網(wǎng)絡(luò)商業(yè)及網(wǎng)絡(luò)安全
2023復(fù)習(xí)正是強(qiáng)化復(fù)習(xí)階段,在考研英語中占了40分,所以考研英語閱讀是英語科目中重要的一項(xiàng)。名師老師曾建議過考研生需要堅(jiān)持每天泛讀10-15分鐘的英文原刊。強(qiáng)烈推薦了雜志《經(jīng)濟(jì)學(xué)人》.雜志中的文章也是考研英語的主要材料來源.希望考研考生認(rèn)真閱讀,快速提高考研英語閱讀水平。 Online business and security 網(wǎng)絡(luò)商業(yè)及網(wǎng)絡(luò)安全 A digital heart attack 電子心臟病 A flaw in popular internet-security software couldhave serious consequences for all sorts of business 廣泛使用的網(wǎng)絡(luò)安全軟件出現(xiàn)漏洞,可能會(huì)殃及幾乎所有企業(yè) THE Heartbleed bug sounds like a nasty coronary condition. But it is in fact a software flawthat has left up to two-thirds of the world s websites vulnerable to attack by hackers. This ispotentially the most dangerous bug that we have seen for a long, long time, says JamesBeeson, the chief information security officer of GE Capital Americas, an arm of GE. Since itsexistence was revealed on April 7th by researchers at Codenomicon, a security outfit, andGoogle, countless companies around the world that rely on the internet for part or all of theirbusiness have been scrambling to fix the flaw. 心臟流血,聽起來像是某種嚴(yán)重的心臟病的名稱。但事實(shí)上,它是一個(gè)軟件漏洞的名字,此漏洞使得全球三分之二的網(wǎng)站暴露于被黑客攻擊的危險(xiǎn)之中。這可能是近些年來發(fā)現(xiàn)過的最危險(xiǎn)的漏洞了,通用電氣旗下的通用電氣金融服務(wù)公司的首席信息安全官詹姆士比森說道。這個(gè)漏洞是由網(wǎng)絡(luò)安全研究團(tuán)隊(duì)Codenomicon和谷歌于四月七日發(fā)現(xiàn)的,自從那時(shí)起,全球范圍內(nèi),只要是或多或少依靠互聯(lián)網(wǎng)的公司,都火急火燎地在修補(bǔ)漏洞。 Ironically, the bug was discovered in OpenSSL, encryption software that was designed tomake the internet more secure. Available free, this open-source code is popular withbusinesses and governments, which use it to help secure everything from online credit-cardtransactions to public services. On April 9th, for instance, Canada s tax authority shut offpublic access to its online services while it checked the security of its systems in the light ofnews about the bug. 諷刺的是,這個(gè)漏洞是在OpenSSl中發(fā)現(xiàn)的,而后者是一個(gè)用于提升網(wǎng)絡(luò)安全的加密軟件。OpenSSL是一個(gè)免費(fèi)的開源軟件,被企業(yè)和政府部門廣泛使用,用于保護(hù)信用卡交易或公共服務(wù)的安全。比如加拿大稅務(wù)部門的提供的公眾網(wǎng)絡(luò)服務(wù)就使用了OpenSSL,在得知漏洞的存在后,稅務(wù)部門便在四月九日關(guān)閉了服務(wù)。 The flaw makes it possible for hackers to trick a server into spewing out data held in itsmemory. OpenSSL has a feature known as a heartbeat that allows a computer at one endof an encrypted link to send occasional signals to the computer at the other end of it, tocheck that it is still online. The researchers discovered that a hacker with knowledge of thebug could replicate this signal and use it to steal all manner of data from a remotecomputer. 心血漏洞增加了黑客套取存儲在服務(wù)器上的數(shù)據(jù)的可能性。OpenSSL有一個(gè)名為心跳的功能,允許加密鏈接一端的電腦隨機(jī)發(fā)出一條信息,確認(rèn)另一端的電腦是否仍然在線。研究人發(fā)現(xiàn),一個(gè)熟悉心血漏洞的黑客,可以通過復(fù)制這個(gè)信號來盜取遠(yuǎn)程計(jì)算機(jī)上的所有數(shù)據(jù)。 