Privacy 2013 : Why. When. How. - Werner Koch - RMLL 2013

De April MediaWiki
Révision datée du 1 août 2013 à 21:38 par Beuc (discussion | contributions) (utilisation des symboles pour les minutes/secondes)
Aller à la navigationAller à la recherche
  • Lien vidéo et diapositives : [1]
  • Captation audio de la vidéo et de la traduction: [2]
  • Extraction de la plage audio qui nous concerne à 5h43':
avconv -i RMLL2013_journée_grand_public_fr_20130708.mp3 -ss 20576 -t 3672 privacy_fr.flac
avconv -i RMLL2013_journée_grand_public_en_20130708.mp3 -ss 20576 -t 3672 privacy_en.flac
  • Je change de section sur cette page quand l'orateur change de diapositive.
  • Noter que la traduction se révèle parfois erronée sur des points techniques, ou saute des passages, elle est à retravailler
  • À propos du conférencier: Werner Koch, auteur de GnuPG, co-fondateur de FSF Europe

Anglais

Good afternoon. Welcome to my talk. I've been asked to give a talk about privacy things.

Actually I'm a great supporter of privacy, and my chosen work is to write cryptography software, in particular GNU Privacy Guard, GPG/GnuPG, which I'm the principal author of, but sometimes I give a general talk about issues around cryptography, why we need it, and so on.

[That's a bit incovenient here with the microphone...]

0′54″

The reason why I take care about privacy is that I think it's very important. My first encounter with problems with privacy was probably somewhere back in the 70s, where in Germany, the former nuclear management Klaus Traube was backed [tapped?], and so I noticed how many power some organisations and secret services have, and what they can do to our lives.

Later in 1990's, 97, I decided to write a replacement for PGP, it's free software called GnuPG, and that's what I'm mainly working on still.

The reason what I think it's very important to have privacy is that we are humans and we are Borg, we have not been assimilated in a collective. Everyone of us should be able to decided on his own whether he wants to tell others something about himself or herself.

I think it's very important, that's the difference between a Borg collective, or ants, or anything, so humans have the right to thing about them and decide whether they want to talk and what not to talk and how to interact with other humans.

Another reason why it's important to have privacy is that, if you can control your own data, and not the goverment or other organization control your data, it's harder to turn your country into a police state.

As a German, we had quite some experience with this, and ???dow jones??? didn't counter the IIIrd Reich, and maybe all the Stasi and Eastern Germany. All these police states, they don't like to have privacy, because they want to control their citizens.

Another reason why even now we need privacy is that trade secrets and negotiations benefit really from being able to talk and write confidentially. If you cannot do that it's bad for your company.

On the non-corporate side of things, there are lots of human rights groups. Unfortunately, we need them, and it's very, very important for them to be able to talk and confidence with other people.

[The translator asks me that you move a little further away from the microphone, otherwise they don't understand what... Yeah, is that better? OK. Yeah, I'll try. Can you hear me ?]

So these human rights groups definitely need some encryption to make sure they can keep confidential information from people - and, well, police state - secret, and don't get them into danger.

Another reason is (what I wrote on this slide) memories should be able to fade out. What I mean by this is things you did as a teenager shouln't reflect badly on your later life. For example, you attend at this free software conference here, now, at your age, and later you decide to go for director of the NSA, and the NSA probably don't like people who want only free software.

Now all things are like tatoos. You're pricking a tatoo at 16, at 30 you decide: I don't want it anymore. You have to decide early what you do and what not to do. So these memories should not be able to fade out, we can't do anything about it technically, so the only thing we really is just take care not to publish too much.

5′42″

Why do we have these problems with privacy threats? It's that our world is getting more complicated. In the old times, you were talking directly to someone, you noticed smoke signals, you sent letters, maybe even sealed letters, you noticed telegraph wires going along the railways, and you could really see that there's something which happens, and it was goods, and it was easy to understand that you could just hear what is going on on the telegraph wires, you could hear the signals actually, so to most people it was clear that others could ear what they are talking about on this wire, or by smoke signals of course, pretty public yes.

Later, 60 or 70 years ago, this changes with the rise of electronics, because it's more magic to most people. Finally, 20 to 25 years ago the Internet was available here in Europe and in the US, and the Internet is really something for wizards. Nobody, no average users can understand how the Internet works. They tell you something about packets - what are packets? Packets are coming from Amazon these days, but these packets are something magic which transport all our thoughts and our letters and it's not easy to understand that there's people who can intercept them, and fake them, and all the things, it's not anymore possible for most people anymore to understand this. And this is in my opinion the reason why for so long many people have not been interested in using secure communication on the Internet. And it's hard of course to do this.

7′43″

The design of the Internet was a decentralized system, which whistands any attacks, and don't have any central server, and that is a good design. It was a design by hackers, they had no security built-in because they said "Oh we don't need this, we won't do this", and it was not expected it be turned into a mass phenomenom.

Anyway, they did this, and the culture of the HollyNet was pretty good, because it's a democratized communication. Even phone calling is now really affordable for everyone, it was not the case in the 80s, or the 70s, where long-distance calls were really expensive. Today we can communicate with everyone on the world, with only a little bit of money.

So this Internet is a great tool, for everyone except for the communication monopolists, of course, because they lose revenues, and they try not to do that, of course.

