《MikkoHypponen_2013X[米科.海坡能][美国如何出卖了世界——采取行动的时候到了].pdf》由会员分享,可在线阅读,更多相关《MikkoHypponen_2013X[米科.海坡能][美国如何出卖了世界——采取行动的时候到了].pdf(7页珍藏版)》请在taowenge.com淘文阁网|工程机械CAD图纸|机械工程制图|CAD装配图下载|SolidWorks_CaTia_CAD_UG_PROE_设计图分享下载上搜索。
1、www.XiYuS锡育软件The two most likely largest inventions of our generation arethe Internet and the mobile phone.互联网和手机可以说是 我们这个时代 最为重要的两大发明了00:12Theyve changed the world.它们改变了整个世界00:22However,largely to our surprise,they also turned out to bethe perfect tools for the surveillance state.然而,令我们非常吃惊的是 它们同时也
2、成为了 用于国家监视的完美工具00:24It turned out that the capability to collect data,informationand connections about basically any of us and all of us isexactly what weve been hearing事实上,收集关于我们 每个人或者说所有人的 数据、信息以及关系的这种能力 正是这个夏天从00:35throughout of the summer through revelations and leaksabout Western intelligence a
3、gencies,mostly U.S.intelligenceagencies,watching over the rest of the world.西方情报机构 特别是美国情报机构 所透露或者泄露的 这些情报机构监视着世界其它地方00:48Weve heard about these starting with the revelations fromJune 6.六月六日开始 陆续听到一些泄露的消息01:02Edward Snowden started leaking information,top secretclassified information,from the U.S.in
4、telligence agencies,and we started learning about things like PRISM andXKeyscore and others.斯诺登开始透露 那些来源于美国情报机构的 顶级机密信息 于是我们也开始了解到一些 诸如菱镜计划和XKeyscore的事情01:09inventions:n.专利发明(invention的复数);创意曲 surveillance:n.监督;监视 revelations:n.启示录(书名)agencies:n.代理;代理处(agency的复数)Snowden:n.斯诺登(姓氏)leaking:n.漏泄,渗漏;耗散/a
5、dj.渗漏的,泄漏的/v.渗漏;泄露(leak的ing形式)PRISM:n.棱镜;晶体数棱柱And these are examples of the kinds of programs U.S.intelligence agencies are running right now,against thewhole rest of the world.这些都是美国情报机构 正在运作的项目 以此对抗世界其它国家01:22And if you look back about the forecasts on surveillance byGeorge Orwell,well it turns ou
6、t that George Orwell was anoptimist.如果你回顾一下乔治奥威尔 有关监视的预言 你会发现 奥威尔的确是一个乐观主义者01:32(Laughter)We are right now seeing a much larger scale oftracking of individual citizens than he could have everimagined.(笑声)如今我们看到的是大规模的 对普通民众的跟踪 这远远超出了他最初的想象01:45And this here is the infamous NSA data center in Utah.这就是
7、那个臭名昭著的 美国犹他州的NSA数据中心01:56Due to be opened very soon,it will be both asupercomputing center and a data storage center.在不久的将来开放后 它将成为一个超级计算中心同时也将成为一个超大数据中心02:03You could basically imagine it has a large hall filled with harddrives storing data they are collecting.你几乎可以想象那个被硬盘设备塞满的大厅 无时不刻都在存储 他们收集来的数据
8、02:11And its a pretty big building.这是一幢巨大的建筑02:19How big?Well,I can give you the numbers-but thatdoesnt really tell you very much.具体有多大呢?我们来看一个数据 可能你对这个数据也没有太多概念02:21Maybe its better to imagine it as a comparison.我们最好通过比较来想象02:27forecasts:n.气象通信预测;展望(forecast的复数)/v.预言;作预测(forecast的第三人称单数)optimist:n.
