返回首页

JamesLyne_2013-_日常生活中的网络犯罪——我们该做些什么_
I'm going to be showing some of the cybercriminals ' latest and nastiest creations . 我将向你们展示网络罪犯们的一些 最新、最邪恶的作品。
cybercriminals:n.计算机罪犯,网络罪犯(cybercriminal的复数); nastiest:下流的;肮脏的;险恶的(nasty的最高级); creations:n.创作;创造物(creation的复数形式);
So basically , please don't go and download any of the viruses that I show you. 所以,请不要去下载 我将展示的病毒。
basically:adv.主要地,基本上;
Some of you might be wondering what a cybersecurity specialist looks like, and I thought I'd give you a quick insight into my career so far. 你们可能会好奇网络安全专家是什么样子的 那就让我来简要介绍一下 我迄今为止的工作经历吧。 (电脑奇客 ->苹果忠粉->Linux研究“猿”->TED演讲人)
cybersecurity:网络安全;网络空间安全; insight:n.洞察力;洞悉; career:n.职业;事业;生涯;经历;
It's a pretty accurate description . 这幅图描述得相当准确 (电脑奇客 ->苹果忠粉->Linux研究“猿”->TED演讲人)
accurate:adj.精确的; description:n.说明;形容;描写(文字);类型;
This is what someone that specializes in malware and hacking looks like. 这就是一个研究 恶意软件和黑客的人
specializes:v.专门研究(或从事);专攻;(specialize的第三人称单数) malware:n.恶意软件; hacking:v.黑客行为;砍;劈;猛踢;(hack的现在分词)
So today, computer viruses and trojans , designed to do everything from stealing data to watching you in your webcam to the theft of billions of dollars. 今天,计算机病毒和木马程序 被用来做各种事情,如盗取数据, 打开你的网络摄像头偷窥, 甚至窃取数十亿美金。
trojans:n.特洛伊木马,木马程式; webcam:n.网络摄像头;
Some malicious code today goes as far as targeting power, utilities and infrastructure . 有些恶意代码甚至能 攻击能源、公共和基础设施。
malicious:adj.恶意的;恶毒的;蓄意的;怀恨的; as far as:至于…; utilities:n.公用事业;实用工具,[计]实用程序;公用程式;(utility的复数) infrastructure:n.基础设施;公共建设;下部构造;
Let me give you a quick snapshot of what malicious code is capable of today. 让我们先迅速了解一下 如今的恶意代码有多大能耐。
snapshot:n.快照,快相;急射,速射;简单印象;vt.给…拍快照;vi.拍快照; capable:adj.能干的,能胜任的;有才华的;
Right now, every second, eight new users are joining the Internet. 现在,每秒钟就有8名新用户 加入互联网
Today, we will see 250,000 individual new computer viruses. 今天,共有25万种新型计算机病毒诞生
individual:n.个人;有个性的人;adj.单独的;个别的;
We will see 30,000 new infected websites. 3万个中毒网站
infected:adj.带菌的; v.传染; (infect的过去分词和过去式)
And, just to kind of tear down a myth here, lots of people think that when you get infected with a computer virus, it's because you went to a porn site . 对了,在此澄清一个流言, 很多人认为他们的电脑之所以会感染病毒, 是因为他们访问了色情网站
myth:n.神话;虚构的人,虚构的事; porn:n.淫秽作品;色情书刊(或音像制品等)(等于pornography); site:n.地点;位置;场所;v.设置;为…选址;
Right? Well, actually, statistically speaking, if you only visit porn sites , you're safer. 对吧?但其实,据数字统计, 如果你只访问色情网站,那还更安全些。
statistically:adv.统计地;统计学上; sites:n.网站(site的复数);遗址,举办地点;v.使...位于(site的单三形式);
People normally write that down, by the way . (Laughter) 顺便提一句,人们通常会记下这点 (笑)
normally:adv.正常地;通常地,一般地; by the way:顺便说一下;
Actually, about 80 percent of these are small business websites getting infected. 事实上,80%的电脑病毒来自 受到病毒感染的商业网站。
Today's cybercriminal, what do they look like? 如今的网络罪犯到底长什么样子?
Well, many of you have the image, don't you, of the spotty teenager sitting in a basement, hacking away for notoriety . 很多人脑中会浮现出这样的画面, 一个满脸粉刺的小伙子窝在地下室里, 为了出名肆意发动黑客袭击。
spotty:adj.发疹的;多斑点的;质量不一的; notoriety:n.恶名;声名狼藉;丑名;
But actually today, cybercriminals are wonderfully professional and organized . 但如今的网络罪犯 具有高度的专业性和组织性。
wonderfully:adv.精彩地;惊人地;极好地; professional:adj.专业的;职业的;职业性的;n.专业人员;职业运动员; organized:adj.有组织的; v.组织; (organize的过去分词和过去式)
In fact, they have product adverts . 事实上,他们甚至推出了产品广告。
adverts:广告;提及;
You can go online and buy a hacking service to knock your business competitor offline . 你可以上网购买黑客服务 拉黑你商业对手的网站。
offline:n.脱机;挂线;adj.脱机的;离线的,未连线的;adv.未连线地;
Check out this one I found. 一起来看看我找到的这条广告。
(Video) Man: So you're here for one reason, and that reason is because you need your business competitors, rivals , haters , or whatever the reason is, or who, they are to go down. (视频)你来这里只有一个原因, 那就是 你希望打倒你的商业对手、 敌人、仇人,无论什么人、什么原因, 他们就要完蛋了
rivals:n.对手(rival的复数);[劳经]竞争者;v.竞争(rival的三单形式); haters:怀恨在心者(hater的名词复数);
Well you, my friend, you've came to the right place. 嘿,朋友,你找对地方了!
