BruceSchneier.2010X-.安全的幻觉.；TED演讲稿

返回首页


BruceSchneier_2010X-_安全的幻觉_
So security is two different things: it's a feeling, and it's a reality.	安全其实是两种事物: 它不仅是感觉,也是现实。
And they're different.	这两样事物是完全不同的。
You could feel secure even if you're not.	你可以在不安全的时候感觉很安全。
And you can be secure even if you don't feel it.	或者你不感到安全的时候却很安全
Really, we have two separate concepts mapped onto the same word.	真的,我们有两种不同的概念存在于同一个词语上。
And what I want to do in this talk is to split them apart -- figuring out when they diverge and how they converge .	我在这里想要做的是把它们区分开来找出什么时候它们存在分歧, 什么时候又聚合在一起。
split:v.分离;使分离;劈开;离开;分解;n.劈开;裂缝;adj.劈开的; diverge:vi.分歧;偏离;分叉;离题;vt.使偏离;使分叉; converge:vt.使汇聚;vi.聚集;靠拢;收敛;
And language is actually a problem here.	语言是个大问题。
There aren't a lot of good words for the concepts we're going to talk about.	因为没有多少适合的词语去表达我们将要谈到的概念。
So if you look at security from economic terms, it's a trade-off .	如果你将安全视为一个经济学的名词, 那它就是“权衡取舍”。
economic:adj.经济的,经济上的;经济学的; trade-off:n.交换,交易;权衡;协定;
Every time you get some security, you're always trading off something.	每一次你得到一些安全, 你总是在拿一些东西去交换。
Whether this is a personal decision -- whether you're going to install a burglar alarm in your home -- or a national decision -- where you're going to invade some foreign country -- you're going to trade off something, either money or time, convenience , capabilities, maybe fundamental liberties .	不管是个人决定比如是否给家里装一个防盗器或者国家的决策,比如去侵略哪个国家你都要去交换, 不管是金钱、时间、便利、能力, 还可能是基本自由权。
personal:adj.个人的;身体的;亲自的;n.人事消息栏;人称代名词; install:v.安装;设置;安置;建立(程序); burglar alarm:n.防盗铃; invade:v.侵犯;侵略;侵袭;干扰; convenience:n.方便;便利;适宜;便利的事物(或设施); fundamental:n.基础; adj.十分重大的; liberties:n.自由(liberty的复数);
And the question to ask when you look at a security anything is not whether this makes us safer, but whether it's worth the trade-off.	当你面对安全的时候,要问的不是这个能不能让我们更安全, 而是值不值得我们去交换。
You've heard in the past several years, the world is safer because Saddam Hussein is not in power.	你们这几年都听过, 世界更安全了是因为萨达姆倒台了。
Saddam:n.萨达姆(伊拉克前总统);
That might be true, but it's not terribly relevant .	那个可能是真的,但没什么关系。
relevant:adj.相关的;切题的;中肯的;有重大关系的;有意义的,目的明确的;
The question is, was it worth it?	问题是,值得吗？
And you can make your own decision, and then you'll decide whether the invasion was worth it.	你可以有自己的想法, 然后决定那个侵略是否值得
invasion:n.武装入侵;侵略;侵犯;涌入;干预;
That's how you think about security -- in terms of the trade-off.	那就是你如何在以权衡取舍来考虑安全。
Now there's often no right or wrong here.	这里没有绝对的对与错。
Some of us have a burglar alarm system at home, and some of us don't.	我们中的有些人在家安了防盗器有些人没有
And it'll depend on where we live, whether we live alone or have a family, how much cool stuff we have, how much we're willing to accept the risk of theft.	安不安取决于我们住在哪里我们是独居还是有个家庭我们有多少值钱的东西我们愿意接受多少盗窃带来的风险
stuff:n.东西:物品:基本特征:v.填满:装满:标本:
In politics also, there are different opinions.	对于政治来说也是一样存在着各种不同的观点
politics:n.政治;钩心斗角;政治观点;v.(贬)从事政治活动;(politic的第三人称单数)
A lot of times, these trade-offs are about more than just security, and I think that's really important.	很多时候,这些权衡取舍不仅仅跟安全有关对于这点我觉得很重要
trade-offs:n.权衡(trade-off的复数);交易;物物交换;
Now people have a natural intuition about these trade-offs.	当今人们有一种关于这些权衡取舍的直觉
intuition:n.直觉;直觉力;直觉的知识;
We make them every day -- last night in my hotel room, when I decided to double-lock the door, or you in your car when you drove here, when we go eat lunch and decide the food's not poison and we'll eat it.	我们每天都在用它来做决定比如昨晚我在酒店房间里决定是否给门上两层锁的时候或者你在驾车到这里的路上或者当我们去吃午饭时会认为食物是没毒的然后放心地吃
double-lock:vt.把…双重锁上;上双锁;
We make these trade-offs again and again , multiple times a day.	我们反复做出这种权衡取舍每天都有很多次
again and again:adv.再三地,反复地; multiple:adj.数量多的;多种多样的;n.倍数;
We often won't even notice them.	我们甚至没有留意它们
They're just part of being alive; we all do it.	它们只是生活的一部分,人们都是这么做的
Every species does it.	每一个物种都是这么做的
