托福雙語閱讀：網(wǎng)絡(luò)安全迷思

    想要提高托福閱讀能力，我們一定要在日常生活中有意識地增加英語閱讀量，提升語感和熟練度，下面和出國留學(xué)網(wǎng)小編一起來看看托福雙語閱讀：網(wǎng)絡(luò)安全迷思。
    Computer security
    The myth of cyber-security
    Computers will never be secure. To manage the risks， look to economics rather than technology
    計算機(jī)安全
    網(wǎng)絡(luò)安全之迷思
    計算機(jī)從來都不安全。要應(yīng)對這一風(fēng)險，更需要經(jīng)濟(jì)手段而非技術(shù)手段
    COMPUTER security is a contradiction（名詞）in terms. Consider the past year alone： cyberthieves stole $81m from the central bank of Bangladesh； the $4.8bn takeover of Yahoo， an internet firm， by Verizon， a telecoms firm， was nearly derailed使脫軌by two enormous data breaches； and Russian hackers interfered in the American presidential election. 計算機(jī)安全是個自相矛盾的（形容詞）說法。姑且只看下去年的情況：網(wǎng)絡(luò)竊賊從孟加拉中央銀行盜走了8100萬美元；電信公司威瑞森（Verizon）以48億美元收購互聯(lián)網(wǎng)公司雅虎的交易差點(diǎn)因兩起大規(guī)模數(shù)據(jù)泄露而泡湯；俄羅斯黑客干擾了美國總統(tǒng)大選。
    Away from the headlines， a black market in computerised extortion， hacking-for-hire and stolen digital goods is booming. The problem is about to get worse. Computers increasingly deal not just with abstract data like credit-card details and databases， but also with the real world of physical objects and vulnerable human bodies. A modern car is a computer on wheels； an aeroplane is a computer with wings. The arrival of the “Internet of Things” will see computers baked intoeverything from road signs and MRI scanners to prosthetics and insulin pumps. There is little evidence that these gadgets will be any more trustworthy than their desktop counterparts. Hackers have already proved that they can take remote control of connected cars and pacemakers. 在這些頭條之外，一個利用電腦敲詐勒索、黑客雇傭和數(shù)字商品銷贓的黑市日漸繁榮。這一問題還將進(jìn)一步惡化。計算機(jī)的應(yīng)用途徑日益增多，它們不僅處理信用卡詳細(xì)信息和數(shù)據(jù)庫之類的抽象數(shù)據(jù)，還涉及真實世界里的物品和脆弱的人體?，F(xiàn)代的汽車就是裝在輪子上的電腦，而飛機(jī)則是插上翅膀的電腦。物聯(lián)網(wǎng)的到來會讓所有物品都嵌上計算機(jī)，從道路標(biāo)識、核磁共振掃描儀，到假肢和胰島素泵。沒有證據(jù)表明這些裝置會比桌面電腦更安全可靠。黑客們已經(jīng)證明了他們能遠(yuǎn)程控制聯(lián)網(wǎng)的汽車和起搏器。
    It is tempting誘人的to believe that the security problem can be solved with yet more technical wizardry and a call for heightened vigilance. And it is certainly true that many firms still fail to take security seriously enough. That requires a kind of cultivated paranoia which does not come naturally to non-tech firms. Companies of all stripes種類should embrace initiatives like “bug bounty” programmes， whereby firms reward ethical hackers for discovering flaws so that they can be fixed before they are taken advantage of. 人們很容易認(rèn)為，只要有了更多的技術(shù)魔法并呼吁大家提高警惕，安全問題就能得到解決。而且很多公司對待安全問題的態(tài)度確實還不夠認(rèn)真。這種意識需要一種長期養(yǎng)成的偏執(zhí)，而科技界以外的公司不會自然而然地?fù)碛羞@一特質(zhì)。各種各樣的公司都應(yīng)該采納像“漏洞懸賞”項目這樣的舉措——公司獎勵發(fā)現(xiàn)缺陷的正派黑客，這樣在被人利用之前就可以把漏洞修補(bǔ)好。
    But there is no way to make computers completely safe. Software is hugely complex. Across its products， Google must manage around 2bn lines of source code—errors are inevitable. The average program has 14 separate vulnerabilities， each of them a potential point of illicit entry. Such weaknesses are compounded混合by the history of the internet， in which security was an afterthought.但是不可能讓計算機(jī)百分之百地安全。軟件極其復(fù)雜。谷歌在各種產(chǎn)品中必須處理約20億行源代碼，出錯在所難免。一個普通程序一般有14個不同的安全隱患，每一處都是一個可能的非法入侵點(diǎn)。這些弱點(diǎn)因互聯(lián)網(wǎng)的歷史而雪上加霜（根據(jù)語境變換語氣）：對互聯(lián)網(wǎng)而言，安全是事后才想到的事情。
    Leaving the windows open
    敞開窗口
    This is not a counsel ofdespair. The risk from fraud， car accidents and the weather can never be eliminated completely either. But societies have developed ways of managing such risk—from government regulation to the use of legal liability and insurance to create incentives for safer behaviour.
