AndyYen_2014G[严育铨][以为你的私人电邮够私隐再想想吧_].pdf
www.XiYuS锡育软件(Applause)Thank you.(Applause)Thank you.(Applause)Thank you.(Applause)Twenty-five years ago,scientists atCERN created the World Wide Web.(掌声)谢谢。(掌声)谢谢。(掌声)谢谢。(掌声)25年前,欧洲核能研究所的科学家们创造了万维网。721350Since then,the Internet has transformed the way wecommunicate,the way we do business,and even the way welive.从那时起,互联网改变了我们的沟通方式、贸易方式、甚至生活方式。00:18In many ways,the ideas that gave birth to Google,Facebook,Twitter,and so many others,have now really transformed ourlives,and this has brought us many real benefits such as amore connected society.很大意义上,这些想法催生了谷歌、脸书、推特和其他许多公司,也真正改变了我们的生活。这为我们带来了许多实在的好处,比如社会更加连结。00:25However,there are also some downsides to this.但是,这同时也带来一些不利之处。00:39Today,the average person has an astounding amount ofpersonal information online,and we add to this onlineinformation every single time we post on Facebook,eachtime we search on Google,and each time we send an email.如今,一个普通人可以在互联网上 浏览到惊人的海量信息,我们每次在Facebook上发帖时就创造了更多网上的信息,也包括每次用谷歌搜索,还有每次发送电邮。00:43Now,many of us probably think,well,one email,theresnothing in there,right?很多人也许会想;一封电邮也没什么吧?00:56But if you consider a years worth of emails,or maybe even alifetime of email,collectively,this tells a lot.但是如果你考虑一年量的电邮,甚至一生的电邮,大量邮件能提供给很多信息;01:01downsides:下降趋势/消极面,缺点(downside的复数)astounding:adj.令人震惊的;令人惊骇的 collectively:adv.共同地,全体地It tells where we have been,who we have met,and in manyways,even what were thinking about.我们去过哪里,见过谁,甚至很大意义上,我们在想什么。01:09And the more scary part about this is our data now lastsforever,so your data can and will outlive you.更可怕的是,我们的信息能被永久留存,你的信息能够而且将要比你活得长。01:16What has happened is that weve largely lost control over ourdata and also our privacy.现在的情况是我们已经无法控制自己的信息,和我们的隐私。01:24So this year,as the web turns 25,its very important for us totake a moment and think about the implications of this.今年,互联网创建25周年,我们必须停下来 考虑这其中隐藏的含义。01:29We have to really think.我们必须认真考虑。01:38Weve lost privacy,yes,but actually what weve also lost isthe idea of privacy itself.是的,我们失去了隐私,但其实我们也失去了隐私这个概念。01:40If you think about it,most of us here today probablyremember what life was like before the Internet,but today,theres a new generation that is being taught from a veryyoung age to share everything online,and this is ageneration that is not going to remember when data wasprivate.如果你仔细想想,今天在座各位也许记得没有互联网的生活是怎样的。但是,如今,新一代年轻人,从小被教育在网上分享一切,这一代人不会记得信息私隐的时代。01:45So we keep going down this road,20 years from now,theword privacy is going to have a completely differentmeaning from what it means to you and I.如果我们一直这样下去,20年以后,“隐私”的含义将会变得完全不同 完全不同于今日我们的理解。02:02outlive:vt.比活得长;比经久;经受住;渡过而存在 implications:n.蕴涵式;暗指,暗示;含蓄,含意;卷入(implication的复数)So,its time for us to take a moment and think,is thereanything we can do about this?所以,现在我们需要认真考虑,我们能对此做些什么吗?02:10And I believe there is.我相信能。02:16Lets take a look at one of the most widely used forms ofcommunication in the world today:email.让我们来看看如今世界上 最广泛使用的通讯方式;电子邮件。02:18Before the invention of email,we largely communicated电邮发明之前,我们主要靠写信来通讯。写信的过程很简单。02:24TED演讲者:Andy Yen|严育铨演讲标题:Think your email.s private?Think again|以为你的私人电邮够私隐?再想想吧。内容概要:Sending an email message is like sending a postcard,says scientist Andy Yen in thisthought-provoking talk:Anyone can read it.Yet encryption,the technology that protects theprivacy of email communication,does exist.It.s just that until now it has been difficult to installand a hassle to use.Showing a demo of an email program he designed with colleagues at CERN,Yen argues that encryption can be made simple to the point of becoming the default option,providing true email privacy to all.科学家严育铨在他的发人深思的演讲中说道:寄一封电邮就像寄明信片一样谁都可以读得到。没错,用来保护电邮通讯隐私的加密技术的确存在。只是时至今日这一技术的安装和使用仍然相当困难。严育铨展示了他与欧洲核能研究所的同事共同设计的一个电邮项目,并指出加密技术可以变得相当简单,简单得可以成为大众的默认选择,为所有人提供真正的电邮隐私。