species:n.[生物]物种;种类;
Imagine a rabbit in a field, eating grass, and the rabbit's going to see a fox.	想象有一只兔子在吃草然后它看到了一只狐狸
That rabbit will make a security trade-off: "Should I stay, or should I flee ?"	那只兔子需要做出一个关于安全的权衡取舍 “我应该留下,还是逃跑呢？”
flee:v.逃走;迅速离开;逃避,逃跑
And if you think about it, the rabbits that are good at making that trade-off will tend to live and reproduce , and the rabbits that are bad at it will get eaten or starve.	正如你所见懂得做出权衡取舍的兔子会选择生存和繁衍而不懂的兔子则被吃掉
reproduce:v.繁殖;复制;再现;生育;
So you'd think that us, as a successful species on the planet -- you, me, everybody -- would be really good at making these trade-offs.	所以你可能会想作为这个星球上一支成功的物种的我们 -- 你、我、所有人 -- 比较擅长于做出有利的权衡取舍
Yet it seems, again and again, that we're hopelessly bad at it.	然而事实一次又一次地证明我们并非如此
hopelessly:adv.绝望地;无望地;无可救药地;
And I think that's a fundamentally interesting question.	我认为那是个关键又有趣的问题
fundamentally:adv.从根本上;基础地;重要地
I'll give you the short answer.	我给你们一个简短的答案
The answer is, we respond to the feeling of security and not the reality.	答案就是,我们依据的是安全的感觉而非现实
respond:vi.回答;作出反应;承担责任;n.应答;唱和;
Now most of the time, that works.	很多时候,这样没什么问题
Most of the time, feeling and reality are the same.	因为在大部分时间里感觉和现实是相同的
Certainly that's true for most of human prehistory .	在绝大部分史前人类历史中那也是没错的
prehistory:n.史前;史前史;(导致事件,危机等的)背景;
We've developed this ability because it makes evolutionary sense.	我们发展了这个能力因为它有利于进化
evolutionary:adj.进化的;发展的;渐进的;
One way to think of it is that we're highly optimized for risk decisions that are endemic to living in small family groups in the East African highlands in 100,000 B.C.	继续思考一下就知道我们做出某些风险决策的能力是高度优化了的这些决策是以群居的小型家庭形式生活在公元前十万年的东非高地的人们所独有 --
highly:adv.高度地;非常;非常赞许地; optimized:adj.最佳化的;尽量充分利用; endemic:adj.地方性的;风土的;n.地方病; highlands:n.高原地区;山岳地带;(highland的复数)
2010 New York, not so much.	其实2010年的纽约也差不多
Now there are several biases in risk perception .	现在有一些对风险的偏见
biases:n.偏差,偏见(bias的复数形式);v.偏见(bias的三单形式); perception:n.感知;知觉;看法;洞察力;
A lot of good experiments in this.	很多实验都关于这些偏见
And you can see certain biases that come up again and again.	你可以观察到有些偏见反复出现
So I'll give you four.	我讲四个
We tend to exaggerate spectacular and rare risks and downplay common risks -- so flying versus driving.	第一个,我们会夸大那些耸人听闻但少见的风险并漠视常见的比如像飞机和汽车的事故率
exaggerate:v.夸大;夸张;言过其实; spectacular:adj.壮观的;壮丽的;令人惊叹的;n.壮观的场面;精彩的表演; downplay:vt.不予重视;将...轻描淡写; versus:prep.对;与...相对;对抗;
The unknown is perceived to be riskier than the familiar .	第二个,未知的被认为比熟悉的更加危险
perceived:v.注意到;意识到;将…视为;认为;(perceive的过去式和过去分词) riskier:冒险的(risky的比较级); familiar:adj.熟悉的;常见的;亲近的;n.常客;密友;
One example would be, people fear kidnapping by strangers when the data supports kidnapping by relatives is much more common.	举个例子人们害怕被陌生人绑架即使数据证实被亲戚绑架更常见
relatives:n.亲戚;亲属;同类事物;(relative的复数)
This is for children.	以上都是针对孩子们来说的
Third, personified risks are perceived to be greater than anonymous risks -- so Bin Laden is scarier because he has a name.	第三个,人格化的风险被认为比匿名的更严重所以本拉登很可怕是因为他有个名字
personified:表现; anonymous:adj.匿名的,无名的;无个性特征的; Laden:adj.负载的; vt.装载(等于lade); vi.装载(等于lade); v.装载(lade的过去分词);
And the fourth is people underestimate risks in situations they do control and overestimate them in situations they don't control.	第四个是人们在他们觉得可以掌控的情况下会低估风险而在不能控制的情况下高估风险
underestimate:v.低估;看轻;n.低估; overestimate:v.高估;n.过高的评估;
So once you take up skydiving or smoking, you downplay the risks.	所以你在开始跳伞或抽烟后会不再重视它们带来的风险
skydiving:n.延缓张伞跳伞运动;特技跳伞运动
If a risk is thrust upon you -- terrorism was a good example -- you'll overplay it because you don't feel like it's in your control.	如果你猛然面临某种风险 -- 恐怖主义是个好例子 -- 你会高估它,因为你不觉得你可以控制了
thrust:v.刺;塞;冲;挤;n.刺;插;重点;猛推; terrorism:n.恐怖主义; overplay:vt.夸张; vi.表演过火;
There are a bunch of other of these biases, these cognitive biases, that affect our risk decisions.	还有许多这样的认知偏见影响着我们的风险决策
