政务网和互联网怎么设置切换
Encryption makes the internet work. It consists of a few elegant math equations that scramble data before being sent over the internet where prying eyes could otherwise intercept it, read it, and manipulate it. Without encryption our use of the internet would be limited to unimportant communication; anything valuable or interesting could and would be tampered with.
加密使互联网正常工作。 它由一些优雅的数学方程式组成,这些方程式先对数据进行加密,然后再将其通过Internet发送,否则窥探者可能会拦截,读取和操纵数据。 如果没有加密,我们对互联网的使用将仅限于不重要的通信。 任何有价值或有趣的东西都可能会被篡改。
Encryption is the reason everything from financial transactions to state secrets get whipped around the internet nearly instantaneously— unlocking untold amounts of innovation, wealth, and prosperity as a result.
加密是从金融交易到国家机密几乎所有内容都瞬间在互联网上泛滥的原因-结果释放了无数的创新,财富和繁荣。
But not all encryption is created equal. Some forms of encryption expose the communications of internet users to private companies and others those companies choose to share your data with.
但是,并非所有加密都是一样的。 某些形式的加密将Internet用户的通信暴露给私人公司,而其他那些公司选择与您共享数据。
A lot of technology companies claim to have products that are “end-to-end encrypted”. This is often misleading. For example, as recently as March Zoom claimed in their security white paper that hosts could “enable an end-to-end encrypted meeting” with the click of a button. After backlash, Zoom quietly changed the language in their white paper to avoid using the term “end-to-end encrypted”.
许多技术公司声称其产品已“端到端加密”。 这通常会产生误导。 例如,最近March March在其安全性白皮书中声称,主持人可以通过单击按钮“启用端到端加密会议”。 强烈反对之后 ,Zoom悄悄更改了白皮书中的语言,以避免使用术语“端到端加密”。
The backlash was due to a critical distinction that Zoom failed to acknowledge between standard web encryption sometimes called “client-to-server” (C2S) encryption and true “end-to-end” (E2E) encryption.
这种抵制是由于Zoom未能在标准Web加密(有时称为“客户端到服务器”(C2S)加密)与真正的“端到端”(E2E)加密之间做出重大区分而造成的。
The difference between C2S and E2E encryption can’t be over overstated. Simply put, it is the difference between communicating privately, and having everything you do monitored.
C2S和E2E加密之间的差异不能过分夸大。 简而言之,这是私下交流与监视您所做的一切之间的区别。
The difference between C2S and E2E encryption can’t be overstated. Simply put, it is the difference between communicating privately, and having everything you do monitored.
C2S和E2E加密之间的差异不可夸大。 简而言之,这是私下交流与监控您所做的一切之间的区别。
As the above graphics illustrate, C2S gives the company access to unencrypted data since the data is held on servers that sit behind the point where encryption occurs. Encryption was meant to secure communication between the sender and the recipient. But C2S encryption has an achilles heel. A vulnerability giving the company that runs the service, application or device that you use access to your communications.
如上图所示,C2S使公司可以访问未加密的数据,因为该数据保存在位于发生加密点之后的服务器上。 加密旨在保护发送方和接收方之间的通信。 但是C2S加密有一个致命弱点。 该漏洞使运行您所使用的服务,应用程序或设备的公司可以访问您的通信。
E2E encryption covers the achilles heel of C2S and preserves totally private two-party communication. This is what E2E means. One “end” is the sender and the other “end” is the recipient; there is no pesky server in between allowing a third party to listen in.
E2E加密涵盖了C2S的致命弱点,并保留了完全私有的两方通信。 这就是E2E的意思。 一个“端”是发送者,另一个“端”是接收者; 在这之间没有讨厌的服务器允许第三方监听。
This Problem is Not Limited to Your Laptop
此问题不仅限于笔记本电脑
Most homes today have some sort of internet-connected device in them. Whether it’s your refrigerator pinging the manufacturer to let them know the temperature gauge isn’t working right, or it’s an Alexa device telling dad jokes on demand by pinging Amazon, your home is almost certainly connected to the internet.
当今大多数家庭中都装有某种联网设备。 无论是您的冰箱对制造商发出声音以告知他们温度表工作不正常,还是Alexa设备通过对亚马逊进行按需告诉父亲的笑话,您的家几乎肯定可以连接到互联网。
This new reality means the decision of a company to use C2S or E2E encryption has implications for the safety of the devices in your home, pocket, and on your wrist. Given this, the security and privacy practices of private companies increasingly affect your physical safety. In other words, encryption is getting physical.
这一新现实意味着公司决定使用C2S或E2E加密对您家中,口袋和手腕上设备的安全性都有影响。 鉴于此,私营公司的安全性和隐私惯例越来越多地影响您的人身安全。 换句话说,加密正在变得物理化。
C2S加密使用户面临转换风险 (C2S Encryption Exposes Users to Flip-the-Switch Risk)
I refer to the dangers of C2S encryption as flip-the-switch risk. What is flip-the-switch risk? Let’s say you buy a product from a company you absolutely love and trust unconditionally.
