能够信赖你的电脑吗?

理查德·斯多尔曼

 [image of a Philosophical Gnu] [ 简体中文 | 繁体中文 | 英文 | 德语 | 西班牙语 ]

【本文是重要的 GNU 哲学页面, 请不吝於提供对於本文翻译的意见。 <chliu@gnu.org> 同时为了便於读者引用查找, 於中译文本上的每一段都附有参考标号。 我们也欢迎关於本文的各种讨论: <chinese-translators@gnu.org> 。】

Who should your computer take its orders from? Most people think their computers should obey them, not obey someone else. With a plan they call "trusted computing", large media corporations (including the movie companies and record companies), together with computer companies such as Microsoft and Intel, are planning to make your computer obey them instead of you. (Microsoft's version of this scheme is called "Palladium".) Proprietary programs have included malicious features before, but this plan would make it universal.

1 您的电脑应该听取谁的命令? 大部份的人认为他们的电脑应该服从他们而不是某个其他人。 经由一项他们称之为“可信赖的计算”(trusted computing)的打算, 大型的媒体公司(包括电影和录制公司) 以及像是 Microsoft 和 Intel 的电脑公司, 正打算要使您的电脑服从他们而不是您。 (这项方案的 Microsoft 版本称之为“安全装备”: Palladium 。) 私权的程序在以前就已经有包括了一些恶意的功能特色(features), 但是这项打算将会使其普遍化。

Proprietary software means, fundamentally, that you don't control what it does; you can't study the source code, or change it. It's not surprising that clever businessmen find ways to use their control to put you at a disadvantage. Microsoft has done this several times: one version of Windows was designed to report to Microsoft all the software on your hard disk; a recent "security" upgrade in Windows Media Player required users to agree to new restrictions. But Microsoft is not alone: the KaZaa music-sharing software is designed so that KaZaa's business partner can rent out the use of your computer to their clients. These malicious features are often secret, but even once you know about them it is hard to remove them, since you don't have the source code.

2 私权软件在本质上即表示: 您无法控制它要做些什么; 您不能研究源码或是更动它。 聪明的商人找出一些方法利用他们的控制, 来使您处於劣势的行为并不让人感到惊讶。 Microsoft 已经做过许多次了: 有一个版本的 Windows 被设计来将在您的硬碟上的所有软件回报给 Microsoft ; 一个最近在 Windows Media Player 上的“安全” 升级要求使用者同意新的限制(restrictions)。 但 Microsoft 并不孤单: KaZaa 这个音乐分享(music-sharing)软件被设计成, 使 KaZaa 的商业伙伴可以将您的电脑的使用出租给他们的客户。 这些恶意的功能特色通常是隐密的, 但是就算您发现到, 也很难将它们移除, 因为您并没有源码。

In the past, these were isolated incidents. "Trusted computing" would make it pervasive. "Treacherous computing" is a more appropriate name, because the plan is designed to make sure your computer will systematically disobey you. In fact, it is designed to stop your computer from functioning as a general-purpose computer. Every operation may require explicit permission.

3 在过去, 这些都是个别〔发生〕的事件。 “可信赖的计算”(Trusted computing)将可能使它变得普遍。 “背判了的计算”是一个较为合适的名称, 因为这项打算是设计用来确保您的电脑将会有系统地不服从您。 事实上, 它是设计用来使您的电脑无法作为一台通用的计算机(general-purpose computer)。 每一项操作都将会需要明确的许可〔才得以进行〕。

The technical idea underlying treacherous computing is that the computer includes a digital encryption and signature device, and the keys are kept secret from you. Proprietary programs will use this device to control which other programs you can run, which documents or data you can access, and what programs you can pass them to. These programs will continually download new authorization rules through the Internet, and impose those rules automatically on your work. If you don't allow your computer to obtain the new rules periodically from the Internet, some capabilities will automatically cease to function.