a bunch of:一群;一束;一堆; cognitive:adj.认知的,认识的;
There's the availability heuristic , which basically means we estimate the probability of something by how easy it is to bring instances of it to mind.	有一种易得性偏差意思是我们在估计某事发生的概率时依据的是想到具体的例子是否容易
availability:n.可用性;有效性;实用性; heuristic:adj.启发式的;探索的;n.启发式教育法; basically:adv.主要地,基本上; probability:n.可能性;机率;[数]或然率; instances:n.相依物体,例子; v.举例说明(instance的第三人称单数形式);
So you can imagine how that works.	你可以想象那是怎么作用的
If you hear a lot about tiger attacks, there must be a lot of tigers around.	如果你听说了许多老虎袭击人的消息,那么你会认为肯定有很多老虎在附近
You don't hear about lion attacks, there aren't a lot of lions around.	如果你没听说狮子袭击人,那么就没有多少狮子在附近
This works until you invent newspapers.	这是可行的直到报纸被发明
Because what newspapers do is they repeat again and again rare risks.	因为报纸所做的就是一遍又一遍地重复那些少见的风险
I tell people, if it's in the news, don't worry about it.	我告诉大家,如果事情出现在新闻里,那就不用担心了
Because by definition , news is something that almost never happens.	因为按照定义新闻是从来没有发生过的事情
definition:n.定义;清晰度;(尤指词典里的词或短语的)释义;解释;
(Laughter)	（笑）
When something is so common, it's no longer news -- car crashes , domestic violence -- those are the risks you worry about.	当事情变得常见了,那就不是新闻了比如车祸和家庭暴力你会担心这些风险
car crashes:n.车祸; domestic:n.佣人;家佣;家庭纠纷;家庭矛盾;adj.本国的;国内的;家用的;家庭的; violence:n.暴力;侵犯;激烈;歪曲;
We're also a species of storytellers .	我们同时也是一种会讲故事的物种
storytellers:n.说故事的人(storyteller的复数);
We respond to stories more than data.	相比于数据,我们更喜欢故事
And there's some basic innumeracy going on.	在故事里,总有些对科学的无知存在
I mean, the joke "One, Two, Three, Many" is kind of right.	比如 “一、二、三、很多”（见英文）这个笑话
We're really good at small numbers.	我们善于用小数字
One mango, two mangoes , three mangoes , 10,000 mangoes , 100,000 mangoes -- it's still more mangoes you can eat before they rot.	一个芒果,两个芒果,三个芒果一万个芒果,十万个芒果 -- 在烂掉前还有足够的芒果等你去吃
mangoes:n.芒果;(mango的复数)
So one half, one quarter, one fifth -- we're good at that.	二分之一,四分之一,五分之一 -- 我们擅长这些
One in a million, one in a billion -- they're both almost never.	百万分之一,十亿分之一 -- 它们就像永远不会发生那样
So we have trouble with the risks that aren't very common.	所以我们不知如何面对那些不常见的风险
And what these cognitive biases do is they act as filters between us and reality.	这些认知偏见所起的作用就是像过滤器一样隔断我们和现实
filters:n.过滤器; v.过滤; (filter的第三人称单数和复数)
And the result is that feeling and reality get out of whack , they get different.	结果呢感觉和现实被割开它们变得不同了
out of whack:不正常;不一致;(美口)紊乱;
Now you either have a feeling -- you feel more secure than you are.	现在你要么有种感觉 -- 你觉得比现实更加安全
There's a false sense of security.	这是一个错误的安全感
Or the other way, and that's a false sense of insecurity .	要么相反出现错误的不安全感
insecurity:n.不安全;不牢靠;无把握;心神不定;
I write a lot about "security theater,"	我写了很多关于”安全剧场“的文章
which are products that make people feel secure, but don't actually do anything.	这个概念只起到让人们觉得很安全的作用除此之外一无是处
There's no real word for stuff that makes us secure, but doesn't make us feel secure.	现实世界里不存在让我们安全但不让我们觉得安全的事物
Maybe it's what the CIA's supposed to do for us.	可能这就是CIA应该为我们做的
supposed:adj.误信的;所谓的;v.认为;假设;设想;(suppose的过去分词和过去式)
So back to economics.	好了,回到经济学里
If economics, if the market, drives security, and if people make trade-offs based on the feeling of security, then the smart thing for companies to do for the economic incentives are to make people feel secure.	如果经济,或者市场,以安全为重并且人们根据安全的感觉作出权衡取舍那么精明的公司所应该做的为了经济上的激励就是让人们觉得安全
incentives:n.激励;奖励;诱因(incentive的复数形式);奖励措施;
And there are two ways to do this.	有两种方法可以做到
One, you can make people actually secure and hope they notice.	一,你可以真正地做到安全然后希望人们可以注意到
Or two, you can make people just feel secure and hope they don't notice.	二,你可以让人们觉得安全然后希望他们没有注意到真相
So what makes people notice?	那么到底什么可以引起人们注意是否安全呢？
Well a couple of things: understanding of the security, of the risks, the threats, the countermeasures , how they work.	有很多,比如对安全的理解对风险和威胁的理解对对策及其原理的理解