If you want your business competitors to go down, well, they can. 想让你的商业对手死机? 是的,他们会的。
If you want your rivals to go offline, well, they will. 想让你的对手掉线?好的,他们会的。
Not only that , we are providing a short-term-to-long-term 不仅如此,我们还提供短期至长期的
only that:只是;要不是;
DDOS service or scheduled attack, starting five dollars per hour for small personal websites to 10 to 50 dollars per hour. 分布式拒绝服务(DDos)攻击和定时攻击。 攻击小型个人网站,每小时起价只需5美金 至10~50美金价格不等。
personal:adj.个人的;身体的;亲自的;n.人事消息栏;人称代名词;
James Lyne: Now, I did actually pay one of these cybercriminals to attack my own website. 其实我曾经付钱 给一个这样的网络罪犯来攻击我自己的网站。
Things got a bit tricky when I tried to expense it at the company. 但我在向公司报销这笔费用时有点麻烦
tricky:adj.难办的;难对付的;狡猾的;诡计多端的; expense:n.费用;开支;花费;开销;
Turns out that's not cool. 结果不太理想。
But regardless , it's amazing how many products and services are available now to cybercriminals. 但不管怎样,如今竟有如此多产品和服务 可为网络罪犯们提供方便。
regardless:adj.不管的; v.不顾后果地;
For example, this testing platform , which enables the cybercriminals to test the quality of their viruses before they release them on the world. 比方说,这个测试平台 可以让网络罪犯们 在将病毒传播出去之前 测试它们的效果。
platform:n.平台; v.把…放在台上[放在高处; enables:v.使得; (enable的第三人称单数) release:v.释放;发射;让与;允许发表;n.释放;发布;让与;
For a small fee, they can upload it and make sure everything is good. 只需花少量的钱,他们就能上传病毒 检查代码是否一切正常。
upload:v.上传;
But it goes further. 不仅如此,
Cybercriminals now have crime packs with business intelligence reporting dashboards to manage the distribution of their malicious code. 网络罪犯们现在还拥有犯罪工具包, 包括智能商业报告 来管理恶意代码的传播。
intelligence:n.智力;智慧;才智;(尤指关于敌国的)情报; dashboards:n.(汽车上的)仪表盘(dashboard的复数); distribution:n.分布;分配;分发;分销;
This is the market leader in malware distribution, the Black Hole Exploit Pack, responsible for nearly one third of malware distribution in the last couple of quarters. 这就是流氓软件传播的市场领导者, “黑洞开发包” 在过去的半年里,近三分之一流氓软件的散播 都与其有关。
market leader:n.同类商品的销售大户;市场份额的最大占有者;最畅销产品; Black Hole:n.黑洞(宇宙中包括光线在内的任何东西都无法逃逸的强引力区域); Exploit:v.利用…为自己谋利;剥削;压榨;运用;发挥; responsible:adj.负责的,可靠的;有责任的;
It comes with technical installation guides, video setup routines, and get this, technical support. 它自带安装指南, 视频设置程序, 听听这个,技术支持。
technical:adj.工艺的,科技的;技术上的;专门的; installation:n.安装;设施;设置;安装的设备(或机器);
You can email the cybercriminals and they'll tell you how to set up your illegal hacking server. 你可以给网络罪犯们发邮件,然后他们就会告诉你 如何建立你的非法黑客服务器。
illegal:adj.不合法的;非法的;n.非法移民;非法劳工;
So let me show you what malicious code looks like today. 现在,我给各位展示一下今天的恶意代码如何工作。
What I've got here is two systems, an attacker , which I've made look all Matrix-y and scary, and a victim , which you might recognize from home or work. 这里有两个系统, 一个是攻击系统,我给它弄了个恐怖的矩阵形界面, 另一个是受害人系统,也就是你的家用或办公电脑。
attacker:n.攻击者;进攻者; victim:n.受害人;牺牲品;牺牲者; recognize:v.认识;认出;辨别出;承认;意识到;
Now normally, these would be on different sides of the planet or of the Internet, but I've put them side by side because it makes things much more interesting. 通常来说,它们在地球或互联网的 不同两端, 但我把他们放在一起 因为这样让事情变得更有趣。
side by side:adj.并肩的;并行的;
Now, there are many ways you can get infected. 现在,有许多途径可使你的电脑被感染。
You will have come in contact with some of them. 你们可能经历过其中的一些。
come in contact with:接触;
Maybe some of you have received an email that says something like, "Hi, I'm a Nigerian banker, and I'd like to give you 53 billion dollars because I like your face." 例如你们可能收到封邮件说: “嗨,我是一名尼日利亚的银行家, 我打算给你530亿美元 因为我喜欢你的长相。”
Or funnycats.exe, which rumor has it was quite successful in China's recent campaign against America. 或收到 funnycats.exe (“有趣的小猫”)文件,据说 它在最近的中美网络对抗中功不可没。
rumor:n.谣言;传闻;v.谣传;传说;
Now there are many ways you can get infected. 你会从很多渠道受到病毒攻击。
I want to show you a couple of my favorites. 我想展示我最喜欢的几个。
This is a little USB key. 这是一只小U盘
Now how do you get a USB key to run in a business? 然而你怎么才能将你的U盘插到一个公司的电脑里呢?
