爲什麼蘋果沒錯 Apple is right to worry about the FBI's demands

It may come as a surprise to hear that the FBI are trying to force Apple to help them hack an iPhone: one used by one of the killers from December’s mass shooting in San Bernardino, California. Does the FBI not already know everything that people are doing on their phones? In fact, Apple’s devices are among the most secure around — and chief executive Tim Cook’s loud proclamation of his wish to keep them so marks the latest broadside in a battle over just how far the remit of National security reaches.

聽聞美國聯邦調查局(FBI)正試圖迫使蘋果(Apple)幫助他們解鎖一部去年12月加州聖貝納迪諾大規模槍擊案一名行兇者使用過的iPhone，你或許會感到驚訝。FBI難道不是早已知曉人們在手機上所做的一切嗎？事實上，蘋果的設備是目前最安全的產品之一，而蘋果首席執行官蒂姆錠克(Tim Cook)希望保護iPhone安全性的公開宣言，標誌着一場關於國家安全之手應該伸多長的爭論中的最新火力點。

For the security services, no technology should be secure beyond penetration in the fight against terrorism. For tech firms, protecting users’ privacy is a cornerstone of both business models and trust. And if you think this is a little rich coming several years after Edward Snowden’s revelations of corporate co-operation with the National Security Agency, Google’s chief executive Sundar Pichai has posted some clarifying messages on Twitter. It would, he argues, be a “troubling precedent” to require companies actively “to enable hacking of customer devices and data” — something quite distinct from giving “law enforcement access to data based on valid legal orders”.

對安全部門而言，在反恐鬥爭中，任何技術都不應成爲無法破解的障礙。但對科技公司來說，保護用戶隱私既是商業模式的基石，也是贏得用戶信任的基石。如果在愛德華斯諾登(Edward Snowden)將企業與美國國家安全局(NSA)之間的合作曝光幾年後，你覺得這有些讓人費解，那麼谷歌(Google)首席執行官桑德爾皮查伊(Sundar Pichai)在Twitter上的發帖則讓人明白問題所在。他指出，這將成爲一個“令人不安的先例”——要求企業積極“幫助破解用戶的設備和數據”，這與“讓執法部門基於有效法律命令訪問數據”可遠遠不是一回事。

The issue has arisen because Apple’s latest mobile operating system prohibits anyone from accessing users’ data without their unique passcode. (The killer, Syed Rizwan Farook, died in a police shootout). If an incorrect passcode is entered too many times, an iPhone can irrecoverably delete all data. Hence the FBI’s request, via a court order served on February 16: that Apple create a specially adapted version of its operating system — dubbed the “FBiOS” by security expert Dan Guido — allowing law enforcement to make an unlimited number of passcode guesses.

問題源於蘋果最新的移動操作系統禁止任何人在沒有用戶唯一密碼的情況下訪問他們的數據。行兇者賽義德里茲萬法魯克(Syed Rizwan Farook)在與警察的交火中被擊斃。如果輸入不正確密碼的次數過多，iPhone將刪除所有數據，且不可恢復。因此，FBI通過2月16日的一項法院命令要求，蘋果開發一個專門改編的操作系統——安全專家丹圭多(Dan Guido)稱之爲“FBiOS”——讓執法部門可以無限次地猜測密碼。

Opinion has divided along predictable lines. Tech firms, digital rights activists and a good number of iPhone users tend to support the privacy principle. State officials and the more conservatively minded back law enforcement. What is not in dispute is that the precedent at stake is one law enforcement have been seeking to set for some time, and that its outcome will have profound consequences for security, encryption and privacy.

輿論方面針對此事的分歧也在預料之中。科技公司、數字維權人士及很多iPhone用戶傾向於支持隱私保護原則。而政府官員及思想更爲保守的人士支持執法機構。不存在爭論的是：這一利害攸關的先例是執法部門一段時期以來一直試圖確立的，而其結果將對安全、數據加密及隱私權產生深遠影響。

So far as specifics are concerned, even the most ardent libertarian will have little sympathy for the privacy of a dead killer. What counts, however, is not the morality of one case, but whether this constitutes the thin end of a perilous wedge. Here, the proponents of privacy have a powerful case to make.

就事論事，即便最狂熱的自由論者也不會對一名被擊斃的行兇者的隱私抱以絲毫同情。然而，重要的不是某一案例中的道德準則，而在於這一先例是否會造成一種愈演愈烈的風險。在這一點上，隱私權的支持者有強大的理由。

Slippery-slope arguments stand or fall on the strength of their evidence for movement from the particular to the general. How convincing is it to suggest that security services may deploy new powers promiscuously once obtained? In the case of technology, the answer seems to be “very”. The past five years show something little short of mania on the part of the NSA and others for hoovering up data and undermining every encryption going. This is hardly surprising. It is what they do.

極具爭議的觀點是否站得住腳，取決於從特例到一般的過程中支持它的證據有多強。關於安全部門一旦獲得新的權力就可能任意行使的論斷有多大說服力呢？就技術而言，答案似乎是“非常有說服力”。過去5年，我們看到了美國國家安全局及其他機構在蒐集數據、破壞加密方面幾近瘋狂的一面。這不足爲奇。這就是他們的工作。

Yet technology presents special hazards under such an approach. Escalation is the rule rather than the exception when it comes to tech — as are unintended consequences. The most damaging cyber attacks are invisible until they have already begun; the most alarming data losses often go undetected, and may remain so for years. It is an unforgiving arena in which to juggle protection and deception. But it is also one in which the very nature of the terrain makes a certain shared level of security integral to the health of the whole.

然而，在這種做法下，技術意味着特殊的危險。對科技而言，不斷升級是必然，而非例外——意想不到的後果同樣如此。最具破壞性的網絡攻擊在實施之前通常無影無蹤；最令人擔憂的數據泄露常常不會被察覺，並且可能持續數年不被察覺。這是一個殘酷的領域，很難在隱私保護和欺騙之間把握平衡，同時，這一領域的本質決定了某種共享安全級別，而後者不可避免地影響整體安全。

Undermining encryption and opening back doors does not just give good guys tools for detecting bad guys. It also creates official data repositories and tools that are themselves vulnerable to assault. It exposes everyone to risks of infection and compromise, and debases vital currencies of trust and co-operation, together with the industries they support.

破壞數據加密、打開後門不僅僅會爲好人提供發現壞人的工具，還會創建自身易遭攻擊的官方數據庫和工具。這樣做會使每個人面臨遭受病毒感染並做出讓步的風險，同時降低重要的信任與合作，以及這種信任與合作所支撐的行業。

Once developed, a technique can be used again and again. This is why staying safe in a digital age is a moving target, and absolute privacy a fantasy. Yet in these fraught circumstances, Mr Cook is right. Our future safety is best served by the best security for all.

一項技術一旦被開發出來，就可以反覆使用。這就是爲什麼在數字時代保證安全是一個不斷變動的目標，而絕對隱私權只是一種幻想。然而，在這些令人擔憂的情況下，庫克是對的。只有在所有人都享有最高安全的情況下，我們未來的安全才能得到最大保障。