countermeasures:n.对策;[军]对抗措施(countermeasure的复数);
But if you know stuff, you're more likely to have your feelings match reality.	如果你知道很多东西那么你更有可能拥有与现实一致的感觉
Enough real world examples helps.	很多现实生活中的例子可以帮助理解
Now we all know the crime rate in our neighborhood , because we live there, and we get a feeling about it that basically matches reality.	比如我们都了解我们居住的地区的犯罪率因为我们住在那,并且我们能够感受的到这种感觉与现实基本相符
neighborhood:n.附近;地区;街坊;adj.附近的;
Security theater's exposed when it's obvious that it's not working properly.	”安全剧场“会在失灵的时候很明显的暴露出来
exposed:adj.无遮蔽的; v.暴露; (expose的过去分词和过去式) obvious:adj.明显的;显著的;平淡无奇的;
Okay, so what makes people not notice?	好,接下来,什么让人们不去注意安全呢？
Well, a poor understanding.	这里有个简单的理解
If you don't understand the risks, you don't understand the costs, you're likely to get the trade-off wrong, and your feeling doesn't match reality.	如果你不理解风险,你就不理解成本你就会做出错误的权衡取舍并且你的感觉与现实不符
Not enough examples.	没多少例子
There's an inherent problem with low probability events.	在小概率事件里存在一个固有的问题
inherent:adj.固有的;内在的;与生俱来的,遗传的;
If, for example, terrorism almost never happens, it's really hard to judge the efficacy of counter-terrorist measures.	举个例子如果恐怖行动从来没发生过那么就很难对反恐措施的效果进行衡量
efficacy:n.功效,效力; counter-terrorist:反恐怖专家;反恐怖的;
This is why you keep sacrificing virgins , and why your unicorn defenses are working just great.	这是为什么人们牺牲处女和对童话的抵触会如此成功的原因
sacrificing:v.牺牲;献出;以(人或动物)作祭献;(sacrifice的现在分词) virgins:n.处女;童男;无…经验的人;新手;(virgin的复数) unicorn:n.独角兽;麒麟;
There aren't enough examples of failures.	鲜有失败的例子
Also, feelings that are clouding the issues -- the cognitive biases I talked about earlier, fears, folk beliefs, basically an inadequate model of reality.	同时,对于事情的感觉 -- 之前说的认知偏见恐惧和盲目相信熟悉的人 -- 基本上一个对现实的不完整模型
issues:n.重要议题;争论的问题;v.宣布;公布;发出;(issue的第三人称单数和复数) inadequate:adj.不充分的,不适当的;
So let me complicate things.	让我深入一点
complicate:v.使复杂化;
I have feeling and reality.	我现在有感觉和现实
I want to add a third element . I want to add model.	我想加入第三个元素,一个模型
element:n.元素;要素;原理;成分;自然环境;
Feeling and model in our head, reality is the outside world.	感觉和模型存在于脑海里现实存在于外部世界
It doesn't change; it's real.	它是不会变的,它是真实的
So feeling is based on our intuition.	所以感觉是建立在直觉上的
Model is based on reason.	模型是建立在理智上的
That's basically the difference.	那是关键的不同之处
In a primitive and simple world, there's really no reason for a model because feeling is close to reality.	在一个原始又简单的世界里没有建立模型的必要因为感觉和现实很接近
primitive:adj.原始的,远古的;简单的,粗糙的;n.原始人;
You don't need a model.	你不需要
But in a modern and complex world, you need models to understand a lot of the risks we face.	但是在现在这个复杂的世界里你需要模型去理解面对的很多风险
complex:adj.复杂的;合成的;n.复合体;综合设施;
There's no feeling about germs .	比如说,没有什么感觉是关于细菌的
germs:n.[微]细菌; v.发生(germ的单三形式);
You need a model to understand them.	你需要一个模型去了解它们
So this model is an intelligent representation of reality.	所以这个模型是在理智层面上的现实
intelligent:adj.有才智的;悟性强的;聪明的;有智力的 representation:n.表现;代表;描述;陈述
It's, of course, limited by science, by technology .	它当然被科学和技术所限制着
limited:adj.有限的; n.高级快车; v.限制; (limit的过去分词和过去式) technology:n.技术;工艺;术语;
We couldn't have a germ theory of disease before we invented the microscope to see them.	我们没法在发明显微镜观察细菌前拥有一套关于细菌和疾病的理论
disease:n.病,[医]疾病;弊病;vt.传染;使…有病; microscope:n.显微镜;
It's limited by our cognitive biases.	它同时也被我们的认知偏见所限制
But it has the ability to override our feelings.	但模型有能力凌驾于我们的感觉
override:v.凌驾;(以权力)否决;比…更重要;超驰控制;
Where do we get these models? We get them from others.	我们从哪里得到这些模型的呢？从其他人那里
We get them from religion, from culture, teachers, elders.	从宗教、文化老师、长辈那里得到
A couple years ago,	很多年前
I was in South Africa on safari .	我在南非狩猎
safari:n.旅行;狩猎远征;旅行队;
The tracker I was with grew up in Kruger National Park .	跟我一起的那个追踪者是在克鲁格国家公园长大的
tracker:n.拉纤者,纤夫;追踪系统,[自]跟踪装置;追踪者; National Park:n.国家公园;
