ABOUT THE SPEAKER
Mikko Hypponen - Cybersecurity expert
As computer access expands, Mikko Hypponen asks: What's the next killer virus, and will the world be able to cope with it? And also: How can we protect digital privacy in the age of government surveillance?

Why you should listen

The chief research officer at F-Secure Corporation in Finland, Mikko Hypponen has led his team through some of the largest computer virus outbreaks in history. His team took down the world-wide network used by the Sobig.F worm. He was the first to warn the world about the Sasser outbreak, and he has done classified briefings on the operation of the Stuxnet worm -- a hugely complex worm designed to sabotage Iranian nuclear enrichment facilities.

As a few hundred million more Internet users join the web from India and China and elsewhere, and as governments and corporations become more sophisticated at using viruses as weapons, Hypponen asks, what's next? Who will be at the front defending the world’s networks from malicious software? He says: "It's more than unsettling to realize there are large companies out there developing backdoors, exploits and trojans."

Even more unsettling: revelations this year that the United States' NSA is conducting widespread digital surveillance of both US citizens and anyone whose data passes through a US entity, and that it has actively sabotaged encryption algorithms. Hypponen has become one of the most outspoken critics of the agency's programs and asks us all: Why are we so willing to hand over digital privacy?

 

 

Read his open-season Q&A on Reddit:"My TED Talk was just posted. Ask me anything.

See the full documentary on the search for the Brain virus

More profile about the speaker
Mikko Hypponen | Speaker | TED.com
TEDxBrussels

Mikko Hypponen: How the NSA betrayed the world's trust -- time to act

Filmed:
1,651,014 views

Recent events have highlighted, underlined and bolded the fact that the United States is performing blanket surveillance on any foreigner whose data passes through an American entity -- whether they are suspected of wrongdoing or not. This means that, essentially, every international user of the internet is being watched, says Mikko Hypponen. An important rant, wrapped with a plea: to find alternative solutions to using American companies for the world's information needs.
- Cybersecurity expert
As computer access expands, Mikko Hypponen asks: What's the next killer virus, and will the world be able to cope with it? And also: How can we protect digital privacy in the age of government surveillance? Full bio

Double-click the English transcript below to play the video.