Before the invention of email,we largely communicatedusing letters,and the process was quite simple.程很简单。02:24You would first start by writing your message on a piece ofpaper,then you would place it into a sealed envelope,andfrom there,you would go ahead and send it after you put astamp and address on it.你首先将信息写在一张纸上,然后把纸放入信封,封上信封,写上地址,贴上邮票,然后把这封信寄出去。02:30Unfortunately,today,when we actually send an email,werenot sending a letter.不幸的是,如今,我们发送的电邮并不是一封信件,02:40What you are sending,in many ways,is actually a postcard,and its a postcard in the sense that everybody that sees itfrom the time it leaves your computer to when it gets to therecipient can actually read the entire contents.某种意义上,更像是寄明信片,因为从电邮离开你电脑的那一刻,到收件人收到电邮的那一刻,这其中能看到这封邮件的人,能够浏览邮件的所有内容。02:44take a look at:看一看;检查 envelope:n.信封,封皮;包膜;天包层;包迹 stamp:n.邮票;印记;标志;跺脚/vt.铭记;标出;盖章于;贴邮票于;用脚踩踏/vi.跺脚;捣碎;毁掉 postcard:n.明信片So,the solution to this has been known for some time,andtheres many attempts to do it.解决这个问题的方法早已存在,而且很多人都尝试过。02:57The most basic solution is to use encryption,and the idea isquite simple.最基本的解决方法是使用加密,方法很简单。03:02First,you encrypt the connection between your computerand the email server.首先,电脑终端与服务器之间的连接会被加密,首先,电脑终端与服务器之间的连接会被加密,03:07Then,you also encrypt the data as it sits on the server itself.然后,服务器上的信息也会被加密。03:12But theres a problem with this,and that is,the email serversalso hold the encryption keys,so now you have a really biglock with a key placed right next to it.但是,这个方法有一个问题;加密钥匙也在邮件服务器中。这就像一把大锁,但钥匙就放在旁边。03:15But not only that,any government could lawfully ask for andget the key to your data,and this is all without you beingaware of it.不仅如此,任何政府都能够合法要求 得到你的加密钥匙,而你对此却完全不知情。03:24So the way we fix this problem is actually relatively easy,inprinciple:You give everybody their own keys,and then youmake sure the server doesnt actually have the keys.问题的解决方法非常简单,大体上;给所有人一把钥匙,并确保服务器上没有钥匙。03:33This seems like common sense,right?这个方法好像很简单。03:44So the question that comes up is,why hasnt this been doneyet?所以问题是;为什么没有人这么做?03:46encryption:n.加密;加密术 encrypt:vt.将译成密码 lawfully:adv.合法地;守法地 in principle:大体上,原则上Well,if we really think about it,we see that the businessmodel of the Internet today really isnt compatible withprivacy.如果我们仔细想想,今天互联网的商业模式 其实与隐私不相容。03:50Just take a look at some of the biggest names on the web,and you see that advertising plays a huge role.在一些大型网络公司,广告占有很重要的地位。03:57In fact,this year alone,advertising is 137 billion dollars,andto optimize the ads that are shown to us,companies have toknow everything about us.实际上,仅今年内,广告收入就有1370亿美元,而为了优化广告效果,公司必须了解用户的一切。04:03They need to know where we live,how old we are,what welike,what we dont like,and anything else they can get theirhands on.他们需要知道我们住在哪里,年龄、喜欢和不喜欢什么,还有他们能获得的所有信息。04:12And if you think about it,the best way to get this informationis really just to invade our privacy.仔细想想,最有效的途径便是入侵我们的隐私。04:20So these companies arent going to give us our privacy.所以这些公司并不允许我们保留隐私。04:26If we want to have privacy online,what we have to do is wevegot to go out and get it ourselves.如果我们想要在网络上保留隐私,我们就必须自己去争取。04:29For many years,when it came to email,the only solution wassomething known as PGP,which was quite complicated andonly accessible to the tech-savvy.这么多年来,对电邮来说,唯一的方法就是PGP(良好隐私密码法)但这个方法非常复杂,只有精通技术的人才懂得如何使用。04:34compatible:adj.兼容的;能共处的;可并立的 optimize:vt.使最优化,使完善/vi.优化;持乐观态度Heres a diagram that basically shows the process forencrypting and decrypting messages.这个图解表示了 加密和解密信息的过程。04:43So needless to say,this is not a solution for everybody,andthis actually is part of the problem,because if you thinkabout communication,by definition,it involves havingsomeone to communicate with.不用说,这并不是适合大众的解决方法。而这也是问题之一,因为通讯的定义 涉及交流对象。