只要没暴露,监听就是好买卖
Ryan Bradley | 2013-06-14 12:14
分享: [双语阅读]
美国国家安全局前员工近日踢爆美国大规模的秘密监听行为。包括微软、Facebook、谷歌、雅虎、苹果和美国在线在内,一大批科技巨头都卷入了这场风波。据媒体报道,一些公司每年为此从美国政府收取的报酬多达十几亿美元。
上周日,博思艾伦咨询公司(Booz Allen Hamilton)一名29岁的员工爱德华•斯诺登站了出来,告诉全世界为什么他要把美国国家安全局(NSA)的绝密文件公诸于世。这些美国国家安全局的文件,尤其是其中一部分与“棱镜”计划有关的文件,描述了美国国家安全局从美国几大通讯公司和科技企业获取数据的情况。包括威瑞森(Verizon)、微软(Microsoft)、Facebook、谷歌(Google)、雅虎(Yahoo)、苹果(Apple)和美国在线(AOL)在内的众多科技巨头被牵涉其中。这些公司全都否认自己与“棱镜”计划有任何瓜葛,而且都不约而同地使用了“直接接入”这个词的某种变相说法。 现在,NSA的专家,乃至除了斯诺登以外的其他前NSA人员,都向我们描述了NSA如何在不“直接接入”这些IT企业服务的情况下,依然能够追踪和记录用户的个人数据。办法是每个企业进出该企业服务器的数据都要经过一个上了锁的邮箱,而邮箱的钥匙在美国政府手中。这不算一个完美的比喻,不过你不妨想想:这个钥匙还有多少拷贝存在?有多少人可以打开这个邮箱?还有多少像斯诺登这样的美国中央情报局(CIA)的前特工目前在给政府的合同商打工? 据斯诺登本人对《卫报》(Guardian)说,他可以获取他人的电子邮件、聊天信息甚至视频图像,而且“有权窃听任何人,从你到你的会计师,到联邦法官,甚至是总统,只要我有一封他的个人电子邮件。”斯诺登显然是个勇敢的、会说话的年轻人,但是他在博思艾伦公司并不是一位高层员工。他从高中辍学后,在一家社区大学里学习了一些电脑课程。《Slate》杂志的法哈德•曼琼写道:“他是个IT男,而且还不是一个非常成熟老练的IT男。” 博思艾伦公司在公司官网上发布了一则声明称:“有新闻报道显示,此人自称泄露了机密信息。这个消息令人震惊,如果消息属实,此举表明他严重违反了我们公司的行为准则和核心价值。我们将密切配合我们的客户和有关部门进行调查。”博思艾伦公司最大、最有钱可赚的客户之一就是美国政府。据《纽约时报》(New York Times)报道,这家公司上一个财年有13亿美元的收入来自情报公司,占了公司总收入的23%。 现在美国情报业越来越呈现私有化的倾向。据《华盛顿邮报》(Washington Post)的一项调查显示,美国约有2,000家公司在美国境内的10,000多个地点从事与反恐、国土安全、情报有关的工作。美国情报业目前约有854,000人拥有绝密级安全调查权(既包括政府雇员,也包括非政府雇员)。博思艾伦,乃至威瑞森、谷歌、微软,都只是这2,000家公司中的一份子。 现在,斯诺登公布的牵涉NSA数据监控计划的科技巨头越来越多,连苹果和Facebook也未能幸免,这些企业在国外的业务也可能受到影响。德国黑森州司法部长约尔格•乌维•哈恩对《德国商报》(Handelsblatt)表示:“我很震惊像谷歌和微软这样的公司看起来竟然如此草率地看待用户数据。不想发生这种事的人都应该换供应商。”哈恩还呼吁人们抵制卷入这起风波的科技企业。路透社(Reuters )的一篇报道指出,欧洲在云服务方面远远落后于美国,而在德国,隐私保护正是让人们不愿接受云服务的主要顾虑。 | On Sunday, a 29-year-old Booz Allen Hamilton employee named Edward Snowden stepped forward and (via the Guardian) told the world why he chose to make public top-secret National Security Agency documents. The NSA files, particularly those concerning a program called PRISM, describe how the agency could access data from several of America's largest communications and technology companies. Verizon, Microsoft, Facebook, Google, Yahoo, Apple, and AOL are all implicated, and all have offered some version of the same denial using variations of the phrase "direct access." And yet, NSA experts and even ex-NSA-employees other than Snowden have described how the agency could still track and log users' personal data without such "direct access" to the companies' servers. The arrangement has been described as each company's data moving to and from its servers and passing through a locked mailbox, with a key that belongs to the government. An imperfect metaphor, but sit on it a moment and ask yourself: How many copies of this key exist? How many people can open this mailbox? And how many are, like Snowden, ex-CIA staffers now employed by a government contractor? Snowden could access e-mails, chats, videos images and had, he told the Guardian, "the authorities to wiretap anyone, from you or your accountant, to a fedral judge or even the President, if I had a personal e-mail." As clearly brave and well-spoken this young man is, Snowden is not a high-level employee at Booz (BAH). He is a high school dropout who took some computer classes at a community college. Slate's Farhad Manjoo wrote, "He's the IT guy, and not a very accomplished, experienced one at that." Booz Allen released a statement on its website that reads, in part, "News reports that this individual has claimed to have leaked classified information are shocking, and if accurate, this action represents a grave violation of the code of conduct and core values of our firm. We will work closely with our clients and authorities in their investigation of this matter." One of the company's biggest and most lucrative clients is the U.S. government. The New York Times reports that the company earned $1.3 billion, 23% of its total revenue, from intelligence work during its most recent fiscal year. The U.S. intelligence industry is more privatized than ever before. According to a Washington