00:12
The two most likely largest inventions
0
492
4634
00:17
of our generation
1
5126
2247
00:19
are the Internet and the mobile phone.
2
7373
3193
00:22
They've changed the world.
3
10566
2135
00:24
However, largely to our surprise,
4
12701
3515
00:28
they also turned out to be the perfect tools
5
16216
4398
00:32
for the surveillance state.
6
20614
3150
00:35
It turned out that the capability
7
23764
2897
00:38
to collect data, information and connections
8
26661
4044
00:42
about basically any of us and all of us
9
30705
4218
00:46
is exactly what we've been hearing
10
34923
1813
00:48
throughout of the summer
through revelations and leaks
11
36736
4607
00:53
about Western intelligence agencies,
12
41343
3091
00:56
mostly U.S. intelligence agencies,
13
44434
3026
00:59
watching over the rest of the world.
14
47460
3173
01:02
We've heard about these starting with the
15
50633
3198
01:05
revelations from June 6.
16
53831
3686
01:09
Edward Snowden started leaking information,
17
57517
3069
01:12
top secret classified information,
18
60586
2304
01:14
from the U.S. intelligence agencies,
19
62890
1467
01:16
and we started learning about things like PRISM
20
64357
2469
01:18
and XKeyscore and others.
21
66826
3267
01:22
And these are examples of the kinds of programs
22
70093
3105
01:25
U.S. intelligence agencies are running right now,
23
73198
4279
01:29
against the whole rest of the world.
24
77477
3516
01:32
And if you look back about the forecasts
25
80993
3708
01:36
on surveillance by George Orwell,
26
84701
4101
01:40
well it turns out that
27
88817
2118
01:42
George Orwell was an optimist.
28
90935
2504
01:45
(Laughter)
29
93439
2480
01:47
We are right now seeing a much larger scale
30
95919
2700
01:50
of tracking of individual citizens
31
98619
1898
01:52
than he could have ever imagined.
32
100517
3632
01:56
And this here is the infamous
33
104149
3535
01:59
NSA data center in Utah.
34
107684
3844
02:03
Due to be opened very soon,
35
111528
3156
02:06
it will be both a supercomputing center
36
114684
2791
02:09
and a data storage center.
37
117475
2137
02:11
You could basically imagine it has a large hall
38
119612
2893
02:14
filled with hard drives storing data
39
122505
2456
02:16
they are collecting.
40
124961
2274
02:19
And it's a pretty big building.
41
127235
2157
02:21
How big? Well, I can give you the numbers --
42
129392
1851
02:23
140,000 square meters --
43
131243
2022
02:25
but that doesn't really tell you very much.
44
133265
2606
02:27
Maybe it's better to imagine it as a comparison.
45
135871
3176
02:31
You think about the largest IKEA store
46
139047
2456
02:33
you've ever been in.
47
141503
1747
02:35
This is five times larger.
48
143250
3469
02:38
How many hard drives can you fit in an IKEA store?
49
146719
3076
02:41
Right? It's pretty big.
50
149795
2007
02:43
We estimate that just the electricity bill
51
151802
2846
02:46
for running this data center
52
154648
1876
02:48
is going to be in the tens of millions of dollars a year.
53
156524
3398
02:51
And this kind of wholesale surveillance
54
159922
2509
02:54
means that they can collect our data
55
162431
2736
02:57
and keep it basically forever,
56
165167
2003
02:59
keep it for extended periods of time,
57
167170
2509
03:01
keep it for years, keep it for decades.
58
169679
3246
03:04
And this opens up completely new kinds of risks
59
172925
3379
03:08
to us all.
60
176304
1946
03:10
And what this is is that it is wholesale
61
178250
3628
03:13
blanket surveillance on everyone.
62
181878
4857
03:18
Well, not exactly everyone,
63
186735
1554
03:20
because the U.S. intelligence only has a legal right
64
188289
4028
03:24
to monitor foreigners.
65
192317
1970
03:26
They can monitor foreigners
66
194287
1750
03:28
when foreigners' data connections
67
196037
2810
03:30
end up in the United States or pass
through the United States.
68
198847
3490
03:34
And monitoring foreigners doesn't sound too bad
69
202337
2784
03:37
until you realize
70
205121
2367
03:39
that I'm a foreigner and you're a foreigner.
71
207488
3001
03:42
In fact, 96 percent of the planet are foreigners.
72
210489
3786
03:46
(Laughter)
73
214275
1670
03:47
Right?
74
215945
1887
03:49
So it is wholesale blanket surveillance of all of us,
75
217832
4449
03:54
all of us who use telecommunications and the Internet.
76
222281
4102
03:58
But don't get me wrong:
77
226383
1891
04:00
There are actually types
of surveillance that are okay.
78
228274
5226
04:05
I love freedom, but even I agree
79
233500
3029
04:08
that some surveillance is fine.
80
236529
2279
04:10
If the law enforcement is trying to find a murderer,
81
238808
3903
04:14
or they're trying to catch a drug lord
82
242711
3102
04:17
or trying to prevent a school shooting,
83
245813
3604
04:21
and they have leads and they have suspects,