    這并不表示已經(jīng)無計可施（視角轉(zhuǎn)換）。遭遇欺詐、車禍、壞天氣的風(fēng)險同樣無法完全避免。不過社會各界已經(jīng)研究出管理這類風(fēng)險的種種方法，從政府監(jiān)管到使用法定責(zé)任和保險，來鼓勵更安全的行為。
    Start with regulation. Governments’ first priority is to refrain from making the situation worse. Terrorist attacks， like the recent ones in St Petersburg and London， often spark calls for encryption to be weakened so that the security services can better monitor what individuals are up to. But it is impossible to weaken encryption for terrorists alone. The same protection that guards messaging programs like WhatsApp also guards bank transactions and online identities. Computer security is best served by encryption that is strong for everyone. 先要從監(jiān)管開始。各國政府的首要任務(wù)是克制會讓事態(tài)惡化的舉動。恐怖襲擊（例如最近在圣彼得堡和倫敦發(fā)生的那些）常常會引發(fā)削弱加密的呼聲，因為這樣一來安保部門就能更好地監(jiān)控個人在做什么。但削弱加密不可能只針對恐怖分子。保護(hù)WhatsApp等短信程序安全的措施也在用于保護(hù)銀行交易和網(wǎng)上身份信息。對每一個人都做好加密，計算機(jī)安全才能得到最好的保護(hù)。
    The next priority is setting basic product regulations. A lack of expertise will always hamper the ability of users of computers to protect themselves. So governments should promote “public health” for computing. They could insist that internet-connected gizmos be updated with fixes when flaws are found. They could force users to change default usernames and passwords. Reporting laws， already in force in some American states， can oblige companies to disclose when they or their products are hacked. That encourages them to fix a problem instead of burying it. 第二要務(wù)是設(shè)立基本的產(chǎn)品法規(guī)。缺乏專業(yè)知識（別老knowledge）常常會阻礙（別老obstacle/stop）計算機(jī)用戶保護(hù)自己，因此政府應(yīng)當(dāng)推進(jìn)計算的“公共健康”。它們可以要求聯(lián)網(wǎng)裝置發(fā)現(xiàn)漏洞時必須修補(bǔ)更新，還可以強(qiáng)迫用戶修改默認(rèn)的用戶名和密碼。已在美國部分州實施的報告法要求公司披露它們或它們的產(chǎn)品被黑客攻擊的情況。這鼓勵它們解決問題而不是隱匿不報。
    Go a bit slower and fix things
    慢一點(diǎn)，解決問題
    But setting minimum standards still gets you only so far. Users’ failure to protect themselves is just one instance of the general problem with computer security—that the incentives to take it seriously are too weak. Often， the harm from hackers is not to the owner of a compromised device. Think of botnets， networks of computers， from desktops to routers to “smart” light bulbs， that are infected with malware and attack other targets.