Well, you could try looking really cute. 你可以尝试卖萌。
Or, in my case, awkward and pathetic . 或者像我一样,装可怜。
awkward:adj.尴尬的;笨拙的;棘手的;不合适的; pathetic:adj.可怜的,悲哀的;感伤的;乏味的;
So imagine this scenario : I walk into one of your businesses, looking very awkward and pathetic, with a copy of my C.V. 请想象这样的情景:我可怜兮兮地走进你的公司, 手里拿着我的简历,
scenario:n.方案;情节;剧本;
which I've covered in coffee, and I ask the receptionist to plug in this USB key and print me a new one. 上面留着咖啡渍, 我请求前台人员插入我的U盘 来帮我打印一份新的简历。
receptionist:n.接待员;传达员; plug:n.插头;塞子;栓;v.塞住;用插头将与电源接通;
So let's have a look here on my victim computer. 让我们来看看这边受攻击的电脑。
What I'm going to do is plug in the USB key. 我将要插入这只U盘。
After a couple of seconds, things start to happen on the computer on their own, usually a bad sign. 几秒钟后, 有些东西开始在这台电脑里自动运行了, 通常这是个坏兆头。
This would, of course, normally happen in a couple of seconds, really, really quickly, but I've kind of slowed it down so you can actually see the attack occurring . 当然,这些通常会在 几秒之内发生,非常非常快, 但我让这个过程慢了下来, 这样你就能实际看到攻击是如何发生的。
occurring:n.事件;事故;事变;
Malware is very boring otherwise. 不然,恶意程序是很无聊的。
boring:adj.无聊的;令人厌烦的;n.钻孔;v.使厌烦;钻孔;(bore的现在分词)
So this is writing out the malicious code, and a few seconds later, on the left-hand side, you'll see the attacker's screen get some interesting new text. 这是在写出恶意代码, 几秒后,在左侧, 你会看到攻击者的电脑屏幕上出现了一些有趣的新文本。
left-hand:adj.左手的;左侧的;
Now if I place the mouse cursor over it, this is what we call a command prompt , and using this we can navigate around the computer. 现在如果我把光标移过去, 就会出现一个所谓的命令提示符, 通过它,我们就可以随意操纵受害者电脑了。
cursor:n.光标;(计算尺的)[计]游标,指针; prompt:n.提示; v.提示; adj.迅速; v.准时地; navigate:vt.驾驶,操纵;使通过;航行于;vi.航行,航空;
We can access your documents, your data. 我们可以访问你的文件,你的数据。
You can turn on the webcam. 还可以打开网络摄像头。
That can be very embarrassing . 这有点尴尬。
embarrassing:adj.令人尴尬的; v.使尴尬; (embarrass的现在分词)
Or just to really prove a point, we can launch programs like my personal favorite, the Windows Calculator . 为了进一步证明我的观点, 我们可以启动一些程序,比如说我最喜欢的, Windows 计算器。
launch:v.发射(导弹,火箭等); n.发射; Calculator:n.计算器;
So isn't it amazing how much control the attackers can get with such a simple operation? 这难道不令人惊讶吗? 一个简单操作竟可让攻击者尽在掌控。
attackers:n.攻击者;进攻者;
Let me show you how most malware is now distributed today. 请让我展示一下今天的恶意程序 是如何传播的。
distributed:adj.分布的;分散的;v.分发;分配;使分布(distribute的过去分词和过去式)
What I'm going to do is open up a website that I wrote. 我要打开一个 我自己编的网站。
It's a terrible website. It's got really awful graphics . 这是一个糟糕的网站,页面很丑。
graphics:n.[测]制图学;制图法;图表算法;
And it's got a comments section here where we can submit comments to the website. 这里有一个留言板 我们可以在此提交评论。
submit:vt.使服从;主张;呈递;vi.提交;服从;
Many of you will have used something a bit like this before. 你们以前可能用过类似的东西。
Unfortunately , when this was implemented , the developer was slightly inebriated and managed to forget all of the secure coding practices he had learned. 可惜,当评论提交成功后, 开发者就会有些自我陶醉, 以至于忘记了 以至于忘记了
Unfortunately:adv.不幸地; implemented:v.使生效;贯彻;执行;实施;(implement的过去式和过去分词) slightly:adv.些微地,轻微地;纤细地; inebriated:adj.喝醉的;v.灌醉;使陶醉;使兴奋;(inebriate的过去分词和过去式) coding:n.译码;v.把…编码;(code的现在分词)
So let's imagine that our attacker, called Evil Hacker just for comedy value, inserts something a little nasty . 想象一下,我们的攻击系统, 为了好玩,就叫它“邪恶黑客”吧, 它嵌入了一些有点邪恶的东西。
Evil:adj.邪恶的;不幸的;有害的;讨厌的;n.罪恶,邪恶;不幸; Hacker:n.电脑黑客,企图不法侵入他人电脑系统的人; comedy:n.喜剧;喜剧性;有趣的事情; nasty:adj.极差的:令人厌恶的:不友好的:n.令人不愉快的事物:
This is a script. 这是一个脚本。
It's code which will be interpreted on the webpage . 它是一段可通过网页读取的代码。