Post investigation, nearly 2,000 companies work on programs related to counterterrorism, homeland security, and intelligence in about 10,000 locations across the United States, and the industry employs an estimated 854,000 people with top-secret security clearances (both government and non-government employees). Booz Allen is just one among many, including Verizon (VZ), Google (GOOG), and Microsoft (MSFT). And now, as the Snowden leaks rope in still more tech giants such as Apple (AAPL) and Facebook (FB) in the massive NSA data mining operation, the companies' business abroad may suffer. "I am amazed at the flippant way in which companies such as Google and Microsoft seem to treat their users' data. Anyone who doesn't want that to happen should switch providers," Joerg-Uwe Hahn, the justice minister in Hesse, told the Handelsblatt, a German business newspaper. Hahn also called for a boycott of the companies involved. As a report in Reuters notes, Europe has long lagged behind the U.S. in the use of cloud-based services, and in Germany, privacy protection has long been a primary concern. |
这种反差形成的讽刺让我们不得不想起以华为(Huawei)为代表的中国公司。华为是全球第二大电信和网络设备提供商。华为在美国这个全球最大的电信市场上基本没有站住脚,人们担心像华为这样一家中国公司有可能会控制美国信息的动向。上周在成都召开的财富全球论坛(Fortune Global Forum)上,华为副总裁兼轮值CEO郭平对《华尔街日报》(Wall Street Journal )表示:“我们在美国电信设备市场基本上没有业务,所以如果他们有安全问题,一定不是从我们这里来的。” 对美国科技巨头来说,更直接的威胁可能来自内部。这些企业有多少员工像斯诺登一样,又有多少员工支持电子自由基金会(Electronic Freedom Foundatio,一个帮助网络信息匿名化的在线平台),支持像Tor这样的翻墙工具,有多少人在社会新闻网站Reddit上花时间,又有多少人像斯诺登这样,“不想生活在一个没有隐私的世界里,导致没有智力爆发和创造力的空间”?我们还得等多久,才能等到下一个有高级权限的低级员工走出来?另外一个不得不重提的问题是,“钥匙”到底有几把。既然这么多人都拥有权限,怎么可能保证它的安全性呢? 此次NSA泄密事件勾勒出了一个想获取尽可能多的数据的特务机构的嘴脸,同时它也证明,安全并不一定意味着更多的数据。收集这些信息,需要很多公司的很多人共同参与和分析。对于那个装满我们的个人信息的邮箱来说,拿钥匙的人太多了。当秘密还是秘密的时候,这场由政府支持的大规模间谍活动可能是桩好生意(不过也有很多人指出,种种迹象已经存在好几年了)。但是现在秘密已经大白于天下,或许我们应该重新思考一下商界介入美国政府监控事宜的方式。(财富中文网) 译者:朴成奎 | The irony of such concern is not lost on Chinese companies like Huawei, the world's second-largest supplier of telecom and Internet gear. Huawei has barely made a dent in the U.S. market, the largest telecom market in the world. The reason, of course, is the fear of a company based in China -- a country actively engaged in hacking and sifting through its citizens data -- controlling the movement of American's information. At the Fortune Global Forum in Chengdulast week, Guo Ping, Huawei's deputy chairman (one of three executives who rotate through the CEO post), told the Wall Street Journal that "We are basically not present in the U.S. telecom equipment market ... So if they have security problems they are not coming from us." A more immediate threat to the U.S. tech giants may come from within. How many of these companies' employees are like Snowden and support the Electronic Freedom Foundation and Tor -- an online platform that helps anonymize Internet information -- and spend time on Reddit and believe, like Snowden, that they "don't want to live in a world where there's no privacy and therefore no room for intellectual exploration and creativity?" How long before another one of these high-access, low-level employees steps forward? It's a question, again, of the number of keys, and how effective security can possibly be when so many seem to have access. The NSA leaks paint a picture of an agency trying to capture as much data as possible. But the leaks have also proven that better security does not necessarily equal bigger data. Gathering all this information requires the participation of so many people in so many companies to analyze it. So many keys to that mailbox filled with our personal information. A massive, government-backed spying effort may have been great for business when it was still secret (though, as many have pointed out, the hints have been there for years). Now that it's public, it may well be time to rethink how we involve U.S. businesses in government surveillance. |
相关阅读: