Welcome to visit netease Cloud Community to learn more about Netease’s technical product operation experience.
“Knowing Things from Learning” is a brand column created by netease Yunyi Shield. The words come from Han Wang Chong’s “Discussion balance · Real Knowledge”. People are superior to each other in ability. They know the truth of things by learning, and then they are wise. They do not know without asking. “Know Things by learning” hopes to bring you harvest through articles of technical dry goods, trend interpretation, character thinking and precipitation, but also hope to open your horizon and achieve a different you.
The author: After Tyler Elliot Bettilyon entered the era of Internet big data, the data security crisis became increasingly serious. Personal information was freely leaked, and the privacy of citizens could not be protected. No matter government agencies or some planned companies were constantly collecting personal information. We’re not suffering from paranoia, but the data security crisis is worse than we thought. The author aims to call for data security and personal privacy.
In his classic novel 1984, novelist George Orwell depicted an inescapable state of surveillance, with surveillance screens in every room monitoring every movement, recording every sound, and reporting it back to the dictator. Orwell portrayed a person feels suffocated the horrors of the world, the imaginary future society, the dictator to power as the ultimate goal, human nature is thoroughly kill power, were completely deprived of freedom, thinking is harsh muzzled, the people living in extreme poverty, the cycle of the lower people’s life becomes dull. He probably never imagined that in 2018, people would pay $600 (plus a monthly fee) for the privilege of carrying a surveillance screen in their pocket.
Surveillance equipment in some countries includes facial recognition technology, connected to a vast network of centres, and camera sunglasses worn by police officers; Soon it will be connected to a flock of drones disguised as birds. Train stations will soon require face scans as part of a growing search network.
The US has some frightening tools of its own, including the NATIONAL Security Agency’s PRISM programme, which was revealed by the famous whistleblower Edward Snowden and is known as PRISM. Under the prism, the NSA collects and stores vast amounts of data on Internet traffic. The Snowden dump and subsequent disclosures show that the NSA has repeatedly (and sometimes successfully) tried to break public encryption standards, such as the Diffie-Hellman key exchange algorithm. Doing so allows them to read a lot of information that would be considered private. Prism taps directly into the central servers of the American Internet company to mine data and gather intelligence. Nine international Internet giants, including Microsoft, Yahoo, Google and Apple, are involved.
Similar high-tech surveillance and data collection policies are being rolled out across Europe in the name of security. Authoritarianism is on the rise worldwide, and each year’s Net Freedom report shows a corresponding rise in online content censorship. From the 2017 report:
Online content manipulation has led to a decline in Internet freedom across the board for seven consecutive years, while mobile Internet service disruptions have increased and physical and technical attacks on human rights defenders and independent media have increased.
Nearly half of the 65 countries assessed by Net Freedom in 2017 experienced a decline in Internet freedom during the assessment period, while only 13, mostly small countries, made progress. Less than a quarter of users live in countries where the Internet is considered free, meaning there are no significant barriers to access, strict restrictions on content, or serious violations of users’ rights in the form of unchecked forms of surveillance or unfair influence on legitimate speech.
Governments around the world are becoming increasingly tech-savvy. In authoritarian regimes, that means better surveillance, more censorship and powerful disinformation tactics. Even if some believe that spy agencies exist to protect their citizens and therefore these technological advances are best, advances in surveillance and cyberwarfare are not without risks.
The unusual Flame and Stuxnet viruses were jointly developed by the U.S. and Israeli governments and share multiple components. Some people think Stuxnet is the most impressive piece of software ever created. It hijacked critical parts of Microsoft’s infrastructure and spread itself to millions of computers around the world by disguising itself as a legitimate Microsoft update. Both worms automatically copy and install to USB drives and other peripherals. The Flame variant is capable of turning on cameras and microphones, monitoring network traffic, and much more.
Both viruses spread around the world with the goal of infecting and damaging Iran’s nuclear facilities. (For those interested, a more detailed description of the Stuxnet attack on Iran’s nuclear facilities can be found online.) Even if you trust the government to do the right thing with the software, full possession of the virus code makes the government a target.
The Shadow Brokers (TSB) is a hacker group. Infuriatingly, the Shadow Brokers stole critical nsa technology and, in 2016, became the WannaCry ransomware that infected millions of computers. WannaCry would never have had the global reach it has without the hacking group Shadow Brokers. Maybe the NSA never intended to use these techniques for evil, but does intent matter if you can’t prevent code theft? As a society, we are just beginning to figure out ways to deal with the possible weaponization of data, yet we are in the midst of a big data revolution.
As if that weren’t enough, spying isn’t just for governments. Facebook, Google and many others are committed to round-the-clock surveillance, designed to help companies sell advertising, make more “data-driven” decisions and “understand their customers”. (It’s as if we search for something through a search engine and soon we’re bombarded with similar ads.) Selling advertising is a very common target, but the information captured can be used for more nefarious purposes, such as the Cambridge Analytica scandal. What’s more, the data they collect is a high-value target for government agencies or non-state hacking groups that may be seeking to pressure, blackmail or steal the identities of those they can intercept.
As a society, we are just beginning to figure out ways to deal with the possible weaponization of data, yet we are in the midst of a big data revolution. Machine learning algorithms that crunch huge data sets are the focus of much attention in Silicon Valley and beyond. It makes it easier to extract valuable data from the tangled web every day. Unfortunately, the worst vulnerabilities are largely invisible, and the worst misuse of data is yet to come. Worse, some of the most relevant attack surfaces have been embedded into the fabric of the Internet itself, putting everyone at risk.
The frightening scope of the problem
Maybe you think you’re safe.
You use a password manager to generate powerful, unique passwords for each site. Your camera has a recording function. You have disabled JavaScript scripts and blocked ads. You’ve never connected to an unsecured WIFI access point. You are encrypted. You use a prepaid phone. You use Tor’s VPN. No, that room in your basement is not a tinfoil hat of glory, it’s a Faraday cage.
Unfortunately, even extraordinary personal security commitments aren’t enough to fully protect your data.
The truth is that modern network infrastructure has created a series of vulnerable systems. Regardless of your behavior, you are now at risk if data is being transmitted through an insecure intermediary. Your friends are storing the text messages you sent them. Facebook stores photos your friends have taken of you. Google stores your web search history and your location history, and sells that data to advertisers. Snapshot stores your snapshot. The list goes on.
Google provides users with an option to turn off such tracking (buried deep in their Settings), but the only way to ensure that data is never on an insecure system is never to use the Internet to send data.
<span style=”color: rgb(102, 102, 102); font-size: 14px; The line – height: 25.2 px; margin-bott
Asymmetric encryption and certificates (part 2) Asymmetric encryption and certificates (Part 2)