interpreted:v.诠释;说明;把…理解为;领会;口译;(interpret的过去式和过去分词) webpage:n.网页;
So I'm going to submit this post, and then, on my victim computer, 下面我将发出这条讯息, 然后,在我的受害电脑上,
I'm going to open up the web browser and browse to my website, 我要打开网页浏览器, 浏览我的网站,
browser:n.[计]浏览器;吃嫩叶的动物;浏览书本的人;
Notice that after a couple of seconds, 请注意,几秒钟后,
I get redirected . 页面跳转了,
redirected:v.重新使用;改寄;改变投递方向;(redirect的过去分词和过去式)
That website address at the top there, the browser crashes as it hits one of these exploit packs, and up pops fake antivirus . 你马上就能看到, 浏览器读取了某个开发包而崩溃 并弹出了假冒的杀毒软件提示。
fake:n.假货;骗子;假动作;v.捏造;假装…的样子;adj.伪造的; antivirus:n.反病毒程序;抗病毒素;
This is a virus pretending to look like antivirus software, and it will go through and it will scan the system, have a look at what its popping up here. 其实这是病毒伪装成了杀毒软件, 它将开始运行,并扫面你的系统。 看一下这里弹出来了什么。
have a look at:看一看,看一眼;
It creates some very serious alerts . 它制造了一些严重警告,
alerts:n.警报; v.通知(alert的第三人称单数);
Oh look, a child porn proxy server. 快看,一个儿童色情代理服务器。
proxy:n.代理人;委托书;代用品;
We really should clean that up. 我们应该彻底清除它。
What's really insulting about this is not only does it provide the attackers with access to your data, but when the scan finishes, they tell you in order to clean up the fake viruses, you have to register the product. 最不能忍受的是, 它不仅能让黑客获取你的数据, 在扫描完成后,它还会通知你 为彻底杀掉假病毒, 你必须要注册此产品。
insulting:adj.侮辱的,无礼的;污蔑的;损害人体的;v.侮辱;损害;(insult的现在分词); register:v.登记;注册;记录;n.登记簿;登记表;注册簿;
Now I liked it better when viruses were free. 现在我不得不说,我更喜欢病毒免费的日子。
(Laughter) (笑)
People now pay cybercriminals money to run viruses, which I find utterly bizarre . 现在的人们付钱给网络罪犯们 让他们运行病毒程序。 对此我完全无法理解。
utterly:adv.完全地;绝对地;全然地;彻底地,十足地; bizarre:adj.奇异的(指态度,容貌,款式等);
So anyway, let me change pace a little bit. 不管怎样,让我变换一下节奏,
Chasing 250,000 pieces of malware a day is a massive challenge, and those numbers are only growing directly in proportion to the length of my stress line, you'll note here. 每天追踪25万种恶意程序 实在是很大的挑战, 而数字仍在上升, 你可以看到,这和我皱纹的长度成正比。
massive:adj.大量的;巨大的,厚重的;魁伟的; directly:adv.直接地;立即;马上;正好地;坦率地;conj.一…就; in proportion to:与…成比例,与…相称;
So I want to talk to you briefly about a group of hackers we tracked for a year and actually found -- and this is a rare treat in our job. 所以我想很快地介绍一下 我们追踪了一年的一个黑客团体, 事实上,我们已经找到了他们, 这是我们的工作中少有的成果。
briefly:adv.简要地;简短地;暂时地; hackers:n.黑客,骇客;电脑黑客(hacker的复数); tracked:v.跟踪;追踪;(track的过去分词和过去式) treat:v.治疗;处理;招待;款待;n.款待;乐事;乐趣;
Now this was a cross-industry collaboration , people from Facebook, independent researchers, guys from Sophos. 现在,追踪黑客已成为一项跨界合作, Fackbook网友、独立研究者、 Sophos防毒软件专家等均在其中。
collaboration:n.合作;勾结;通敌; independent:adj.独立的; n.无党派议员(或候选人等);
So here we have a couple of documents which our cybercriminals had uploaded to a cloud service, kind of like Dropbox or SkyDrive , like many of you might use. 这里有一些文件, 是网络罪犯们上传到 Dropbox或SkyDrive一类云服务器中的。 就像你们使用的方法一样。
uploaded:vt.上传; SkyDrive:n.微软的在线文档系统;
At the top, you'll notice a section of source code . 在文件上方能看到一段源代码
source code:n.源(代)码;
What this would do is send the cybercriminals a text message every day telling them how much money they'd made that day, so a kind of cybercriminal billings report, if you will. 它的作用是每天发给网络罪犯们 一条讯息,告诉他们 每天的收入 你也可以把它看做网络罪犯们的对账单。
text message:n.文本信息;短信息; billings:n.比林斯(美国蒙大拿州南部城市);
If you look closely, you'll notice a series of what are Russian telephone numbers. 如果你仔细看,就会发现一连串的 俄罗斯电话号码。
series:n.系列,连续;[电]串联;级数;丛书;
Now that's obviously interesting, because that gives us a way of finding our cybercriminals. 这就很有趣了, 因为这就为我们的追踪提供了一条线索。
