时间:2019年02月23日 23:46:11

An argument is raging about whether companies should be forced to disclose cyber attacks, as security experts warn that US retailers, hotels and airports have gaping holes in their online security.对于是否应该强制企业披露其遭受的网络攻击,各方展开激烈争论。目前安全专家警告,美国的零售商、酒店和机场的网络安全存在巨大漏洞。Researchers in Las Vegas for the Black Hat cyber security conference exposed flaws they argued could allow hackers to swipe credit card details from retailers, run technology in hotel rooms by remote control and trick airport security into believing someone is drugs-free.在举行的“黑帽网络安全大会”(Black Hat)上,研究者们揭露了一些漏洞。他们断言,黑客可以通过这些漏洞,从零售商那里窃取信用卡资料、遥控酒店客房中的科技产品,甚至骗过机场安检,让其相信某人并未携带毒品。Dan Geer, chief information security officer for In-Q-Tel, which invests in technology on behalf of the Central Intelligence Agency, said the threat of cyber attack was so serious that companies should have to declare significant security failures. “Not only has cyber security reached the highest levels of attention, it has sp into nearly every corner,” he said. “The footprint of cyber security has surpassed the grasp of any one of us.”In-Q-Tel公司代表美国中央情报局(CIA)投资于科技设备,该公司首席信息安全官丹#8226;吉尔(Dan Geer)表示,网络攻击的威胁如此严重,以至于应当迫使公司披露重大的安全失败事故。“网络安全不仅得到了最高层的关注,它也几乎传到了每一个角落,”他说,“网络安全的足迹超出我们任何一个人的掌握。”Laws about what kind of attacks companies must report vary depending on the country or industry. But many focus on the loss of consumer data rather than on the tide of attacks by nation states and intellectual property theft.关于公司必须报告哪些种类的黑客攻击,相关法律依国家或者行业有所不同。然而,比起由国家发起的攻击和窃取知识产权,许多人更关注消费者数据的泄露。Despite patchy regulation, the number of companies reporting cyber security concerns to US regulators has more than doubled in the past two years, according to official filings.尽管相关法规还不完善,但根据官方申报文件,在过去两年里向美国监管者报告网络安全问题的公司增加了一倍以上。Mr Geer called for “a public health system” for the internet where the security of everyone online is given higher priority than the privacy of attack victims. He also said the US government should pay to make public vulnerabilities that people find in software.吉尔呼吁为互联网建立一个“公共卫生系统”,比起遭受网络攻击的受害者的隐私,对网络上每一个人的安全给予更高的重视。他还表示,美国政府应出资公布人们在软件中找到的漏洞。Alex Stamos, Yahoo’s chief information security officer, said companies needed to work together to combat cyber crime. Other industries should learn from banks, which had succeeded at co-operating on security partly because they were highly regulated, he said.雅虎(Yahoo)首席信息安全官亚历克斯#8226;斯坦默斯(Alex Stamos)说,公司需要合作抗击网络犯罪。他说,通过在安全上相互合作取得成功,部分原因是因为受到严格监管,其他行业应该学习业的经验。But Kevin Mandia, chief operating officer of cyber security company FireEye, said companies were right to fear being forced to disclose attacks as some were “crucified” in a “point and blame atmosphere”.然而,网络安全公司FireEye的首席运营官凯文#8226;曼迪亚(Kevin Mandia)说,公司有理由害怕被迫披露所遭受的网络攻击,因为在一个“指名道姓指责的环境中”,一些公司曾被“钉上十字架”。Doctors were not blamed for not having yet discovered a cure for cancer and the threat from cyber crime was similarly here to stay, he added. “I feel like we are trying to cure cancer just like doctors are.”他补充说,医生们不会因为还没找到治愈癌症的方法受到指责,网络犯罪的威胁也同样会长期存在。“我感觉我们就像医生一样,是在尝试治愈癌症。” /201408/320038