4 在「背判了的计算」底下的技术想法是: 电脑包括了一个数位加密(digital encryption) 以及签章(signature)装置, 而其键值(keys)对您来说则是〔无法取得的〕秘密。 私权程序将会使用这项装置来控制「您可以执行的其它程序」、 「您可以储存的文档或资料」以及「您可以传递的程序」。 这些程序将会持续地经由互联网下载新的认证规则(authorization rules), 并且自动地将那些规则加诸到您的工作上。 如果您不允许您的电脑定期地从互联网取得新的规则, 〔那么〕一些功能(capabilities)将会自动地停止作用(function)。

Of course, Hollywood and the record companies plan to use treacherous computing for "DRM" (Digital Restrictions Management), so that downloaded videos and music can be played only on one specified computer. Sharing will be entirely impossible, at least using the authorized files that you would get from those companies. You, the public, ought to have both the freedom and the ability to share these things. (I expect that someone will find a way to produce unencrypted versions, and to upload and share them, so DRM will not entirely succeed, but that is no excuse for the system.)

5 当然, 好莱坞(Hollywood)以及录制公司打算要将「背判了的计算」用到“DRM” (数位限制管理: Digital Restrictions Management)上, 这样一来下载的录像品(videos)和音乐就只能够在一台指定的电脑上播放。 分享将是完全的不可能, 至少使用您可能从那些公司下载的认证档案是如此。 您,也就是公众, 应当同时拥有自由和能力来分享这些事物。 (我期望将有某个人能找出一个制作出没有加密版本的方法, 并且上载分享它们, 这样子 DRM 将不会完全地成功, 但那不能作为这个体系〔合理化〕的藉口。)

Making sharing impossible is bad enough, but it gets worse. There are plans to use the same facility for email and documents--resulting in email that disappears in two weeks, or documents that can only be read on the computers in one company.

6 使得分享变得不可能已经是够糟的了, 但还有更糟的。 他们打算要使用同样的设施(facility)到电子邮件和文档上 -- 造成电子邮件会在两个星期内消失, 或是文档只可以在一间公司内的电脑上被阅读。

Imagine if you get an email from your boss telling you to do something that you think is risky; a month later, when it backfires, you can't use the email to show that the decision was not yours. "Getting it in writing" doesn't protect you when the order is written in disappearing ink.

7 设想如果您从您的老板那里收到一封电子邮件, 要求您去做一件您认为太过於冒险的事; 一个月后, 这事情与〔他的〕预期相反时, 您无法使用那封电子邮件来显示那个决定并不是您所作出的。 当这个命令是以会消失的墨水撰写时, “白纸黑字地写下来”并不足以保护您。

Imagine if you get an email from your boss stating a policy that is illegal or morally outrageous, such as to shred your company's audit documents, or to allow a dangerous threat to your country to move forward unchecked. Today you can send this to a reporter and expose the activity. With treacherous computing, the reporter won't be able to read the document; her computer will refuse to obey her. Treacherous computing becomes a paradise for corruption.

8 设想如果您自您的老板那里收到一封电子邮件, 陈述了一个违反了法律或道德的政策, 像是将您的公司的帐簿丢进碎纸机, 或是允许一个对您的国家的严重威胁继续进行而不受检查。 在今天您可以将这类事情送给〔新闻〕记者并揭露这个活动。 但是经由「背判了的计算」, 记者将无法阅读这份文档, 她的电脑将会拒绝服从她。 「背判了的计算」变成了舞弊的天堂。

Word processors such as Microsoft Word could use treacherous computing when they save your documents, to make sure no competing word processors can read them. Today we must figure out the secrets of Word format by laborious experiments in order to make free word processors read Word documents. If Word encrypts documents using treacherous computing when saving them, the free software community won't have a chance of developing software to read them--and if we could, such programs might even be forbidden by the Digital Millennium Copyright Act.

9 像是 Microsoft Word 的文书处理器, 可以在当它们储存您的文档时使用「背判了的计算」, 以确保没有与之竞争的文书处理器可以阅读它们。 今天我们必须费力地尝试来理解 Word 格式〔为何〕, 以制作出可以阅读 Word 文档的自由文书处理器。 如果 Word 在当它储存文档时使用「背判了的计算」, 自由软件社团将不会有机会开发出可以阅读它们的软件 -- 即便我们办得到, 这样子的程序甚至也会被“数位千禧年版权法案” (Digital Millennium Copyright Act)所禁止。

Programs that use treacherous computing will continually download new authorization rules through the Internet, and impose those rules automatically on your work. If Microsoft, or the US government, does not like what you said in a document you wrote, they could post new instructions telling all computers to refuse to let anyone read that document. Each computer would obey when it downloads the new instructions. Your writing would be subject to 1984-style retroactive erasure. You might be unable to read it yourself.