Those data could include encryption keys that let hackers decipher traffic. To make mattersworse, the researchers found that the bug, which is present in some versions of OpenSSL thathave been available since March 2023, allows attacks to be mounted without leaving a tracein targeted computers server logs, so victims are unaware their systems have beencompromised. That means it is impossible to tell for sure what damage has been done. 這些數(shù)據(jù)可能包括可以讓黑客解碼之前通信內(nèi)容的密鑰。更糟糕的是,研究人員發(fā)現(xiàn),此漏洞從2023起就開始在OpenSSL的一些版本中出現(xiàn);而且,黑客通過此漏洞攻擊時(shí)不會(huì)在其目標(biāo)計(jì)算機(jī)的服務(wù)器日志中留下痕跡,所以,受害者無法察覺到自己的系統(tǒng)已經(jīng)被入侵了。 The bug has forced companies to find out fast how many of their systems employ thevulnerable versions of OpenSSL. Everyone knows they have to patch their customer-facinginternet websites, but that is only the tip of the iceberg, says Jonathan Sander ofSTEALTHbits Technologies, a security firm that is helping one of America s biggest bankswork out where it has deployed the buggy software. Web-connected systems that handlethings such as accounting and personnel data will also need to be checked for the bug. 這個(gè)漏洞促使企業(yè)迅速查明它們自己有哪些系統(tǒng)使用了存在漏洞的OpenSSL。所有人都知道要去修補(bǔ)他們面向客戶的網(wǎng)站,但那些只是冰山一角,安全公司STEALTHbits Technologies的喬納森桑德說。該公司正在幫助美國的一家大型銀行定位其系統(tǒng)上的漏洞。其他聯(lián)網(wǎng)系統(tǒng),例如處理帳務(wù)和私人信息的聯(lián)網(wǎng)系統(tǒng),都有必要檢查一下是否有漏洞。 Mr Sander likens the discovery of the Heartbleed bug to finding a faulty part in nearly everymake and model of car. The problem is that the internet cannot be recalled. Big webcompanies such as Google and Yahoo have moved fast to deal with the bug. But millions ofsmaller e-commerce sites and other businesses face the worrying prospect of being attackedby hackers alerted to the bug s existence as the firms race to fix the problem. 桑德說,發(fā)現(xiàn)心血漏洞,就好比汽車廠商在它的每款車?yán)锒及l(fā)現(xiàn)一個(gè)同一個(gè)缺陷。但問題是,互聯(lián)行業(yè)里沒有召回這一說。像谷歌和雅虎這樣的大型網(wǎng)絡(luò)公司已經(jīng)立即處理了漏洞。但是還有大量的小型的電商網(wǎng)站和其他類型的小公司只能一邊搶修,一邊擔(dān)心被那些獲悉漏洞存在的黑客的攻擊。 The cure includes applying a software patch and then choosing new encryption keys toreplace those that may have been compromised. Once this has been done, customers willoften need to change their passwords too. Tumblr, a blogging service owned by Yahoo, hasurged its users to change the passwords they use for all of the secure online services thathold sensitive data about them. Some companies even chose to suspend services whilethey were working on a fix. Bitstamp, a Bitcoin e-currency exchange, temporarilysuspended new account registrations and logins to its existing accounts. 補(bǔ)救的辦法包括給軟件打補(bǔ)丁,然后用新密鑰替換那些可能被盜取的密鑰。完成了這兩步之后,用戶通常還需要更改他們的密碼。雅虎旗下提供博客服務(wù)的Tumblr就強(qiáng)烈建議用戶更改所有包含他們敏感信息的服務(wù)的密碼。有些公司甚至在其修補(bǔ)漏洞期間暫停了服務(wù)。比特幣交易網(wǎng)站Bitstamp就暫時(shí)關(guān)閉了注冊和登錄服務(wù)。 Another Y2 K? 