ABOUT THE SPEAKER
Mikko Hypponen - Cybersecurity expert
As computer access expands, Mikko Hypponen asks: What's the next killer virus, and will the world be able to cope with it? And also: How can we protect digital privacy in the age of government surveillance?

Why you should listen

The chief research officer at F-Secure Corporation in Finland, Mikko Hypponen has led his team through some of the largest computer virus outbreaks in history. His team took down the world-wide network used by the Sobig.F worm. He was the first to warn the world about the Sasser outbreak, and he has done classified briefings on the operation of the Stuxnet worm -- a hugely complex worm designed to sabotage Iranian nuclear enrichment facilities.

As a few hundred million more Internet users join the web from India and China and elsewhere, and as governments and corporations become more sophisticated at using viruses as weapons, Hypponen asks, what's next? Who will be at the front defending the world’s networks from malicious software? He says: "It's more than unsettling to realize there are large companies out there developing backdoors, exploits and trojans."

Even more unsettling: revelations this year that the United States' NSA is conducting widespread digital surveillance of both US citizens and anyone whose data passes through a US entity, and that it has actively sabotaged encryption algorithms. Hypponen has become one of the most outspoken critics of the agency's programs and asks us all: Why are we so willing to hand over digital privacy?

 

 

Read his open-season Q&A on Reddit:"My TED Talk was just posted. Ask me anything.

See the full documentary on the search for the Brain virus

More profile about the speaker
Mikko Hypponen | Speaker | TED.com
TEDxBrussels

Mikko Hypponen: How the NSA betrayed the world's trust -- time to act

米科·海坡能: 美国如何出卖了世界?——采取行动的时候到了

Filmed:
1,651,014 views

近期的一些事件都已陆续向我们强调着一个事实,那就是美国一直在对其它国家经过美国服务器的数据施行彻底监视,而不管他们是否做了什么错事。如米科·海坡能(Mikko Hypponen)所说,这就意味着本质上这个世界上每个使用因特网的人都在被监视。这是一个慷慨激昂的重要讲演,带着如此恳切的声音,呼唤我们寻找替代通过美国企业满足世界信息需求的有效途径。
- Cybersecurity expert
As computer access expands, Mikko Hypponen asks: What's the next killer virus, and will the world be able to cope with it? And also: How can we protect digital privacy in the age of government surveillance? Full bio

Double-click the English transcript below to play the video.