10 使用「背判了的计算」的程序, 将会持续地自互联网下载新的认证规则, 并且将这些自动地加诸到您的工作上。 如果 Microsoft 或是美国政府不喜欢在某份您所撰写的文档中所说的事, 他们可以发出新的指示, 告诉所有的电脑拒绝让任何人阅读那份文档。 每一台电脑在它下载了新的指示后都将会遵守。 您的著述将会受到有如小说《一九八四》中所描述的(1984-style) 「追溯既往而有效的删去」(retroactive erasure)。 【《一九八四》(1984)是英国作家乔治·欧威尔(George Orwell) 於一九四九年发表的科幻小说; 相对应的则是赫胥黎(Aldous Huxley) 於一九三二年所发表的《美丽新世界》(Brave New World) -- 它也是《勇敢 GNU 世界》(Brave GNU World)名称的由来。】 您有可能连您自己都无法阅读它。

You might think you can find out what nasty things a treacherous computing application does, study how painful they are, and decide whether to accept them. It would be short-sighted and foolish to accept, but the point is that the deal you think you are making won't stand still. Once you come depend on using the program, you are hooked and they know it; then they can change the deal. Some applications will automatically download upgrades that will do something different--and they won't give you a choice about whether to upgrade.

11 您也许会想: 您可以看穿「“背判了的计算”的程序在做的卑鄙事」, 研究〔使用它们〕将会付出什么代价, 然后再来决定是否要使用它们。 接受将会是短视而且愚蠢的, 重点在於您认为您所作出的协议并不会保持不变。 一旦您变得依赖於使用〔那些〕程序, 您就被套牢了(hooked), 而且他们清楚得很; 然后他们就可以更动这项协议。 一些应用程序将会自动地下载「将会做出某些不一样的事情的」升级 -- 而他们可不会给您一个是否要升级的选择。

Today you can avoid being restricted by proprietary software by not using it. If you run GNU/Linux or another free operating system, and if you avoid installing proprietary applications on it, then you are in charge of what your computer does. If a free program has a malicious feature, other developers in the community will take it out, and you can use the corrected version. You can also run free application programs and tools on non-free operating systems; this falls short of fully giving you freedom, but many users do it.

12 今天您可以经由不去使用它来避免被私权软件所限制。 如果您执行 GNU/Linux 或是其它的自由操作系统, 并且如果您避免在它上面安装私权应用程序, 那么您就换得了〔完全地掌握〕您的电脑做些什么〔的自由〕。 如果一个自由程序有一个恶意的功能特色, 在社团里的其他程序员将会把它除去, 然后您就可以使用修正过的版本了。 您也可以在不自由的操作系统上执行自由的应用程序和工具; 这并不足以给予您完全的自由, 但是有许多使用者这么做。

Treacherous computing puts the existence of free operating systems and free applications at risk, because you may not be able to run them at all. Some versions of treacherous computing would require the operating system to be specifically authorized by a particular company. Free operating systems could not be installed. Some versions of treacherous computing would require every program to be specifically authorized by the operating system developer. You could not run free applications on such a system. If you did figure out how, and told someone, that could be a crime.

13 「背判了的计算」 将自由操作系统和自由应用程序的存续置於危险的境地, 因为您将根本无法执行它们。 一些版本的「背判了的计算」, 将会需要操作系统被某个特定的公司明确地给予认证。 自由的操作系统将无法被安装。 一些版本的「背判了的计算」, 将会需要每一个程序都要被操作系统开发者明确地给予认证。 您无法在这样的一个操作系统上执行自由的应用程序。 如果您真的了解了要如何做, 并且告诉了某人, 那可能是一种犯罪行为。

There are proposals already for US laws that would require all computers to support treacherous computing, and to prohibit connecting old computers to the Internet. The CBDTPA (we call it the Consume But Don't Try Programming Act) is one of them. But even if they don't legally force you to switch to treacherous computing, the pressure to accept it may be enormous. Today people often use Word format for communication, although this causes several sorts of problems (see "We Can Put an End to Word Attachments"). If only a treacherous computing machine can read the latest Word documents, many people will switch to it, if they view the situation only in terms of individual action (take it or leave it). To oppose treacherous computing, we must join together and confront the situation as a collective choice.

