|
|
MikkoHypponen_2011X-_在线攻击的三种类型_
|
| In the 1980s in the communist Eastern Germany, if you owned a typewriter, you had to register it with the government. |
20世纪80年代 在共产主义的东德, 如果你有一台打字机, 你就得去跟政府登记。 |
|
communist:n.共产党员;共产主义者;adj.共产主义的; Eastern:adj.东方的;向东的;东部的;东方国家的;n.东方人;东正教信徒; register:v.登记;注册;记录;n.登记簿;登记表;注册簿;
|
| You had to register a sample sheet of text out of the typewriter. |
你必须登记 出自那台打字机的 一份文本的样本。 |
|
sheet:n.薄板;床单;纸张;报纸;v.覆盖;展开;给…铺床单;铺开;adj.片状的;
|
| And this was done so the government could track where text was coming from. |
这样做后, 政府就能跟踪文本出自何方。 |
|
track:n.小道;足迹;车辙;轨道;v.追踪;跟踪;
|
| If they found a paper which had the wrong kind of thought, they could track down who created that thought. |
如果他们发现一张纸上 写着错误的观点, 他们就能跟踪 是谁产生这样的观点。 |
| And we in the West couldn't understand how anybody could do this, how much this would restrict freedom of speech. |
而在西方 我们不能理解有人怎么能做这种事, 这将会多么限制言论自由啊。 |
|
restrict:v.限制;约束;阻碍;束缚;
|
| We would never do that in our own countries. |
我们永远不会在我们自己的国家 里这样做。 |
| But today in 2011, if you go and buy a color laser printer from any major laser printer manufacturer and print a page, that page will end up having slight yellow dots printed on every single page in a pattern which makes the page unique to you and to your printer. |
可是,2011年的今天, 如果你从任何一家大型的激光打印机厂商 买一台彩色激光打印机 打印出一页, 这页纸最后 会有一些小黄点 印在每一页上 图案让这页纸是独特 对你和你的打印机都是。 |
|
laser printer:n.激光打印机; manufacturer:n.生产商;生产者;制造者; slight:adj.轻微的;略微的;细小的;纤细的;n.侮慢;冷落;轻视;v.侮慢;冷落;轻视; unique:adj.独特的,稀罕的;[数]唯一的;n.独一无二的人或物;
|
| This is happening to us today. |
这就是今天 发生在我们身上的。 |
| And nobody seems to be making a fuss about it. |
似乎没有人为此大惊小怪。 |
|
fuss:n.大惊小怪; v.瞎忙一气; (为小事)烦恼;
|
| And this is an example of the ways that our own governments are using technology against us, the citizens. |
这是个 展示 我们的政府 使用科技 来对付我们这些公民们的例子。 |
|
technology:n.技术;工艺;术语;
|
| And this is one of the main three sources of online problems today. |
这是今天网络问题的 三大来源之一。 |
|
sources:n.来源;出处;起源;根源;原因;v.(从…)获得(source的第三人称单数和复数)
|
| If we take a look at what's really happening in the online world, we can group the attacks based on the attackers . |
如果我们看一下在线世界到底发生了什么, 我们根据攻击者来分组。 |
|
take a look at:看一看;检查; attackers:n.攻击者;进攻者;
|
| We have three main groups. |
我们有三个主要的组。 |
| We have online criminals. |
我们有在线罪犯。 |
| Like here, we have Mr. Dimitry Golubov from the city of Kiev in Ukraine . |
这里,我们有位德米特里 戈卢博夫(Dimitry Golubov)先生 来自乌克兰的基辅市。 |
|
Kiev:n.基辅(乌克兰共和国首都); Ukraine:n.乌克兰(原苏联一加盟共和国,现已独立);
|
| And the motives of online criminals are very easy to understand. |
在线罪犯的动机 非常容易理解。 |
|
motives:n.动机;目的;运动(motive的复数);v.使有动机;促动(motive的三单形式);
|
| These guys make money. |
这些家伙为了赚钱。 |
| They use online attacks to make lots of money, and lots and lots of it. |
他们通过在线攻击 赚很多钱, 很多很多钱。 |
| We actually have several cases of millionaires online, multimillionaires , who made money with their attacks. |
我们实际上有好几个案子 都是在线百万富翁,千万富翁, 都是通过在线攻击赚的。 |
|
multimillionaires:n.千万富翁;大富豪;拥有数百万家财的富豪;
|
| Here's Vladimir Tsastsin form Tartu in Estonia. |