00:12
The two most likely容易 largest最大 inventions发明
0
492
4634
互联网和手机可以说是
00:17
of our generation
1
5126
2247
我们这个时代
00:19
are the Internet互联网 and the mobile移动 phone电话.
2
7373
3193
最为重要的两大发明了
00:22
They've他们已经 changed the world世界.
3
10566
2135
它们改变了整个世界
00:24
However然而, largely大部分 to our surprise,
4
12701
3515
然而,令我们非常吃惊的是
00:28
they also turned转身 out to be the perfect完善 tools工具
5
16216
4398
它们同时也成为了
00:32
for the surveillance监控 state.
6
20614
3150
用于国家监视的完美工具
00:35
It turned转身 out that the capability能力
7
23764
2897
事实上,收集关于我们
00:38
to collect搜集 data数据, information信息 and connections连接
8
26661
4044
每个人或者说所有人的
00:42
about basically基本上 any of us and all of us
9
30705
4218
数据、信息以及关系的这种能力
00:46
is exactly究竟 what we've我们已经 been hearing听力
10
34923
1813
正是这个夏天从
00:48
throughout始终 of the summer夏季
through通过 revelations启示 and leaks泄漏
11
36736
4607
西方情报机构
00:53
about Western西 intelligence情报 agencies机构,
12
41343
3091
特别是美国情报机构
00:56
mostly大多 U.S. intelligence情报 agencies机构,
13
44434
3026
所透露或者泄露的
00:59
watching观看 over the rest休息 of the world世界.
14
47460
3173
这些情报机构监视着世界其它地方
01:02
We've我们已经 heard听说 about these starting开始 with the
15
50633
3198
六月六日开始
01:05
revelations启示 from June六月 6.
16
53831
3686
陆续听到一些泄露的消息
01:09
Edward爱德华 Snowden斯诺登 started开始 leaking泄漏 information信息,
17
57517
3069
斯诺登开始透露
01:12
top最佳 secret秘密 classified分类 information信息,
18
60586
2304
那些来源于美国情报机构的
01:14
from the U.S. intelligence情报 agencies机构,
19
62890
1467
顶级机密信息
01:16
and we started开始 learning学习 about things like PRISMPRISM
20
64357
2469
于是我们也开始了解到一些
01:18
and XKeyscoreXKeyscore and others其他.
21
66826
3267
诸如菱镜计划和XKeyscore的事情
01:22
And these are examples例子 of the kinds of programs程式
22
70093
3105
这些都是美国情报机构
01:25
U.S. intelligence情报 agencies机构 are running赛跑 right now,
23
73198
4279
正在运作的项目
01:29
against反对 the whole整个 rest休息 of the world世界.
24
77477
3516
以此对抗世界其它国家
01:32
And if you look back about the forecasts预测
25
80993
3708
如果你回顾一下乔治·奥威尔
01:36
on surveillance监控 by George乔治 Orwell奥威尔,
26
84701
4101
有关监视的预言
01:40
well it turns out that
27
88817
2118
你会发现
01:42
George乔治 Orwell奥威尔 was an optimist乐天派.
28
90935
2504
奥威尔的确是一个乐观主义者
01:45
(Laughter笑声)
29
93439
2480
(笑声)
01:47
We are right now seeing眼看 a much larger scale规模
30
95919
2700
如今我们看到的是大规模的
01:50
of tracking追踪 of individual个人 citizens公民
31
98619
1898
对普通民众的跟踪
01:52
than he could have ever imagined想象.
32
100517
3632
这远远超出了他最初的想象
01:56
And this here is the infamous臭名昭著
33
104149
3535
这就是那个臭名昭著的
01:59
NSANSA data数据 center中央 in Utah犹他州.
34
107684
3844
美国犹他州的NSA数据中心
02:03
Due应有 to be opened打开 very soon不久,
35
111528
3156
在不久的将来开放后
02:06
it will be both a supercomputing超级计算 center中央
36
114684
2791
它将成为一个超级计算中心
02:09
and a data数据 storage存储 center中央.
37
117475
2137
同时也将成为一个超大数据中心
02:11
You could basically基本上 imagine想像 it has a large hall大厅
38
119612
2893
你几乎可以想象那个被硬盘设备塞满的大厅
02:14
filled填充 with hard drives驱动器 storing存储 data数据
39
122505
2456
无时不刻都在存储
02:16
they are collecting搜集.
40
124961
2274
他们收集来的数据
02:19
And it's a pretty漂亮 big building建造.
41
127235
2157
这是一幢巨大的建筑
02:21
How big? Well, I can give you the numbers数字 --
42
129392
1851
具体有多大呢?我们来看一个数据
02:23
140,000 square广场 meters --
43
131243
2022
14万平方米
02:25
but that doesn't really tell you very much.
44
133265
2606
可能你对这个数据也没有太多概念
02:27
Maybe it's better to imagine想像 it as a comparison对照.
45
135871
3176
我们最好通过比较来想象
02:31
You think about the largest最大 IKEAIKEA store商店
46
139047
2456
想想你去过的
02:33
you've ever been in.
47
141503
1747
最大的宜家家具吧
02:35
This is five times larger.
48
143250
3469
它将是宜家的五倍大
02:38
How many许多 hard drives驱动器 can you fit适合 in an IKEAIKEA store商店?
49
146719
3076
想想你能在宜家塞进多少硬盘设备吧
02:41
Right? It's pretty漂亮 big.
50
149795
2007
是吧?数目的确非常巨大!
02:43
We estimate估计 that just the electricity电力 bill法案
51
151802
2846
我们估算仅用于运行
02:46
for running赛跑 this data数据 center中央
52
154648
1876
这个数据中心的电费
02:48
is going to be in the tens of millions百万 of dollars美元 a year.
53
156524
3398
每年就需要数千万美元
02:51
And this kind of wholesale批发 surveillance监控
54
159922
2509
而这种大规模的监视
02:54
means手段 that they can collect搜集 our data数据
55
162431
2736
意味着他们可以收集我们的数据
02:57
and keep it basically基本上 forever永远,
56
165167
2003
并且基本上可以永久保留
02:59
keep it for extended扩展 periods of time,
57
167170
2509
保留很长时间
03:01
keep it for years年份, keep it for decades几十年.
58
169679
3246
几年甚至几十年
03:04
And this opens打开 up completely全然 new kinds of risks风险
59
172925
3379
这个将给我们所有人
03:08
to us all.
60
176304
1946
带来前所未有的风险
03:10
And what this is is that it is wholesale批发
61
178250
3628
它将是一种大规模的对我们每个人的
03:13
blanket surveillance监控 on everyone大家.
62
181878
4857
无障碍监视
03:18
Well, not exactly究竟 everyone大家,
63
186735
1554
当然,确切来说也不是对所有人
03:20
because the U.S. intelligence情报 only has a legal法律 right
64
188289
4028
因为美国情报机构只有对外国人的
03:24
to monitor监控 foreigners外国人.
65
192317
1970
合法监视权力
03:26
They can monitor监控 foreigners外国人
66
194287
1750
一旦那些非美国的数据流
03:28
when foreigners'外国人 data数据 connections连接
67
196037
2810
到达或者经过美国
03:30
end结束 up in the United联合的 States状态 or pass通过
through通过 the United联合的 States状态.
68
198847
3490
就要被监视了
03:34
And monitoring监控 foreigners外国人 doesn't sound声音 too bad
69
202337
2784
监视外国人听起来似乎没那么糟糕
03:37
until直到 you realize实现
70
205121
2367
除非你意识到
03:39
