標題: Blanket bans on Chinese tech companies like Huawei make no sense
Technical judgments should be made on a clear-eyed view of the potential
threat
(對中國科技公司如華為的全面禁令毫無意義
技術判斷應該基於對潛在威脅的清晰認識)
新聞來源: 原文 https://goo.gl/isZ6iG
(原網址有時會要求訂閱，試著由google搜索進 https://goo.gl/ygb3Rz )
(括弧內為我的翻譯)
The chorus of voices calling for Chinese companies to be frozen out of
telecoms in western countries, especially future 5G networks, seems to grow
daily. They cite a variety of concerns from cyber espionage to the dominance
of the Chinese technology sector, underpinned by fears about the direction of
China’s foreign policy.
(凍結中國企業在西方國家的通信業務，特別是有關未來5G網絡的呼聲似乎每天都在增長
。人們引證了各種擔憂，從網絡間諜活動到中國科技行業的主導地位，以及對中國外交政
策方向的恐懼。)
All this is lumped together into a perceived cyber threat, which can only be
met by a blanket ban. But these arguments are short on technical
understanding of cyber security and the complexities of 5G architecture.
(所有這一切都被歸為一種感覺有這麼回事的網絡威脅，而且只有全面禁止它一途。但這
些論點缺乏對網絡安全和5G架構複雜性的技術理解。)
The allegations of sanctions evasion levelled against Huawei are not trivial.
If proven, no doubt the company will face the penalties for sanctions-busting
that others have in recent years, including some household names in UK
banking. It may leave the company with work to do to restore its corporate
reputation, but it has nothing to do with telephony or cyber attacks.
(針對華為違反禁令的指控並非微不足道。如果得到證實，毫無疑問地，該公司將面臨對
近年來其他違反禁令的公司同樣的處罰，像一些家喻戶曉的英國銀行。它可能會使公司得
做一些事以恢復其企業聲譽，但這與電話或網絡攻擊無關。)
US President Donald Trump’s disarmingly open statement that he might make
the extradition of Huawei’s chief financial officer from Canada part of a
trade deal, has reinforced the view that there is a wider geopolitical
campaign in play. That will certainly have been the impression in Beijing,
and possibly in Ottawa. Whether or not we sympathise with the Trump
administration’s ambitions on trade, this again has nothing to do with
telephony or cyber.
( 美國總統唐納德川普公開聲明，他可能會將自加拿大引渡華為首席財務官作為貿易談判
的一部分，這加強了這樣一種觀點，即有更廣泛的地緣政治競爭在起作用。那肯定會給北
京和渥太華帶來這種印象。而無論我們是否對川普政府在貿易上的企圖心有所共鳴，這依
然與電話或網絡無關。 )
In assessing what the actual risk from Chinese tech may be, the UK has a
unique advantage. The GCHQ-vetted facility, which has been evaluating Huawei’
s presence in UK telecom networks for some years, has given us a detailed
insight into the company’s hardware, code, processes and policies. No other
western government has this. Based on this expert analysis, the National
Cyber Security Centre has been blunt about Huawei’s shortcomings in security
engineering and in its general attitude to cyber security. It is right to
confront Huawei on this, even though its failures are not unique, as those
who experienced the O2 mobile network outage in the UK last December will
appreciate. Huawei has reportedly promised to address the criticisms and to
spend huge sums doing so. The NCSC should wait and see how well it delivers.
( 在評估中國科技的實際風險時，英國具有獨特的優勢。政府通訊總部 (GCHQ)審查機構
多年來一直在評估華為產品在英國電信網絡中的存在，這使我們能夠詳細了解該公司的硬
體，代碼，流程和政策。沒有其他西方政府有這個機會。根據這一專業分析，國家網絡安
全中心(NCSC)一直對華為在安全工程方面的缺陷以及對網絡安全的態度直言不諱。對華為
直來直往是正確的。儘管如此，華為仍不止一次出差錯，去年12月在英國經歷過O2移動網
絡中斷的人會了解這一點。據報導，華為承諾解決這些批評並花費巨額資金。 NCSC應該
等待，看看它的表現如何。 )
The key point here, obscured by the growing hysteria over Chinese tech, is
that the NCSC has never found evidence of malicious Chinese state cyber
activity through Huawei. It is not naive: it has, for example, pointed to the
scale of Chinese state-linked cyber espionage through attacks on IT-managed
service providers around the world. But the fact that these attacks did not
require the manipulation of Chinese sovereign companies such as Huawei merely
underlines how ineffective a blanket security ban based on company national
flags is likely to be.
