# LANGUAGE translation of https://www.gnu.org/philosophy/can-you-trust.html # Copyright (C) YEAR Free Software Foundation, Inc. # This file is distributed under the same license as the original article. # FIRST AUTHOR , YEAR. # #, fuzzy msgid "" msgstr "" "Project-Id-Version: can-you-trust.html\n" "POT-Creation-Date: 2025-05-03 20:27+0000\n" "PO-Revision-Date: YEAR-MO-DA HO:MI+ZONE\n" "Last-Translator: FULL NAME \n" "Language-Team: LANGUAGE \n" "Language: \n" "MIME-Version: 1.0\n" "Content-Type: text/plain; charset=UTF-8\n" "Content-Transfer-Encoding: 8bit\n" #. type: Content of: msgid "Can You Trust Your Computer? - GNU Project - Free Software Foundation" msgstr "" #. type: Content of: <div><h2> msgid "Can You Trust Your Computer?" msgstr "" #. type: Content of: <div><address> msgid "by <a href=\"https://www.stallman.org/\">Richard Stallman</a>" msgstr "" #. type: Content of: <div><p> msgid "" "Who should your computer take its orders from? Most people think their " "computers should obey them, not obey someone else. With a plan they call " "“trusted computing,” large media corporations (including the " "movie companies and record companies), together with computer companies such " "as Microsoft and Intel, are planning to make your computer obey them instead " "of you. (Microsoft's version of this scheme is called Palladium.) " "Proprietary programs have included malicious features before, but this plan " "would make it universal." msgstr "" #. type: Content of: <div><p> msgid "" "Proprietary software means, fundamentally, that you don't control what it " "does; you can't study the source code, or change it. It's not surprising " "that clever businessmen find ways to use their control to put you at a " "disadvantage. Microsoft has done this several times: one version of Windows " "was designed to report to Microsoft all the software on your hard disk; a " "recent “security” upgrade in Windows Media Player required users " "to agree to new restrictions. But Microsoft is not alone: the KaZaa " "music-sharing software is designed so that KaZaa's business partner can rent " "out the use of your computer to its clients. These malicious features are " "often secret, but even once you know about them it is hard to remove them, " "since you don't have the source code." msgstr "" #. type: Content of: <div><p> msgid "" "In the past, these were isolated incidents. “Trusted computing” " "would make the practice pervasive. “Treacherous computing” is a " "more appropriate name, because the plan is designed to make sure your " "computer will systematically disobey you. In fact, it is designed to stop " "your computer from functioning as a general-purpose computer. Every " "operation may require explicit permission." msgstr "" #. type: Content of: <div><p> msgid "" "The technical idea underlying treacherous computing is that the computer " "includes a digital encryption and signature device, and the keys are kept " "secret from you. Proprietary programs will use this device to control which " "other programs you can run, which documents or data you can access, and what " "programs you can pass them to. These programs will continually download new " "authorization rules through the Internet, and impose those rules " "automatically on your work. If you don't allow your computer to obtain the " "new rules periodically from the Internet, some capabilities will " "automatically cease to function." msgstr "" #. type: Content of: <div><p> msgid "" "Of course, Hollywood and the record companies plan to use treacherous " "computing for Digital Restrictions Management (DRM), so that downloaded " "videos and music can be played only on one specified computer. Sharing will " "be entirely impossible, at least using the authorized files that you would " "get from those companies. You, the public, ought to have both the freedom " "and the ability to share these things. (I expect that someone will find a " "way to produce unencrypted versions, and to upload and share them, so DRM " "will not entirely succeed, but that is no excuse for the system.)" msgstr "" #. type: Content of: <div><p> msgid "" "Making sharing impossible is bad enough, but it gets worse. There are plans " "to use the same facility for email and documents—resulting in email " "that disappears in two weeks, or documents that can only be read on the " "computers in one company." msgstr "" #. type: Content of: <div><p> msgid "" "Imagine if you get an email from your boss telling you to do something that " "you think is risky; a month later, when it backfires, you can't use the " "email to show that the decision was not yours. “Getting it in " "writing” doesn't protect you when the order is written in disappearing " "ink." msgstr "" #. type: Content of: <div><p> msgid "" "Imagine if you get an email from your boss stating a policy that is illegal " "or morally outrageous, such as to shred your company's audit documents, or " "to allow a dangerous threat to your country to move forward unchecked. " "Today you can send this to a reporter and expose the activity. With " "treacherous computing, the reporter won't be able to read the document; her " "computer will refuse to obey her. Treacherous computing becomes a paradise " "for