84
249417
1677
04:23
then it's perfectly fine for them
to tap the suspect's phone,
85
251094
3717
04:26
and to intercept his Internet communications.
86
254811
3356
04:30
I'm not arguing that at all,
87
258167
1938
04:32
but that's not what programs like PRISM are about.
88
260105
2824
04:34
They are not about doing surveillance on people
89
262929
2885
04:37
that they have reason
to suspect of some wrongdoings.
90
265814
3204
04:41
They're about doing surveillance on people
91
269018
1677
04:42
they know are innocent.
92
270695
3760
04:46
So the four main arguments
93
274455
2245
04:48
supporting surveillance like this,
94
276700
2152
04:50
well, the first of all is that whenever you start
95
278852
2235
04:53
discussing about these revelations,
96
281087
1895
04:54
there will be naysayers trying to minimize
97
282982
2293
04:57
the importance of these revelations, saying that
98
285275
2188
04:59
we knew all this already,
99
287463
1613
05:01
we knew it was happening, there's nothing new here.
100
289076
3580
05:04
And that's not true. Don't let anybody tell you
101
292656
3215
05:07
that we knew this already,
because we did not know this already.
102
295871
5712
05:13
Our worst fears might have been something like this,
103
301583
3773
05:17
but we didn't know this was happening.
104
305356
1951
05:19
Now we know for a fact it's happening.
105
307307
2777
05:22
We didn't know about this.
We didn't know about PRISM.
106
310084
2579
05:24
We didn't know about XKeyscore.
We didn't know about Cybertrans.
107
312663
2906
05:27
We didn't know about DoubleArrow.
108
315569
1950
05:29
We did not know about Skywriter --
109
317519
2148
05:31
all these different programs
110
319667
1695
05:33
run by U.S. intelligence agencies.
111
321362
3241
05:36
But now we do.
112
324603
3029
05:39
And we did not know
113
327632
2166
05:41
that U.S. intelligence agencies go to extremes
114
329798
3075
05:44
such as infiltrating standardization bodies
115
332873
3837
05:48
to sabotage encryption algorithms on purpose.
116
336710
4748
05:53
And what that means
117
341458
2037
05:55
is that you take something which is secure,
118
343495
1820
05:57
an encryption algorithm which is so secure
119
345315
2421
05:59
that if you use that algorithm to encrypt one file,
120
347736
3107
06:02
nobody can decrypt that file.
121
350843
1742
06:04
Even if they take every single computer on the planet just to decrypt that one file,
122
352585
4413
06:08
it's going to take millions of years.
123
356998
2060
06:11
So that's basically perfectly safe, uncrackable.
124
359058
2247
06:13
You take something which is that good
125
361305
2074
06:15
and then you weaken it on purpose,
126
363379
2484
06:17
making all of us less secure as an end result.
127
365863
5610
06:23
A real-world equivalent would be that
128
371473
2131
06:25
intelligence agencies would force
129
373604
2652
06:28
some secret pin code into every single house alarm
130
376256
2827
06:31
so they could get into every single house
131
379083
1793
06:32
because, you know, bad people
might have house alarms,
132
380876
2246
06:35
but it will also make all of us
133
383122
2439
06:37
less secure as an end result.
134
385561
2229
06:39
Backdooring encryption algorithms
135
387790
3740
06:43
just boggles the mind.
136
391530
3096
06:46
But of course, these intelligence agencies
are doing their job.
137
394626
3775
06:50
This is what they have been told to do:
138
398401
1757
06:52
do signals intelligence,
139
400158
2230
06:54
monitor telecommunications,
140
402388
2012
06:56
monitor Internet traffic.
141
404400
1422
06:57
That's what they're trying to do,
142
405822
1708
06:59
and since most, a very big part
of the Internet traffic today is encrypted,
143
407530
3082
07:02
they're trying to find ways around the encryption.
144
410612
1957
07:04
One way is to sabotage encryption algorithms,
145
412569
3057
07:07
which is a great example
146
415626
1885
07:09
about how U.S. intelligence agencies
147
417511
2221
07:11
are running loose.
148
419732
1749
07:13
They are completely out of control,
149
421481
1841
07:15
and they should be brought back under control.
150
423322
4442
07:21
So what do we actually know about the leaks?
151
429629
2950
07:24
Everything is based on the files
152
432579
2110
07:26
leaked by Mr. Snowden.
153
434689
2498
07:29
The very first PRISM slides
154
437187
2848
07:32
from the beginning of June
155
440035
1989
07:34
detail a collection program where the data
156
442024
2094
07:36
is collected from service providers,
157
444118
1786
07:37
and they actually go and name the service providers
158
445904
2878
07:40
they have access to.
159
448782
1331
07:42
They even have a specific date
160
450113
2942
07:45
on when the collection of data began
161
453055
2664
07:47