Microsoft Corp. MSFT -0.66% unveiled a reinvented Xbox game console Tuesday, demonstrating an advanced motion and voice-control system and new television functions as it tries to thrust the machine back into the spotlight amid changing consumer habits.微软(Microsoft Corp.)周二发布了全新的Xbox视频游戏机,展示了其先进的体感和声控系统以及新的电视节目播放功能。在消费者需求不断变化之际,该公司正努力使这款设备重新成为关注焦点。The Redmond, Wash., software giant said its new device, dubbed Xbox One, was designed to take advantage of new technologies to offer customers ways to play games while responding to trends such as the popularity of smartphones and tablets.这家位于华盛顿州雷德蒙德(Redmond)的软件巨头说,这款名为Xbox One的新设备旨在利用新技术为消费者提供一些新的游戏方式,以响应目前的一些趋势,比如智能手机和平板电脑的风靡。Microsoft also integrated technology from its Skype chatting subsidiary into Xbox One, allowing customers to interact with friends using a more refined version of the Kinect motion and speech sensor. Xbox One also can play and control live television streaming from a cable or satellite set-top box.微软还将旗下Skype视频聊天软件的技术整合进了Xbox One,使用户能够与朋友互动。Xbox One还拥有更加精良的Kinect动作和声音传感器,并且能播放和控制来自有线电视和卫星机顶盒的视频节目。The device represents Microsoft#39;s answer to #39;a living room that has become too complex, too fragmented and too slow,#39; with features that integrate control of multiple electronics, said Don Mattrick, president of Microsoft#39;s interactive entertainment business.微软互动部门总裁马特里克(Don Mattrick)说,这款设备是微软对“一个变得太复杂、太分散和太低效的起居室”的解决方案,其功能整合了对多种电子设备的操控。Microsoft said the device will be released later this year, but didn#39;t specify when or how much it will cost. The company#39;s previous device, the Xbox 360, was priced starting at 9 when it launched in 2005.微软说,这款设备将于今年晚些时候推出,但是没有透露推出的具体时间或产品价格。该公司之前的设备Xbox 360于2005年推出时的起价为299美元。The Xbox remains key to Microsoft#39;s efforts to penetrate consumers#39; homes, as many of its other consumer-oriented products─such as Windows Phone─have stumbled. But the console hasn#39;t had a refresh in eight years and arrives as mobile devices such as Apple Inc.#39;s AAPL -0.74% iPhone have become go-to machines for a new swath of casual games that are either free or cost a few dollars.Xbox仍然是微软进渗透进消费者家庭的行动的关键所在,因为该公司迄今推出的许多以消费者为导向的产品并未获得成功,比如Windows Phone。但是这款游戏机八年来一直没有更新,与此同时,人们已经习惯了用苹果(Apple Inc.)的iPhone来玩大量免费或是只花费几美元的小游戏。Those factors combined with the game industry#39;s cycles─where sales taper off before a new game console is released─have hurt sales of new games, consoles and accessories. According to market researcher NPD Group, packaged game sales fell 25% to 5.2 million in April from 7.5 million a year earlier. Console hardware sales dropped 42% to 9.5 million.这些因素加上视频游戏行业的周期因素(新的游戏机发布之前销售减弱)削弱了新的游戏、游戏机和配件的销售。市场研究机构NPD Group的数据显示,今年4月份,打包游戏的销售额同比下降了25%,至4.952亿美元,上年同期销售额为6.575亿美元。游戏机硬件的销售额下降了42%,至1.095亿美元。The Xbox, which sits at the center of Microsoft#39;s entertainment and devices division, has also seen declining sales as it has aged. While the last Xbox has been the top selling console in the U.S. for 21 consecutive months, profits at Microsoft#39;s entertainment and devices division plunged 71% in fiscal 2012 to 4 million, below what it was in 2010.Xbox是微软和设备部门业务的核心,由于这款设备已经推出了很长时间,其销售也在不断下降。