    但制定最低標(biāo)準(zhǔn)的作用也就僅此而已。計算機(jī)安全的普遍問題是人們實在缺乏動力來認(rèn)真對待這一問題，用戶無法自我保護(hù)只是其中一個例子。因黑客入侵遭受損害的往往不是被黑設(shè)備的所有者——想想那些感染了惡意軟件后攻擊其他目標(biāo)的僵尸網(wǎng)絡(luò)（由桌面電腦、路由器和“智能”燈泡等設(shè)備組成的計算機(jī)網(wǎng)絡(luò)）。
    Most important， the software industry has for decades disclaimed liability for the harm when its products go wrong. Such an approach has its benefits. Silicon Valley’s fruitful “go fast and break things” style of innovation is possible only if firms have relatively free rein to put out new products while they still need perfecting. But this point will soon be moot. As computers spread to products covered by established liability arrangements， such as cars or domestic goods， the industry’s disclaimers will increasingly butt up against existing laws. 更重要的是，軟件業(yè)幾十年來都拒絕為產(chǎn)品問題造成的損害承擔(dān)責(zé)任。這種做法確有好處。只有公司能相對自由地推出有待完善的新產(chǎn)品，硅谷“快速推進(jìn)、破除陳規(guī)”的創(chuàng)新方式才能結(jié)出累累碩果。但是這一點(diǎn)很快將失去意義。隨著計算機(jī)擴(kuò)展到已建立了責(zé)任制度的產(chǎn)品，如汽車或家用產(chǎn)品，這一行業(yè)的免責(zé)聲明會越來越違背已有法律。
    Firms should recognise that， if the courts do not force the liability issue， public opinion will. Many computer-security experts draw comparisons to the American car industry in the 1960s， which had ignored safety for decades. In 1965 Ralph Nader published “Unsafe at Any Speed”， a bestselling book that exposed and excoriated the industry’s lax attitude. The following year the government came down hard with rules on seat belts， headrests and the like. Now imagine the clamour for legislation after the first child fatality involving self-driving cars. 公司應(yīng)當(dāng)認(rèn)識到，如果法庭沒有強(qiáng)制推行法定責(zé)任，公眾輿論也會這么做。很多計算機(jī)安全專家對比了20世紀(jì)60年代美國汽車業(yè)的情況。當(dāng)時，汽車行業(yè)忽視安全問題已長達(dá)幾十年。1965年，拉爾夫·納德（Ralph Nader）出版了《任何速度都不安全》（Unsafe at Any Speed），這本暢銷書揭示并痛斥（MD記住這個詞）了汽車制造業(yè)的懶散態(tài)度。第二年政府采取強(qiáng)硬手段，出臺了安全帶、頭枕等法規(guī)?，F(xiàn)在試想如果自動駕駛汽車導(dǎo)致首例兒童死亡，那么要求立法的呼聲（MD記住這個詞）將會是怎樣。
    Fortunately， the small but growing market in cyber-security insurance offers a way to protect consumers while preserving the computing industry’s ability to innovate. A firm whose products do not work properly， or are repeatedly hacked， will find its premiums rising， prodding it to solve the problem. 所幸網(wǎng)絡(luò)安全保險這個雖小卻不斷發(fā)展的市場提供了一種方法，可以在保護(hù)消費(fèi)者的同時保持計算機(jī)行業(yè)的創(chuàng)新能力。產(chǎn)品無法正常工作或是經(jīng)常被黑客攻擊的公司將面臨保費(fèi)上漲，這會敦促它解決問題。
    A firm that takes reasonable steps to make things safe， but which is compromised nevertheless， will have recourse to an insurance payout that will stop it from going bankrupt. It is here that some carve-outs from liability could perhaps be negotiated. Once again， there are precedents： when excessive claims against American light-aircraft firms threatened to bankrupt the industry in the 1980s， the government changed the law， limiting their liability for old products.采取了合理措施來保障安全但仍然遭到傷害的公司可以向保險公司索賠，免于破產(chǎn)。也正是在這里，一些免賠的責(zé)任或許可以協(xié)商解決。在這方面也有先例：上世紀(jì)80年代，當(dāng)美國輕型飛機(jī)制造公司面臨巨額索賠以致整個行業(yè)都有破產(chǎn)風(fēng)險時，政府更改了法律，限定了它們在舊產(chǎn)品上應(yīng)負(fù)的責(zé)任。
    One reason computer security is so bad today is that few people were taking it seriously yesterday. When the internet was new， that was forgivable. Now that the consequences are known， and the risks posed by bugs and hacking are large and growing， there is no excuse for repeating the mistake. But changing attitudes and behaviour will require economic tools， not just technical ones. 今天計算機(jī)安全問題如此嚴(yán)峻，原因之一便是之前極少有人認(rèn)真對待過這個問題（寫作句型）在互聯(lián)網(wǎng)興起之初，這種狀況還情有可原。既然如今后果已經(jīng)彰顯，漏洞和黑客攻擊帶來的風(fēng)險也巨大且與日俱增，那么就沒有理由再重蹈覆轍。但改變觀念、改變行為都需要經(jīng)濟(jì)手段，而不僅是技術(shù)手段。