for each of the service providers.
162
455719
1639
07:49
So for example, they name
the collection from Microsoft
163
457358
2287
07:51
started on September 11, 2007,
164
459645
3720
07:55
for Yahoo on the March 12, 2008,
165
463365
2732
07:58
and then others: Google, Facebook,
166
466097
3016
08:01
Skype, Apple and so on.
167
469113
3244
08:04
And every single one of these companies denies.
168
472357
2848
08:07
They all say that this simply isn't true,
169
475205
4395
08:11
that they are not giving
backdoor access to their data.
170
479600
4608
08:16
Yet we have these files.
171
484208
4123
08:20
So is one of the parties lying,
172
488331
2321
08:22
or is there some other alternative explanation?
173
490652
3323
08:25
And one explanation would be
174
493975
2922
08:28
that these parties, these service providers,
175
496897
2887
08:31
are not cooperating.
176
499784
1916
08:33
Instead, they've been hacked.
177
501700
3021
08:36
That would explain it. They aren't cooperating. They've been hacked.
178
504721
3217
08:39
In this case, they've been hacked
by their own government.
179
507938
4178
08:44
That might sound outlandish,
180
512116
2421
08:46
but we already have cases where this has happened,
181
514537
2214
08:48
for example, the case of the Flame malware
182
516751
3046
08:51
which we strongly believe was authored
183
519797
2033
08:53
by the U.S. government,
184
521830
1897
08:55
and which, to spread, subverted the security
185
523727
3899
08:59
of the Windows Update network,
186
527626
2886
09:02
meaning here, the company was hacked
187
530512
4093
09:06
by their own government.
188
534605
2358
09:08
And there's more evidence
189
536963
1599
09:10
supporting this theory as well.
190
538562
2551
09:13
Der Spiegel, from Germany, leaked more information
191
541113
4005
09:17
about the operations run by the elite hacker units
192
545118
4265
09:21
operating inside these intelligence agencies.
193
549383
3035
09:24
Inside NSA, the unit is called TAO,
194
552418
2626
09:27
Tailored Access Operations,
195
555044
1845
09:28
and inside GCHQ, which is the U.K. equivalent,
196
556889
3564
09:32
it's called NAC, Network Analysis Centre.
197
560453
3999
09:36
And these recent leaks of these three slides
198
564452
3844
09:40
detail an operation
199
568296
2204
09:42
run by this GCHQ intelligence agency
200
570500
3158
09:45
from the United Kingdom
201
573658
1809
09:47
targeting a telecom here in Belgium.
202
575467
4233
09:51
And what this really means
203
579700
2276
09:53
is that an E.U. country's intelligence agency
204
581976
3888
09:57
is breaching the security
205
585864
2215
10:00
of a telecom of a fellow E.U. country on purpose,
206
588079
4813
10:04
and they discuss it in their slides completely casually,
207
592892
3835
10:08
business as usual.
208
596727
1601
10:10
Here's the primary target,
209
598328
1668
10:11
here's the secondary target,
210
599996
1378
10:13
here's the teaming.
211
601374
1424
10:14
They probably have a team building
on Thursday evening in a pub.
212
602798
3856
10:18
They even use cheesy PowerPoint clip art
213
606654
3041
10:21
like, you know, "Success,"
214
609695
1707
10:23
when they gain access to services like this.
215
611402
3264
10:26
What the hell?
216
614666
2826
10:31
And then there's the argument
217
619685
1833
10:33
that okay, yes, this might be going on,
218
621518
1660
10:35
but then again, other countries are doing it as well.
219
623178
2637
10:37
All countries spy.
220
625815
2423
10:40
And maybe that's true.
221
628238
1738
10:41
Many countries spy, not all of them,
but let's take an example.
222
629976
2438
10:44
Let's take, for example, Sweden.
223
632414
2111
10:46
I'm speaking of Sweden because Sweden
224
634525
1376
10:47
has a little bit of a similar law to the United States.
225
635901
2279
10:50
When your data traffic goes through Sweden,
226
638180
2123
10:52
their intelligence agency has a legal right by the law
227
640303
2810
10:55
to intercept that traffic.
228
643113
2001
10:57
All right, how many Swedish decisionmakers
229
645114
3205
11:00
and politicians and business leaders
230
648319
2872
11:03
use, every day, U.S.-based services,
231
651191
3073
11:06
like, you know, run Windows or OSX,
232
654264
3268
11:09
or use Facebook or LinkedIn,
233
657532
2210
11:11
or store their data in clouds like iCloud
234
659742
3400
11:15
or Skydrive or DropBox,
235
663142
3894
11:19
or maybe use online services like
Amazon web services or sales support?
236
667036
4303
11:23
And the answer is, every single Swedish
business leader does that every single day.
237
671339
3957
11:27
And then we turn it around.
238
675296
1599
11:28
How many American leaders
239
676895
1905
11:30
use Swedish webmails and cloud services?
240
678800
4293
11:35
And the answer is zero.
241