corruption." msgstr "" #. type: Content of: <div><p> msgid "" "Word processors such as Microsoft Word could use treacherous computing when " "they save your documents, to make sure no competing word processors can read " "them. Today we must figure out the secrets of Word format by laborious " "experiments in order to make free word processors read Word documents. If " "Word encrypts documents using treacherous computing when saving them, the " "free software community won't have a chance of developing software to read " "them—and if we could, such programs might even be forbidden by the " "Digital Millennium Copyright Act." msgstr "" #. type: Content of: <div><p> msgid "" "Programs that use treacherous computing will continually download new " "authorization rules through the Internet, and impose those rules " "automatically on your work. If Microsoft, or the US government, does not " "like what you said in a document you wrote, they could post new instructions " "telling all computers to refuse to let anyone read that document. Each " "computer would obey when it downloads the new instructions. Your writing " "would be subject to 1984-style retroactive erasure. You might be unable to " "read it yourself." msgstr "" #. type: Content of: <div><p> msgid "" "You might think you can find out what nasty things a treacherous-computing " "application does, study how painful they are, and decide whether to accept " "them. Even if you can find this out, it would be foolish to accept the " "deal, but you can't even expect the deal to stand still. Once you come to " "depend on using the program, you are hooked and they know it; then they can " "change the deal. Some applications will automatically download upgrades " "that will do something different—and they won't give you a choice " "about whether to upgrade." msgstr "" #. type: Content of: <div><p> msgid "" "Today you can avoid being restricted by proprietary software by not using " "it. If you run GNU/Linux or another free operating system, and if you avoid " "installing proprietary applications on it, then you are in charge of what " "your computer does. If a free program has a malicious feature, other " "developers in the community will take it out, and you can use the corrected " "version. You can also run free application programs and tools on nonfree " "operating systems; this falls short of fully giving you freedom, but many " "users do it." msgstr "" #. type: Content of: <div><p> msgid "" "Treacherous computing puts the existence of free operating systems and free " "applications at risk, because you may not be able to run them at all. Some " "versions of treacherous computing would require the operating system to be " "specifically authorized by a particular company. Free operating systems " "could not be installed. Some versions of treacherous computing would " "require every program to be specifically authorized by the operating system " "developer. You could not run free applications on such a system. If you " "did figure out how, and told someone, that could be a crime." msgstr "" #. type: Content of: <div><p> msgid "" "There are proposals already for US laws that would require all computers to " "support treacherous computing, and to prohibit connecting old computers to " "the Internet. The CBDTPA (we call it the Consume But Don't Try Programming " "Act) is one of them. But even if they don't legally force you to switch to " "treacherous computing, the pressure to accept it may be enormous. Today " "people often use Word format for communication, although this causes several " "sorts of problems (see <a " "href=\"/philosophy/no-word-attachments.html\">“We Can Put an End to " "Word Attachments”</a>). If only a treacherous-computing machine can " "read the latest Word documents, many people will switch to it, if they view " "the situation only in terms of individual action (take it or leave it). To " "oppose treacherous computing, we must join together and confront the " "situation as a collective choice." msgstr "" #. type: Content of: <div><p> msgid "" "For further information about treacherous computing, see the <a " "href=\"https://www.cl.cam.ac.uk/~rja14/tcpa-faq.html\"> “Trusted " "Computing” Frequently Asked Questions</a>." msgstr "" #. type: Content of: <div><p> msgid "" "To block treacherous computing will require large numbers of citizens to " "organize. We need your help! Please support <a " "href=\"https://www.defectivebydesign.org/\">Defective by Design</a>, the " "FSF's campaign against Digital Restrictions Management." msgstr "" #. type: Content of: <div><h3> msgid "Postscripts" msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "The computer security field uses the term “trusted computing” in " "a different way—beware of confusion between the two meanings." msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "The GNU Project distributes the GNU Privacy Guard, a program that implements " "public-key encryption and digital signatures, which you can use to send " "secure and private email. It is useful to explore how GPG differs from " "treacherous computing, and see what makes one helpful and the other so " "dangerous." msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "When someone