He had some very complex models of how to survive.	他有一些如何生存的复杂模型
And it depended on if you were attacked by a lion or a leopard or a rhino or an elephant -- and when you had to run away, and when you couldn't run away, and when you had to climb a tree -- when you could never climb a tree.	分别针对被狮子、猎豹、犀牛还是大象所攻击的情况和什么时候应该逃跑,什么时候应该爬树和什么时候千万别上树
leopard:n.豹;美洲豹; rhino:n.犀牛(等于rhinoceros);钱;现金;
I would have died in a day, but he was born there, and he understood how to survive.	我可能会在一天内就死在那里但他生在那里他知道生存的方法
I was born in New York City.	我生在纽约
I could have taken him to New York, and he would have died in a day.	我可以把他带到纽约,估计他也会在一天内就没命了
(Laughter)	（笑）
Because we had different models based on our different experiences.	原因在我们有建立在我们各自经验上的不同的模型
Models can come from the media , from our elected officials.	模型来自媒体来自我们选出的政府
media:n.媒体;媒质(medium的复数);血管中层;浊塞音;中脉;
Think of models of terrorism, child kidnapping, airline safety, car safety.	想一下恐怖袭击的模型绑架儿童的模型飞机和汽车的安全模型
airline:n.航空公司;
Models can come from industry.	模型可以来自某个工业领域
The two I'm following are surveillance cameras,	我关注的两个是监视器
surveillance:n.监督;监视;
ID cards, quite a lot of our computer security models come from there.	和身份证很多计算机安全模型都来自它们
A lot of models come from science.	还有些模型来自科学
Health models are a great example.	以健康模型为例
Think of cancer , of bird flu , swine flu, SARS.	想想癌症、禽流感、猪流感、非典
cancer:n.癌症;恶性肿瘤; bird flu:n.禽流感(鸟类传染病,可感染人类并导致死亡); swine:n.猪;卑贱的人;
All of our feelings of security about those diseases come from models given to us, really, by science filtered through the media.	我们所有关于这些疾病的感觉都来自于媒体从科学里过滤出来之后灌输给我们的
diseases:n.[医]病(disease的复数);[医]疾病;[植保]病害;疾病种类; filtered:v.过滤;(用程序)筛选;缓行;(filter的过去分词和过去式)
So models can change.	所以模型是可变的
Models are not static .	模型不是静态的
static:adj.静止的; n.[物]静电(干扰);
As we become more comfortable in our environments, our model can move closer to our feelings.	随着我们越来越适应环境模型会越来越接近现实
So an example might be, if you go back 100 years ago when electricity was first becoming common, there were a lot of fears about it.	举个例子如果你回到一百年前那时电刚刚普及仍然有很多人害怕它
electricity:n.电力;电流;强烈的紧张情绪;
I mean, there were people who were afraid to push doorbells , because there was electricity in there, and that was dangerous.	有些人害怕按门铃因为那有电,所以很危险
doorbells:n.门铃;(doorbell的复数)
For us, we're very facile around electricity.	对于我们来说,我们跟电相处地很融洽
facile:adj.温和的;灵巧的;易做到的;
We change light bulbs without even thinking about it.	我们不用怎么想就可以换灯泡
bulbs:n.[电]灯泡;[植]鳞茎;大浇斗(bulb的复数);
Our model of security around electricity is something we were born into.	我们拥有的关于电和安全的模型是天生的
It hasn't changed as we were growing up.	它没有随着我们的成长而变化
And we're good at it.	并且我们很适应
Or think of the risks on the Internet across generations -- how your parents approach Internet security, versus how you do, versus how our kids will.	再想想在不同年龄层的人关于互联网风险的认识 -- 你的父母是怎么看待互联网安全的你是怎么看待的你的孩子们会怎么看待
approach:n.方法;路径;v.接近;建议;着手处理;
Models eventually fade into the background.	模型最终会消失在无意识里
eventually:adv.最后,终于; fade:v.褪色; adj.平淡的; n.[电影][电视]淡出;
Intuitive is just another word for familiar.	直觉来自于熟悉
Intuitive:adj.直觉的;凭直觉获知的;
So as your model is close to reality, and it converges with feelings, you often don't know it's there.	所以随着你的模型越来越接近现实它将同感觉合二为一你将感觉不到它的存在
converges:vt.使汇聚;vi.聚集;靠拢;收敛;
So a nice example of this came from last year and swine flu.	以去年的猪流感为例以去年的猪流感为例
When swine flu first appeared, the initial news caused a lot of overreaction .	当猪流感第一次出现时一开始的新闻造成了过度的反应
initial:adj.最初的; n.(名字的)首字母; v.用姓名的首字母作标记(或签名)于; overreaction:n.过度反应;
Now it had a name, which made it scarier than the regular flu, even though it was more deadly .	现在它有了个名字使之变得比平常的流感更加可怕即使它没那么致命
deadly:adj.致命的;非常的;死一般的;adv.非常;如死一般地;
And people thought doctors should be able to deal with it.	另外,人们觉得医生应该能够解决掉它
So there was that feeling of lack of control.	所以产生了一种失去控制的感觉