9、乐观主义者;乐天派 infamous:adj.声名狼藉的;无耻的;邪恶的;不名誉的 storing:n.储存;保管/v.储存;供应(store的ing形式)/adj.存储的You think about the largest IKEA store youve ever been in.想想你去过的 最大的宜家家具吧02:31This is five times larger.它将是宜家的五倍大02:35How many hard drives can you fit in an IKEA store?想想你能在宜家塞进多少硬盘设备吧02:38Right?Its pretty big.是吧?数
10、目的确非常巨大!02:41We estimate that just the electricity bill for running this datacenter is going to be in the tens of millions of dollars a year.我们估算仅用于运行 这个数据中心的电费 每年就需要数千万美元02:43TED演讲者:Mikko Hypponen|米科.海坡能演讲标题:How the NSA betrayed the world.s trust-time to act|美国如何出卖了世界?采取行动的时候到了内容概要:Recent events ha
11、ve highlighted,underlined and bolded the fact that the United Statesis performing blanket surveillance on any foreigner whose data passes through an Americanentity-whether they are suspected of wrongdoing or not.This means that,essentially,everyinternational user of the internet is being watched,say
12、s Mikko Hypponen.An important rant,wrapped with a plea:to find alternative solutions to using American companies for the world.sinformation needs.近期的一些事件都已陆续向我们强调着一个事实,那就是美国一直在对其它国家经过美国服务器的数据施行彻底监视,而不管他们是否做了什么错事。如米科.海坡能(Mikko Hypponen)所说,这就意味着本质上这个世界上每个使用因特网的人都在被监视。这是一个慷慨激昂的重要讲演,带着如此恳切的声音,呼唤我们寻找替代通过
13、美国企业满足世界信息需求的有效途径。And this kind of wholesale surveillance means that they cancollect our data and keep it basically forever,keep it forextended periods of time,keep it for years,keep it fordecades.而这种大规模的监视 意味着他们可以收集我们的数据 并且基本上可以永久保留 保留很长时间 几年甚至几十年02:51And this opens up completely new kinds of risks
14、 to us all.这个将给我们所有人 带来前所未有的风险03:04And what this is is that it is wholesale blanket surveillance oneveryone.它将是一种大规模的对我们每个人的 无障碍监视03:10Well,not exactly everyone,because the U.S.intelligence onlyhas a legal right to monitor foreigners.当然,确切来说也不是对所有人 因为美国情报机构只有对外国人的 合法监视权力03:18They can monitor foreign
15、ers when foreigners dataconnections end up in the United States or pass through theUnited States.一旦那些非美国的数据流 到达或者经过美国 就要被监视了03:26wholesale:adj.批发的;大规模的/n.批发/adv.大规模地;以批发方式/vt.批发/vi.批发;经营批发业 foreigners:n.外国人;外地人(foreigner的复数)pass through:穿过;通过And monitoring foreigners doesnt sound too bad until youre
16、alize that Im a foreigner and youre a foreigner.监视外国人听起来似乎没那么糟糕 除非你意识到其实我们都是老外03:34In fact,96 percent of the planet are foreigners.事实上,这个星球上96%都是老外03:42(Laughter)Right?(笑)是吧?03:46So it is wholesale blanket surveillance of all of us,all of uswho use telecommunications and the Internet.所以说只要你使用通信工具和互联
17、网 你就会被彻底监视03:49But dont get me wrong:There are actually types ofsurveillance that are okay.大家也别误会 的确也有一些还不错的监视形式03:58I love freedom,but even I agree that some surveillance is fine.我热爱自由,但我自始至终也同意 有一些监视是有益的04:05If the law enforcement is trying to find a murderer,or theyretrying to catch a drug lord o
18、r trying to prevent a schoolshooting,and they have leads and they have suspects,比如如果执法机关正在寻找一名谋杀犯 或者搜捕一个贩毒者 或者试图阻止一场校园枪击案的发生并且他们中有头目有嫌疑犯04:10then its perfectly fine for them to tap the suspects phone,and to intercept his Internet communications.此时如果能监听他们的手机 截获他们的网络通信那就太棒了04:23Im not arguing that at
19、all,but thats not what programs likePRISM are about.我并不反对这一点 但菱镜计划之类的项目并不是这么做的04:30They are not about doing surveillance on people that theyhave reason to suspect of some wrongdoings.他们不是在监视那些 他们有理由怀疑的坏人04:34monitoring:n.监视,自监控;检验,检查/v.监视,通信军监听,监督(monitor的ing形式)telecommunications:n.通讯行业:服务类型变更,缴纳话费,
20、账户总览等所有业务均可通过移动设备完成 enforcement:n.执行,实施;强制 intercept:vt.拦截;截断;窃听/n.拦截;数截距;截获的情报 wrongdoings:n.坏事;不道德的行为Theyre about doing surveillance on people they know areinnocent.他们在监视那些 无辜的人04:41So the four main arguments supporting surveillance like this,well,the first of all is that whenever you start discus
21、singabout these revelations,there will be naysayers trying tominimize the importance of these revelations,saying that weknew all this already,we knew it was happening,theresnothing new here.对于这样的监听 有四条主要的理由 首先是只要你一开始讨论信息泄露的问题 总会有反对者站出来把泄露的重要性降到最小 他们说我们早已知道这些 我们知道在发生什么,没有什么新鲜的04:46And thats not true.