我将C2S加密的危险称为“切换危险” 。 什么是即时交易风险? 假设您是从绝对无条件的爱与信任的公司购买产品的。
A company that comes to mind that fits this description for a lot of people is Apple. Apple makes incredible products. Imagine Apple rolls out a new iPhone where all the phone’s data is encrypted on Apple servers using a form of C2S (disclaimer: this is not how Apple encrypts iPhone data today).
苹果公司是最适合这种描述的公司。 苹果公司生产令人难以置信的产品。 想象一下,苹果公司推出了一款新的iPhone,其中所有电话中的数据都使用C2S形式在Apple服务器上加密( 免责声明 :今天,这不是Apple加密iPhone数据的方式)。
You trust Apple. And this iPhone is so jam packed with upgrades like ear-ID, a camera that can zoom in far enough to see cells, and a processor that can calculate Pi’s final digit. You buy this iPhone. You buy it because you assume no one at the company will use your new phone’s data to blackmail you or to steal your credit card information to go on a spending spree. Or at least, you feel the low risk of something like this happening is worth the incredible new features.
您相信苹果。 这款iPhone充斥着诸如Ear-ID,可放大至足以看到细胞的摄像头以及可计算Pi最终位数的处理器之类的升级程序。 您购买这款iPhone。 您之所以购买它,是因为您假设公司中没有人会使用您新手机的数据来勒索您或窃取您的信用卡信息来疯狂消费。 或至少,您认为值得发生令人难以置信的新功能的是,发生这种情况的风险很小。
But the Apple of today may not be the Apple of tomorrow. Let’s say a wealthy, secretive group of investors buy up a majority stake in Apple. They then oust the board of directors, install a new CEO who then decides to sell your data to the highest bidder. This phenomenon is known as flipping-the-switch. The fact you trust the people at the reigns of a company that holds your sensitive data today, does not protect you from those people ultimately leaving, and having the switch flipped on you.
但是今天的苹果可能不是明天的苹果。 假设有一群富有秘密的投资者购买了苹果的多数股权。 然后,他们罢免董事会,任命新的首席执行官,然后他决定将您的数据出售给出价最高的人。 这种现象称为“拨动开关”。 您信任拥有当今机密数据的公司统治下的人们,这一事实并不能保护您免受那些最终离开的人的困扰,并且不会让您随心所欲。
While it’s unlikely Apple will be subject to a hostile takeover that leads to selling user data en-masse, this example illustrates a larger risk that users of companies who use C2S encryption expose themselves to.
尽管苹果不太可能受到敌意收购而导致大规模出售用户数据,但该示例说明了使用C2S加密的公司用户面临更大的风险。
Flip-the-switch risk manifests in lots of smaller, real ways. For example, Fitbit was acquired by Google in late 2019. If you were one of the 28 million Fitbit users at the time of acquisition your sensitive health data was suddenly handed over to a new company who you may or may not trust. Amazon’s acquisition of PillPack in 2018 is another example of a tech behemoth acquiring their way to sensitive user data.
轻而易举的风险以许多较小的实际方式体现出来。 例如, Fitbit于 2019年底被Google收购。如果您在收购时是2800万Fitbit用户中的一员,您的敏感健康数据会突然移交给您可能信任或不信任的新公司。 亚马逊在2018年收购PillPack是科技巨头获取其敏感用户数据方式的另一个例子。
Flip-the-switch risk also applies to insiders. In fact, this is the most common way sensitive user data gets exposed. An engineer who is also a spurned divorcee spies on their ex. Or a network administrator who is also a crazed super fan stalks a celebrity. Amazon fired several Ring employees in January for spying on customer footage without consent. All of these are examples of flip-the-switch risk. Your data gets exposed the moment the wrong person gets access to it. C2S encryption opens a pandora’s box of exactly this kind of exposure.
转换风险也适用于内部人员。 实际上,这是暴露敏感用户数据的最常见方式。 也是前妻离婚间谍的工程师。 或同时也是疯狂的超级粉丝的网络管理员也会跟踪名人。 亚马逊在一月份解雇了几名 Ring员工,原因是他们未经允许就暗中监视客户录像。 所有这些都是切换风险的例子。 当错误的人访问数据时,您的数据就会暴露出来。 C2S加密完全打开了潘多拉盒子。
As a user, you can never trust that the people with the keys to your data now won’t hand them over to someone else in the future. This is the essence of flip-the-switch risk. Demanding E2E encryption is one of the ways you can insulate yourself from flip-the-switch risk, removing the possibility of anyone else ever gaining access to your data.
作为用户,您永远无法相信拥有数据密钥的人现在不会将来将它们移交给其他人。 这就是切换风险的本质。 严苛的E2E加密是使自己免受切换风险的一种方法,从而消除了其他任何人都可以访问您的数据的可能性。
翻译自: https://medium.com/swlh/switch-the-flip-risk-is-a-threat-to-all-internet-users-3057de5c57d
政务网和互联网怎么设置切换
1万+
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