Down below, highlighted in red, in the other section of source code, is this bit "leded:leded." 下方,红色显示的, 另一段源代码, 这里写道:“leded:leded.”
highlighted:adj.突出的;v.使显著;照亮(highlight的过去分词);
That's a username , kind of like you might have on Twitter. 这个是用户名, 有点类似于你在推特上用的。
username:n.由字母或数字组成的用户名称,以标明用户的身份;
So let's take this a little further. 让我们再进一步了解一下
There are a few other interesting pieces the cybercriminals had uploaded. 网络罪犯们还上传了 一些其他的有意思的东西。
Lots of you here will use smartphones to take photos and post them from the conference . 你们当中有很多人会在开会时, 用智能手机拍照并上传。
smartphones:智能手机(smartphone的复数); conference:n.会议;研讨会;商讨会;体育协会(或联合会)
An interesting feature of lots of modern smartphones is that when you take a photo, it embeds GPS data about where that photo was taken. 很多现代智能手机都有一个有趣的特点, 就是当你拍了一张照片时, 它都会自动嵌入GPS数据以显示照片的拍摄位置。
embeds:嵌入;根深蒂固的;使根深蒂固;嵌入的;
In fact, I've been spending a lot of time on Internet dating sites recently , obviously for research purposes, and I've noticed that about 60 percent of the profile pictures on Internet dating sites 事实上,最近,我在交友网站上 花费了很多时间, 当然,我是为了做研究。 我注意到,在交友网站上 约有60%的头像照片
recently:adv.最近;新近; profile:n.轮廓;简介;形象;外形;v.扼要介绍;概述;写简介;
contain the GPS coordinates of where the photo was taken, which is kind of scary because you wouldn't give out your home address to lots of strangers, but we're happy to give away our GPS coordinates to plus or minus 15 meters. 包含了照片的GPS定位信息。 这有点恐怖, 这有点恐怖, 告诉陌生人, 告诉陌生人, 公布给你周围15米左右人,
coordinates:n.[数]坐标;相配之衣物;v.使协调;使调和(coordinate的第三人称单数形式); minus:prep.减,减去;n.负号,减号;不足;负数;adj.减的;负的;
And our cybercriminals had done the same thing. 我们的网络罪犯们也做了同样的事情。
So here's a photo which resolves to St. Petersburg. 这里有一张拍摄于圣彼得堡的照片。
resolves:vt.决定; vi.解决; n.坚决;
We then deploy the incredibly advanced hacking tool. 我们随后部署了非常先进的黑客工具,
deploy:v.部署;利用;[军事]展开;(使)张开; incredibly:adv.难以置信地;非常地; advanced:adj.先进的; v.前进; (advance的过去式和过去分词形式)
We used Google . 也就是谷歌。
Google:谷歌;谷歌搜索引擎;
Using the email address, the telephone number and the GPS data, on the left you see an advert for a BMW that one of our cybercriminals is selling, on the other side an advert for the sale of sphynx kittens. 利用电子邮件地址,电话号码 和GPS数据,在左侧,你可以看到一则 网络罪犯正在出售的宝马车广告, 另一侧广告在出售一只斯芬克斯小猫。
telephone number:n.电话号码; on the other side:另一面;在另一边;
One of these was more stereotypical for me. 对于我来讲,其中一则更常见。
stereotypical:adj.老一套的;陈规的;
A little more searching, and here's our cybercriminal. 经过进一步调查,这位网络罪犯浮出水面。
Imagine, these are hardened cybercriminals sharing information scarcely . 别忘了,这是些顽固的网络罪犯, 几乎从不分享他们的信息。
hardened:adj.变硬的;坚定的;v.坚定,变硬(harden的过去分词); scarcely:adv.几乎不,简直不;简直没有;
Imagine what you could find about each of the people in this room. 想象一下你能从中发现 想象一下你能从中发现
A bit more searching through the profile and there's a photo of their office. 透过个人资料进一步搜寻, 找到了一张他办公室的照片。
They were working on the third floor. 他的办公室在三楼,
And you can also see some photos from his business companion where he has a taste in a certain kind of image. 还有一些照片, 来自于他的工作伙伴, 来自于他的工作伙伴,
companion:n.同伴;伴侣;陪伴;手册;v.(与…)同行;(跟…)搭伴儿去;
It turns out he's a member of the Russian Adult Webmasters Federation . 结果发现,他是“俄罗斯成人网络管理联盟”成员。
Webmasters:n.站点管理员;(webmaster的复数) Federation:n.联合;联邦;联盟;联邦政府;
But this is where our investigation starts to slow down. 但随后,我们的调查开始进展缓慢。
The cybercriminals have locked down their profiles quite well. 网络罪犯们完全锁住了他们的资料。
profiles:n.配置文件; v.扼要描述;
And herein is the greatest lesson of social media and mobile devices for all of us right now. 接下来,就是我们在使用 社交媒体和手机时最大的教训:
herein:adv.此中,于此;焉;在这方面; media:n.媒体;媒质(medium的复数);血管中层;浊塞音;中脉; mobile:n.手机;汽车;移动电话;adj.活跃的;可动的; devices:n.[机][计]设备;[机]装置;[电子]器件(device的复数);
Our friends, our families and our colleagues can break our security even when we do the right things. 即使我们没有做任何事, 我们的朋友,家人和同事也可能破坏我们的安全。
colleagues:n.同事;同行(colleague的复数);
This is MobSoft, one of the companies that this cybercriminal gang owned, and an interesting thing about MobSoft is the 50-percent owner of this posted a job advert, Mob Soft是这群网络罪犯 拥有的公司之一, 有趣的是,Mob Soft公司 50%的所有者 上传过一则招聘广告,
gang:n.一群; v.(英)去;
and this job advert matched one of the telephone numbers from the code earlier. 这则广告显示的联系电话,刚好在 之前的代码里出现过。
This woman was Maria , and Maria is the wife of one of our cybercriminals. 这位女士叫玛利亚, 她是一名网络罪犯的妻子。
Maria:n.母驴;母马;[天文学]海(指月亮,火星表面的阴暗部分);
And it's kind of like she went into her social media settings and clicked on every option imaginable to make herself really, really insecure . 她似乎在自己的社交网页设置中, 开放了所有你能想象的选项, 这时她的网络状态非常不安全。
option:n.选择;可选择的东西; imaginable:adj.可能的;可想像的; insecure:adj.不安全的;不稳定的;不牢靠的;
By the end of the investigation, where you can read the full 27-page report at that link, we had photos of the cybercriminals, even the office Christmas party when they were out on an outing. 在调查的最后, 你能够通过链接阅读整整27页的报告, 我们拥有了网络罪犯的照片, 甚至他们他们在圣诞派对上 在户外拍摄的照片
That's right, cybercriminals do have Christmas parties, as it turns out. 你没听错,网络罪犯也会举办 圣诞节派对。
Now you're probably wondering what happened to these guys. 现在,你会问他们到底是怎么回事。
Let me come back to that in just a minute. 我们回头再说这个。
I want to change pace to one last little demonstration , a technique that is wonderfully simple and basic, but is interesting in exposing how much information we're all giving away, and it's relevant because it applies to us as a TED audience. 现在我想做最后一次展示, 这是一个非常简单、基本的技巧 但它将生动地告诉我们究竟有多少个人信息 我们正在泄漏出去, 而且这和每位在座的TED观众有关。
demonstration:n.示范;演示;论证;证明; technique:n.技巧,技术;手法; exposing:v.暴露;显露;揭露;揭穿;使面临;(expose的现在分词) relevant:adj.相关的;切题的;中肯的;有重大关系的;有意义的,目的明确的; applies:v.适用;申请;运用;专心;(apply的第三人称单数)
This is normally when people start kind of shuffling in their pockets trying to turn their phones onto airplane mode desperately . 听到这,人们通常赶紧把手伸进口袋 试图把手机调成飞行模式。
shuffling:v.拖着脚走;坐立不安;洗牌;(shuffle的现在分词) airplane:n.飞机; desperately:adv.拼命地;绝望地;不顾一切地;极度地;
Many of you all know about the concept of scanning for wireless networks. 你们基本都会用 搜索无线网络的功能。
wireless:adj.无线的;无线电的;n.无线电;v.用无线电发送;
You do it every time you take out your iPhone or your Blackberry and connect to something like TEDAttendees. 每当你拿出苹果或者黑莓手机时,你都会搜索 并连接类似于“TED出席者”名称的网络。
Blackberry:n.[园艺]黑莓;
But what you might not know is that you're also beaming out a list of networks you've previously connected to, even when you're not using wireless actively. 但是你可能不知道, 你同时也发出了一连串 之前连接过的网络信息, 就算你并不经常使用无线网络。
beaming:v.发射(电波);笑容满面;播送;射出光(或热);(beam的现在分词) previously:adv.先前;以前;
So I ran a little scan. 所以我稍微扫描了一下。
I was relatively inhibited compared to the cybercriminals, who wouldn't be so concerned by law, and here you can see my mobile device. 比起不法分子, 我更加节制一些。 这里,你能看到我的移动设备。
relatively:adv.相当程度上;相当地;相对地; inhibited:adj.抑制的;禁止的;羞怯的;v.抑制;控制(inhibit的过去分词); compared:adj.比较的,对照的; v.相比; (compare的过去式和过去分词) concerned:adj.有关的;关心的;v.关心;与…有关;(concern的过去时和过去分词)
Okay? So you can see a list of wireless networks. 看到了吗?你能看到一串无线网络列表。
TEDAttendees, HyattLB. Where do you think I'm staying? 有TEDAttendees,HyattLB等。你知道我住在哪儿了吗?