尽管上一款Xbox的销量曾连续21个月在美国保持领先,微软和设备部门2012财年的利润下跌了71%,至3.64亿美元,还不及2010年的水平。Game console makers are responding to the changing consumer landscape by including new technologies in their devices. Nintendo Co. 7974.OK +2.97% melded a touch screen into the controller for its Wii U console, which was released last November. Sony Corp. 6758.TO +0.05% in February showed a touch-sensor built into a redesigned controller for its PlayStation 4 console, due out later this year.游戏机制造商正通过将新技术纳入其设备来应对消费者情况不断变化的现实。任天堂公司(Nintendo Co.)在Wii U游戏机的控制手柄中融合了触摸屏,这款游戏机于去年11月发布。索尼公司(Sony Corp.)今年2月向外界展示了其PlayStation 4游戏机经过重新设计的控制手柄中内置的触摸传感器。索尼将于今年晚些时候推出这款游戏机。Aside from additional horsepower to make better looking games, Xbox One includes the ability to watch TV on one part of a screen while looking at other information, such as a fantasy football league scores or a Skype chat, on another.除了花大力气制作外观更加漂亮的游戏外,Xbox One还允许用户分屏,在观看电视的同时浏览其它信息,比如梦幻足球联赛(fantasy football league)的成绩或进行Skype视频聊天。Under the hood, the new Xbox is powered by Advanced Micro Devices Inc. AMD -1.95% chips, in a shift away from chips based on International Business Machines Corp. IBM +0.51% designs. The change makes the new Xbox more similar to Sony#39;s upcoming PlayStation, making it easier to develop games for both companies#39; devices.炫酷的外表下,新Xbox放弃了基于国际商业机器公司(IBM)设计的芯片,转而采用高级微设备公司(AMD)的芯片。这一转变令新Xbox更类似于索尼即将推出的PlayStation,也降低了业界为这两种游戏机开发游戏的难度。But the two devices are also different in that Sony plans to offer a way for its advanced data centers to stream game images and button presses over the Internet to its PlayStation, allowing customers to play potentially any game instantly with a Web connection. That includes older games, which otherwise can#39;t play on the new device. Microsoft didn#39;t unveil that technology for Xbox One.但这两种游戏机也存在不同。索尼计划令其先进数据中心技术一显身手。该数据中心可以流媒体格式通过互联网将游戏图像和虚拟按键传送到PlayStation游戏机上,这样用户在有网络连接的情况下基本可以玩任何游戏,其中包括老游戏。如果没有这项技术,新设备无法玩老游戏。从微软此次发布的情况看,Xbox One没有配备这项技术。Microsoft put more horsepower behind the technology it does offer, however. The Kinect motion sensor, which debuted three years ago, was revamped and can now better hear gamers speak at the device and more accurately understand their movements, for instance.但微软在此次推出的技术上确实下足了力气。三年前首次亮相的Kinect运动传感器得到了改进,现在可以更清晰地听到玩家对该设备说的话,更准确地识别玩家的动作。Microsoft is also investing in new games for the device. The software company said it would release 15 titles from its own studios during the Xbox One#39;s first year on the market.微软还为Xbox One投资开发新游戏。微软表示,在Xbox One上市第一年期间,其自己的工作室将推出15款新游戏。The company said it is developing a television show based on its popular Halo space-war game series with director Steven Spielberg. Nancy Tellem, head of Microsoft#39;s television studio efforts, said the effort is the beginning of Microsoft#39;s efforts to apply its Xbox technology to the way television works.微软表示,它正在和导演斯皮尔伯格(Steven Spielberg)开发一个基于其广受欢迎的《光环》(Halo)系列太空战游戏制作的电视节目。微软负责电视制作的泰勒姆(Nancy Tellem)说,此举是微软将其Xbox技术应用到电视制作领域的开端。#39;Until now, television was a one-way street for the viewer,#39; she said. #39;That#39;s about to change.#39;她说,到目前为止,对观众来说看电视是一种单向交流。这种情况就要发生改变了。 /201305/240952