683093
2040
11:37
So this is not balanced.
242
685133
2269
11:39
It's not balanced by any means, not even close.
243
687402
4625
11:44
And when we do have the occasional
244
692027
2441
11:46
European success story,
245
694468
2001
11:48
even those, then, typically end up being sold
to the United States.
246
696469
3566
11:52
Like, Skype used to be secure.
247
700035
2264
11:54
It used to be end-to-end encrypted.
248
702299
2733
11:57
Then it was sold to the United States.
249
705032
2041
11:59
Today, it no longer is secure.
250
707073
2649
12:01
So once again, we take something which is secure
251
709722
3221
12:04
and then we make it less secure on purpose,
252
712943
1870
12:06
making all of us less secure as an outcome.
253
714813
4484
12:12
And then the argument that the United States
254
720855
2247
12:15
is only fighting terrorists.
255
723102
2018
12:17
It's the war on terror.
256
725120
1166
12:18
You shouldn't worry about it.
257
726286
2547
12:20
Well, it's not the war on terror.
258
728833
2230
12:23
Yes, part of it is war on terror, and yes,
259
731063
2173
12:25
there are terrorists, and they do kill and maim,
260
733236
2976
12:28
and we should fight them,
261
736212
1551
12:29
but we know through these leaks
262
737763
1606
12:31
that they have used the same techniques
263
739369
2582
12:33
to listen to phone calls of European leaders,
264
741951
3336
12:37
to tap the email of residents of Mexico and Brazil,
265
745287
3455
12:40
to read email traffic inside the United Nations Headquarters and E.U. Parliament,
266
748742
4806
12:45
and I don't think they are trying to find terrorists
267
753548
3154
12:48
from inside the E.U. Parliament, right?
268
756702
3018
12:51
It's not the war on terror.
269
759720
1948
12:53
Part of it might be, and there are terrorists,
270
761668
4142
12:57
but are we really thinking about terrorists
271
765810
2427
13:00
as such an existential threat
272
768237
2169
13:02
that we are willing to do anything at all to fight them?
273
770406
3676
13:06
Are the Americans ready
to throw away the Constituion
274
774082
3491
13:09
and throw it in the trash
just because there are terrorists?
275
777573
4241
13:13
And the same thing with the Bill of Rights
and all the amendments
276
781814
2524
13:16
and the Universal Declaration of Human Rights
277
784338
2317
13:18
and the E.U. conventions on human rights
and fundamental freedoms
278
786655
5151
13:23
and the press freedom?
279
791806
1517
13:25
Do we really think terrorism
is such an existential threat,
280
793323
3815
13:29
we are ready to do anything at all?
281
797138
3126
13:34
But people are scared about terrorists,
282
802490
2664
13:37
and then they think that
maybe that surveillance is okay
283
805154
2414
13:39
because they have nothing to hide.
284
807568
2044
13:41
Feel free to survey me if that helps.
285
809612
2707
13:44
And whoever tells you that they have nothing to hide
286
812319
2888
13:47
simply hasn't thought about this long enough.
287
815207
4713
13:54
(Applause)
288
822520
5865
14:00
Because we have this thing called privacy,
289
828385
2772
14:03
and if you really think that you have nothing to hide,
290
831157
2345
14:05
please make sure that's the first thing you tell me,
291
833502
2216
14:07
because then I know
292
835718
1550
14:09
that I should not trust you with any secrets,
293
837268
1640
14:10
because obviously you can't keep a secret.
294
838908
3298
14:17
But people are brutally honest with the Internet,
295
845065
3829
14:20
and when these leaks started,
296
848894
2696
14:23
many people were asking me about this.
297
851590
1878
14:25
And I have nothing to hide.
298
853468
1574
14:27
I'm not doing anything bad or anything illegal.
299
855042
3290
14:30
Yet, I have nothing that I would in particular
300
858332
2785
14:33
like to share with an intelligence agency,
301
861117
2793
14:35
especially a foreign intelligence agency.
302
863910
4137
14:40
And if we indeed need a Big Brother,
303
868047
2855
14:42
I would much rather have a domestic Big Brother
304
870902
3478
14:46
than a foreign Big Brother.
305
874380
3160
14:49
And when the leaks started,
the very first thing I tweeted about this
306
877545
5059
14:54
was a comment about how,
307
882604
2074
14:56
when you've been using search engines,
308
884678
1688
14:58
you've been potentially leaking all that
to U.S. intelligence.
309
886366
3649
15:02
And two minutes later, I got a reply
310
890015
1972
15:03
by somebody called Kimberly from the United States
311
891987
2336
15:06
challenging me, like, why am I worried about this?
312
894323
2167
15:08
What am I sending to worry about this?
Am I sending naked pictures or something?
313
896503
4032
15:12
And my answer to Kimberly was
314
900535
1968
15:14
that what I'm sending is none of your business,