that I'm a foreigner外国人 and you're a foreigner外国人.
71
207488
3001
其实我们都是老外
03:42
In fact事实, 96 percent百分 of the planet行星 are foreigners外国人.
72
210489
3786
事实上,这个星球上96%都是老外
03:46
(Laughter笑声)
73
214275
1670
(笑)
03:47
Right?
74
215945
1887
是吧?
03:49
So it is wholesale批发 blanket surveillance监控 of all of us,
75
217832
4449
所以说只要你使用通信工具和互联网
03:54
all of us who use telecommunications电信 and the Internet互联网.
76
222281
4102
你就会被彻底监视
03:58
But don't get me wrong错误:
77
226383
1891
大家也别误会
04:00
There are actually其实 types类型
of surveillance监控 that are okay.
78
228274
5226
的确也有一些还不错的监视形式
04:05
I love freedom自由, but even I agree同意
79
233500
3029
我热爱自由,但我自始至终也同意
04:08
that some surveillance监控 is fine.
80
236529
2279
有一些监视是有益的
04:10
If the law enforcement强制 is trying to find a murderer凶手,
81
238808
3903
比如如果执法机关正在寻找一名谋杀犯
04:14
or they're trying to catch抓住 a drug药物 lord
82
242711
3102
或者搜捕一个贩毒者
04:17
or trying to prevent避免 a school学校 shooting射击,
83
245813
3604
或者试图阻止一场校园枪击案的发生
04:21
and they have leads引线 and they have suspects犯罪嫌疑人,
84
249417
1677
并且他们中有头目有嫌疑犯
04:23
then it's perfectly完美 fine for them
to tap龙头 the suspect's嫌疑人 phone电话,
85
251094
3717
此时如果能监听他们的手机
04:26
and to intercept截距 his Internet互联网 communications通讯.
86
254811
3356
截获他们的网络通信那就太棒了
04:30
I'm not arguing争论 that at all,
87
258167
1938
我并不反对这一点
04:32
but that's not what programs程式 like PRISMPRISM are about.
88
260105
2824
但菱镜计划之类的项目并不是这么做的
04:34
They are not about doing surveillance监控 on people
89
262929
2885
他们不是在监视那些
04:37
that they have reason原因
to suspect疑似 of some wrongdoings恶行.
90
265814
3204
他们有理由怀疑的坏人
04:41
They're about doing surveillance监控 on people
91
269018
1677
他们在监视那些
04:42
they know are innocent无辜.
92
270695
3760
无辜的人
04:46
So the four main主要 arguments参数
93
274455
2245
对于这样的监听
04:48
supporting支持 surveillance监控 like this,
94
276700
2152
有四条主要的理由
04:50
well, the first of all is that whenever每当 you start开始
95
278852
2235
首先是只要你
04:53
discussing讨论 about these revelations启示,
96
281087
1895
一开始讨论信息泄露的问题
04:54
there will be naysayers反对者 trying to minimize最小化
97
282982
2293
总会有反对者站出来
04:57
the importance重要性 of these revelations启示, saying that
98
285275
2188
把泄露的重要性降到最小
04:59
we knew知道 all this already已经,
99
287463
1613
他们说我们早已知道这些
05:01
we knew知道 it was happening事件, there's nothing new here.
100
289076
3580
我们知道在发生什么,没有什么新鲜的
05:04
And that's not true真正. Don't let anybody任何人 tell you
101
292656
3215
事实不是这样的
05:07
that we knew知道 this already已经,
because we did not know this already已经.
102
295871
5712
谁说我们早知道这些?我们不知道
05:13
Our worst最差 fears恐惧 might威力 have been something like this,
103
301583
3773
我们最大的恐惧就是这些事情已经发生
05:17
but we didn't know this was happening事件.
104
305356
1951
而我们一无所知
05:19
Now we know for a fact事实 it's happening事件.
105
307307
2777
现在我们的确可以确定的知道在发生什么
05:22
We didn't know about this.
We didn't know about PRISMPRISM.
106
310084
2579
而我们之前并不了解
我们不了解PRISM
05:24
We didn't know about XKeyscoreXKeyscore.
We didn't know about CybertransCyber​​trans.
107
312663
2906
也不了解XKeyscore,Cybertrans
05:27
We didn't know about DoubleArrowDoubleArrow.
108
315569
1950
还有DoubleArrow
05:29
We did not know about SkywriterSkywriter --
109
317519
2148
以及Skywriter
05:31
all these different不同 programs程式
110
319667
1695
这些各式各样
05:33
run by U.S. intelligence情报 agencies机构.
111
321362
3241
由美国情报局运行的项目
05:36
But now we do.
112
324603
3029
但现在我们都了解了
05:39
And we did not know
113
327632
2166
我们之前也并不知道
05:41
that U.S. intelligence情报 agencies机构 go to extremes极端
114
329798
3075
美国情报机构如何极端到
05:44
such这样 as infiltrating浸润 standardization标准化 bodies身体
115
332873
3837
通过渗透至标准组织内部
05:48
to sabotage破坏 encryption加密 algorithms算法 on purpose目的.
116
336710
4748
以达到削弱加密算法强度的目的
05:53
And what that means手段
117
341458
2037
这就意味着
05:55
is that you take something which哪一个 is secure安全,
118
343495
1820
如果你拿到一份加密文件
05:57
an encryption加密 algorithm算法 which哪一个 is so secure安全
119
345315
2421
它的加密算法可以安全到
05:59
that if you use that algorithm算法 to encrypt加密 one file文件,
120
347736
3107
使你加密之后
06:02
nobody没有人 can decrypt解码 that file文件.
121
350843
1742
没有任何人可以解开它
06:04
Even if they take every一切 single computer电脑 on the planet行星 just to decrypt解码 that one file文件,
122
352585
4413
即便你用地球上的每一个计算机去解密它
06:08
it's going to take millions百万 of years年份.
123
356998
2060
也需要数百万年
06:11
So that's basically基本上 perfectly完美 safe安全, uncrackable破解的.
124
359058
2247
它可以说是绝密的,无懈可击
06:13
You take something which哪一个 is that good
125
361305
2074
拿到这样一件完美的东西
06:15
and then you weaken削弱 it on purpose目的,
126
363379
2484
然后故意弱化它
06:17
making制造 all of us less secure安全 as an end结束 result结果.
127
365863
5610
使得我们每个人终都变得不安全
06:23
A real-world真实世界 equivalent当量 would be that
128
371473
2131
现实生活中一个类似的例子是
06:25
intelligence情报 agencies机构 would force
129
373604
2652
情报机构会强行
06:28
some secret秘密 pin code into every一切 single house alarm报警
130
376256
2827
将某种加密识别码植入每个家居防盗系统
06:31
so they could get into every一切 single house
131
379083
1793
这样他们就可以进入任何一所房子
06:32
because, you know, bad people
might威力 have house alarms警报,
132
380876
2246
因为坏人可能装有防盗系统
06:35
but it will also make all of us
133
383122
2439
但这样一来
06:37
less secure安全 as an end结束 result结果.
134
385561
2229
最后我们自己也变得不那么安全
06:39
BackdooringBackdooring encryption加密 algorithms算法