这里还有来自爱沙尼亚的塔尔图的弗拉基米尔·莎斯森。 |
| This is Alfred Gonzalez. |
这位是阿尔弗雷德·冈萨雷斯(Alfred Gonzalez)。 |
| This is Stephen Watt . |
这是斯蒂芬·瓦特 (Stephen Watt) |
|
Watt:n.瓦特;
|
| This is Bjorn Sundin. |
这是比昂·松丁(Bjorn Sundin) |
| This is Matthew Anderson, Tariq Al-Daour and so on and so on. |
这是马修·安德森( Matthew Anderson),塔利克·阿尔杜(Tariq Al-Daour) 等等等等。 |
| These guys make their fortunes online, but they make it through the illegal means of using things like banking trojans to steal money from our bank accounts while we do online banking, or with keyloggers to collect our credit card information while we are doing online shopping from an infected computer. |
这些人 在线挣了很多钱, 但他们挣的钱是非法的 通过使用类似银行木马 从我们账户偷钱 当我们在网上进行银行业务, 或者使用键盘记录 来收集我们的信用卡信息 当我们通过被感染的电脑来在线购物的时候。 |
|
fortunes:n.命运,机遇(fortune复数形式); v.给…以大宗财富(fortune的第三人称单数形式); illegal:adj.不合法的;非法的;n.非法移民;非法劳工; trojans:n.特洛伊木马,木马程式; credit card:n.[经]信用卡; infected:adj.带菌的; v.传染; (infect的过去分词和过去式)
|
| The U.S. Secret Service , two months ago, froze the Swiss bank account of Mr. Sam Jain right here, and that bank account had 14.9 million U.S. dollars on it when it was frozen. |
美国情报局, 两个月前, 冻结了萨姆 杰恩先生 在瑞士的银行账户, 那个账户冻结的时候 帐上有一千四百九十万美金。 |
|
Secret Service:n.(政府的)特工部门; bank account:n.银行账户;
|
| Mr. Jain himself is on the loose; nobody knows where he is. |
杰恩先生本人仍逍遥法外; 没人知道他在哪。 |
| And I claim it's already today that it's more likely for any of us to become the victim of a crime online than here in the real world. |
今天我断言 我们当中的任何一位都有可能 成为在线犯罪的受害者 甚至超越现实世界。 |
|
claim:v.要求;声称;需要;认领;n.要求;声称;索赔;断言;值得; victim:n.受害人;牺牲品;牺牲者;
|
| And it's very obvious that this is only going to get worse. |
而且很显然 这种情况越来越糟。 |
|
obvious:adj.明显的;显著的;平淡无奇的;
|
| In the future, the majority of crime will be happening online. |
将来,大多数的犯罪 会发生在线上。 |
|
majority:n.大部分:大多数:多数票:成年人:
|
| The second major group of attackers that we are watching today are not motivated by money. |
第二类主要的攻击集团 我们今天观察的 不是出于金钱。 |
|
motivated:adj.有动机的; v.使产生动机;
|
| They're motivated by something else -- motivated by protests , motivated by an opinion, motivated by the laughs. |
他们的动机源于别处 -- 出于抗议, 出于发表意见, 出于被嘲笑过。 |
|
protests:v.抗议;反对(protest的三单形式);n.抗议(protest的复数);
|
| Groups like Anonymous have risen up over the last 12 months and have become a major player in the field of online attacks. |
这些匿名集团 在过去的12个月中很活跃 并且变成了在线攻击领域的 主要的参与者 |
|
Anonymous:adj.匿名的,无名的;无个性特征的; in the field of:在…方面,在…领域;
|
| So those are the three main attackers: criminals who do it for the money, hacktivists like Anonymous doing it for the protest, but then the last group are nation states, governments doing the attacks. |
这些就是三组主要的攻击者: 为了钱的罪犯, 匿名的攻击活跃者 为了抗议而作的, 而最后一组是民族国家, 政府在攻击。 |
|
hacktivists:骇客活动家;
|
| And then we look at cases like what happened in DigiNotar. |
我们看一下例子 就像DigiNotar公司发生的。 |
| This is a prime example of what happens when governments attack against their own citizens. |
这是政府攻击的 典型例子 来反对自己的民众。 |
|
prime:adj.主要的; v.极好地; n.初期; v.使准备好;
|
