I love reading the Atlantic. I have a vivid memory of it from 1987 when I was glued to Robert Kaplan‘s in-depth report on the seeds of the Eritrean fight for independence from Ethiopia (I think it was called Surrender or Starve: the Wars Behind the Famine). His words were a major factor in my decision to focus undergraduate and graduate work on the security of the Horn of Africa. Here’s an excerpt from his 1988 report called The African Killing Fields, published in the Washington Monthly

…disturbing was the ambivalence of President Reagan on this important issue. What communists were doing in Ethiopia was far more horrible than what communists were doing in Angola or Nicaragua. But while other administration officials frequently criticized the regime in the strongest possible terms, President Reagan himself was practically silent.

A communist regime brutally uprooted its own citizens against their will, forcibly separating hundreds of thousands from their families and killing tens of thousands through deliberate mistreatment. But the impact of this cataclysm on the media, a conservative White House, and the American public was minimal.

Rather than a catastrophe, the famine was a godsend for this regime.

An AFP photo of Fidel Castro and Mengistu Haile Mariam, from the BBC

It still amazes me to this day how few people realize that it was an army of 300,000 active troops on the high plains backed by Soviet and Cuban advisors and technology that failed to defeat the EPRDF rebels (associated with the EPLF, TPLF, EPDM and OPDO). Even fewer realize almost half the EPLF troops (in a conservative, patriarchal Islamic area) were women.

Now when the US military, current advisors to the Ethiopian Army, watch venerable Soviet T-55 tanks roll into Somalia it makes me curious all again about the role of authority in the region. Anyway, the Atlantic reporters have delivered some fantastic analysis and been a great source of inspiration.

With that in mind I found a recent technology post by a senior editor amusing but sorely lacking in analysis. He titled it “The Cloud’s My-Mom-Cleaned-My-Room Problem”

…the freedom of usage that defined personal computing does not extend to the world of parental computing. This isn’t a bug in the way that cloud services work. It is a feature. What we lose in freedom we gain in convenience. Maybe the tradeoff is worth it. Or maybe it’s something that just happened to us, which we’ll regret when we realize the privacy, security, and autonomy we’ve given up to sync our documents and correspondence across computers.

I don’t see the same conclusion at all.

The author settles with one extremely narrow, perhaps even rare, ideal of parental authority and stretches it into a simile for cloud computing. Authority is an element of any relationship; but what is the probability that all cloud providers will choose to be like a parent who cleans your room? The author fails to assert why this is the only outcome or definition of parental computing.

This is not to say parental computing is a bad simile as far as authority goes (it’s bad for other reasons), but simply to state the obvious that parental styles are diverse — not all parents are authoritarian or even authoritative. It seems entirely possible for cloud computing to be based on a permissive parent computing or uninvolved parent computing model. The freedom of personal computing therefore easily could extend into a world we would call parental computing.

I have been trying to spread a specific story-line about cloud since I cooked it up for my BSidesLV presentation “2011: A Cloud Odyssey”.

Now each time I present at another conference several people come up and ask me for a copy of Cloud Odyssey and more insight into what I see as the core security issues for cloud.

So, soon I will post the 12M PDF of the 165 slide epic. It lacks all the animation and such, but perhaps it will still be handy as a reference to those who attended.

And here is my abridged take on the amazing opportunity that lies before us. My father’s generation of engineers focused on the Space Race — to put an astronaut on the moon. Overcoming the risk of space travel became a national obsession.

The cloud industry for my generation has brought to my mind several parallels to the space race. We stand at the edge of developing new and better ways to safely launch workloads into a high-risk environment. This is really just the beginning of the hyper environment. Those with lesser value assets at risk may have been able to launch first, just like sputnik had no pilot. The real test is to put our highest-value assets in a container that enables not only survival in cloud but also supports advanced procedures.

Kubrick’s movies pointed to serious downsides to centralized trust and automation. We are unlikely to prove this wrong. In fact, as I pointed out at BSidesLV, I did not pay Richard Bejtlich any money or prompt him to tweet like he was United States Air Force Brigadier General Jack D. Ripper during my Dr. Stuxlove presentation at BSidesSF. I could not have planned a better reaction. He fell into that all on his own and probably never realized the amazing irony.

My next several presentations (RSA Europe, RSA Beijing, ISACA SF) will draw on the space race parallel story in more detail. I will explain how to best reduce risk before you launch into the cloud and/or how to avoid the HAL effect once you are there.

Early in the morning on this day in 1862 soldiers of the Union stopped the Confederate offensive march north at the creek of Antietam in the fields of Maryland.

Soon we began to hear a most ominous sound which we had never before heard, except in the far distance at South Mountain, namely, the rattle of musketry. It had none of the deafening bluster of the cannonading so terrifying to new troops, but to those who had once experienced its effects, it was infinitely more to be dreaded. These volleys of musketry we were approaching sounded in the distance like the rapid pouring of shot upon a tinpan, or the tearing of heavy canvas, with slight pauses interspersed with single shots, or desultory shooting.

Nearly 100,000 men were ready to fight throughout the day. As the sun set only 77,000 were standing and 4,000 lay dead — the most casualties in one day in American history.

The majority of the Union effort was amassed at the center of the battlefield while smaller groups attacked first on the left, then center, and then the right. Their plan was to push in from a flank and only then drive forward with a numerical advantage. The initial attacks were mostly unsuccessful in making ground, however, and so the Union’s largest division never was fully engaged. The Union General was conservative and slow to react, despite having acquired a paper copy of the Confederate battle plans.

The Confederates then abandoned their offensive and retreated at night. This is believed to have been enough of an end to their march north that President Lincoln was able to issue the Emancipation Proclamation a few days later. Two months later, the Union General in charge at the Battle of Antietam was removed for failing to pursue the Confederates and win more decisively.

Update: Some interesting details in this video on how the battle set the stage for the President to renounce slavery