315
902503
3029
15:17
and it should be none
of your government's business either.
316
905532
4265
15:21
Because that's what it's about. It's about privacy.
317
909797
2252
15:24
Privacy is nonnegotiable.
318
912049
1914
15:25
It should be built in to all the systems we use.
319
913963
3960
15:31
(Applause)
320
919968
3578
15:38
And one thing we should all understand
321
926830
2619
15:41
is that we are brutally honest with search engines.
322
929449
4599
15:46
You show me your search history,
323
934048
2751
15:48
and I'll find something incriminating
324
936799
2366
15:51
or something embarrassing there in five minutes.
325
939165
3437
15:54
We are more honest with search engines
326
942602
1788
15:56
than we are with our families.
327
944390
1762
15:58
Search engines know more about you
328
946152
2091
16:00
than your family members know about you.
329
948243
2766
16:03
And this is all the kind
of information we are giving away,
330
951009
3088
16:06
we are giving away to the United States.
331
954097
4375
16:10
And surveillance changes history.
332
958472
2478
16:12
We know this through examples
of corrupt presidents like Nixon.
333
960950
3209
16:16
Imagine if he would have had the kind
of surveillance tools that are available today.
334
964159
4472
16:20
And let me actually quote
335
968631
2309
16:22
the president of Brazil, Ms. Dilma Rousseff.
336
970940
3133
16:26
She was one of the targets of NSA surveillance.
337
974073
3286
16:29
Her email was read, and she spoke
338
977359
2276
16:31
at the United Nations Headquarters, and she said,
339
979635
3023
16:34
"If there is no right to privacy,
340
982658
2013
16:36
there can be no true freedom
of expression and opinion,
341
984671
2827
16:39
and therefore, there can be no effective democracy."
342
987498
5111
16:44
That's what it's about.
343
992609
2345
16:46
Privacy is the building block of our democracies.
344
994954
3868
16:52
And to quote a fellow security researcher, Marcus Ranum,
345
1000611
3465
16:56
he said that the United States
is right now treating the Internet
346
1004076
3827
16:59
as it would be treating one of its colonies.
347
1007903
3093
17:02
So we are back to the age of colonization,
348
1010996
2565
17:05
and we, the foreign users of the Internet,
349
1013561
3062
17:08
we should think about Americans as our masters.
350
1016623
3705
17:15
So Mr. Snowden, he's been blamed for many things.
351
1023005
3975
17:18
Some are blaming him for causing problems
352
1026980
2654
17:21
for the U.S. cloud industry
and software companies with these revelations --
353
1029634
3191
17:24
and blaming Snowden for causing problems
for the U.S. cloud industry
354
1032825
4296
17:29
would be the equivalent of blaming Al Gore
355
1037121
2459
17:31
for causing global warming.
356
1039580
2317
17:33
(Laughter)
357
1041897
2254
17:36
(Applause)
358
1044151
5071
17:43
So, what is there to be done?
359
1051853
6208
17:50
Should we worry. No, we shouldn't worry.
360
1058061
1780
17:51
We should be angry, because this is wrong,
361
1059841
2436
17:54
and it's rude, and it should not be done.
362
1062277
2739
17:57
But that's not going to really change the situation.
363
1065016
2268
17:59
What's going to change the situation
for the rest of the world
364
1067284
3221
18:02
is to try to steer away
365
1070505
2282
18:04
from systems built in the United States.
366
1072787
2633
18:07
And that's much easier said than done.
367
1075420
2630
18:10
How do you do that?
368
1078050
1709
18:11
A single country, any single country in Europe
369
1079759
1799
18:13
cannot replace and build replacements
370
1081558
2793
18:16
for the U.S.-made operating systems
and cloud services.
371
1084351
2762
18:19
But maybe you don't have to do it alone.
372
1087113
1893
18:21
Maybe you can do it together with other countries.
373
1089006
1769
18:22
The solution is open source.
374
1090775
3496
18:26
By building together open, free, secure systems,
375
1094271
5613
18:31
we can go around such surveillance,
376
1099884
3108
18:34
and then one country doesn't have
to solve the problem by itself.
377
1102992
3223
18:38
It only has to solve one little problem.
378
1106215
2472
18:40
And to quote a fellow security researcher, Haroon Meer,
379
1108687
5523
18:46
one country only has to make a small wave,
380
1114210
2969
18:49
but those small waves together become a tide,
381
1117179
3467
18:52
and the tide will lift all the boats up at the same time,
382
1120646
3620
18:56
and the tide we will build
383
1124266
1651
18:57
with secure, free, open-source systems,
384
1125917
3441
19:01
will become the tide that will lift all of us
385
1129358
2399
19:03
up and above the surveillance state.
386
1131757
5582
19:09
Thank you very much.
387
1137339
2112
19:11
(Applause)
388
1139451
2398

