Security and Survival in a Hyper-connected World - Norton - 27.95美元
Click Here to Kill Everybody
The early architects of the internet did not want it to kill anybody. In cyber security expert Bruce Schneier’s new book, David Clark, a professor at the Massachusetts Institute of Technology, recalls their philosophy: “It is not that we didn’t think about security. We knew that there were untrustworthy people out there, and we thought we could exclude them”. 互联网的早期缔造者不希望它杀死任何人。在网络安全专家布鲁斯•施奈尔(Bruce Schneier)的新书中，麻省理工学院(MIT)教授大卫•克拉克(David Clark)回忆起他们的理念：“我们并不是没有考虑安全问题。我们知道世界上有不值得信任的人，我们以为我们可以将他们排除在外”。
Schneier describes how the internet, developed as a gated community, is now a battleground where these untrustworthy people cause great harm: harnessing computers to kill by crashing cars, disabling power plants and perhaps, soon enough, using bioprinters to cause epidemics. 施奈尔讲述了，原本作为一个封闭式社区开发的互联网，现在是如何成为一个战场、让那些不值得信任的人造成巨大伤害的：利用计算机杀人，比如撞毁汽车、让发电厂瘫痪，或许很快就会使用生物打印机引发流行病疫情。
The clumsily-named internet of things, which Schneier rechristens the barely more elegant Internet+, is growing fast: between 20bn to 75bn devices could be online by 2020, depending on the estimate. This mushrooming hands more power to hackers, while cyber defenders struggle to protect the internet. 被笨拙命名的物联网（施奈尔将其更名为好不了多少的“互联网+”）正在快速发展：据估计，到2020年，200亿到750亿台设备可能联网。这种迅速增长为黑客提供了更多的力量，而网络守卫者很难保护互联网。

Schneier skilfully guides readers through serious attacks that have happened already — and moves on to those he believes are just over the horizon. Unlike many in a cyber security industry that often uses fear to sell, Schneier is not a born fearmonger. Uncomfortable with the provocative title of the book, he calls it “hyperbole” and “clickbait”. But the choice is justified with examples of “increasingly catastrophic” future attacks, perhaps on all cars or all insulin pumps from the same brand.施奈尔巧妙地引导读者回顾那些已经发生的严重攻击，然后转向那些他认为蠢蠢欲动的未来攻击。与网络安全行业中经常利用恐惧销售的许多人不同，施奈尔不是天生的恐惧贩子。他对这本书具有煽动性的书名感到不舒服，认为它“夸张”，而且有些“标题党”。但是，基于书中列举的“日益灾难性”的未来攻击例子（或许是针对同一品牌的所有汽车或所有胰岛素泵的攻击），选择这个书名是合理的。
A fellow at Harvard, and chief technology officer of IBM Resilient, the company’s incident response unit, Schneier is the author of several other accessible cyber security books. He is particularly accomplished at putting the subject in the context of the market, describing how the explosion of “Internet+” devices is due to the falling cost of computerisation.施奈尔是哈佛大学(Harvard)研究员，IBM的事件响应部门IBM Resilient的首席技术官，他还著有另外几本深入浅出的网络安全书籍。他特别擅长将主题置于市场背景下，描述了“互联网+”设备的爆炸性增长是由于计算机化成本下降所致。
These cheap-as-chips connected devices, such as a computer in a thermostat or a child’s toy, are usually not secure: they often cannot be patched, any passwords can be easily cracked, and by reusing code, they risk succumbing to joint attacks.这些非常廉价的连接设备（例如恒温器或者儿童玩具中的计算机）通常不安全：它们往往无法打补丁，即使有密码也很容易被破解，并且由于重复使用代码，它们可能在联合攻击下不堪一击。
Now that lives, rather than data or dollars, are on the line, Schneier believes cyber security should not be left to the market: elsewhere, government regulates things that kill. The private sector will need to spend much more — and regulation may be required to force their hand.既然这个问题已经危及人命，而不是数据或美元，施奈尔认为网络安全不应该留给市场：在其他领域，政府监管危及生命的事物。私营部门需要支出更多——并且可能需要监管来迫使他们这么做。
In the second half of the book, Schneier sets out detailed solutions that should be required reading for politicians across the world. The challenge is hard, he admits, but “sending a man to the moon hard” not “travelling faster than light hard”.在本书的后半部分，施奈尔提出了详细的解决方案；世界各地的政治人物都应该看看这些解决方案。他承认，挑战是艰难的，但是这种难度是“把人送上月球那样的难度”，而不是“以超光速旅行的那种难度”。
Powerful parallels with how society has dealt with previous technological revolutions are employed to bolster his case — the internet is not as exceptional as many in Silicon Valley would like to think. He cites aeroplane safety regulation transforming air travel into the safest mode of transport, arguing for a new US federal agency to oversee cyber security just as new agencies were created to protect the public from every other major innovation, from cars to radio to atomic energy.他回顾了社会对付以往技术革命的方式，从中找到有力的相似之处，据此支持自己的观点——互联网并不像硅谷很多人认为的那么例外。他提到飞机安全法规使航空旅行成为最安全的运输方式，来说明应该由一家新的美国联邦机构负责监督网络安全，就像当年创建新机构以保护公众免受其他所有重大创新（汽车、无线电和原子能）的伤害一样。
He advocates software production overseen by licensed software engineers, making them responsible for apps withstanding a reasonable level of threat, just as architects pledge that a building will remain standing.他提倡由持证软件工程师监督软件生产，让他们负责提供能够承受合理威胁水平的应用程序，就像建筑师承诺建筑物不会轻易倒塌一样。
But however sensible his plan, Schneier knows the hurdles it faces. Silicon Valley is always shy of regulation. He knows it will take time to change the data-hungry business model he calls “surveillance capitalism” and that governments have so far failed to be trustworthy cyber defenders, admonishing law enforcement and intelligence agencies for picking holes in security for their own offensive cyber operations.但无论计划多么明智，施奈尔都知道它面临障碍。硅谷总是羞于监管。他知道需要时间来改变他所称的“监视资本主义”的渴求数据的商业模式，而且政府迄今未能成为值得信赖的网络守卫者，他谴责执法机构和情报机构为了发动自己的进攻性网络行动而寻找安全漏洞。

Schneier also knows regulation depends on policymakers whose ignorance of technology was on full display when Congress quizzed Facebook chief executive Mark Zuckerberg this year. One of his suggestions is a corps of public interest technologists to guide them.施奈尔还知道，监管依赖于对技术一窍不通的政策制定者，这一点在今年国会向Facebook首席执行官马克•扎克伯格(Mac Zuckerberg)质询时表露无遗。他的建议之一是让一群为公共利益服务的技术专家来指导他们。
This book is convincing, but not comforting. Schneier is clear on what should happen next but admits he is no political expert. In the end, today’s divided politics may end up being yet another vulnerability for hackers to exploit — and the internet may kill.这本书令人信服，但并不让人欣慰。施奈尔清楚地知道接下来应该发生什么，但承认他不是政治专家。最终而言，当今的政治分裂可能沦为黑客利用的又一个漏洞——而互联网可能会杀人。