135
387790
3740
利用加密算法这个后门儿
06:43
just boggles博格尔斯 the mind心神.
136
391530
3096
的确让人匪夷所思
06:46
But of course课程, these intelligence情报 agencies机构
are doing their job工作.
137
394626
3775
当然啦,这些情报机构只是在履行自己的职责
06:50
This is what they have been told to do:
138
398401
1757
这正是他们被要求做的事情
06:52
do signals信号 intelligence情报,
139
400158
2230
做信号情报
06:54
monitor监控 telecommunications电信,
140
402388
2012
监视通讯渠道
06:56
monitor监控 Internet互联网 traffic交通.
141
404400
1422
以及监测网络流量
06:57
That's what they're trying to do,
142
405822
1708
这正是他们尝试在做的
06:59
and since以来 most, a very big part部分
of the Internet互联网 traffic交通 today今天 is encrypted加密,
143
407530
3082
由于目前相当大一部分的互联网流量是加密的
07:02
they're trying to find ways方法 around the encryption加密.
144
410612
1957
他们也就在尝试通过加密寻找突破口
07:04
One way is to sabotage破坏 encryption加密 algorithms算法,
145
412569
3057
削弱加密算法就是其中一种手段
07:07
which哪一个 is a great example
146
415626
1885
这是美国情报机构如何
07:09
about how U.S. intelligence情报 agencies机构
147
417511
2221
为所欲为
07:11
are running赛跑 loose疏松.
148
419732
1749
的一个极好的例子
07:13
They are completely全然 out of control控制,
149
421481
1841
他们完全不受控制
07:15
and they should be brought back under control控制.
150
423322
4442
而这些应该加以控制
07:21
So what do we actually其实 know about the leaks泄漏?
151
429629
2950
而我们对这些信息泄露的真实了解能有多少呢
07:24
Everything is based基于 on the files
152
432579
2110
所有这些都基于
07:26
leaked泄露 by Mr先生. Snowden斯诺登.
153
434689
2498
Snowden先生的那些泄露文件
07:29
The very first PRISMPRISM slides幻灯片
154
437187
2848
从六月初
07:32
from the beginning开始 of June六月
155
440035
1989
第一个PRISM的幻灯片开始
07:34
detail详情 a collection采集 program程序 where the data数据
156
442024
2094
它详细描述了
07:36
is collected from service服务 providers供应商,
157
444118
1786
一个从服务提供商收集数据的项目
07:37
and they actually其实 go and name名称 the service服务 providers供应商
158
445904
2878
而且他们还对那些被使用的
07:40
they have access访问 to.
159
448782
1331
服务商进行了命名
07:42
They even have a specific具体 date日期
160
450113
2942
甚至为他们设立一个纪念日
07:45
on when the collection采集 of data数据 began开始
161
453055
2664
记载开始从各个服务提供商
07:47
for each of the service服务 providers供应商.
162
455719
1639
获取数据的日子
07:49
So for example, they name名称
the collection采集 from Microsoft微软
163
457358
2287
比如,他们为2007年9月11号
07:51
started开始 on September九月 11, 2007,
164
459645
3720
开始从Microsoft获取的那批数据起了名字
07:55
for Yahoo雅虎 on the March游行 12, 2008,
165
463365
2732
还有2008年3月12号的Yahoo
07:58
and then others其他: Google谷歌, FacebookFacebook的,
166
466097
3016
之后还有Google, Facebook
08:01
SkypeSkype的, Apple苹果 and so on.
167
469113
3244
Skype, Apple等等
08:04
And every一切 single one of these companies公司 denies否认.
168
472357
2848
任何一个公司对此都呈否认态度
08:07
They all say that this simply只是 isn't true真正,
169
475205
4395
都说这简直就是谎言
08:11
that they are not giving
backdoor后门 access访问 to their data数据.
170
479600
4608
他们从来没有开过后门让别人获取他们的数据
08:16
Yet然而 we have these files.
171
484208
4123
但是我们的确得到了这些文件
08:20
So is one of the parties派对 lying说谎,
172
488331
2321
那么是其中一方在撒谎吗?
08:22
or is there some other alternative替代 explanation说明?
173
490652
3323
有没有其他可能的解释?
08:25
And one explanation说明 would be
174
493975
2922
一种可能的解释是
08:28
that these parties派对, these service服务 providers供应商,
175
496897
2887
这些当事人,也就是这些服务提供商
08:31
are not cooperating合作.
176
499784
1916
他们并没有合作
08:33
Instead代替, they've他们已经 been hacked砍死.
177
501700
3021
只是被黑了
08:36
That would explain说明 it. They aren't cooperating合作. They've他们已经 been hacked砍死.
178
504721
3217
这种解释是合理的:他们没有参与而是受到了黑客攻击
08:39
In this case案件, they've他们已经 been hacked砍死
by their own拥有 government政府.
179
507938
4178
其实可以说是他们被自己的政府黑了
08:44
That might威力 sound声音 outlandish异乎寻常,
180
512116
2421
也许这听起来有点荒唐
08:46
but we already已经 have cases where this has happened发生,
181
514537
2214
但我们的确有过这样的案例
08:48
for example, the case案件 of the Flame火焰 malware恶意软件
182
516751
3046
比如那个有关恶意软件Flame的案子
08:51
which哪一个 we strongly非常 believe was authored创作
183
519797
2033
我们之前多么坚信它是由
08:53
by the U.S. government政府,
184
521830
1897
美国政府授权的
08:55
and which哪一个, to spread传播, subverted颠覆 the security安全
185
523727
3899
而就是它破坏了Windows的
08:59
of the Windows视窗 Update更新 network网络,
186
527626
2886
网络升级系统的安全
09:02
meaning含义 here, the company公司 was hacked砍死
187
530512
4093
这就意味着
09:06
by their own拥有 government政府.
188
534605
2358
他们被自己的政府黑了
09:08
And there's more evidence证据
189
536963
1599
当然还有更多
09:10
supporting支持 this theory理论 as well.
190
538562
2551
支撑这个说法的证据
09:13
Der明镜 Spiegel明镜, from Germany德国, leaked泄露 more information信息
191
541113
4005
德国的明镜周刊(Der Spiegel)暴露了更多
09:17
about the operations操作 run by the elite原种 hacker黑客 units单位
192
545118
4265
有关这些情报机构中的顶级黑客团队
09:21
operating操作 inside these intelligence情报 agencies机构.
193
549383
3035
所做作为的信息
09:24
Inside NSANSA, the unit单元 is called TAOTAO,
194
552418
2626
在NSA内部, 这个部门被叫做TAO
09:27
Tailored量身定制 Access访问 Operations操作,
195
555044
1845
特定情报获取行动
09:28
and inside GCHQGCHQ, which哪一个 is the U.K. equivalent当量,
196
556889
3564
这个等同于英国GCHQ内部的NAC
09:32
it's called NACNAC, Network网络 Analysis分析 Centre中央.
197
560453
3999
网络分析中心(Network Analysis Centre)
09:36
And these recent最近 leaks泄漏 of these three slides幻灯片
198
564452
3844
最近泄露的这三个幻灯片
09:40
detail详情 an operation手术
199
568296
2204
详细描述了一个由GCHQ情报局
09:42
run by this GCHQGCHQ intelligence情报 agency机构
200
570500
3158
在英国发起的行动
