is, are there strategic lessons can be learned from urban planners over the past millennium?

I think there are. But I want to know what you think.

A Homework Assignment for You

First, pretend that a highly protected collections of bits (like iTunes movies or music or CAD/CAM B1 Bomber Plans) are defended by “virtual” ancient city walls.

Now pretend that Anonymous or some other hactivist group has a “virtual” gunpowder-powered cannon and will have no trouble blowing a hole in it.

Now pretend that the IP stored behind the city walls wants to spread out, get bigger and become more valuable.

How will it happen? Email your ideas to me at shelly@shellypalmer.com or post something on my FB wall or follow me @shellypalmer and tweet me your thoughts.

Author:

Shelly Palmer

Shelly Palmer is Fox 5 New York's On-air Tech Expert (WNYW-TV) and the host of Fox Television's monthly show Shelly Palmer Digital Living. He also hosts United Stations Radio Network's, Shelly Palmer Digital Living Daily, a daily syndicated radio report that features insightful commentary and a unique insiders take on the biggest stories in technology, media, and entertainment. He is Managing Director of Advanced Media Ventures Group, LLC an industry-leading advisory and business development firm and a member of the Executive Committee of the National Academy of Television Arts & Sciences (the organization that bestows the coveted Emmy® Awards).

  • http://www.connectme360.com/ Brian Hayashi @connectme

    Two things: steganography and sovereignty.

  • http://twitter.com/givoly Tal Givoly

    Interesting observation. The intuitive approach is to erect taller / thicker barriers (walls, in this case, called firewalls). But as you suggest, that may not ultimately work. You suggested opening up. There are a variety of approaches to “hide information in plain sight”. They could be hashing, spread spectrum, massive error correction and other forms of specialized encoding that are barely visible (or not visible at all). The approach might be to have all data distributed publicly and broadly, but accessible only with the right algorithm and keys. The problem is that “someone” would still have the “keys” (in this case it might be a combination of algorithms, locations / portals, and keys). Nevertheless, there’s still a vulnerability. Actually, there almost always is. Even when a system seems impervious, it’s usually temporary. The “wall” may no longer be physical, or a block between one domain and another (e.g. Firewall), but it is always too low for the next generation. In terms of data protection, the solution can often be a set of concentric walls. Each in a different approach. Again, just piling on complexity against the would-be attacker. Not impenetrable, but more difficult to overcome.