| DigiNotar is a Certificate Authority from The Netherlands -- or actually, it was. |
DigiNotar是荷兰的 一个权威证书 或者说它曾经是。 |
|
Certificate:n.证明;证明书;合格证书;文凭;v.发给结业证书;(尤指)发给职业培训证书; Authority:n.权威;权力;当局;
|
| It was running into bankruptcy last fall because they were hacked into. |
它去年秋天遭遇 破产 因为他们遭到入侵。 |
|
bankruptcy:n.破产; hacked:v.砍;劈;猛踢;非法侵入(hack的过去分词和过去式)
|
| Somebody broke in and they hacked it thoroughly . |
有人闯进去 彻底毁了它。 |
|
thoroughly:adv.彻底地,完全地;
|
| And I asked last week in a meeting with Dutch government representatives , |
我上周 在与荷兰政府代表开会时问过, |
|
Dutch:adj.荷兰的; n.荷兰人; v.费用平摊地; representatives:n.代表;众议院(representative的复数形式);
|
| I asked one of the leaders of the team whether he found plausible that people died because of the DigiNotar hack. |
我问一位领导 是否他发现有可能 有人会 因为Diginotar攻击而死亡。 |
|
plausible:adj.貌似可信的,花言巧语的;貌似真实的,貌似有理的;
|
| And his answer was yes. |
他的回答是肯定的。 |
| So how do people die as the result of a hack like this? |
那么,究竟如何人们的死亡 归咎于这样一个攻击呢? |
| Well DigiNotar is a C.A. |
DigiNotar是一个权威证书。 |
| They sell certificates . |
他们卖证书。 |
|
certificates:n.[管理]证书(certificate的复数); v.用证书证明(certificate的单数第三人称);
|
| What do you do with certificates? |
你用证书做什么? |
| Well you need a certificate if you have a website that has https, |
你需要证书的情况会是 你有一个有https的网站, |
| SSL encrypted services, services like Gmail. |
SSL加密服务, 类似Gmail的服务。 |
|
encrypted:v.把…加密(或编码);(encrypt的过去式和过去分词)
|
| Now we all, or a big part of us, use Gmail or one of their competitors, but these services are especially popular in totalitarian states like Iran, where dissidents use foreign services like Gmail |
当今我们所有人或大部分人, 使用Gmail或它对手们中的任何一家, 这些服务在极权主义国家 尤其流行 比如伊朗, 持异议者 使用诸如Gmail的国外服务 |
|
especially:adv.尤其;特别;格外;十分; totalitarian:adj.极权主义的;n.极权主义者; dissidents:公开大唱反调者;持异议者;持不同政见者;
|
| because they know they are more trustworthy than the local services and they are encrypted over SSL connections, so the local government can't snoop on their discussions. |
因为他们知道这些比当地的服务更可靠 他们通过SSL的连接加密, 所以当地政府窥探不到 他们的讨论。 |
|
trustworthy:adj.可靠的;可信赖的; local government:n.地方自治;地方政府(机构); snoop:vi.调查,窥探;n.私家侦探,到处窥视;爱管闲事的人;vt.窥察,窥探;
|
| Except they can if they hack into a foreign C.A. |
他们也能,如果他们攻击了一个国外权威证书, |
| and issue rogue certificates. |
出具伪劣证书。 |
|
issue:n.重要议题;争论的问题;v.宣布;公布;发出;发行; rogue:n.流氓; v.游手好闲; adj.(野兽)凶猛的;
|
| And this is exactly what happened with the case of DigiNotar. |
这恰恰就是发生在 DigiNotar的案子中。 |
| What about Arab Spring and things that have been happening, for example, in Egypt? |
阿拉伯跳是怎么回事? 比如说在埃及发生的那些事? |
| Well in Egypt, the rioters looted the headquarters of the Egyptian secret police in April 2011, and when they were looting the building they found lots of papers. |
在埃及, 暴徒们洗劫了 埃及秘密警察的总部 那是2011年4月, 他们洗劫时找到很多文件。 |
|
rioters:n.暴徒;暴民;骚乱者; looted:v.(暴乱、火灾等后)打劫,抢劫,劫掠;(loot的过去分词和过去式) headquarters:n.总部;指挥部;司令部; secret police:n.秘密警察; looting:n.抢劫;洗劫,趁乱打劫;v.打劫(loot的现在分词);
|
| Among those papers, was this binder entitled "FINFISHER." |
在这些文件中, 有一个名叫FINFISHER的夹子。 |
|