04:48So while PGP does a great job of what its designed to do,forthe people out there who cant understand how to use it,theoption to communicate privately simply does not exist.因此尽管PGP非常有效,但对于不会使用的人来说,通讯隐私方法其实不存在。05:01And this is a problem that we need to solve.这是我们需要解决的问题。05:10So if we want to have privacy online,the only way we cansucceed is if we get the whole world on board,and this isonly possible if we bring down the barrier to entry.如果我们想要有网上隐私,唯一的方法就是向所有人提供隐私,我们必须把门槛降低。05:13I think this is actually the key challenge that lies in the techcommunity.我认为这是科技圈内的关键挑战。05:21What we really have to do is work and make privacy moreaccessible.我们真正要做的就是将保护隐私变得更容易。05:25encrypting:v.加密(encrypt的ing形式)decrypting:解密 needless:adj.不必要的,不需要的;多余的,无用的 communicatewith:沟通;通话 privately:adv.私下地;秘密地 bring down:降低;打倒,打死;击落So last summer,when the Edward Snowden story came out,several colleagues and I decided to see if we could make thishappen.去年夏天,当斯诺登的事件登出时,我和一些同事决定试试看我们是否能够达成这个目标。05:29At that time,we were working at the European Organizationfor Nuclear Research at the worlds largest particle collider,which collides protons,by the way.当时我们在欧洲核能研究所工作,那里有世界上最大型的粒子对撞器。05:35We were all scientists,so we used our scientific creativity andcame up with a very creative name for our project:我们都是科学家,所以我们运用了科学的创意 为项目想出了一个新颖的名字;05:44www.XiYuS锡育软件ProtonMail.(Laughter)Many startups these days actuallybegin in peoples garages or peoples basements.质子邮箱(ProtonMail)。(笑声)现在的很多创业公司都是从车库、地下室里开始的。05:51We were a bit different.我们不太一样。05:57We started out at the CERN cafeteria,which actually is great,because look,you have all the food and water you could everwant.我们是从欧洲核能研究所的食堂开始,这其实很不错,因为 你可以有食物和水。05:59But even better than this is that every day between 12 p.m.and 2 p.m.,free of charge,the CERN cafeteria comes withseveral thousand scientists and engineers,and these guysbasically know the answers to everything.但是更棒的是 每天中午12点到2点,你都能免费见到几千个科学家和工程师,他们基本上无所不知,06:07Snowden:n.斯诺登(姓氏)collider:n.对撞机;碰撞机 collides:vi.碰撞;抵触,冲突/vt.使碰撞;使相撞 protons:n.物质子;氢核(proton的复数)garages:n.车库;汽车修理厂;飞机库/vt.把送入车库 basements:n.地下室;地窖 cafeteria:n.自助餐厅free of:adj.无的;摆脱的;在外面So it was in this environment that we began working.这就是我们一开始的工作环境。06:20What we actually want to do is we want to take your emailand turn it into something that looks more like this,but moreimportantly,we want to do it in a way that you cant even tellthat its happened.我们实际要做的就是,将你的邮件变成这样子,更重要的是,我们希望你无需操作 就达成这个效果。06:23So to do this,we actually need a combination of technologyand also design.所以我们需要技术与设计的结合。所以我们需要技术与设计的结合。06:34So how do we go about doing something like this?那我们要如何做到?06:38Well,its probably a good idea not to put the keys on theserver.不把钥匙放在服务器上也许是个好想法,06:42So what we do is we generate encryption keys on yourcomputer,and we dont generate a single key,but actually apair of keys,so theres an RSA private key and an RSA publickey,and these keys are mathematically connected.我们要在你的电脑中生成钥匙,而且不只是一把钥匙,而是一对钥匙,RSA私钥与公钥各有一把。这两个钥匙在算术上是关联的。06:46So lets have a look and see how this works when multiplepeople communicate.让我们来看看多人通信的时候 这个方法如何作用。07:00So here we have Bob and Alice,who want to communicateprivately.Bob和Alice想要私下通信。07:04So the key challenge is to take Bobs message and to get it toAlice in such a way that the server cannot read that message.关键因素是把Bob的信息 传送给Alice,并且让服务器无法阅读此信息。07:09in a way:在某种程度上;有点儿;十分激动 go about:v.着手做;四处走动;传开;从事 mathematically:adv.算术地,数学上地So what we have to do is we have to encrypt it before it evenleaves Bobs computer,and one of the tricks is,we encrypt itusing the public key from Alice.在Bob的讯息离开电脑前 我们就将它加密,窍门之一就是我们使用Alice电脑上的公钥来加密。07:17Now this encrypted data is sent through the server to Alice,and because the message was encrypted using Alices publickey,the only key that can now decrypt it is a private key thatbelongs to Alice,and it turns out Alice is the only person thatactually has this key.