政府为何不应要求加密信息访问权
Many things in life are desirable but unachievable. Personally, I would love to play chess as well as Magnus Carlsen but I somehow doubt that is going to happen.
It is a similar story with politicians demanding “exceptional access” to private encrypted communications. It is perfectly understandable why security services desire such powers. In the wake of the murderous attacks in Manchester and London, who would not want to tap the electronic traffic of terrorist suspects?
政治家们要求对私人加密通信享有“特殊访问权限”,也是类似情况。为何安全部门要求取得这等权力,是完全可以理解的。在曼彻斯特和伦敦遭遇凶残袭击之后,谁不想窃听恐怖主义嫌疑分子的电子通信内容?But governments should be extraordinarily careful before forcing technology companies to comply. At worst, their demand may be unattainable in the messiness of the real world; at best, it could result in enormous cost and complexity. The unintended consequences of such action could also be appalling. Mandating insecurity in technological systems, which run so much of the critical infrastructure of the modern world, is inherently a bad idea.
但是,政府在强迫科技公司服从之前,应当非常谨慎地考证这个问题。在最糟糕的情况下,他们的要求在乱糟糟的真实世界里也许无法实现;在最理想的情况下,这个要求也可能带来巨大的成本和复杂局面。这种做法的意外后果也可能很可怕。在技术系统中加入不安全因素——现代世界如此多关键基础设施由技术系统管理——本身就是个坏主意。
Why this is so has been clearly spelt out by a collection of academic computer scientists in a paper called “Keys Under Doormats”.
这个主意不好的原因,在多名学术型计算机科学家所写的一篇名为《门垫下的钥匙》(Keys Under Doormats)的论文中得到了清晰的阐述。This group studied the practical challenges of providing security agencies with the exceptional access that they demand. Their conclusion: “These proposals are unworkable in practice, raise enormous legal and ethical questions, and would undo progress on security at a time when internet vulnerabilities are causing extreme economic harm.”
这些科学家研究了向安全部门提供他们所要求的特殊权限的现实挑战。他们的结论是:“这些建议在现实中不可行,会造成巨大的法律与道德问题,并将在互联网薄弱环节带来极端经济危害之际,使安全领域的进步毁于一旦。”There are three main problems.
这里有三个主要问题。First, governments may rail against end-to-end encryption, which is increasingly being used by technology providers, including Facebook’s WhatsApp and Apple’s iMessage, to ensure that communications remain secure. But creating a master key enabling law enforcement agencies to unlock these communications creates enormous jeopardy.
第一,政府也许会抱怨端对端加密。包括Facebook的WhatsApp和苹果(Apple)的iMessage在内,许多技术提供商都越来越多地使用这一手段来确保通信的安全。但是,创建一把万能钥匙,使执法机构可以解锁这些通信内容,会带来巨大的危险。The Edward Snowden affair showed that the US government has a hard time keeping many of its own secrets secret. The damage that would be wrought if that master key were compromised or stolen scarcely bears thinking about. The WannaCry ransomware that recently crippled the computer systems of hundreds of organisations around the world sprung out of an “exploit” originally developed by the US National Security Agency.
爱德华?斯诺登(Edward Snowden)事件表明,美国政府连自己的许多秘密都很难保管好。如果万能钥匙被损坏或被盗,后果不堪设想。不久前让世界各地数百家机构计算机系统陷入瘫痪的“想哭”(WannaCry)勒索软件,就源自美国国家安全局(NSA)当初开发出的一个“漏洞利用工具”。The second challenge is that encrypted communications not only ensure confidentiality but also authentication: they give you confidence that you are communicating with whom you think you are. But if you can read encrypted communications you can also forge them. This opens up new security vulnerabilities injecting uncertainty into all other communications. Imagine if the Russians were able to forge messages between officials in the Trump administration. On second thoughts?.?.?.?maybe that explains a lot.
第二个挑战是,加密通信不但确保机密性,也会确保真实性:它让你确信,你认为自己在跟谁通信,你就确实在与他/她通信。但是,如果你能读取加密通信,你也就能伪造通信内容。这带来了新的安全漏洞,向所有其他通信注入了不确定性。想象一下,如果俄罗斯人能够伪造特朗普(Trump)政府官员之间的通信内容,会怎么样。转念一想……这也许解释了许多问题。Third, who would legally be able to lay claim to the master key? It may be one thing for security officials in law-based democracies to exercise such powers within their own countries. But it is quite another when data flow across borders as so much of it does. Governments at both ends of any communication chain would surely demand reciprocal rights for access from tech companies. How happy would a US executive be to send any email or message to a counterpart in China knowing that Beijing had the capability to read anything it chose?
第三,在法律上,谁将有能力对万能钥匙主张所有权?法治的民主国家里的安全官员在本国行使这种权力,或许是一回事。但当数据跨越国界流动(许多数据确实跨国界流动)时,这就是另一回事了。任意通信链两端的政府,将肯定要求科技公司给予对等的信息访问权。在知道中国政府有能力读取自己想要了解的任何信息的情况下,一位美国高管会有多乐意向一位中国高管发送任何电邮或消息?There are other instances when we decide that what is technically feasible may be practically undesirable. For example, ground controllers could be given the capability to seize the controls of all commercial aeroplanes to counter the threat from hijackers or suicidal pilots. But not many passengers would fly in aeroplanes so vulnerable to being hacked.
还有其他事例说明,有时候我们判定在技术上可行的事情,在现实中也许是有害的。例如,地面管制员可能获得授权,能够接管所有商业飞机的控制权,以应对来自劫机者或想自杀的飞行员的威胁。但是,系统如此容易被侵入的飞机,是不会有很多乘客愿意搭乘的。It is easy to see why governments have been lashing out at tech companies. Politicians are desperate to do everything they can to combat terrorism and want every weapon they can grab. Besides, the tech companies have hardly endeared themselves to the public by disowning responsibility for so much outrageous content that appears on their sites.
很容易理解,政府为何一直猛烈抨击科技公司。政客们渴望竭尽所能对付恐怖主义,想要得到他们能抓到手的每一件武器。此外,科技公司对这么多出现在自己网站上的可怕内容撇清责任,一直不受公众待见。Undoubtedly, they could — and should — do more to expunge material that fuels extremism. There are encouraging signs that they are doing just that.
毫无疑问,科技公司可以——并且应当——采取更多措施,清除那些助长极端主义的内容。有一些令人鼓舞的迹象显示,它们正在这么做。But to force them to make encrypted communications less secure would be a risky and potentially counterproductive move. Far better for governments to collaborate with those tech companies in myriad other lawful ways to counter the terrorist scourge.
但是,迫使科技公司把加密通信变得不那么安全,将是一种冒险的、可能适得其反的举动。政府最好借助各种合法手段,与那些科技公司合作对付恐怖主义祸害。