There#39;s a war raging between hackers and companies, and you#39;re caught in the crossfire. Every time a company gets hacked, you have to change your password. And don#39;t you dare reuse it somewhere else.黑客和企业之间在发生战争,而你也深陷其中。每次企业受到黑客攻击,你都不得不修改自己的密码,还不敢在其它地方重新使用这个密码。Dreaming up a different password for every site and service is the only way to keep your stuff safe online, but it#39;s also a gigantic nuisance. There#39;s one thing you can -- and should -- do to help: Get a password manager program.为每一个网站和每一项务想一个不同的密码是让你的东西在网上获得安全保的唯一办法,但这也是一件大麻烦事。对此,你能够、也应该做的一件事是:使用密码管理程序。I have more than 150 different logins and counting. I#39;d have to be Rain Man to memorize that many passwords. So I went on a hunt for the best services for storing all my passwords, and whittled down the list to four that get the job done and offer enough security for most of us: 1Password, Dashlane, LastPass and PasswordBox.我有150多个不同的登录名,这个数字还在增加。我必须成为雨人(Rain Man)才能记住那么多的密码。因此我开始寻找可以储存我所有密码的最好工具,最终将备选名单减少到四个:1Password、Dashlane、LastPass和PasswordBox。它们可以不辱使命并为我们大多数人提供足够的安全保。LastPass is a good choice for people who use newer technology like fingerprint scanners. For the really paranoid, 1Password offers the most control over where your encrypted vault of passwords gets stored.LastPass对于使用指纹扫描仪等新技术的人来说是一个很好的选择,而对于真正的偏执狂来说,1Password可以对你的加密密码库的所在位置提供最优的控制务。For most people, I recommend Dashlane. It#39;s simple, so you#39;ll actually use it. It may even save you clicks.对于大多数人,我推荐使用Dashlane。它很简单,所以你真的会用它,它甚至可以让你减少你点击鼠标的次数。But, wait -- isn#39;t storing all your passwords in one place a terrible idea? It#39;s better than reusing easily remembered passwords everywhere. Password managers hide your information behind a master password that only you know.不过,等等――把你所有的密码存放在一个地方,这难道不是一个可怕的想法吗?这总比在所有地方重复使用轻而易举就记得住的密码要好。密码管理器会把你的信息隐藏在一个只有你才知道的主密码后面。Nothing is 100% guaranteed, but all four of these managers take the additional security step of never sending your master password over the Internet. They#39;re like a safety deposit box that a professional keeps without knowing what#39;s inside, or even holding a key to open it.没有什么东西是有100%的保的,但这四种密码管理器都采取了额外的安全措施,永远不会在互联网上发送你的主密码。它们就像一个保险箱一样,保管它的专业人士并不知道里面放的是什么,甚至没有打开它的钥匙。In an age where more of our personal information lives, password protected, up in the cloud, we need defenses beyond antivirus software. Using a password manager is the next step.在我们越来越多的个人信息通过密码保护的方式存储到云端的年代,除了杀毒软件以外,我们还需要额外的防护。使用密码管理器就是下一步要采取的措施。Dashlane is like the memory you wish you had. It keeps track of not only passwords, but also credit card numbers and user IDs, filling them in when you need them across many different devices. It also keeps a helpful scorecard on the quality of your existing passwords, and nudges you to improve them.Dashlane恰如你希望拥有的那种,它记录的不光是密码,还有信用卡卡号及用户名,当你在诸多不同设备上需要这些信息的时候就可以把它们填进去。Dashlane还有一个用处很大的记分卡,可以评估你现有密码的可靠性并敦促你加以改进。Dashlane is free to use on any single device; a annual subscription lets the Dashlane apps automatically sync your data across devices. You can try this premium service free for 30 days.Dashlane在任何一台单一设备上都可以免费使用;缴纳30美元(约合人民币187元)的年费就可以让Dashlane应用软件自动同步你在各个设备上的数据,你可以免费试用这项高级务30天。