09:45
from the United联合的 Kingdom王国
201
573658
1809
目标定位在
09:47
targeting针对 a telecom电信 here in Belgium比利时.
202
575467
4233
一个比利时的电信公司
09:51
And what this really means手段
203
579700
2276
这件事表明了一个事实
09:53
is that an E.U. country's intelligence情报 agency机构
204
581976
3888
一个欧盟国家的情报机构
09:57
is breaching违约 the security安全
205
585864
2215
正在蓄意破坏
10:00
of a telecom电信 of a fellow同伴 E.U. country国家 on purpose目的,
206
588079
4813
联盟国家电信公司的安全
10:04
and they discuss讨论 it in their slides幻灯片 completely全然 casually胡乱,
207
592892
3835
而他们在幻灯片里谈论这件事时
10:08
business商业 as usual通常.
208
596727
1601
一如既往的自然
10:10
Here's这里的 the primary target目标,
209
598328
1668
这是主要目标
10:11
here's这里的 the secondary次要 target目标,
210
599996
1378
这是次要目标
10:13
here's这里的 the teaming联手.
211
601374
1424
这是他们的团队
10:14
They probably大概 have a team球队 building建造
on Thursday星期四 evening晚间 in a pub酒馆.
212
602798
3856
他们通常会在周四晚上在酒吧里做团队建设的活动
10:18
They even use cheesy俊俏的 PowerPoint幻灯片 clip art艺术
213
606654
3041
他们每成功一次
10:21
like, you know, "Success成功,"
214
609695
1707
就会用一些俗气的幻灯片
10:23
when they gain获得 access访问 to services服务 like this.
215
611402
3264
庆祝所谓的胜利
10:26
What the hell地狱?
216
614666
2826
他们究竟在搞什么鬼
10:31
And then there's the argument论据
217
619685
1833
有人会争辩说
10:33
that okay, yes, this might威力 be going on,
218
621518
1660
是的,他们是在监视
10:35
but then again, other countries国家 are doing it as well.
219
623178
2637
但话说回来,哪个国家没有这样的行动呢?
10:37
All countries国家 spy间谍.
220
625815
2423
也许真的是
10:40
And maybe that's true真正.
221
628238
1738
所有国家都有间谍
10:41
Many许多 countries国家 spy间谍, not all of them,
but let's take an example.
222
629976
2438
很多国家都有,但并不是所有都是这样
10:44
Let's take, for example, Sweden瑞典.
223
632414
2111
比如说,瑞典
10:46
I'm speaking请讲 of Sweden瑞典 because Sweden瑞典
224
634525
1376
我提起瑞典这个国家是因为
10:47
has a little bit of a similar类似 law to the United联合的 States状态.
225
635901
2279
在法律方面它与美国是有些相似的
10:50
When your data数据 traffic交通 goes through通过 Sweden瑞典,
226
638180
2123
当你的数据流经过瑞典的时候
10:52
their intelligence情报 agency机构 has a legal法律 right by the law
227
640303
2810
他们的情报机构的确是有
10:55
to intercept截距 that traffic交通.
228
643113
2001
截获这些数据的合法权力
10:57
All right, how many许多 Swedish瑞典 decisionmakers决定者
229
645114
3205
那么,有多少瑞典的决策者
11:00
and politicians政治家 and business商业 leaders领导者
230
648319
2872
政治家和商业领袖
11:03
use, every一切 day, U.S.-based services服务,
231
651191
3073
每天使用美国的服务呢?
11:06
like, you know, run Windows视窗 or OSXOSX,
232
654264
3268
比如像使用Windows或OSX
11:09
or use FacebookFacebook的 or LinkedInLinkedIn,
233
657532
2210
使用Facebook或LinkedIn
11:11
or store商店 their data数据 in clouds like iCloudiCloud的
234
659742
3400
或者将数据上传到类似iCloud中进行云存储
11:15
or SkydriveSkyDrive中 or DropBoxDropBox的,
235
663142
3894
还有Skydrive或者DropBox
11:19
or maybe use online线上 services服务 like
Amazon亚马逊 web卷筒纸 services服务 or sales销售 support支持?
236
667036
4303
也许还有一些在线服务,类似Amazon网络服务或者销售支持?
11:23
And the answer回答 is, every一切 single Swedish瑞典
business商业 leader领导 does that every一切 single day.
237
671339
3957
答案是,每一个瑞典的商业人士每天都会使用它们
11:27
And then we turn it around.
238
675296
1599
那么如果我们反过来问
11:28
How many许多 American美国 leaders领导者
239
676895
1905
有多少美国杰出人士
11:30
use Swedish瑞典 webmails提醒服务 and cloud services服务?
240
678800
4293
使用瑞典的网络邮箱和云服务呢?
11:35
And the answer回答 is zero.
241
683093
2040
答案是零
11:37
So this is not balanced均衡.
242
685133
2269
所以这显然是不平衡的
11:39
It's not balanced均衡 by any means手段, not even close.
243
687402
4625
相差甚远
11:44
And when we do have the occasional偶然
244
692027
2441
即使有一天我们偶然发现一个
11:46
European欧洲的 success成功 story故事,
245
694468
2001
欧洲人获胜的故事
11:48
even those, then, typically一般 end结束 up being存在 sold出售
to the United联合的 States状态.
246
696469
3566
典型的结局一定是这个服务被美国公司收购
11:52
Like, SkypeSkype的 used to be secure安全.
247
700035
2264
比如,Skype最初采用端到端的加密
11:54
It used to be end-to-end端至端 encrypted加密.
248
702299
2733
所以还是安全的
11:57
Then it was sold出售 to the United联合的 States状态.
249
705032
2041
后来被卖给了美国后
11:59
Today今天, it no longer is secure安全.
250
707073
2649
就不再安全了
12:01
So once一旦 again, we take something which哪一个 is secure安全
251
709722
3221
所以,我们再一次把一个原本安全的东西
12:04
and then we make it less secure安全 on purpose目的,
252
712943
1870
弄得不再安全
12:06
making制造 all of us less secure安全 as an outcome结果.
253
714813
4484
使得我们所有人最终也都不再安全了
12:12
And then the argument论据 that the United联合的 States状态
254
720855
2247
也有争论说
12:15
is only fighting战斗 terrorists恐怖分子.
255
723102
2018
美国只是在
12:17
It's the war战争 on terror恐怖.
256
725120
1166
展开一场针对恐怖分子的战争
12:18
You shouldn't不能 worry担心 about it.
257
726286
2547
本来无需担忧
12:20
Well, it's not the war战争 on terror恐怖.
258
728833
2230
但事实上它不是
12:23
Yes, part部分 of it is war战争 on terror恐怖, and yes,
259
731063
2173
是的,我们承认这中间有恐怖分子
12:25
there are terrorists恐怖分子, and they do kill and maim残害,
260
733236
2976
我们必须与这些
12:28
and we should fight斗争 them,
261
736212
1551
肆意残害的行为作战
12:29
but we know through通过 these leaks泄漏
262
737763
1606
但从那些泄露的消息中我们也知道
12:31
that they have used the same相同 techniques技术
263
739369
2582
他们在使用相同的手段
12:33
to listen to phone电话 calls电话 of European欧洲的 leaders领导者,
264
741951
3336
监听那些欧洲的领导者
12:37
to tap龙头 the email电子邮件 of residents居民 of Mexico墨西哥 and Brazil巴西,
265
745287
3455
截获墨西哥和巴西居民的邮件
12:40
to read email电子邮件 traffic交通 inside the United联合的 Nations国家 Headquarters司令部 and E.U. Parliament议会,