9′00″

There was no problem with privacy because nobody used it right now and we could have added privacy to the Internet. Everything was there, PGP for example, but then came the companies, and they decide: "Oh we can make money out of this Internet, they looked around for business models, first they did simple advertising, and in the end they settled now for collecting a lot of data about all the users, and tracking tracking user behavior, by this doing targeted advertising and they earn a lot of money with this, which is maybe a bother, but anyway they are rich, and they have a lot of power.

Unfortunately, this also means that if you have a couple of large corporations only, they are not interested in a decentralized Internet anymore, they need a centralized Internet, one where they control most of the communications.

10′08″

Well, they did this and people didn't understand what the Internet is all about, and they liked to communicate with others, chat with people all around their countries, and the other continents, and used it.

The ISPs, who allowed them to connect to Internet, did one trick: they lured them into using their portals, so for many many people, their portal to the Internet is the Internet. So they don't see anything beyond the T-Online - or I don't know what the bashing provider here is - they see this : "this is my Internet", and don't realize that there's more, that there is a decentralized system which they can use directly without using any centralized service.

There're not interested in this of course. People don't realize this. To many people, Google is the entry to the Internet. Even if they want to look at something in Wikipedia, they enter "Wikipedia" as the search term, and so this way Google knows what they are looking up in Wikipedia, even if Wikipedia itself does not track the user. They don't know that they could just enter "wikipedia.org" in the address window.

Further, there are online payment systems. I'm not sure about credit cards, but all these new mobile phone pay systems, the reason why they are there is that they can map physical transactions, that you buy something in a store, but they can map that to your behavior on the web. Which is something they can better control what people actually are buying, so looking something up in a web shop, buying even somewhere else, but paying with their mobile payment system, so they can map this all together and get a better profile of everyone.

What's happening is that too many people are using this without knowing what they really do.

So let me do a quick poll: who in this audience has no Facebook or Google+ account? Well I think I should stop my talk now, because I'm talking to the wrong audience, you know.


Traduction par l'interprète

Bien, bonjour à tous, bienvenue à ma présentation. On m'a demandé de parler des aspects de la vie privée.

En fait j'encourage moi-même énormément cette protection de la vie privée et surtout différents domaines dont je suis le principal auteur, notamment la GNU Privacy Guard. Mais aujourd'hui je vais plutôt faire une présentation d'ordre plus général sur des questions qui sont liées à la cryptographie et là où elle est nécessaire, et autres.

[C'est vrai que ce n'est pas très pratique d'avoir le micro ici...]

La raison pour laquelle je me suis penché sur ce point est parce que j'estime que c'est très important. La première fois que j'ai eu des problèmes liés à la vie privée, c'était probablement dans les années 70, lors qu'en Allemagne, l'ancien chancellier était revenu, je ne sais pas... beaucoup d'organisations qui se posaient des questions pour voir ce qu'elles pouvaient faire pour améliorer les choses.

Par la suite, en 1997, j'ai décidé de... donc mon processus sur lequel je travail depuis lors.

La raison pour laquelle ça me semble particulièrement important, pour la protection de la vie privée, est que nous des êtres humains effectivement, nous sommes tous individus, nous n'avons pas été assimilés, et chacun d'entre nous devrait être capable de décider de sa propre personne, et si il souhaite dire des choses aux autres sur lui-même, s'il souhaite révéler des informations qui le concernent. Et ça je pense que c'est un point très important, c'est ce qui fait la différence justement entre l'aspect collectif, ou avec les fourmis ou autres, non les êtres humains ont le droit de décider d'eux-mêmes à qui ils veulent parler et à qui ils ne veulent pas parler, et comment interagir avec d'autres êtres humains.

Autre raison pour laquelle c'est important: si vous pouvez contrôler vos propres données, et que ce ne sont pas le gouvernement et d'autres organisations qui vont contrôler vous données pour vous, ce sera par conséquent plus difficile de faire de votre état un état policier.

C'est vrai qu'en tant qu'Allemands, nous a eu différentes expériences, et on se rend compte que, cela on a pu le voir avec le IIIe Reich, avec la Stasi, en Allemagne de l'Est, etc.

Donc tous ces aspects de l'État policier, ces État n'aiment pas la vie privée puisqu'ils veulent connaître tous les détails sur tous leurs citoyens.

Et autre raison pour laquelle nous avons besoin de vie privée, et que la commercialisation des secrets peut créer des bénéfices et peuvent justement avoir un impact. Si ce n'est le cas cela peut être mauvais pour votre entreprise.

Et il y a beaucoup de groupes de protections de droits de l'Homme, dont nous avons besoin, et il est très important pour eux, d'être en mesure de parler et de pouvoir parler avec d'autres personnes en confiance.

[Oui, l'interprète demande si vous pouviez un peu vous reculer du micro, puisqu'effectivement, il n'y a pas besoin de parler aussi près. Oui c'est mieux. Oui, on peut entendre monsieur, c'est bien.]

Donc ces groupes des droits de l'Homme ont clairement besoin de cela, de ce genre de cryptage, pour s'assurer qu'ils peuvent garder des informations confidentielles et qu'elles ne vont pas être révélées aux États, à la police, et qu'ils ne vont pas mettre d'autres personnes en danger.

Autre point que j'ai écrit ici: les mémoires devraient pouvoir s'effacer petit à petit. Ce que vous avez fait en tant qu'adolescent ne doit pas forcément avoir de conséquence sur votre vie ultérieure.

Récupérée de « http://wiki.april.org/index.php?title=Privacy_2013_:_Why._When._How._-_Werner_Koch_-_RMLL_2013&oldid=57483 »