▲Back to top

ABOUT THE SPEAKER
Mikko Hypponen - Cybersecurity expert
As computer access expands, Mikko Hypponen asks: What's the next killer virus, and will the world be able to cope with it? And also: How can we protect digital privacy in the age of government surveillance?

Why you should listen

The chief research officer at F-Secure Corporation in Finland, Mikko Hypponen has led his team through some of the largest computer virus outbreaks in history. His team took down the world-wide network used by the Sobig.F worm. He was the first to warn the world about the Sasser outbreak, and he has done classified briefings on the operation of the Stuxnet worm -- a hugely complex worm designed to sabotage Iranian nuclear enrichment facilities.

As a few hundred million more Internet users join the web from India and China and elsewhere, and as governments and corporations become more sophisticated at using viruses as weapons, Hypponen asks, what's next? Who will be at the front defending the world’s networks from malicious software? He says: "It's more than unsettling to realize there are large companies out there developing backdoors, exploits and trojans."

Even more unsettling: revelations this year that the United States' NSA is conducting widespread digital surveillance of both US citizens and anyone whose data passes through a US entity, and that it has actively sabotaged encryption algorithms. Hypponen has become one of the most outspoken critics of the agency's programs and asks us all: Why are we so willing to hand over digital privacy?

 

 

Read his open-season Q&A on Reddit:"My TED Talk was just posted. Ask me anything.

See the full documentary on the search for the Brain virus

More profile about the speaker
Mikko Hypponen | Speaker | TED.com

Data provided by TED.

This site was created in May 2015 and the last update was on January 12, 2020. It will no longer be updated.

We are currently creating a new site called "eng.lish.video" and would be grateful if you could access it.

If you have any questions or suggestions, please feel free to write comments in your language on the contact form.

Privacy Policy

Developer's Blog

Buy Me A Coffee