My home network, PrettyFlyForAWifi, which I think is a great name. 这是我家的网络,PrettyFlyForAWifi(找网络的小苍蝇), 我觉得名字起得不错。
Sophos_Visitors, SANSEMEA, companies I work with. Sophos_Visitors, SANSEMEA.这是我的工作网络。
Loganwifi, that's in Boston . HiltonLondon. Loganwifi,这是在波士顿,HiltonLondon(伦敦希尔顿)
Boston:n.波士顿(美国城市);
CIASurveillanceVan. 还有CIA SurveillanceVan(CIA 监控车).
We called it that at one of our conferences because we thought that would freak people out, which is quite fun. 这是我们在会议上起的名字, 因为我们觉得它挺唬人的, 很好玩。
conferences:n.会议(conference的复数形式); freak:n.怪人,怪事;畸形人;反复无常;adj.奇异的,反常的;
This is how geeks party. 这就是网络奇客们的娱乐方式。
geeks:n.奇葩(指反常的人,畸形人,野人,现也指智力超群,善于钻研但不懂与人交往的学者或知识分子);
So let's make this a little bit more interesting. 让我们把事情变得更有趣些。
Let's talk about you. 说说你们吧。
Twenty-three percent of you have been to Starbucks recently and used the wireless network. 在座有23%的人最近去过星巴克 并用了那里的无线网络。
Starbucks:n.星巴克(咖啡店名);
Things get more interesting. 越来越有意思了。
Forty-six percent of you I could link to a business, 你们当中,有46%的人连接过
XYZ Employee network. 叫做 “某某某雇员”的公司网络。
This isn't an exact science, but it gets pretty accurate. 这并不算科学验算,但是它准确率很高。
Seven hundred and sixty-one of you I could identify a hotel you'd been to recently, absolutely with pinpoint precision somewhere on the globe. 我能说出你们当中761个人最近去过的酒店。 并且可以准确定位。
identify:v.识别:鉴定:确认:发现: absolutely:adv.绝对地;完全地; pinpoint:vt.查明; adj.精确的; n.针尖; precision:n.精度,[数]精密度;精确;adj.精密的,精确的;
Two hundred and thirty-four of you, well, I know where you live. 我知道在场234个人的家庭住址。
Your wireless network name is so unique that I was able to pinpoint it using data available openly on the Internet with no hacking or clever, clever tricks. 你们的无线网络名称太独特了, 因此我能准确定位。 我不需要黑客技术或聪明的技巧, 只需网络上公开可得的数据就可以办到。
unique:adj.独特的,稀罕的;[数]唯一的;n.独一无二的人或物;
And I should mention as well that some of you do use your names, "James Lyne's iPhone," for example. 我还要提一下, 有些人用自己的名字命名网络, 比如说“詹姆士·莱恩的苹果手机”。
And two percent of you have a tendency to extreme profanity . 还有2%的人用了不雅的名称。
tendency:n.倾向,趋势;癖好; extreme:adj.极端的;极度的;偏激的;尽头的;n.极端;末端;最大程度;极端的事物; profanity:n.亵圣:对神灵的亵渎:
So something for you to think about: 因此我们要思考一下:
As we adopt these new applications and mobile devices, as we play with these shiny new toys, how much are we trading off convenience for privacy and security? 当我们使用新的应用和移动设备时, 当我们把玩这些亮闪闪的新玩具时, 为了方便,我们交换出了多少 隐私和安全?
adopt:v.采取;接受;收养;正式通过; shiny:adj.闪亮的;光亮的;反光的;有光泽的; convenience:n.方便;便利;适宜;便利的事物(或设施); privacy:n.隐私;秘密;隐居;隐居处;
Next time you install something, look at the settings and ask yourself, "Is this information that I want to share? 下次当你安装东西时, 看一下设置,同时问问自己, “ 这些信息是我愿意分享的吗?