binder:n.[胶粘]粘合剂;活页夹;装订工;捆缚者;用以绑缚之物; entitled:v.使享有权利;使符合资格;给…命名;(entitle的过去分词和过去式)
|
| And within that binder were notes from a company based in Germany which had sold the Egyptian government a set of tools for intercepting -- and in very large scale -- all the communication of the citizens of the country. |
夹子中有些笔记 是来自一家德国公司 这家公司卖给埃及政府 一套工具 用来截取-- 很大比例是 国家公众的所有通信。 |
|
intercepting:n.[数][军]截取;被截终端;v.拦截(intercept的ing形式); scale:n.规模;比例;鳞;刻度;天平;数值范围;v.衡量;攀登;剥落;生水垢;
|
| They had sold this tool for 280,000 Euros to the Egyptian government. |
他们把这套工具 以28万欧元卖给埃及政府。 |
|
Euros:n.欧元;欧洛斯风;带雨东南暴风(euro复数);
|
| The company headquarters are right here. |
公司的总部就在那里。 |
| So Western governments are providing totalitarian governments with tools to do this against their own citizens. |
所以,西方政府 给极权政府提供工具 来反对他们自己的民众。 |
| But Western governments are doing it to themselves as well. |
但西方政府也同样对他们自己这样做。 |
| For example, in Germany, just a couple of weeks ago the so-called Scuinst Trojan was found, which was a trojan used by German government officials to investigate their own citizens. |
比如,在德国, 就是几周前 发现一个叫Scuinst Trojan 的 木马病毒 被德国政府官方用来 调查他们自己的民众。 |
|
so-called:adj.所谓的;号称的; investigate:v.调查;研究;审查;
|
| If you are a suspect in a criminal case, well it's pretty obvious, your phone will be tapped. |
如果你是一宗刑事案件的嫌疑, 很显然,你的电话会被监听。 |
|
suspect:n.犯罪嫌疑人;v.怀疑;不信任;adj.可疑的;
|
| But today, it goes beyond that. |
可是今天,事情已经超越了。 |
| They will tap your Internet connection. |
他们会监视你的网络连接。 |
| They will even use tools like Scuinst Trojan to infect your computer with a trojan, which enables them to watch all your communication, to listen to your online discussions, to collect your passwords. |
他们会用类似Scuinst Trojan的工具 用一个木马来感染你的电脑, 这样就让他们 监视你所有的通信, 监听你的在线讨论, 收集你的密码。 |
|
enables:v.使得; (enable的第三人称单数)
|
| Now when we think deeper about things like these, the obvious response from people should be that, "Okay, that sounds bad, but that doesn't really affect me because I'm a legal citizen. |
当我们更深的想一下 这些事情, 人们的反应显然应是 “对啊,听起来很糟糕, 但因为我是合法公民,也不会真正影响我啦。 |
|
response:n.响应;反应;回答;
|
| Why should I worry? |
为什么我要担忧呢? |
| Because I have nothing to hide." |
我没有什么可隐藏的。” |
| And this is an argument, which doesn't make sense . |
这就是争论所在, 没什么道理。 |
|
make sense:有意义;讲得通;言之有理;
|
| Privacy is implied . |
隐私是不言而喻。 |
|
Privacy:n.隐私;秘密;隐居;隐居处; implied:adj.不言而喻的; v.含有…的意思; (imply的过去分词和过去式)
|
| Privacy is not up for discussion. |
隐私用不着讨论。 |
| This is not a question between privacy against security. |
这不是个 隐私 反对安全的问题。 |
| It's a question of freedom against control. |
而是一个 自由反对管制的问题。 |
| And while we might trust our governments right now, right here in 2011, any right we give away will be given away for good. |
我们2011年的当下 会信任我们的政府, 我们放弃的任何权力会永远失去。 |
| And do we trust, do we blindly trust, any future government, a government we might have 50 years from now? |
我们会不会信任未来的政府, 盲目地信任, 一个50年后的 政府呢? |
|
blindly:adv.盲目地;轻率地;摸索地;
|
| And these are the questions that we have to worry about for the next 50 years. |
这些就是我们要为下一个50年 而担忧的问题。 |