Setting up Dashlane is a pleasure. Its app slurps up the passwords that been saved unencrypted in your Web browser, and learns new ones as you type them. All of this gets protected by the master password, encrypted in a database on your computer or mobile device. Every time you start your computer or open the Dashlane app, you must log into the app with that master password. (You can make it ask for your password more often, like whenever your device is idle for too long.)安装Dashlane是一种乐趣。Dashlane应用会吞噬掉你在网页浏览器中没有加密的密码,并在你输入新密码时记住它们。所有这一切都得到一个主密码的保护,主密码在你的电脑或移动设备上的数据库中进行了加密。每次你启动电脑或打开Dashlane应用的时候,你必须用那个主密码登录进入该应用。(你可以让它更频繁地询问你的密码,比如当你的设备太长时间没有操作的时候。)Dashlane uses an add-on to Web browsers, including Chrome, Firefox, Internet Explorer and Safari. When you#39;re logging into a site Dashlane knows, it puts a small icon (a dashing impala) in the login box to let you know it can enter your username and password -- even your credit card number. If you tell it to, Dashlane will even press the #39;login#39; button automatically. It doesn#39;t work on every site, but does a better job than most.Dashlane在网页浏览器上使用的是一个插件,适用的浏览器包括Chrome、火狐(Firefox)、IE(Internet Explorer)和苹果Safari。当你登录一个网站的时候,Dashlane是知道的,它会在登录框中放入一个小图标(一只奔跑的黑斑羚),以便让你知道它能够输入你的用户名和密码――甚至你的信用卡卡号。如果你令其这么做,Dashlane甚至会自动按下“登录”键。Dashlane的这种功能不是在每一个网站都能奏效,但比起其它大多数应用来效果好多了。Along the way, Dashlane also tries to improve your security. When you#39;re changing a password or starting a new account, it suggests a strong one that would confound even a supercomputer. And its colorful security scorecard cheerfully humiliates you into replacing weak or repeated passwords.在这一过程中,Dashlane还会尽力提高你的安全保障。当你在修改密码或开启一个新账户时,它会建议设置一个甚至可以迷惑一台超级计算机的强效密码。它那五缤纷的安全记分卡会得意洋洋地奚落你,让你更换易被破解或重复的密码。Where password managers really become helpful is keeping your passwords up-to-date across all sorts of devices -- computers, phones and tablets. (I ruled out the password keepers built into Google#39;s Chrome browser and Apple#39;s iCloud because neither works across all of my stuff.)密码管理器真正有用的地方是让你的密码可以在各种设备上――电脑、手机和平板电脑――得到更新。(我排除了谷歌(Google) Chrome浏览器中内置的密码管理器和苹果(Apple)的iCloud,因为两者都不能更新我所有的设备上的密码。)Dashlane works largely the same way on Android phones and tablets, automatically entering your passwords in apps, though not yet on the default Chrome browser. (The company says it is working on that.)Dashlane在安卓系统(Android)的手机和平板上的工作方式大致相同,会自动在应用软件中输入你的密码,不过在默认的Chrome浏览器上还无法运作。(该公司说它正在解决这个问题。)On iPhones and iPads, the Dashlane app allows you to copy and paste all of your logins and passwords into a browser, but can#39;t fill them in for you because of Apple#39;s programming rules. (The same problem afflicts most password managers except for PasswordBox, which has figured out a way to auto-login on a handful of big sites on mobile Safari.)在iPhone和iPad上,Dashlane应用允许你将所有的登录名和密码复制、粘贴到浏览器,但碍于苹果公司的编程规则,它不能替你填写这些信息。(同样的问题还困扰着除PasswordBox以外的大多数密码管理器,PasswordBox已经找到一个办法在移动Safari浏览器上自动登录一些大的网站。)