双语新闻：中国黑客攻击苹果iCloud云存储

2014-10-28 17:09:33来源：网络

　　Activists and security experts say they believe the attacks are backed by the Chinesegovernment because they are hosted from servers to which only the government and state-runtelecommunications companies have access, according to GreatFire. They are also similar torecent attacks on Google, Yahoo and Microsoft aimed at monitoring what information userswere retrieving on the sites.

　　GreatFire称，活动人士和安全专家表示，他们认为这次的袭击得到了中国政府的支持，因为它们是由政府和国有电信公司才有权限的服务器上发起的。此外，它们和谷歌(Google)、雅虎(Yahoo)以及微软(Microsoft)最近遭遇的攻击类似，而那些攻击意在监控用户从这些网站上读取了什么信息。

　　“All signs point to the Chinese government’s involvement,” said Michael Sutton, vice presidentfor threat research at Zscaler, a San Jose, Calif., security company. “Evidence suggests thisattack originated in the core backbone of the Chinese Internet and would be hard to pull off if itwas not done by a central authority like the Chinese government.”

　　“所有迹象都指向中国政府与此事有关，”在加利福尼亚州圣何塞的安全公司Zscaler负责威胁研究的副总裁迈克尔·苏顿(Michael Sutton)说。“证据表明，这轮攻击发端于中国互联网的核心中枢，而且假如不是像中国政府这样的中央当局干的，这种攻击将很难实现。”

　　The targeting of Yahoo, Google and Apple also potentially reveals a new Chinese governmenteffort to adapt to initiatives by Internet companies — most notably new encryption techniques— to protect user data from government spying.

　　把雅虎、谷歌和苹果作为目标也潜在地揭示出，为了适应互联网公司为保护用户数据免受政府监控而采取的措施，尤其是新的加密技术，中国政府做出了新的努力。

　　“The Chinese government could no longer sniff traffic, so they intercepted that traffic betweenthe browser and the iCloud server,” Mr. Sutton said.

　　“中国政府无法再窥探流量，所以他们就截取了浏览器和iCloud服务器之间的流量，”苏顿说。

　　Many web browsers, like Apple’s Safari, Google’s Chrome and Mozilla’s Firefox, flashed awarning to users that a so-called encryption certificate that is supposed to identify who is onthe other end of a web session should not be trusted. That indicated that users wereinadvertently communicating with the attackers, rather than iCloud. In effect, the hackersstepped into the middle of the online conversation.

　　许多网页浏览器，如苹果的Safari、谷歌的Chrome和Mozilla的Firefox，会弹出一条警告，提醒用户不应信任本应识别出网络会话的另一端是谁的“加密证书”。这种警告表明，用户正在疏忽大意地与攻击者而非iCloud交流。实际上，黑客是插入到了网络对话的中间。

　　Mr. Sutton noted that Qihoo, a browser offered by the Qihoo 360 Technology Company that ispopular with Chinese Internet users, did not flash a warning to users.

　　苏顿指出，奇虎360科技有限公司推出的奇虎浏览器在中国网民中颇受欢迎，它就不会向用户弹出这类警告。

　　“As more sites move to encryption by default — which prevents the censorship authoritiesfrom selectively blocking access to content — the Chinese authorities will grow increasinglyfrustrated with their ability to censor that content,” said the GreatFire spokesman.

　　“随着更多网站转为默认加密——可以防止审查机构有选择地屏蔽内容——中国当局对自己审查内容的能力会越来越失望，”前述GreatFire发言人说。

　　“In some ways their hands are being forced. They can attempt these man-in-the-middle attacksor choose to outright block access to these sites. The more sites they block, the more they cutoff the Chinese populace from the global Internet,” he added.

　　他还说，“他们其实别无选择。他们可以尝试这种中间人攻击，或选择直接屏蔽这些网站。他们屏蔽的网站越多，中国人孤立于国际网络的程度就越严重。”

　　The timing of the attack, aligned with the release of the new iPhone in China, is a potentialindicator that the government is trying to harvest sign-in data from a large number of userswho are switching over to the iPhone 6. The new phone comes with better encryption toprotect against government snooping.

　　攻击的时机恰好是新款iPhone在中国市场发售之时。这或许意味着，政府正试图从更换到iPhone 6的大量用户手中获取登录数据。为了防止政府的窥探，新款iPhone使用了更好的加密技术。

　　In September, Apple, based in Cupertino, Calif., said its latest operating system, iOS 8,included protections that made it impossible for the company to comply with governmentwarrants asking for customer information like photos, emails and call history.

　　今年9月，总部位于加利福尼亚州库比提诺的苹果表示，公司最新的操作系统iOS 8配有的保护措施，将使其无法遵照政府命令，泄露图片、电子邮件和通话记录等客户信息。

本文关键字: 中国黑客攻击苹果iCloud云存储