And those two things made the risk more than it was.	以上两种原因使风险变得比实际更严重
As the novelty wore off, the months went by, there was some amount of tolerance , people got used to it.	几个月过去了,随着新鲜感的消退人们接受了并且习惯了猪流感的事情
novelty:n.新奇;新奇的事物;新颖小巧而廉价的物品; tolerance:n.公差;耐量;宽容;容忍;
There was no new data, but there was less fear.	没有新的数据,但恐惧减少了
By autumn, people thought the doctors should have solved this already.	秋天的时候人们想医生应该已经解决问题了
And there's kind of a bifurcation -- people had to choose between fear and acceptance -- actually fear and indifference -- they kind of chose suspicion .	一个选择出现了 -- 人们必须从恐惧接受中选择 -- 实际上是恐惧和漠视 -- 他们选择了怀疑
bifurcation:n.分歧,分叉;分歧点; acceptance:n.验收;接受;认可;承认; indifference:n.漠不关心;冷淡;不重视;中立; suspicion:n.怀疑;嫌疑;疑心;一点儿;v.怀疑;
And when the vaccine appeared last winter, there were a lot of people -- a surprising number -- who refused to get it -- as a nice example of how people's feelings of security change, how their model changes, sort of wildly with no new information, with no new input .	当疫苗在冬天出现的时候很多人 -- 非常大的数量 -- 拒绝接种这可以作为人们的安全感和模型是如何剧烈地在没有新信息的情况下改变的
vaccine:n.疫苗;牛痘苗;adj.疫苗的;牛痘的; wildly:adv.野生地;野蛮地;狂暴地;鲁莽地; input:n.投入; v.把(数据等)输入计算机;
This kind of thing happens a lot.	这种情况经常发生
I'm going to give one more complication .	现在我再把概念深入一点
complication:n.并发症;复杂;复杂化;混乱;
We have feeling, model, reality.	我们有感觉、模型和现实
I have a very relativistic view of security.	我认为安全其实还是相对的
relativistic:adj.相对的;相对论的;
I think it depends on the observer .	它取决于观察者
observer:n.观察员;观察者;观察家;观测者;
And most security decisions have a variety of people involved .	大多数关于安全的决策是由各种人群所参与决定的
variety:n.多样;种类;杂耍;变化,多样化; involved:adj.有关的; v.涉及; (involve的过去式和过去分词)
And stakeholders with specific trade-offs will try to influence the decision.	有小算盘的利益相关者有小算盘的利益相关者会试着影响决策的进行
stakeholders:n.利益相关者;赌款保存人(stakeholder的复数); specific:adj.特殊的,特定的;明确的;详细的;[药]具有特效的;n.特性;细节;特效药; influence:n.影响;势力;感化;有影响的人或事;v.影响;改变;
And I call that their agenda .	我称其为他们的议程
agenda:n.议事日程;
And you see agenda -- this is marketing, this is politics -- trying to convince you to have one model versus another, trying to convince you to ignore a model and trust your feelings, marginalizing people with models you don't like.	你可以瞧见这个议程 -- 不管是市场还是政治 -- 它尝试着说服你只拥有其中一种模型说服你去忽视模型而相信感觉边缘化那些拥有跟你的模型的不同的人们
convince:v.使确信;使相信;说服,劝说; ignore:v.驳回诉讼;忽视;不理睬; marginalizing:vt.排斥;忽视;使处于社会边缘;使脱离社会发展进程;
This is not uncommon .	这很常见
uncommon:adj.不寻常的;罕有的;adv.非常地;
An example, a great example, is the risk of smoking.	这里有个例子,很好的例子,关于吸烟的危害
In the history of the past 50 years, the smoking risk shows how a model changes, and it also shows how an industry fights against a model it doesn't like.	在过去50年里,吸烟的危害展示了一个模型是怎么变化的同时也展示了一个工业是怎么对付一个它不喜欢的模型
Compare that to the secondhand smoke debate -- probably about 20 years behind.	你可以把它跟20年后关于二手烟的争论相比较
Compare:v.比较;对比;n.比较; secondhand:adj.二手的;旧的;间接获得的;做旧货生意的;adv.间接地;间接听来;以旧货; debate:n.辩论;争论;考虑;v.辩论;争论;考虑;
Think about seat belts .	再想想安全带
belts:n.皮带(belt的复数);带子;v.用皮带等围绕;用带扎牢(belt的三单形式);
When I was a kid, no one wore a seat belt .	当我还小的时候,没人系安全带
seat belt:n.(汽车或飞机上的)安全带;
Nowadays, no kid will let you drive if you're not wearing a seat belt.	现在呢,如果你不系安全带没有哪个孩子会让你开车
Compare that to the airbag debate -- probably about 30 years behind.	你可以把它跟30年后关于安全气囊的争论相比较
airbag:n.安全气囊(遇车祸时充气保护车内的人);
All examples of models changing.	这几个例子里的模型都变了
What we learn is that changing models is hard.	由此我们可以的出结论,模型是很难被改变的
Models are hard to dislodge .	模型是很难被移除的
dislodge:v.逐出,驱逐;使…移动;用力移动;
If they equal your feelings, you don't even know you have a model.	如果模型跟你的感觉相符你甚至不知道你有个模型
And there's another cognitive bias	再说另一个认知偏见
I'll call confirmation bias, where we tend to accept data that confirms our beliefs and reject data that contradicts our beliefs.	证实性偏见意思是我们倾向于接受那些能够支持我们观点的数据而拒绝那些反对的
