The myth of cyber-security

网络安全的神话

Go a bit slower and fix things
稳步前行然后修补漏洞

But setting minimum standards still gets you only so far. Users’failure to protect themselves is just one instance of the general problem with computer security—that the incentives to take it seriously are too weak. Often, the harm from hackers is not to the owner of a compromised device. Think of botnets, networks of computers, from desktops to routers to “smart” light bulbs, that are infected with malware and attack other targets.

但是设立最低标准所能做的也就仅仅是这样了。用户不能保护自己就是计算机安全领域所面临的一个直接问题，用户通常并不会慎重地处理安全问题。通常来自黑客的攻击所带来的破坏并不是作用于那些被攻破的设备。比如说 botnets ，也就是由计算机到路由器以及智能灯泡组成的计算机网络，会被恶意软件感染然后攻击其他目标.

Most important, the software industry has for decades disclaimed liability for the harm when its products go wrong. Such an approach has its benefits. Silicon Valley’s fruitful “go fast and break things” style of innovation is possible only if firms have relatively free rein to put out new products while they still need perfecting. But this point will soon be moot. As computers spread to products covered by established liability arrangements, such as cars or domestic goods, the industry’s disclaimers will increasingly butt up against existing laws.

最重要的是，在数十年以来软件行业在他们的产品出现问题时都在推卸责任。这样的处理方式有其益处。硅谷硕果累累的创新口号“快速行动,破除陈规”正是在那些公司可以放开手脚在产品没有完善的情况下就进入市场的前提下产生的。但现在这种方式将重新被考量。在计算机进入那些产品责任归责已经确定的商品，诸如汽车或者家用商品的时候，软件产业的这种信条将会和现有法律直接碰撞。

Firms should recognise that, if the courts do not force the liability issue, public opinion will. Many computer-security experts draw comparisons to the American car industry in the 1960s, which had ignored safety for decades. In 1965 Ralph Nader published “Unsafe at Any Speed”, a bestselling book that exposed and excoriated the industry’s lax attitude. The following year the government came down hard with rules on seat belts, headrests and the like. Now imagine the clamour for legislation after the first child fatality involving self-driving cars.

企业应当意识到，如果法庭没有强制责任的分配，那么公众意见会这么做。许多计算机安全专家引用到 1960 年代已经不顾安全数十载的美国汽车行业作为对比。在 1965 年 Ralph Nader 出版了畅销书“Unsafe at Any Speed”，在书中揭露和批判了汽车行业的懒散态度。次年，政府通过法规强制规定了诸如安全带和头枕之类的要求。现在设想一下如果自动驾驶导致儿童死亡后所带来的立法呼声。