14 已经有一些在美国法律上的提议: 要求所有的电脑都支持「背判了的计算」, 并且禁止将旧电脑连结到互联网上。 CBDTPA (我们称它为“消费就好,不要试著编写程序”法案: Consume But Don't Try Programming Act)就是其中之一。 但是即使他们并没有在法律上强制您切换到「背判了的计算」, 〔被迫〕接受它的压力还是很大。 今天人们通常使用 Word 格式来通信, 虽然这会造成许多类型的问题。 (请见 “我们可以终结使用 Word 附加档案”:We Can Put an End to Word Attachments) 〔但是〕如果只有「背判了的计算」的机器可以阅读最新的 Word 文档, 并且如果他们所看到的形势只是以个别的动作(接受或离开)来表现时, 许多人将会切换到它。 为了反制「背判了的计算」, 我们必须结合在一起面对这个形势, 以作为我们集体的选择。

For further information about treacherous computing, see <http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html>.

15 关於「背判了的计算」的更多信息, 请见 <http://www.cl.cam.ac.uk/users/rja14/tcpa-faq.html>

To block treacherous computing will require large numbers of citizens to organize. We need your help! The Electronic Frontier Foundation and Public Knowledge are campaigning against treacherous computing, and so is the FSF-sponsored Digital Speech Project. Please visit these Web sites so you can sign up to support their work.

16 要阻挡「背判了的计算」将会需要很大数目的公民组织起来。 我们需要您的帮助! 电子先锋基金会(Electronic Frontier Foundation)公众知识(Public Knowledge) 正在发起对抗「背判了的计算」的活动, 由自由软件基金会资助的 数位言论工程(Digital Speech Project) 也有参与。 请拜访这些网站, 这样您就可以签名来支持他们的工作了。

You can also help by writing to the public affairs offices of Intel, IBM, HP/Compaq, or anyone you have bought a computer from, explaining that you don't want to be pressured to buy "trusted" computing systems so you don't want them to produce any. This can bring consumer power to bear. If you do this on your own, please send copies of your letters to the organizations above.

17 您也可以经由撰写给 Intel 、 IBM 、 HP/Compaq 或任何您从他那里购买电脑的人, 解释您不想要被强迫购买“可信赖”的计算系统, 因此您不希望他们制造任何这样子的系统。 这可以带给消费者维持〔自由〕的力量。 如果您自行采取行动, 请将您的信件副本送到上述的机构。

后记

  1. The GNU Project distributes the GNU Privacy Guard, a program that implements public-key encryption and digital signatures, which you can use to send secure and private email. It is useful to explore how GPG differs from treacherous computing, and see what makes one helpful and the other so dangerous.

    18 GNU 工程散布了 GNU Privacy Guard (GNU 隐私守卫), 那是一个实现了公开键加密(public-key encryption) 以及数位签章的程序, 您可以使用来送出安全且秘密的电子邮件。 浏览一下 GPG 是如何与「背判了的计算」不同是有用处的, 并且看看那些对於某人有帮助的事物〔为什么〕对其他人是如此的危险。

    When someone uses GPG to send you an encrypted document, and you use GPG to decode it, the result is an unencrypted document that you can read, forward, copy, and even re-encrypt to send it securely to someone else. A treacherous computing application would let you read the words on the screen, but would not let you produce an unencrypted document that you could use in other ways. GPG, a free software package, makes security features available to the users; they use it. Treacherous computing is designed to impose restrictions on the users; it uses them.

    19 当某人使用 GPG 送给您一份加密的文档, 并且您使用了 GPG 来将它解码, 〔所得到的〕结果是一份您可以阅读、〔进一步〕传递、 复制甚至再次加密并安全地送给某个其他人的解密文档。 一个「背判了的计算」应用程序将会让您在萤幕上阅读这些文字, 但是不让您〔能够〕制作出一份可以让您以其它方式使用的解密文档。 GPG 这个自由软件包, 让「安全的功能特色」可以为使用者所取得; 他们使用它。 「背判了的计算」则是设计来将限制加诸到使用者身上; 它利用了他们。

  2. Microsoft presents palladium as a security measure, and claims that it will protect against viruses, but this claim is evidently false. A presentation by Microsoft Research in October 2002 stated that one of the specifications of palladium is that existing operating systems and applications will continue to run; therefore, viruses will continue to be able to do all the things that they can do today.