266
748742
4806
甚至联合国总部以及欧盟议会的邮件
12:45
and I don't think they are trying to find terrorists恐怖分子
267
753548
3154
他们显然不会在欧盟议会内部
12:48
from inside the E.U. Parliament议会, right?
268
756702
3018
寻找恐怖分子,对吧?
12:51
It's not the war战争 on terror恐怖.
269
759720
1948
所以,这不是一场针对恐怖分子的战争
12:53
Part部分 of it might威力 be, and there are terrorists恐怖分子,
270
761668
4142
虽然部分意义上可以说是
12:57
but are we really thinking思维 about terrorists恐怖分子
271
765810
2427
恐怖主义的确是存在的
13:00
as such这样 an existential存在 threat威胁
272
768237
2169
但我们会认为它是一种
13:02
that we are willing愿意 to do anything at all to fight斗争 them?
273
770406
3676
必需我们不惜一切代价去全力对抗的现存威胁么?
13:06
Are the Americans美国人 ready准备
to throw away the ConstituionConstituion
274
774082
3491
美国人民准备为了恐怖分子
13:09
and throw it in the trash垃圾
just because there are terrorists恐怖分子?
275
777573
4241
而抛弃宪法?
13:13
And the same相同 thing with the Bill法案 of Rights
and all the amendments修订
276
781814
2524
抛弃那些人权法案?
13:16
and the Universal普遍 Declaration宣言 of Human人的 Rights
277
784338
2317
还有世界人权宣言
13:18
and the E.U. conventions公约 on human人的 rights权利
and fundamental基本的 freedoms自由
278
786655
5151
欧盟那些关于人权和基本自由的法案
13:23
and the press freedom自由?
279
791806
1517
还有出版自由?
13:25
Do we really think terrorism恐怖主义
is such这样 an existential存在 threat威胁,
280
793323
3815
我们真的认为恐怖主义
13:29
we are ready准备 to do anything at all?
281
797138
3126
需要我们不惜这一切代价吗?
13:34
But people are scared害怕 about terrorists恐怖分子,
282
802490
2664
是的,人们惧怕恐怖主义
13:37
and then they think that
maybe that surveillance监控 is okay
283
805154
2414
所以也许他们认为这样的监视是合理的
13:39
because they have nothing to hide隐藏.
284
807568
2044
反正也没什么需要隐藏的
13:41
Feel free自由 to survey调查 me if that helps帮助.
285
809612
2707
需要的话那就随便监视好了
13:44
And whoever tells告诉 you that they have nothing to hide隐藏
286
812319
2888
但是,谁说他们没有什么值得隐藏起来的?
13:47
simply只是 hasn't有没有 thought about this long enough足够.
287
815207
4713
只是他们还没有考虑那么长远罢了
13:54
(Applause掌声)
288
822520
5865
(掌声)
14:00
Because we have this thing called privacy隐私,
289
828385
2772
因为我们每个人都有隐私
14:03
and if you really think that you have nothing to hide隐藏,
290
831157
2345
如果你真的认为你没有什么要隐藏的
14:05
please make sure that's the first thing you tell me,
291
833502
2216
那你一定要弄清楚这是你告诉我的第一件事
14:07
because then I know
292
835718
1550
因为这之后我会觉得
14:09
that I should not trust相信 you with any secrets秘密,
293
837268
1640
不能再信任你
14:10
because obviously明显 you can't keep a secret秘密.
294
838908
3298
因为你明显不会保守秘密
14:17
But people are brutally粗暴地 honest诚实 with the Internet互联网,
295
845065
3829
人们对互联网都表现出盲目的诚实
14:20
and when these leaks泄漏 started开始,
296
848894
2696
当那些信息开始泄露的时候
14:23
many许多 people were asking me about this.
297
851590
1878
许多人问我
14:25
And I have nothing to hide隐藏.
298
853468
1574
说他们没有什么需要隐瞒的
14:27
I'm not doing anything bad or anything illegal非法.
299
855042
3290
也没有做什么坏事或者违法的事情
14:30
Yet然而, I have nothing that I would in particular特定
300
858332
2785
而且我也没有什么想要与
14:33
like to share分享 with an intelligence情报 agency机构,
301
861117
2793
情报中心分享的特殊信息
14:35
especially特别 a foreign国外 intelligence情报 agency机构.
302
863910
4137
何况还是国外的情报机构
14:40
And if we indeed确实 need a Big Brother哥哥,
303
868047
2855
就算我们真的需要一个老大
14:42
I would much rather have a domestic国内 Big Brother哥哥
304
870902
3478
我也希望他是本国的
14:46
than a foreign国外 Big Brother哥哥.
305
874380
3160
而不是来自国外
14:49
And when the leaks泄漏 started开始,
the very first thing I tweeted啾啾 about this
306
877545
5059
当信息泄露开始的时候,我最先发表的
14:54
was a comment评论 about how,
307
882604
2074
一条评论就是关于
14:56
when you've been using运用 search搜索 engines引擎,
308
884678
1688
当人们使用搜索引擎时,
14:58
you've been potentially可能 leaking泄漏 all that
to U.S. intelligence情报.
309
886366
3649
是如何将信息泄露给了美国情报机构
15:02
And two minutes分钟 later后来, I got a reply回复
310
890015
1972
两分钟后我收到一条回复
15:03
by somebody called Kimberly金佰利 from the United联合的 States状态
311
891987
2336
来自一个叫做Kimberly的美国人
15:06
challenging具有挑战性的 me, like, why am I worried担心 about this?
312
894323
2167
他反对我说
15:08
What am I sending发出 to worry担心 about this?
Am I sending发出 naked pictures图片 or something?
313
896503
4032
我又没有发送裸照之类的东西,为什么我还需要担心这个?
15:12
And my answer回答 to Kimberly金佰利 was
314
900535
1968
我回答他说
15:14
that what I'm sending发出 is none没有 of your business商业,
315
902503
3029
我发送什么与你无关
15:17
and it should be none没有
of your government's政府的 business商业 either.
316
905532
4265
当然也与你的政府无关
15:21
Because that's what it's about. It's about privacy隐私.
317
909797
2252
因为这就是隐私
15:24
Privacy隐私 is nonnegotiable商量余地.
318
912049
1914
这一点没什么好讨论的
15:25
It should be built内置 in to all the systems系统 we use.
319
913963
3960
就是应该在我们所用的所有系统得到保障
15:31
(Applause掌声)
320
919968
3578
(鼓掌)
15:38
And one thing we should all understand理解
321
926830
2619
有一点我们需要知道的是
15:41
is that we are brutally粗暴地 honest诚实 with search搜索 engines引擎.
322
929449
4599
我们对搜索引擎也是在盲目信任
15:46
You show显示 me your search搜索 history历史,
323
934048
2751
只要你透露了你的搜索记录
15:48
and I'll find something incriminating罪证
324
936799
2366
我就能在五分钟之内
15:51
or something embarrassing尴尬 there in five minutes分钟.
325
939165
3437
找到那些与之关联的让人尴尬的东西
15:54
We are more honest诚实 with search搜索 engines引擎
326
942602
1788
我们对搜索引擎的诚实
15:56
than we are with our families家庭.
327
944390
1762
常常多于对我们的家庭
15:58