reject:v.排斥;拒收;拒绝接受;不予考虑;n.废品;次品;不合格者;被剔除者; contradicts:v.反驳;驳斥;批驳;相矛盾;相反;(contradict的第三人称单数)
So evidence against our model, we're likely to ignore, even if it's compelling .	所以对于那些与我们的模型相反的证据我们会忽略掉,即使它们很有说服力
evidence:n.证据,证明;迹象;明显;v.证明; compelling:adj.引人入胜的; v.强迫; (compel的现在分词)
It has to get very compelling before we'll pay attention.	那些证据必须非常非常令人信服,我们才会去关注
New models that extend long periods of time are hard.	一个时间跨度长的新模型难以让人接受
extend:vt.延伸; vi.延伸;
Global warming is a great example.	比如像全球变暖
Global warming:n.全球(气候)变暖;地球大气层变暖;
We're terrible at models that span 80 years.	我们很难接受一个超过80年的的模型
span:n.持续时间; v.持续;
We can do to the next harvest.	我们可以接受一年的
We can often do until our kids grow up.	我们也可以接受让一个小孩长大那么长的时间
But 80 years, we're just not good at.	但80年还是太难了
So it's a very hard model to accept.	所以那是个非常难以让人接受的模型
We can have both models in our head simultaneously , right, that kind of problem where we're holding both beliefs together, right, the cognitive dissonance .	我们可以同时拥有对同一件事情的两个模型此时,我们拥有同时两种信念这种情况也叫认知不协调
simultaneously:adv.同时地; dissonance:n.不一致;不调和;不和谐音;
Eventually, the new model will replace the old model.	最后新模型代替了旧模型
Strong feelings can create a model.	强烈的感觉可以产生一个模型
September 11th created a security model in a lot of people's heads.	911在很多人脑里产生了一个安全模型
Also, personal experiences with crime can do it, personal health scare, a health scare in the news.	同时,个人的犯罪经历和一次健康危机 -- 就是那种在新闻里可以看到的那种 -- 也可以产生模型
You'll see these called flashbulb events by psychiatrists .	那些经历在心理学里叫做闪光灯事件
flashbulb:n.闪光灯泡(等于flashbulb); psychiatrists:n.精神病学家;精神科医生;(psychiatrist的复数)
They can create a model instantaneously , because they're very emotive .	它们能迅速地产生一个模型因为引起了强烈的个人感情
instantaneously:adv.即刻;突如其来地; emotive:adj.感情的;情绪的;表现感情的;
So in the technological world, we don't have experience to judge models.	所以在一个技术世界里我们没有可以判断模型的经历
technological:adj.技术[工程](上)的;因工艺技术高度发展而引起的;
And we rely on others. We rely on proxies .	我们依赖其他人,我们依赖于代理人
rely:vi.依靠;信赖; proxies:n.代理;代理人(proxy的复数);
I mean, this works as long as it's to correct others.	这样是可以的,只要它能够纠正错误就行
as long as:conj.只要;长达;如果;既然;
We rely on government agencies to tell us what pharmaceuticals are safe.	我们依赖政府来告诉我们哪些药品是安全的
agencies:n.代理;代理处(agency的复数); pharmaceuticals:n.药物(pharmaceutical的复数);
I flew here yesterday.	我是昨天坐飞机来的
I didn't check the airplane .	我没检查飞机是否安全
airplane:n.飞机;
I relied on some other group to determine whether my plane was safe to fly.	我依赖其他人去决定我坐的飞机是否安全
relied:v.依赖;依靠;信赖;信任;(rely的过去分词和过去式) determine:v.决定;确定;测定;查明;形成;影响;裁决;安排;
We're here, none of us fear the roof is going to collapse on us, not because we checked, but because we're pretty sure the building codes here are good.	我们坐在这里,没人担心屋顶会塌不是因为我们亲自检查过而是我们非常确定这建筑符合规范
collapse:vi.倒塌;瓦解;暴跌;vt.使倒塌,使崩溃;使萎陷;折叠;n.倒塌;失败;衰竭;
It's a model we just accept pretty much by faith .	这是一种模型我们只是因为信念而接受
faith:n.信心;信任;宗教信仰;
And that's okay.	这也没错
Now, what we want is people to get familiar enough with better models -- have it reflected in their feelings -- to allow them to make security trade-offs.	现在,我们希望的是人们能够认识一些更好的模型 -- 在感觉里显现出来 -- 以帮助他们做出更好的权衡取舍
reflected:adj.反射的;得自他人的;v.反射;思考;(reflect的过去式和过去分词)
Now when these go out of whack, you have two options .	当感觉和模型分开的时候你有两个选择
options:n.选择; v.得到或获准进行选择; (option的三单形式)
One, you can fix people's feelings, directly appeal to feelings.	第一,改变人们的感觉直接诉诸于感觉
directly:adv.直接地;立即;马上;正好地;坦率地;conj.一…就; appeal:n.上诉;吸引力;申诉;魅力;v.上诉;呼吁;申诉;恳求;
It's manipulation , but it can work.	这是一种操纵,但有效果
manipulation:n.操作;管理措施;处理;操纵证券市场;变换;
The second, more honest way is to actually fix the model.	第二,更诚实一点的做法就是改变模型
Change happens slowly.	改变是很缓慢的
The smoking debate took 40 years, and that was an easy one.	吸烟的争论持续了40年而那还是比较简单的一个
Some of this stuff is hard.	有一些是非常困难的