    20 Microsoft 简报了 palladium 作为一种安全手段, 并且宣称它将会保护〔电脑〕免受病毒的侵袭, 但是证据显示这项宣称完全是站不住脚。 由 Microsoft Research (研究部门)在二○○二年十月所作的一场简报, 说明了 palladium 的其中一项规格是: 现存的操作系统以及应用程序将会继续地采用; 因此, 病毒也将能够继续地做它们今天能做的所有事情。

    When Microsoft speaks of "security" in connection with palladium, they do not mean what we normally mean by that word: protecting your machine from things you do not want. They mean protecting your copies of data on your machine from access by you in ways others do not want. A slide in the presentation listed several types of secrets palladium could be used to keep, including "third party secrets" and "user secrets"--but it put "user secrets" in quotation marks, recognizing that this somewhat of an absurdity in the context of palladium.

    21 当 Microsoft 在谈论到与 palladium 作连接的“安全”时, 他们指的「并不是」我们通常用来表示那个字的意思: 保护您的机器,使其免於受到您不想要〔的事物侵扰〕。 他们指的是保护在您的机器上的您的资料的拷贝, 使其免於被您〔自己〕以其他人不希望的方式进行存取(access)。 简报中的一个幻灯片列出了数个 palladium 可能用来维护的秘密类型, 包括了“第三团体(third party)的秘密”以及“使用者的秘密” -- 但是它将“使用者的秘密”放到引号中, 「似乎」将它认知为: 就 palladium 的〔开发〕脉络而言, 这实在有点荒谬。

    The presentation made frequent use of other terms that we frequently associate with the context of security, such as "attack", "malicious code", "spoofing", as well as "trusted". None of them means what it normally means. "Attack" doesn't mean someone trying to hurt you, it means you trying to copy music. "Malicious code" means code installed by you to do what someone else doesn't want your machine to do. "Spoofing" doesn't mean someone fooling you, it means you fooling palladium. And so on.

    22 简报中频繁地使用当我们谈到安全时, 经常会使用到的其它字眼, 像是“攻击”(attack)、 “恶意的代码”(malicious code)、 “欺骗”(spoofing)以及“可信赖的”(trusted)。 〔但是〕它们之中没有一个指的是我们通常用来表示的意思。 “攻击”并不是指某人试图要伤害您, 它是指您试图要复制音乐; “恶意的代码”指的是由您〔自己〕所安装的代码, 而这代码可能做得出某个「其他人」不希望您的机器去做的某些事; “欺骗”并不是指某人欺骗了您, 它指的是您玩弄了 palladium 。 诸如此类……。

  3. A previous statement by the palladium developers stated the basic premise that whoever developed or collected information should have total control of how you use it. This would represent a revolutionary overturn of past ideas of ethics and of the legal system, and create an unprecedented system of control. The specific problems of these systems are no accident; they result from the basic goal. It is the goal we must reject.

    23 由一个 palladium 开发者先前所作的声明, 说明了它的基本根据是: 不论是谁开发或收集了信息, 应该都对「您如何使用它」具有完全的控制权。 这是对於过去「伦理」和「法律体系」的观念的一种革命性的推翻, 并且创造了一种前所未见的控制体系。 〔关於〕这些系统的特定问题并不是出於偶然; 它们是来自於〔有意识的〕基本目标。 而这目标正是我们必须拒绝的。

Copyright © 2002 Richard Stallman.

Verbatim copying and distribution of this entire article is permitted without royalty in any medium provided this notice is preserved.
【本文允许在无须支付版税, 且不变更文档内容的前提下刊登在任何形式的媒体中, 但需保留此声明。】


本文被出版於 《自由软件,自由社会:理查德·马修·斯多尔曼的选文》

阅读其它文章


[ 简体中文 | 繁体中文 | 英文 | 德语 | 西班牙语 ]

返回 GNU 首页

请将有关 自由软件基金会 与 GNU 的 查询 与 问题 送到 gnu@gnu.org。 你也可以使用 其他方法联系 自由软件基金会。

请将有关网页的意见送到 webmasters@www.gnu.org, 其他问题则送到 gnu@gnu.org

请将有关中文网页的意见送到 chinese-coordinators@gnu.org, 其他问题则送到 chliu@gnu.org

Free Software Foundation, Inc., 59 Temple Place - Suite 330, Boston, MA 02111, USA

翻译:刘 昭宏。
验证:马 雪萍。
请将有关翻译的问题送到 GNU/CTT翻译人员

Updated: $Date: 2003/02/12 20:12:20 $ $Author: chstoneliu $