uses GPG to send you an encrypted document, and you use GPG to " "decode it, the result is an unencrypted document that you can read, forward, " "copy, and even reencrypt to send it securely to someone else. A " "treacherous-computing application would let you read the words on the " "screen, but would not let you produce an unencrypted document that you could " "use in other ways. GPG, a free software package, makes security features " "available to the users; <em>they</em> use <em>it</em>. Treacherous " "computing is designed to impose restrictions on the users; <em>it</em> uses " "<em>them</em>." msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "The supporters of treacherous computing focus their discourse on its " "beneficial uses. What they say is often correct, just not important." msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "Like most hardware, treacherous-computing hardware can be used for purposes " "which are not harmful. But these features can be implemented in other ways, " "without treacherous-computing hardware. The principal difference that " "treacherous computing makes for users is the nasty consequence: rigging your " "computer to work against you." msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "What they say is true, and what I say is true. Put them together and what " "do you get? Treacherous computing is a plan to take away our freedom, while " "offering minor benefits to distract us from what we would lose." msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "Microsoft presents Palladium as a security measure, and claims that it will " "protect against viruses, but this claim is evidently false. A presentation " "by Microsoft Research in October 2002 stated that one of the specifications " "of Palladium is that existing operating systems and applications will " "continue to run; therefore, viruses will continue to be able to do all the " "things that they can do today." msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "When Microsoft employees speak of “security” in connection with " "Palladium, they do not mean what we normally mean by that word: protecting " "your machine from things you do not want. They mean protecting your copies " "of data on your machine from access by you in ways others do not want. A " "slide in the presentation listed several types of secrets Palladium could be " "used to keep, including “third party secrets” and “user " "secrets”—but it put “user secrets” in quotation " "marks, recognizing that this is somewhat of an absurdity in the context of " "Palladium." msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "The presentation made frequent use of other terms that we frequently " "associate with the context of security, such as “attack,” " "“malicious code,” “spoofing,” as well as " "“trusted.” None of them means what it normally means. " "“Attack” doesn't mean someone trying to hurt you, it means you " "trying to copy music. “Malicious code” means code installed by " "you to do what someone else doesn't want your machine to do. " "“Spoofing” doesn't mean someone's fooling you, it means you're " "fooling Palladium. And so on." msgstr "" #. type: Content of: <div><ol><li><p> msgid "" "A previous statement by the Palladium developers stated the basic premise " "that whoever developed or collected information should have total control of " "how you use it. This would represent a revolutionary overturn of past ideas " "of ethics and of the legal system, and create an unprecedented system of " "control. The specific problems of these systems are no accident; they " "result from the basic goal. It is the goal we must reject." msgstr "" #. type: Content of: <div><p> msgid "" "As of 2015, the main method of distributing copies of anything is over the " "internet, and specifically over the web. Nowadays, the companies that want " "to impose DRM on the world want it to be enforced by programs that talk to " "web servers to get copies. This means that they are determined to control " "your browser as well as your operating system. The way they do this is " "through “remote attestation”—a facility with which your " "computer can “attest” to the web server precisely what software " "it is running, such that there is no way you can disguise it. The software " "it would attest to would include the web browser (to prove it implements DRM " "and gives you no way to extract the unencrypted data), the kernel (to prove " "it gives no way to patch the running browser), the boot software (to prove " "it gives no way to patch the kernel when starting it), and anything else " "relating to the security of the DRM companies' dominion over you." msgstr "" #. type: Content of: <div><p> msgid "" "Under an evil empire, the only crack by which you can reduce its effective " "power over you is to have a way to hide or disguise what you are doing. In " "other words, you need a way to lie to the empire's secret police. " "“Remote attestation” is a plan to force your computer to tell " "the truth to a company when its web server asks the computer whether you " "have liberated it." msgstr "" #. type: Content of: <div><p> msgid "" "As of 2015, treacherous computing has been implemented for PCs in the form " "of