I mean really though, information seems like our best hope.	是真的很困难看起来信息是我们最好的希望
And I lied.	事实上我之前撒了个谎
Remember I said feeling, model, reality;	我之前提到感觉、模型和现实
I said reality doesn't change. It actually does.	我说现实不会改变。事实上它会。
We live in a technological world; reality changes all the time.	我们生活在一个技术的世界里现实每时每刻都在改变
So we might have -- for the first time in our species -- feeling chases model, model chases reality, reality's moving -- they might never catch up.	所以,可能是我们这个物种里的第一次感觉追赶着模型,模型追赶着现实,而现实则在不断改变它们可能永远也追不上
We don't know.	这点谁知道呢
But in the long-term , both feeling and reality are important.	但是就长期来看感觉和现实是很重要的
long-term:adj.长期的;从长远来看;
And I want to close with two quick stories to illustrate this.	结束前我想以两个小故事来说明这点
illustrate:v.解释;加插图于;给(书等)做图表;表明…真实;
1982 -- I don't know if people will remember this -- there was a short epidemic of Tylenol poisonings in the United States.	1982年 -- 我不知道人们还记不记得 -- 那时在美国发生了一次时间不长但传播范围广的泰诺中毒事件
epidemic:n.流行病;蔓延;adj.传染病;流行性的; Tylenol:n.泰勒诺,泰诺(药品扑热息痛的一种品牌); poisonings:n.中毒;v.毒害(poison的ing形式); United:adj.联合的; v.联合,团结; (unite的过去分词和过去式)
It's a horrific story. Someone took a bottle of Tylenol, put poison in it, closed it up, put it back on the shelf.	很可怕。有人拿了一瓶泰诺胶囊, 放毒进去,关上盖子,然后又放回货架
horrific:adj.可怕的;令人毛骨悚然的;
Someone else bought it and died.	七个人买回去吃了然后中毒而死
This terrified people.	人们很害怕
There were a couple of copycat attacks.	当时还有些模仿此投毒的行为
copycat:n.无主见的人;盲目的模仿者;
There wasn't any real risk, but people were scared.	幸好后者没什么真正的危险,但人们被吓到了
And this is how the tamper-proof drug industry was invented.	这是防盗瓶盖产业得以发展起来的原因
tamper-proof:adj.防干扰的;
Those tamper-proof caps, that came from this.	那些防盗瓶盖就是这么来的
It's complete security theater.	它就是所谓的安全剧场
As a homework assignment , think of 10 ways to get around it.	你们可以想想10种破解防盗瓶盖的方法
assignment:n.分配:(分派的)工作,任务: get around:到处走走;逃避;说服;传开来(等于getround);有办法应付;有办法应付局面;
I'll give you one, a syringe .	我先说一个,用注射器
syringe:n.(皮下)注射器;吸管;v.用注射器清洗(耳朵);
But it made people feel better.	即使没那么安全,但至少人们感觉更安全了
It made their feeling of security more match the reality.	它让人们对安全的感觉跟现实更为符合
Last story, a few years ago, a friend of mine gave birth.	最后一个故事。几年前,我一个朋友要生了
I visit her in the hospital.	我去医院看她
It turns out when a baby's born now, they put an RFID bracelet on the baby, put a corresponding one on the mother, so if anyone other than the mother takes the baby out of the maternity ward , an alarm goes off.	发现当一个婴儿出生后他们会给婴儿戴上一个带RFID的手镯然后给母亲也配一个对应的这样,当一个不是母亲的人想把婴儿从产房带走警报就会响
bracelet:n.手镯; corresponding:adj.符合的; v.相一致; (correspond的现在分词) maternity:n.母性,母道;[妇产]妇产科医院;adj.产科的;产妇的,孕妇的; ward:n.病房; v.防止;
I said, "Well, that's kind of neat .	我说:“这措施不错。
neat:adj.整洁的;整齐的;有序的;有条理的;
I wonder how rampant baby snatching is out of hospitals."	我想知道在医院偷盗婴儿的行为有多猖獗。”
rampant:adj.猖獗的;蔓延的;狂暴的;奔放的; snatching:n.冲动;抢掠;纸张撕裂;v.抢夺;突然抓取(snatch的ing形式);
I go home, I look it up.	回到家,我查了一下。
It basically never happens.	基本上从来没发生过
But if you think about it, if you are a hospital, and you need to take a baby away from its mother, out of the room to run some tests, you better have some good security theater, or she's going to rip your arm off.	但如果你仔细想想如果你是医生你需要给婴儿从母亲身边带走带出房间做点测试你最好有安全剧院不然的话那位母亲会把你的胳膊都拽下来
rip:v.撕破;突然拉开;割开;n.撕开的大口子;巨澜;清管器;废马;
(Laughter)	（笑）
So it's important for us, those of us who design security, who look at security policy , or even look at public policy in ways that affect security.	所以,安全剧院这个概念对于那些做安全设计的, 那些以实际效果来看待安全政策或公共政策的人来说是非常重要的
policy:n.政策,方针;保险单;
It's not just reality; it's feeling and reality.	它不只是现实,它是感觉和现实
What's important is that they be about the same.	重要的是它们几乎是一样的
It's important that, if our feelings match reality, we make better security trade-offs.	如果我们的感觉和现实相符我们就能够做出更好的关于安全的权衡取舍
Thank you.	谢谢
(Applause)	（鼓掌）

BruceSchneier_2010X-_安全的幻觉_