另一個(gè)千年蟲? Perhaps the risk posed by the Heartbleed bug will turn out to be overblown. But if it emergesthat companies systems have indeed been hacked because of it, this could open a legal canof worms. Firms could argue that they ought not to be punished for using widely trustedsecurity software. But aggrieved customersand their lawyersmay see things differently. 也許,心血漏洞可能造成的風(fēng)險(xiǎn)被夸大了。但是一旦真的有公司因此漏洞被黑客入侵了,就可能引起極為棘手的法律糾紛。企業(yè)可能會(huì)自辯說其不應(yīng)該因使用被廣泛信任的安全軟件受罰。但受害的用戶和他們的律師可不會(huì)這么想。 Quite how the bug got into the OpenSSL software in the first place is a mystery. BruceSchneier, an internet-security expert, argues in a blog post that the probability is close toone that intelligence agencies have exploited the glitch to nab the encryption keys neededto decipher information about their targets. His guess is that the glitch is the result of acoding error rather than the handiwork of spies, though he says he cannot be sure. 至于究竟這個(gè)漏洞最初是如何出現(xiàn)在OpenSSL中的,這還是一個(gè)謎。網(wǎng)絡(luò)安全專家布魯斯施奈爾在他的一篇博客里稱,毫無疑問,情報(bào)部門已利用此漏洞盜取密鑰以獲取其監(jiān)控目標(biāo)的信息。雖然他不能完全肯定,但他認(rèn)為漏洞是編程失誤的結(jié)果,不太可能是間諜的杰作。 No matter who is to blame, this episode is another reminder of the security challengescompanies face as ever more economic activity shifts online. According to eMarketer, aresearch outfit, worldwide business-to-consumer e-commerce sales are likely to grow byjust over a fifth this year, to $1.5 trillion. That is a huge commercial opportunity, but it willalso encourage cyber-crooks to target businesses even more vigorously. Expect morecomputer-security heartburn in boardrooms. 不管幕后黑手到底是誰,這個(gè)事件再一次提醒我們,在企業(yè)不斷將經(jīng)濟(jì)活動(dòng)向線上轉(zhuǎn)移的過程中,它們將面臨大量的安全挑戰(zhàn)。據(jù)一個(gè)名為eMarketer的市場調(diào)查公司稱,今年全球B2C電商的銷售總額將有望達(dá)到1.5萬億美元,同比增長超過五分之一。這是巨大的商機(jī),同時(shí)也會(huì)讓網(wǎng)絡(luò)罪犯們更堅(jiān)定地咬住企業(yè)這塊肥肉。就讓董事會(huì)的老爺們?yōu)榇藷母C火吧。 詞語解釋 1.vulnerable to 脆弱的 As a result, our economy and society arevulnerable to little shocks. 于是,在小問題面前,我們的經(jīng)濟(jì)和社會(huì)變得脆弱不堪。 Just as with certain species and theenvironment, some people are more vulnerableto toxic atmospheres than others. 正如某些物種和環(huán)境一樣,有的人在有害的氛圍內(nèi)會(huì)比其他人更容易受到傷害。 2.design to 用于設(shè)計(jì) On his personal blog, he compared his design to the previous two dragon stamps. 在其個(gè)人博客上,他將自己的設(shè)計(jì)同之前兩次發(fā)行的龍票設(shè)計(jì)進(jìn)行了比較。 They reported the results in the summer of 2008 and plan to transfer the design to structuralmaterials such as armor. 科學(xué)家們已經(jīng)在2008年夏天提交了報(bào)告,并準(zhǔn)備把結(jié)構(gòu)信息應(yīng)用到裝甲等材料的設(shè)計(jì)中。 3.shut off 停止;關(guān)掉;隔絕 The engine shut off and tapped as it cooled. 關(guān)掉的發(fā)動(dòng)機(jī)逐漸冷卻,發(fā)出輕響。 Shut off your computer, and your self stops raging quite as much or quite as loud. 關(guān)掉你的電腦,那么你的內(nèi)心就不會(huì)有這么多的煩惱,也不會(huì)這么招搖地?zé)馈? 4.allow to 允許 Allow to freeze solid for 3-4 hours or overnight. 允許凍結(jié)3-4小時(shí)或隔夜固體。 Apply solution to the tube and allow to become tacky. 在內(nèi)胎上涂抹膠水并讓它發(fā)粘。