22、Dont let anybody tell you that we knewthis already,because we did not know this already.事实不是这样的 谁说我们早知道这些?我们不知道05:04Our worst fears might have been something like this,but wedidnt know this was happening.我们最大的恐惧就是这些事情已经发生 而我们一无所知05:13Now we know for a fact its happening.现在我们的确可以确定的知道在发生什么05:19We did
23、nt know about this.We didnt know about PRISM.而我们之前并不了解 我们不了解PRISM05:22We didnt know about DoubleArrow.?DoubleArrow Wedid not know about Skywriter-?Skywriter all thesedifferent programs run by U.S.intelligence agencies.这些各式各样 由美国情报局运行的项目05:27But now we do.但现在我们都了解了05:36And we did not know that U.S.in
24、telligence agencies go toextremes such as infiltrating standardization bodies tosabotage encryption algorithms on purpose.我们之前也并不知道 美国情报机构如何极端到 通过渗透至标准组织内部 以达到削弱加密算法强度的目的05:39first of all:adv.首先 naysayers:n.否定者;拒绝者;老是唱反调的人 minimize:vt.使减到最少;小看,极度轻视/vi.最小化extremes:n.狂热分子,极端条件 infiltrating:v.渗透;浸润(inf
25、iltrate的ing形式)/adj.浸润的;浸润性的 standardization:n.标准化;数规格化;校准 sabotage:vt.妨害;对采取破坏行动/vi.从事破坏活动/n.破坏;破坏活动;怠工 encryption:n.加密;加密术And what that means is that you take something which issecure,an encryption algorithm which is so secure that if you这就意味着 如果你拿到一份加密文件 它的加密算法可以安全到 使你加密之后 没有任何人可以解开它05:53secure,an
26、 encryption algorithm which is so secure that if youuse that algorithm to encrypt one file,nobody can decryptthat file.它05:53Even if they take every single computer on the planet just todecrypt that one file,its going to take millions of years.即便你用地球上的每一个计算机去解密它 也需要数百万年06:04So thats basically perfec
27、tly safe,uncrackable.它可以说是绝密的,无懈可击06:11You take something which is that good and then you weakenit on purpose,making all of us less secure as an end result.拿到这样一件完美的东西 然后故意弱化它 使得我们每个人终都变得不安全06:13A real-world equivalent would be that intelligence agencieswould force some secret pin code into every si
28、ngle housealarm so they could get into every single house现实生活中一个类似的例子是 情报机构会强行 将某种加密识别码植入每个家居防盗系统 这样他们就可以进入任何一所房子06:23www.XiYuS锡育软件because,you know,bad people might have house alarms,but it will also make all of us less secure as an end result.因为坏人可能装有防盗系统 但这样一来 最后我们自己也变得不那么安全06:32Backdooring encryp
29、tion algorithms just boggles the mind.利用加密算法这个后门儿 的确让人匪夷所思06:39But of course,these intelligence agencies are doing their job.当然啦,这些情报机构只是在履行自己的职责06:46encrypt:vt.将译成密码 decrypt:vt.译电文;解密码;解释 real-world:adj.现实生活的;工作的 equivalent:adj.等价的,相等的;同意义的/n.等价物,相等物 boggles:vi.犹豫,退缩;惊恐/vt.搞糟,弄坏;使惊奇;使困惑/n.犹豫,退缩;惊奇T
30、his is what they have been told to do:do signalsintelligence,monitor telecommunications,monitor Internettraffic.这正是他们被要求做的事情 做信号情报 监视通讯渠道 以及监测网络流量06:50Thats what theyre trying to do,and since most,a very bigpart of the Internet traffic today is encrypted,theyre tryingto find ways around the encrypti
31、on.这正是他们尝试在做的 由于目前相当大一部分的互联网流量是加密的 他们也就在尝试通过加密寻找突破口06:57One way is to sabotage encryption algorithms,which is agreat example about how U.S.intelligence agencies arerunning loose.削弱加密算法就是其中一种手段 这是美国情报机构如何 为所欲为 的一个极好的例子07:04They are completely out of control,and they should bebrought back under contro