Would someone be able to abuse it?" 它们是否会被人滥用?”
abuse:n.滥用;虐待;辱骂;弊端;恶习,陋习;v.滥用;虐待;辱骂;
We also need to think very carefully about how we develop our future talent pool. 我们还要非常仔细地想一下, 我们如何建设未来的人才库。
You see, technology 's changing at a staggering rate, and that 250,000 pieces of malware won't stay the same for long. 想想看,科技发展日新月异, 那25万种恶意软件 不会一成不变。
technology:n.技术;工艺;术语; staggering:adj.惊人的; v.蹒跚; (stagger的现在分词)
There's a very concerning trend that whilst many people coming out of schools now are much more technology-savvy, they know how to use technology, fewer and fewer people are following the feeder subjects to know how that technology works under the covers. 还有一个令人堪忧的趋势, 就是现在很多毕业生 科技水平很高,他们知道如何应用科技, 但越来越少的人关注编程课题 去了解科技背后的运行方式。
concerning:prep.关于;涉及;v.影响,牵涉(某人);与…有关;涉及;(concern的现在分词) trend:n.趋势;动向;趋向;动态;v.走向;趋向; whilst:conj.同时;时时,有时;当…的时候; feeder:n.支线;喂食器;奶瓶;饲养员;支流;
In the U.K., a 60 percent reduction since 2003, and there are similar statistics all over the world. 在英国,2003年以来,IT成绩优异的学生减少了60%, 全世界皆是如此。
reduction:n.减少;缩小;降低;减价;折扣;缩图; statistics:n.统计数字;统计资料;统计学;(statistic的复数)
We also need to think about the legal issues in this area. 我们还要考虑这一领域中的法律问题。
issues:n.重要议题;争论的问题;v.宣布;公布;发出;(issue的第三人称单数和复数)
The cybercriminals I talked about, despite theft of millions of dollars, actually still haven't been arrested, and at this point possibly never will. 我提到过的网络罪犯, 尽管盗取了数百万美元, 事实上仍然逍遥法外, 目前看来,很难让他们落网。
despite:prep.尽管,不管;n.轻视;憎恨;侮辱;
Most laws are national in their implementation , despite cybercrime conventions , where the Internet is borderless and international by definition . 虽然有打击网络犯罪的国际公约, 大部分法律却在国家层面执行, 而网络实际上就是无国界、全球性的。
implementation:n.[计]实现;履行;安装启用; cybercrime:n.网路犯罪; conventions:n.[法]惯例;会议;[计]约定(convention的复数); borderless:adj.无边界的;没有边际; definition:n.定义;清晰度;(尤指词典里的词或短语的)释义;解释;
Countries do not agree, which makes this area exceptionally challenging from a legal perspective . 国家间无法达成协议,使得这一领域 在法律层面上充满挑战。
exceptionally:adv.异常地;特殊地;例外地; perspective:n.观点;远景;透视图;adj.透视的;
But my biggest ask is this: 但是,我今天最大的请求是:
You see, you're going to leave here and you're going to see some astonishing stories in the news. 你们即将离开这里, 今后会在新闻里看到一些惊人的消息。
astonishing:adj.令人十分惊讶的;v.使十分惊讶;使吃惊;(astonish的现在分词)
You're going to read about malware doing incredible and terrifying , scary things. 你们会读到关于恶意软件所做的 无法想象的恐怖行为。
incredible:adj.难以置信的,惊人的; terrifying:adj.令人恐惧的;骇人的;极大的;v.使害怕,使恐怖;(terrify的现在分词)
However, 99 percent of it works because people fail to do the basics. 然而,其中的99%能够生效 是因为人们没能做到最基本的事情。
So my ask is this: Go online, find these simple best practices, find out how to update and patch your computer. 所以我的请求是:上网, 找到这些简单且有效的方法, 找出如何更新并修补你的电脑。
update:vt.使现代化;更新;n.现代化;更新的信息; patch:n.补丁;小片;眼罩;色斑;v.修补;打补丁;缝补;
Get a secure password. 设置一个安全的密码,
Make sure you use a different password on each of your sites and services online. 确定在每个网站和在线服务中 使用不同的密码。
Find these resources . Apply them. 找到并应用这些资源。
resources:n.[计][环境]资源; v.向…提供资金(resource的第三人称单数); Apply:v.申请;涂,敷;应用;适用;请求;
The Internet is a fantastic resource for business, for political expression , for art and for learning. 互联网无论对于经济、政治、 艺术或学习, 都是极好的资源。
fantastic:奇异的,空想的 expression:n.表现,表示,表达;
Help me and the security community make life much, much more difficult for cybercriminals. 帮助我和网络安全人员 让网络罪犯更加 难以生存。
community:n.社区;[生态]群落;共同体;团体;
Thank you. 谢谢。
(Applause) (掌声)