2023復(fù)習(xí)正是強(qiáng)化復(fù)習(xí)階段,在考研英語中占了40分,所以考研英語閱讀是英語科目中重要的一項(xiàng)。名師老師曾建議過考研生需要堅(jiān)持每天泛讀10-15分鐘的英文原刊。強(qiáng)烈推薦了雜志《經(jīng)濟(jì)學(xué)人》.雜志中的文章也是考研英語的主要材料來源.希望考研考生認(rèn)真閱讀,快速提高考研英語閱讀水平。 Online business and security 網(wǎng)絡(luò)商業(yè)及網(wǎng)絡(luò)安全 A digital heart attack 電子心臟病 A flaw in popular internet-security software couldhave serious consequences for all sorts of business 廣泛使用的網(wǎng)絡(luò)安全軟件出現(xiàn)漏洞,可能會(huì)殃及幾乎所有企業(yè) THE Heartbleed bug sounds like a nasty coronary condition. But it is in fact a software flawthat has left up to two-thirds of the world s websites vulnerable to attack by hackers. This ispotentially the most dangerous bug that we have seen for a long, long time, says JamesBeeson, the chief information security officer of GE Capital Americas, an arm of GE. Since itsexistence was revealed on April 7th by researchers at Codenomicon, a security outfit, andGoogle, countless companies around the world that rely on the internet for part or all of theirbusiness have been scrambling to fix the flaw. 心臟流血,聽起來像是某種嚴(yán)重的心臟病的名稱。但事實(shí)上,它是一個(gè)軟件漏洞的名字,此漏洞使得全球三分之二的網(wǎng)站暴露于被黑客攻擊的危險(xiǎn)之中。這可能是近些年來發(fā)現(xiàn)過的最危險(xiǎn)的漏洞了,通用電氣旗下的通用電氣金融服務(wù)公司的首席信息安全官詹姆士比森說道。這個(gè)漏洞是由網(wǎng)絡(luò)安全研究團(tuán)隊(duì)Codenomicon和谷歌于四月七日發(fā)現(xiàn)的,自從那時(shí)起,全球范圍內(nèi),只要是或多或少依靠互聯(lián)網(wǎng)的公司,都火急火燎地在修補(bǔ)漏洞。 Ironically, the bug was discovered in OpenSSL, encryption software that was designed tomake the internet more secure. Available free, this open-source code is popular withbusinesses and governments, which use it to help secure everything from online credit-cardtransactions to public services. On April 9th, for instance, Canada s tax authority shut offpublic access to its online services while it checked the security of its systems in the light ofnews about the bug. 諷刺的是,這個(gè)漏洞是在OpenSSl中發(fā)現(xiàn)的,而后者是一個(gè)用于提升網(wǎng)絡(luò)安全的加密軟件。OpenSSL是一個(gè)免費(fèi)的開源軟件,被企業(yè)和政府部門廣泛使用,用于保護(hù)信用卡交易或公共服務(wù)的安全。比如加拿大稅務(wù)部門的提供的公眾網(wǎng)絡(luò)服務(wù)就使用了OpenSSL,在得知漏洞的存在后,稅務(wù)部門便在四月九日關(guān)閉了服務(wù)。 The flaw makes it possible for hackers to trick a server into spewing out data held in itsmemory. OpenSSL has a feature known as a heartbeat that allows a computer at one endof an encrypted link to send occasional signals to the computer at the other end of it, tocheck that it is still online. The researchers discovered that a hacker with knowledge of thebug could replicate this signal and use it to steal all manner of data from a remotecomputer. 心血漏洞增加了黑客套取存儲在服務(wù)器上的數(shù)據(jù)的可能性。OpenSSL有一個(gè)名為心跳的功能,允許加密鏈接一端的電腦隨機(jī)發(fā)出一條信息,確認(rèn)另一端的電腦是否仍然在線。研究人發(fā)現(xiàn),一個(gè)熟悉心血漏洞的黑客,可以通過復(fù)制這個(gè)信號來盜取遠(yuǎn)程計(jì)算機(jī)上的所有數(shù)據(jù)。 