32、l.他们完全不受控制 而这些应该加以控制07:13So what do we actually know about the leaks?而我们对这些信息泄露的真实了解能有多少呢07:21Everything is based on the files leaked by Mr.Snowden.所有这些都基于 Snowden先生的那些泄露文件07:24The very first PRISM slides from the beginning of June detaila collection program where the data is collected from servicep
33、roviders,and they actually go and name the serviceproviders they have access to.从六月初 第一个PRISM的幻灯片开始 它详细描述了 一个从服务提供商收集数据的项目 而且他们还对那些被使用的 服务商进行了命名07:29They even have a specific date on when the collection of databegan for each of the service providers.甚至为他们设立一个纪念日 记载开始从各个服务提供商 获取数据的日子07:42encrypted:v.
34、把编码;把加密(encrypt的过去分词)under control:处于控制之下;情况正常 providers:n.供应商(provider的复数形式)So for example,they name the collection from Microsoftstarted on September 11,2007,for Yahoo on the March 12,2008,比如,他们为2007年9月11号 开始从Microsoft获取的那批数据起了名字 还有2008年3月12号的Yahoo07:49And every single one of these companies denie
35、s.任何一个公司对此都呈否认态度08:04They all say that this simply isnt true,that they are notgiving backdoor access to their data.都说这简直就是谎言 他们从来没有开过后门让别人获取他们的数据08:07Yet we have these files.但是我们的确得到了这些文件08:16So is one of the parties lying,or is there some otheralternative explanation?那么是其中一方在撒谎吗?有没有其他可能的解释?08:20And
36、 one explanation would be that these parties,theseservice providers,are not cooperating.一种可能的解释是 这些当事人,也就是这些服务提供商 他们并没有合作08:25Instead,theyve been hacked.只是被黑了08:33That would explain it.They arent cooperating.Theyve beenhacked.这种解释是合理的:他们没有参与而是受到了黑客攻击08:36In this case,theyve been hacked by their own
37、government.其实可以说是他们被自己的政府黑了08:39That might sound outlandish,but we already have caseswhere this has happened,for example,the case of the Flamemalware which we strongly believe was authored by the U.S.government,and which,to spread,subverted the security ofthe Windows Update network,meaning here,the
38、companywas hacked by their own government.也许这听起来有点荒唐 但我们的确有过这样的案例 比如那个有关恶意软件Flame的案子 我们之前多么坚信它是由 美国政府授权的 而就是它破坏了Windows的 网络升级系统的安全 这就意味着 他们被自己的政府黑了08:44denies:否认/拒绝 backdoor:adj.秘密的/n.后门 cooperating:adj.合作的;协同操作的;共同运转的/v.合作;促成(cooperate的ing形式)hacked:生气 outlandish:adj.古怪的;奇异的;异国风格的;偏僻的 malware:n.恶意软件
39、 authored:vt.授权;任命(author过去式)subverted:vt.颠覆;推翻;破坏And theres more evidence supporting this theory as well.当然还有更多 支撑这个说法的证据09:08Der Spiegel,from Germany,leaked more information aboutthe operations run by the elite hacker units operating insidethese intelligence agencies.德国的明镜周刊(Der Spiegel)暴露了更多 有关这些
40、情报机构中的顶级黑客团队 所做作为的信息09:13Inside NSA,the unit is called TAO,Tailored AccessOperations,and inside GCHQ,which is the U.K.equivalent,在NSA内部,这个部门被叫做TAO 特定情报获取行动 这个等同于英国GCHQ内部的NAC09:24And these recent leaks of these three slides detail anoperation run by this GCHQ intelligence agency from theUnited Kingdo