Search搜索 engines引擎 know more about you
328
946152
2091
搜索引擎通常也比你的家人
16:00
than your family家庭 members会员 know about you.
329
948243
2766
更了解你
16:03
And this is all the kind
of information信息 we are giving away,
330
951009
3088
这就是那些我们
16:06
we are giving away to the United联合的 States状态.
331
954097
4375
泄露给美国的信息
16:10
And surveillance监控 changes变化 history历史.
332
958472
2478
监视改变历史
16:12
We know this through通过 examples例子
of corrupt腐败 presidents总统 like Nixon尼克松.
333
960950
3209
堕落总统Nixon之类的例子告诉我们这些
16:16
Imagine想像 if he would have had the kind
of surveillance监控 tools工具 that are available可得到 today今天.
334
964159
4472
想象下如果他当时有现在这样的情报收集工具会怎么样吧
16:20
And let me actually其实 quote引用
335
968631
2309
我想用巴西总统Dilma Rousseff夫人
16:22
the president主席 of Brazil巴西, Ms女士. Dilma迪尔玛 Rousseff罗塞芙.
336
970940
3133
做个例子
16:26
She was one of the targets目标 of NSANSA surveillance监控.
337
974073
3286
她就是NSA监视的对象之一
16:29
Her email电子邮件 was read, and she spoke
338
977359
2276
她的邮件被截获了
16:31
at the United联合的 Nations国家 Headquarters司令部, and she said,
339
979635
3023
她曾经在联合国总部质问
16:34
"If there is no right to privacy隐私,
340
982658
2013
“如果没有隐私的权利
16:36
there can be no true真正 freedom自由
of expression表达 and opinion意见,
341
984671
2827
就不会有什么真正的言论自由和舆论自由
16:39
and therefore因此, there can be no effective有效 democracy民主."
342
987498
5111
因此也不可能有有效的民主”
16:44
That's what it's about.
343
992609
2345
就是这样
16:46
Privacy隐私 is the building建造 block of our democracies民主.
344
994954
3868
隐私是民主的基础
16:52
And to quote引用 a fellow同伴 security安全 researcher研究员, Marcus马库斯 RanumRanum,
345
1000611
3465
一名在安全方面的同行学者Marcus Ranum曾说
16:56
he said that the United联合的 States状态
is right now treating治疗 the Internet互联网
346
1004076
3827
如今美国对互联网的态度
16:59
as it would be treating治疗 one of its colonies群落.
347
1007903
3093
就像对待他们的殖民地
17:02
So we are back to the age年龄 of colonization定植,
348
1010996
2565
所以我们已经又回到了殖民时代
17:05
and we, the foreign国外 users用户 of the Internet互联网,
349
1013561
3062
我们这些互联网的外国用户
17:08
we should think about Americans美国人 as our masters主人.
350
1016623
3705
应该把美国当做自己的主人
17:15
So Mr先生. Snowden斯诺登, he's been blamed指责 for many许多 things.
351
1023005
3975
Snowden先生曾经受到过种种指责
17:18
Some are blaming归咎 him for causing造成 problems问题
352
1026980
2654
有些人谴责他带来了美国云产业
17:21
for the U.S. cloud industry行业
and software软件 companies公司 with these revelations启示 --
353
1029634
3191
和软件公司的信息泄露问题
17:24
and blaming归咎 Snowden斯诺登 for causing造成 problems问题
for the U.S. cloud industry行业
354
1032825
4296
而这些谴责就如同
17:29
would be the equivalent当量 of blaming归咎 Al Gore血块
355
1037121
2459
在责备Al Gore
17:31
for causing造成 global全球 warming变暖.
356
1039580
2317
带来全球变暖问题一样
17:33
(Laughter笑声)
357
1041897
2254
(笑)
17:36
(Applause掌声)
358
1044151
5071
(鼓掌)
17:43
So, what is there to be doneDONE?
359
1051853
6208
那么,我们该怎么办?
17:50
Should we worry担心. No, we shouldn't不能 worry担心.
360
1058061
1780
我们需要担忧吗?不
17:51
We should be angry愤怒, because this is wrong错误,
361
1059841
2436
我们应该为这些丑恶的、无礼的、不该发生的事情
17:54
and it's rude无礼, and it should not be doneDONE.
362
1062277
2739
而愤怒
17:57
But that's not going to really change更改 the situation情况.
363
1065016
2268
但这些对改变现实无济于事
17:59
What's going to change更改 the situation情况
for the rest休息 of the world世界
364
1067284
3221
对于世界其它国家来说解决这一问题的方法
18:02
is to try to steer驾驶 away
365
1070505
2282
就是尝试避开
18:04
from systems系统 built内置 in the United联合的 States状态.
366
1072787
2633
美国建立的这些系统
18:07
And that's much easier更轻松 said than doneDONE.
367
1075420
2630
但这说起来容易做起来难
18:10
How do you do that?
368
1078050
1709
该怎么做呢
18:11
A single country国家, any single country国家 in Europe欧洲
369
1079759
1799
任何一个欧洲国家
18:13
cannot不能 replace更换 and build建立 replacements替代品
370
1081558
2793
都没有能力替代
18:16
for the U.S.-made-制作 operating操作 systems系统
and cloud services服务.
371
1084351
2762
美国制造的操作系统和云服务
18:19
But maybe you don't have to do it alone单独.
372
1087113
1893
但也许我们可以不用孤军奋战
18:21
Maybe you can do it together一起 with other countries国家.
373
1089006
1769
而是与其它国家联合
18:22
The solution is open打开 source资源.
374
1090775
3496
这个解决方案是开源的
18:26
By building建造 together一起 open打开, free自由, secure安全 systems系统,
375
1094271
5613
通过一同构建这样一个开放、免费并安全的系统
18:31
we can go around such这样 surveillance监控,
376
1099884
3108
我们可以绕开监视
18:34
and then one country国家 doesn't have
to solve解决 the problem问题 by itself本身.
377
1102992
3223
并且每个国家都不再只靠自己的力量
18:38
It only has to solve解决 one little problem问题.
378
1106215
2472
而只需要解决一个小问题
18:40
And to quote引用 a fellow同伴 security安全 researcher研究员, Haroon哈龙 Meer米尔,
379
1108687
5523
我们的安全专家Haroon Meer说过
18:46
one country国家 only has to make a small wave,
380
1114210
2969
每个国家都只能成为一个小水波
18:49
but those small waves波浪 together一起 become成为 a tide浪潮,
381
1117179
3467
而聚在一起就可以掀起巨浪
18:52
and the tide浪潮 will lift电梯 all the boats up at the same相同 time,
382
1120646
3620
从而可以同时载起所有的小船
18:56
and the tide浪潮 we will build建立
383
1124266
1651
这个安全,免费并开源的系统
18:57
with secure安全, free自由, open-source开源 systems系统,
384
1125917
3441
将成为推动我们所有人的彭波巨浪
19:01
will become成为 the tide浪潮 that will lift电梯 all of us
385
1129358
2399
使我们可以从此
19:03
up and above以上 the surveillance监控 state.
386
1131757
5582
彻底逃脱国家的监视
19:09
Thank you very much.
387
1137339
2112
谢谢大家
19:11
(Applause掌声)
388
1139451
2398
(鼓掌)
Translated by Calvin Hsu
Reviewed by Wu Di