Those data could include encryption keys that let hackers decipher traffic. To make mattersworse, the researchers found that the bug, which is present in some versions of OpenSSL thathave been available since March 2023, allows attacks to be mounted without leaving a tracein targeted computers server logs, so victims are unaware their systems have beencompromised. That means it is impossible to tell for sure what damage has been done. 這些數(shù)據(jù)可能包括可以讓黑客解碼之前通信內(nèi)容的密鑰。更糟糕的是,研究人員發(fā)現(xiàn),此漏洞從2023起就開始在OpenSSL的一些版本中出現(xiàn);而且,黑客通過此漏洞攻擊時(shí)不會(huì)在其目標(biāo)計(jì)算機(jī)的服務(wù)器日志中留下痕跡,所以,受害者無法察覺到自己的系統(tǒng)已經(jīng)被入侵了。 The bug has forced companies to find out fast how many of their systems employ thevulnerable versions of OpenSSL. Everyone knows they have to patch their customer-facinginternet websites, but that is only the tip of the iceberg, says Jonathan Sander ofSTEALTHbits Technologies, a security firm that is helping one of America s biggest bankswork out where it has deployed the buggy software. Web-connected systems that handlethings such as accounting and personnel data will also need to be checked for the bug. 這個(gè)漏洞促使企業(yè)迅速查明它們自己有哪些系統(tǒng)使用了存在漏洞的OpenSSL。所有人都知道要去修補(bǔ)他們面向客戶的網(wǎng)站,但那些只是冰山一角,安全公司STEALTHbits Technologies的喬納森桑德說。該公司正在幫助美國的一家大型銀行定位其系統(tǒng)上的漏洞。其他聯(lián)網(wǎng)系統(tǒng),例如處理帳務(wù)和私人信息的聯(lián)網(wǎng)系統(tǒng),都有必要檢查一下是否有漏洞。 Mr Sander likens the discovery of the Heartbleed bug to finding a faulty part in nearly everymake and model of car. The problem is that the internet cannot be recalled. Big webcompanies such as Google and Yahoo have moved fast to deal with the bug. But millions ofsmaller e-commerce sites and other businesses face the worrying prospect of being attackedby hackers alerted to the bug s existence as the firms race to fix the problem. 桑德說,發(fā)現(xiàn)心血漏洞,就好比汽車廠商在它的每款車?yán)锒及l(fā)現(xiàn)一個(gè)同一個(gè)缺陷。但問題是,互聯(lián)行業(yè)里沒有召回這一說。像谷歌和雅虎這樣的大型網(wǎng)絡(luò)公司已經(jīng)立即處理了漏洞。但是還有大量的小型的電商網(wǎng)站和其他類型的小公司只能一邊搶修,一邊擔(dān)心被那些獲悉漏洞存在的黑客的攻擊。 The cure includes applying a software patch and then choosing new encryption keys toreplace those that may have been compromised. Once this has been done, customers willoften need to change their passwords too. Tumblr, a blogging service owned by Yahoo, hasurged its users to change the passwords they use for all of the secure online services thathold sensitive data about them. Some companies even chose to suspend services whilethey were working on a fix. Bitstamp, a Bitcoin e-currency exchange, temporarilysuspended new account registrations and logins to its existing accounts. 補(bǔ)救的辦法包括給軟件打補(bǔ)丁,然后用新密鑰替換那些可能被盜取的密鑰。完成了這兩步之后,用戶通常還需要更改他們的密碼。雅虎旗下提供博客服務(wù)的Tumblr就強(qiáng)烈建議用戶更改所有包含他們敏感信息的服務(wù)的密碼。有些公司甚至在其修補(bǔ)漏洞期間暫停了服務(wù)。比特幣交易網(wǎng)站Bitstamp就暫時(shí)關(guān)閉了注冊和登錄服務(wù)。 Another Y2 K? 