41、m targeting a telecom here in Belgium.最近泄露的这三个幻灯片 详细描述了一个由GCHQ情报局 在英国发起的行动 目标定位在 一个比利时的电信公司09:36And what this really means is that an E.U.countrysintelligence agency is breaching the security of a telecom ofa fellow E.U.country on purpose,and they discuss it in theirslides completely casually,busine
42、ss as usual.这件事表明了一个事实 一个欧盟国家的情报机构正在蓄意破坏 联盟国家电信公司的安全 而他们在幻灯片里谈论这件事时 一如既往的自然09:51Heres the primary target,heres the secondary target,heresthe teaming.这是主要目标 这是次要目标 这是他们的团队10:10They probably have a team building on Thursday evening ina pub.他们通常会在周四晚上在酒吧里做团队建设的活动10:14Spiegel:n.镜铁 hacker:n.电脑黑客,企图不法侵入他人
43、电脑系统的人 Tailored:adj.定做的;裁缝做的;剪裁讲究的/v.裁制;调整使适应(tailor的过去式和过去分词)telecom:n.电信,远距通信;电讯 breaching:n.烟道导管;烟道总管;模拟板实验性电路板功能试验 as usual:像往常一样;照例 pub:n.酒馆;客栈They even use cheesy PowerPoint clip art like,you know,Success,他们每成功一次 就会用一些俗气的幻灯片10:18when they gain access to services like this.庆祝所谓的胜利10:23What the
44、hell?他们究竟在搞什么鬼10:26And then theres the argument that okay,yes,this might begoing on,but then again,other countries are doing it as well.有人会争辩说 是的,他们是在监视 但话说回来,哪个国家没有这样的行动呢?10:31All countries spy.也许真的是10:37And maybe thats true.所有国家都有间谍10:40Many countries spy,not all of them,but lets take anexample.很多
45、国家都有,但并不是所有都是这样10:41Lets take,for example,Sweden.比如说,瑞典10:44Im speaking of Sweden because Sweden has a little bit of asimilar law to the United States.我提起瑞典这个国家是因为 我提起瑞典这个国家是因为10:46When your data traffic goes through Sweden,theirintelligence agency has a legal right by the law to interceptthat traff
46、ic.当你的数据流经过瑞典的时候 他们的情报机构的确是有 截获这些数据的合法权力10:50All right,how many Swedish decisionmakers and politiciansand business leaders use,every day,U.S.-based services,like,you know,run Windows or OSX,or store their data in cloudslike iCloud or maybe use online services like Amazon webservices or sales support
47、?那么,有多少瑞典的决策者 政治家和商业领袖 每天使用美国的服务呢?比如像使用Windows或OSX或者将数据上传到类似iCloud中进行云存储 也许还有一些在线服务,类似Amazon网络服务或者销售支持?10:57cheesy:adj.干酪质的;下等的;漂亮的And the answer is,every single Swedish business leader doesthat every single day.答案是,每一个瑞典的商业人士每天都会使用它们11:23And then we turn it around.那么如果我们反过来问11:27How many American l
48、eaders use Swedish webmails andcloud services?有多少美国杰出人士 使用瑞典的网络邮箱和云服务呢?11:28And the answer is zero.答案是零11:35So this is not balanced.所以这显然是不平衡的11:37Its not balanced by any means,not even close.相差甚远11:39And when we do have the occasional European success story,even those,then,typically end up being so
49、ld to the UnitedStates.即使有一天我们偶然发现一个 欧洲人获胜的故事典型的结局一定是这个服务被美国公司收购11:44Like,Skype used to be secure.比如,Skype最初采用端到端的加密11:52It used to be end-to-end encrypted.所以还是安全的11:54Then it was sold to the United States.后来被卖给了美国后11:57Today,it no longer is secure.就不再安全了11:59So once again,we take something which is
50、 secure and thenwe make it less secure on purpose,making all of us lesssecure as an outcome.所以,我们再一次把一个原本安全的东西 弄得不再安全 使得我们所有人最终也都不再安全了12:01secure as an outcome.And then the argument that the United States is onlyfighting terrorists.也有争论说 美国只是在12:12by any means:无论如何 typically:adv.代表性地;作为特色地 end-to-en