If you share a computer with family members, Dashlane remembers multiple logins without asking you to set up profiles. And the company says it is close to launching a new families-and-teams version that will make it easier to sync passwords between people who share, say, an Amazon or Netflix account.如果你与家人共用一台电脑,Dashlane不用让你设置配置文件就可以记住多个登录名。该公司说,它即将推出一款家庭-团队版本的新管理器,让那些共用亚马逊(Amazon)或网飞(Netflix)等账户的人之间可以更容易地同步密码。Behind the scenes, Dashlane takes some important steps to secure your data. It never sends your master password over the Internet, and it protects your personal data using advanced encryption known as AES-256 before syncing it with your other devices via its servers. Neither Dashlane nor a hacker (or government agency) breaking into the company#39;s systems could access your data without knowing your master password. This setup prevented Dashlane from even being vulnerable to the recent Heartbleed security catastrophe.在幕后,Dashlane采取了几项重要措施保你的数据安全。它永远不会在互联网上发送你的主密码,在通过其务器将密码与你的其它设备同步之前,它使用一种名为AES-256的高级加密技术来保护你的个人数据。Dashlane和侵入公司系统的黑客(或者政府机构)如果不知道你的主密码,都无法获取你的数据。这种设置甚至让Dashlane避过了最近的Heartbleed安全漏洞一劫。But if you really want to keep your stuff off the Internet, Dashlane gives you that option, too, though you#39;ll need to sync passwords manually across devices. (The password manager that does the best offline syncing is 1Password.)但如果你实在希望你的密码不出现在互联网上,Dashlane也会给你那样的选择,不过你需要在设备之间手动同步密码。(离线同步做得最好的密码管理器是1Password。)OK, what happens if somebody manages to get your master password? That could happen if someone installs a piece of keylogging malware on your computer -- and is a good reminder that you should run antivirus software to keep such attacks at bay.好了,要是有人设法获取了你的主密码怎么办呢?假如有人在你的电脑上安装了一款键盘记录恶意软件,这种事情很可能发生――这对你也是一个很好的提醒,你应该运行杀毒软件,将那样的攻击拒之门外。But even if that happened, there#39;s an additional layer of security: Dashlane won#39;t let someone unlock your passwords on a new device without first entering an ever-changing code it sends directly to your phone or email.不过,即便发生了那种事,另外还有一层安全保护措施:如果不先输入一个直接发送到你手机或电子邮件的随机验码,Dashlane是不会让人在一台新设备上给密码解锁的。This important two-step authentication is only available from Dashlane and LastPass, though PasswordBox says it is working on it. A 1Password spokesman says this additional authentication isn#39;t helpful with its design, where there is no central silo of your data. But I think it helps to know if someone is trying to get into your stuff.这种两步验身份的重要手段只有Dashlane和LastPass才提供,而PasswordBox说它正在做这项工作。1Password的一名发言人说,这种附加的身份验对于1Password的设计来说没有多大用处,1Password里没有你的中央数据库。但我认为假如有人试图进入你的地盘时,这种验可以帮你了解状况。Still, why should you trust Dashlane, a two-year-old startup with two million customers?那么,你为何应该信任Dashlane这家有两年历史、两百万客户的初创企业呢?Because selling security is the only way Dashlane makes money. And if you decide it is not worth a year, Dashlane lets you export your password database in forms that can be by you or another password manager.因为Dashlane赚钱的唯一途径是卖安全。如果你认为一年30美元的费用有所不值,Dashlane允许以你或别的密码管理器可以读取的方式输出你的密码数据库。You could even use the old-fashioned technique, and print out the database on paper. As crazy as that sounds, it#39;s still safer than using the same password over and over again.你甚至可以用老式的手段把数据库打印在纸上。虽然那听起来有点疯狂,但它还是比一遍又一遍地使用相同的密码更加安全。 /201405/300444

文章编辑: 飞度【养生问答网】