另一個(gè)千年蟲? Perhaps the risk posed by the Heartbleed bug will turn out to be overblown. But if it emergesthat companies systems have indeed been hacked because of it, this could open a legal canof worms. Firms could argue that they ought not to be punished for using widely trustedsecurity software. But aggrieved customersand their lawyersmay see things differently. 也許,心血漏洞可能造成的風(fēng)險(xiǎn)被夸大了。但是一旦真的有公司因此漏洞被黑客入侵了,就可能引起極為棘手的法律糾紛。企業(yè)可能會(huì)自辯說其不應(yīng)該因使用被廣泛信任的安全軟件受罰。但受害的用戶和他們的律師可不會(huì)這么想。 Quite how the bug got into the OpenSSL software in the first place is a mystery. BruceSchneier, an internet-security expert, argues in a blog post that the probability is close toone that intelligence agencies have exploited the glitch to nab the encryption keys neededto decipher information about their targets. His guess is that the glitch is the result of acoding error rather than the handiwork of spies, though he says he cannot be sure. 至于究竟這個(gè)漏洞最初是如何出現(xiàn)在OpenSSL中的,這還是一個(gè)謎。網(wǎng)絡(luò)安全專家布魯斯施奈爾在他的一篇博客里稱,毫無疑問,情報(bào)部門已利用此漏洞盜取密鑰以獲取其監(jiān)控目標(biāo)的信息。雖然他不能完全肯定,但他認(rèn)為漏洞是編程失誤的結(jié)果,不太可能是間諜的杰作。 No matter who is to blame, this episode is another reminder of the security challengescompanies face as ever more economic activity shifts online. According to eMarketer, aresearch outfit, worldwide business-to-consumer e-commerce sales are likely to grow byjust over a fifth this year, to $1.5 trillion. That is a huge commercial opportunity, but it willalso encourage cyber-crooks to target businesses even more vigorously. Expect morecomputer-security heartburn in boardrooms. 不管幕后黑手到底是誰,這個(gè)事件再一次提醒我們,在企業(yè)不斷將經(jīng)濟(jì)活動(dòng)向線上轉(zhuǎn)移的過程中,它們將面臨大量的安全挑戰(zhàn)。據(jù)一個(gè)名為eMarketer的市場調(diào)查公司稱,今年全球B2C電商的銷售總額將有望達(dá)到1.5萬億美元,同比增長超過五分之一。這是巨大的商機(jī),同時(shí)也會(huì)讓網(wǎng)絡(luò)罪犯們更堅(jiān)定地咬住企業(yè)這塊肥肉。就讓董事會(huì)的老爺們?yōu)榇藷母C火吧。 詞語解釋 1.vulnerable to 脆弱的 As a result, our economy and society arevulnerable to little shocks. 于是,在小問題面前,我們的經(jīng)濟(jì)和社會(huì)變得脆弱不堪。 Just as with certain species and theenvironment, some people are more vulnerableto toxic atmospheres than others. 正如某些物種和環(huán)境一樣,有的人在有害的氛圍內(nèi)會(huì)比其他人更容易受到傷害。 2.design to 用于設(shè)計(jì) On his personal blog, he compared his design to the previous two dragon stamps. 在其個(gè)人博客上,他將自己的設(shè)計(jì)同之前兩次發(fā)行的龍票設(shè)計(jì)進(jìn)行了比較。 They reported the results in the summer of 2008 and plan to transfer the design to structuralmaterials such as armor. 科學(xué)家們已經(jīng)在2008年夏天提交了報(bào)告,并準(zhǔn)備把結(jié)構(gòu)信息應(yīng)用到裝甲等材料的設(shè)計(jì)中。 3.shut off 停止;關(guān)掉;隔絕 The engine shut off and tapped as it cooled. 關(guān)掉的發(fā)動(dòng)機(jī)逐漸冷卻,發(fā)出輕響。 Shut off your computer, and your self stops raging quite as much or quite as loud. 關(guān)掉你的電腦,那么你的內(nèi)心就不會(huì)有這么多的煩惱,也不會(huì)這么招搖地?zé)馈? 4.allow to 允許 Allow to freeze solid for 3-4 hours or overnight. 允許凍結(jié)3-4小時(shí)或隔夜固體。 Apply solution to the tube and allow to become tacky. 在內(nèi)胎上涂抹膠水并讓它發(fā)粘。