( 儘管被對中國科技日益增長的歇斯底里情緒所掩蓋，但真正關鍵點是，NCSC從未發現中
國國家網絡通過華為進行惡意活動的證據。NCSC並不天真：例如，NCSC經由對世界各地IT
管理服務提供商的攻擊行為中，指出了中國與國家相關的網絡間諜活動的規模。但事實上
，實施這些攻擊不需要操縱像華為等的中國主權公司。這個事實強調了基於公司的國旗而
全面禁止該公司的安全措施很可能無效。)
Instead we should make technical judgments based on a clear-eyed view of the
potential threat. Those who are now running for cover from Chinese companies,
having welcomed their inward investment in recent years, behave as if we had
only just discovered that China was governed by a Communist party that has
reach, if it wishes, into every part of the Chinese private sector. But most
of us had priced that into our threat calculations long ago; I expect China
does the same in reverse.
( 相反，我們應該清楚看見潛在威脅並據此做出技術上的判斷。那些正在保護自己，以避
免中國公司對其內部投資的人，表現得好像我們才剛剛發現，中國的統治者是一個可以將
手伸入私企內部每個角落的共產黨一樣。其實我們大多數人早就將其代價納入我們對威脅
的考量，而我預期中國也同樣將我們的考量納入算計。)
If we are clear about the potential for a Chinese government to use this
reach at some stage in the future to exert leverage in telecoms, we need to
take that possibility into account in allowing access, and, when we construct
our networks, to make sure it does not matter. That is what happened with 3G
and 4G and explains why there were restrictions on Huawei access to the “core
” of the UK networks.
( 如果我們清楚中國政府有可能在未來的某個階段利用這種通信技術的影響力，我們需要
在允許存取時考慮到這種可能性，並且當我們建立網絡時，要確保這種影響力的無效。這
就是在3G和4G時的情況，這也說明了為什麼華為被限制訪問英國網絡的“核心”。)
The stakes are higher for 5G because so much could depend on these new
networks, from future healthcare services to transport, and because 5G has
very significant architectural differences that complicate security
regulation. There will need to be sensible restrictions on exactly where
foreign technology is deployed and a diversity of providers so that there is
no single point of failure or potential leverage. But assertions that any
Chinese technology in any part of a 5G network represents an unacceptable
risk are nonsense.
(5G的風險更高，因為未來從醫療保健服務到交通運輸大量依賴這些新網路，並且因為5G
具有非常重要的架構差異，使安全監管複雜化。需要明確限制外國技術的部署地點和多樣
化的提供商，以致沒有任何的單點疏忽或潛在可供利用的手段。但斷言任何中國技術在5G
網絡的任何部分都是不可接受的風險，是無稽之談。)
The UK and other European countries should hold their nerve and base
decisions on Chinese involvement in future telecoms on technical expertise
and rational assessment of risk, rather than political fashion or trade wars.
We should accept that China will be a global tech power in the future and
start managing the risk now, rather than pretending the west can sit out China
’s technological rise.
(英國和其他歐洲國家應該冷靜，基於中國在未來電信業上的技術專業以及合理評估的風
險做出決定，而不是基於政治潮流或貿易戰爭。我們應該接受中國將來會成為一個全球性
的技術大國，現在開始管理風險，而不是假裝西方可以將中國的技術進步摒棄在外。)
The writer was Director of GCHQ from 2014-17 and is a senior fellow at the
Belfer Center, Harvard
( 作者於2014至2017年擔任GCHQ主任，並且是哈佛大學Belfer中心的高級研究員 )
※每日每人發文、上限量為十篇，超過會劣文請注意
⊕標題選用"新聞"，請確切在標題與新聞來源處填入，否則可無條件移除(本行可移除)