现在加密的讯息通过服务器传送给Alice,因为信息经Alice的公钥加密,只有Alice的私钥才能解开它。而这把私钥只有Alice拥有。07:26So weve now accomplished the objective,which is to get themessage from Bob to Alice without the server being able toread whats going on.至此我们做到了 将Bob的信息传送给Alice,又不让服务器解密此信息。07:44Actually,what Ive shown here is a highly simplified picture.实际上,我刚才演示的只是一个精简过程。07:52The reality is much more complex and it requires a lot ofsoftware that looks a bit like this.实际上要复杂得多,而且需要许多像这样的软件程序。07:55And thats actually the key design challenge:How do we takeall this complexity,all this software,and implement it in away that the user cannot see it.这就是设计上的关键;如何把这么复杂的程序,在用户毫不察觉下执行工作?08:00I think with ProtonMail,we have gotten pretty close to doingthis.我认为ProtonMail已经很接近了。08:10encrypted:v.把编码;把加密(encrypt的过去分词)decrypt:vt.译电文;解密码;解释 get the message:领会,明白So lets see how it works in practice.让我们来看看实际操作。08:14Here,weve got Bob and Alice again,who also want tocommunicate securely.还是Bob和Alice,他们想安全地进行通信。08:16They simply create accounts on ProtonMail,which is quitesimple and takes a few moments,and all the key encryptionand generation is happening automatically in thebackground as Bob is creating his account.首先在ProtonMail上注册账号,非常简单快捷,Bob创建账号时,所有的加密和密钥的生成 都自动在后台发生。08:21Once his account is created,he just clicks compose,创建好账号后,点击“写新邮件”,08:33and now he can write his email like he does today.Bob就能够如常撰写邮件。08:35So he fills in his information,and then after that,all he has todo is click send,他输入邮件信息,然后点击“发送”,08:38and just like that,without understanding cryptography,andwithout doing anything different from how he writes emailtoday,就像这样,无需任何密码学知识,就跟平时写电邮一样,08:43Bob has just sent an encrypted message.Bob发送了一封加密的电邮。08:50What we have here is really just the first step,but it showsthat with improving technology,privacy doesnt have to bedifficult,it doesnt have to be disruptive.我们现在有的只是第一步,但这说明,随着科技的进步,保护隐私可以很简单。08:53in practice:在实践中;实际上,事实上 securely:adv.安全地;牢固地;安心地;有把握地 automatically:adv.自动地;机械地;无意识地/adj.不经思索的 cryptography:n.密码学;密码使用法 disruptive:adj.破坏的;分裂性的;制造混乱的If we change the goal from maximizing ad revenue toprotecting data,we can actually make it accessible.如果我们将目标从广告收入最大化转移到保护数据上,我们就能普及这个方法。09:04Now,I know a question on everybodys minds is,okay,protecting privacy,this is a great goal,but can you actuallydo this without the tons of money that advertisements giveyou?现在大家可能在想;好吧,保护隐私这个目标听起来不错,但如果没有广告带来的巨额收入 你能完成这个目标吗?09:11And I think the answer is actually yes,because today,wevereached a point where people around the world reallyunderstand how important privacy is,and when you havethat,anything is possible.我认为这是可能的。因为如今,全世界的人已经了解到隐私的重要性,于是一切皆有可能。09:21Earlier this year,ProtonMail actually had so many users thatwe ran out of resources,and when this happened,ourcommunity of users got together and donated half a milliondollars.今年年初时,ProtonMail的用户已经多到我们无法提供资源的地步,这之后,用户自发募捐了 50万美元。09:32So this is just an example of what can happen when youbring the community together towards a common goal.这只是一个当大家团结时 共同达到目标的例子。09:42We can also leverage the world.我们可以影响整个世界。09:47Right now,we have a quarter of a million people that havesigned up for ProtonMail,and these people come fromeverywhere,and this really shows that privacy is not just anAmerican or a European issue,its a global issue that impactsall of us.现在,我们有大约25万人注册了ProtonMail,这些人来自世界各地,这表明了隐私问题 不仅仅是美国或欧洲的问题,这是一个影响所有人的全球问题。09:49maximizing:n.最大化;达到极大值/v.使最大化;取最大值(maximize的ing形式)donated:adj.捐赠的/v.捐赠(donate的过去分词形式)leverage:n.手段,影响力;杠杆作用;杠杆效率/v.利用;举债经营 impacts:n.影响(impact的复数);力冲击/v.压紧;冲撞;对产生不良影响(impact的三单形式)Its something that we really have to pay attention to goingforward.我们如果想要进步,就必须要认识这个问题。10:02So what do we have to do to solve this problem?那么,我们需要如何解决呢?10:05Well,first of all,we nee