▲Back to top

ABOUT THE SPEAKER
Mikko Hypponen - Cybersecurity expert
As computer access expands, Mikko Hypponen asks: What's the next killer virus, and will the world be able to cope with it? And also: How can we protect digital privacy in the age of government surveillance?

Why you should listen

The chief research officer at F-Secure Corporation in Finland, Mikko Hypponen has led his team through some of the largest computer virus outbreaks in history. His team took down the world-wide network used by the Sobig.F worm. He was the first to warn the world about the Sasser outbreak, and he has done classified briefings on the operation of the Stuxnet worm -- a hugely complex worm designed to sabotage Iranian nuclear enrichment facilities.

As a few hundred million more Internet users join the web from India and China and elsewhere, and as governments and corporations become more sophisticated at using viruses as weapons, Hypponen asks, what's next? Who will be at the front defending the world’s networks from malicious software? He says: "It's more than unsettling to realize there are large companies out there developing backdoors, exploits and trojans."

Even more unsettling: revelations this year that the United States' NSA is conducting widespread digital surveillance of both US citizens and anyone whose data passes through a US entity, and that it has actively sabotaged encryption algorithms. Hypponen has become one of the most outspoken critics of the agency's programs and asks us all: Why are we so willing to hand over digital privacy?

 

 

Read his open-season Q&A on Reddit:"My TED Talk was just posted. Ask me anything.

See the full documentary on the search for the Brain virus

More profile about the speaker
Mikko Hypponen | Speaker | TED.com

Data provided by TED.

This site was created in May 2015 and the last update was on January 12, 2020. It will no longer be updated.

We are currently creating a new site called "eng.lish.video" and would be grateful if you could access it.

If you have any questions or suggestions, please feel free to write comments in your language on the contact form.

Privacy Policy

Developer's Blog

Buy Me A Coffee