the “Trusted Platform Module”; however, for practical " "reasons, the TPM has proved a total failure for the goal of providing a " "platform for remote attestation to verify Digital Restrictions Management. " "Thus, companies implement DRM using other methods. At present, " "“Trusted Platform Modules” are not being used for DRM at all, " "and there are reasons to think that it will not be feasible to use them for " "DRM. Ironically, this means that the only current uses of the " "“Trusted Platform Modules” are the innocent secondary " "uses—for instance, to verify that no one has surreptitiously changed " "the system in a computer." msgstr "" #. type: Content of: <div><p> msgid "" "Therefore, we conclude that the “Trusted Platform Modules” " "available for PCs as of 2015 are not dangerous, and there is no " "<em>immediate</em> reason not to include one in a computer or support it in " "system software." msgstr "" #. type: Content of: <div><p> msgid "" "This does not mean that everything is rosy. Other hardware systems for " "blocking the owner of a computer from changing the software in it are in use " "in some ARM PCs as well as processors in portable phones, cars, TVs and " "other devices, and these are fully as bad as we expected." msgstr "" #. type: Content of: <div><p> msgid "" "This also does not mean that remote attestation is not a threat. If ever a " "device succeeds in implementing that, it will be a grave threat to users' " "freedom. The current “Trusted Platform Module” is harmless only " "because it failed in the attempt to make remote attestation feasible. We " "must not presume that all future attempts will fail too." msgstr "" #. type: Content of: <div><p> msgid "" "As of 2022, the TPM2, a new “Trusted Platform Module”, really " "does support remote attestation and can support DRM. The threat I warned " "about in 2002 has become terrifyingly real." msgstr "" #. type: Content of: <div><p> msgid "" "Remote attestation is actually in use by “Google SafetyNet” (now " "part of the “<a " "href=\"https://developer.android.com/privacy-and-security/safetynet/deprecation-timeline\">Play " "Integrity API</a>”), which verifies that the Android operating system " "running in a snoop-phone is an official Google version." msgstr "" #. type: Content of: <div><p> msgid "" "This malicious functionality already makes it <a " "href=\"https://grapheneos.org/articles/attestation-compatibility-guide\">impossible " "to run some bank apps on GrapheneOS</a>, which is a modified version of " "Android that eliminates some, though not all, of the nonfree software that " "Android normally contains." msgstr "" #. type: Content of: <div><p> msgid "" "A free version of Android, such as <a " "href=\"https://replicant.us\">Replicant</a>, would surely encounter the same " "obstacle. If you value your freedom enough to install Replicant, you might " "also refuse to tolerate any nonfree app (banking or not) on your computers. " "It is nonetheless unjust for Google to snoop on whether users have modified " "their operating system and dictate based on that what users can do with it." msgstr "" #. type: Content of: <div><div><p> msgid "" "This essay is published in <a " "href=\"https://shop.fsf.org/product/free-software-free-society/\"><cite>Free " "Software, Free Society: The Selected Essays of Richard " "M. Stallman</cite></a>." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't have notes. #. type: Content of: <div> msgid "*GNUN-SLOT: TRANSLATOR'S NOTES*" msgstr "" #. type: Content of: <div><div><p> msgid "" "Please send general FSF & GNU inquiries to <a " "href=\"mailto:gnu@gnu.org\"><gnu@gnu.org></a>. There are also <a " "href=\"/contact/\">other ways to contact</a> the FSF. Broken links and " "other corrections or suggestions can be sent to <a " "href=\"mailto:webmasters@gnu.org\"><webmasters@gnu.org></a>." msgstr "" #. TRANSLATORS: Ignore the original text in this paragraph, #. replace it with the translation of these two: # #. We work hard and do our best to provide accurate, good quality #. translations. However, we are not exempt from imperfection. #. Please send your comments and general suggestions in this regard #. to <a href="mailto:web-translators@gnu.org"> # #. <web-translators@gnu.org></a>.</p> # #. <p>For information on coordinating and contributing translations of #. our web pages, see <a #. href="/server/standards/README.translations.html">Translations #. README</a>. #. type: Content of: <div><div><p> msgid "" "Please see the <a " "href=\"/server/standards/README.translations.html\">Translations README</a> " "for information on coordinating and contributing translations of this " "article." msgstr "" #. type: Content of: <div><p> msgid "Copyright © 2002, 2007, 2015, 2023, 2024, 2025 Richard Stallman" msgstr "" #. type: Content of: <div><p> msgid "" "This page is licensed under a <a rel=\"license\" " "href=\"http://creativecommons.org/licenses/by-nd/4.0/\">Creative Commons " "Attribution-NoDerivatives 4.0 International License</a>." msgstr "" #. TRANSLATORS: Use space (SPC) as msgstr if you don't want credits. #. type: Content of: <div><div> msgid "*GNUN-SLOT: TRANSLATOR'S CREDITS*" msgstr "" #. timestamp start #. type: Content of: <div><p> msgid "Updated:" msgstr ""