双语新闻：中国黑客攻击苹果iCloud云存储

2014-10-28 17:09:33来源：网络

　　The change prompted the Federal Bureau of Investigation director, James B. Comey, to say ina recent speech that new encryption by Apple and others “will have very serious consequencesfor law enforcement and national security agencies at all levels.”

　　基于这个变化，联邦调查局(FBI)局长詹姆斯·B·科米(James B. Comey)在近期的一次演讲中称，苹果等公司的新型加密技术“将给各个层级的执法和国家安全机构造成严重影响”。

　　“Sophisticated criminals will come to count on these means of evading detection,” Mr. Comeysaid.

　　科米说，“经验丰富的罪犯将依赖这些途径来逃避侦查。”

　　In August, Apple began storing data for iCloud on servers in China in a move it said wasintended to enhance performance of the service there. The company said the state-ownedservice provider China Telecom, which owns the servers where the data is stored, did not haveaccess to the content.

　　今年8月，苹果开始在中国境内的服务器上储存iCloud数据。苹果表示，这样做是为了提高iCloud在当地的服务质量。公司称，储存数据的服务器归属于中国的国有服务提供商中国电信，但其无法获取储存内容。

　　But security experts say it appears that Beijing has found a workaround, by coordinating man-in-the-middle attacks on a mass scale.

　　不过安全专家表示，中国政府似乎找到了一种变通方案，即组织大规模的中间人攻击。

　　Apple on Tuesday acknowledged a network attack, but clarified that its iCloud servers were notbreached. On a security webpage, it implied that man-in-the-middle attacks were being usedto direct people to fake connections of iCloud.com, making their user names and passwordsvulnerable to theft.

　　周二，苹果承认受到网络攻击，但明确表示其iCloud服务器未被攻破。在公司的一个有关安全问题的网页上，苹果暗示，有人正通过中间人攻击把用户引向iCloud.com的虚假链接，从而使他们的用户名和密码易于泄露。

　　On the webpage, Apple explained how people could distinguish an authentic iCloud.comwebsite from a fake one. Basically, users will receive warnings when the web browser detects afake certificate or an untrusted connection. Apple advised people to heed those warnings whenthey appear and avoid signing in.

　　苹果在该网页上对如何分辨真假iCloud.com网站进行了解释。一般来说，当浏览器发现伪造的证书或不值得信赖的链接时，用户就会收到警告。苹果建议人们注意这类警告，不要登录。

　　“Apple is deeply committed to protecting our customers’ privacy and security,” said TrudyMuller, an Apple spokeswoman. “We’re aware of intermittent organized network attacksusing insecure certificates to obtain user information, and we take this very seriously.”

　　“苹果坚定地致力于保护用户的隐私与安全，”苹果的女发言人特鲁迪·穆勒(Trudy Muller)说。“我们知道，有人为了获取用户信息，在通过不安全的证书不时发动有组织的网络攻击，我们对此非常重视。”

　　Ms. Muller declined to comment on whether Apple had identified the Chinese government asthe source of the attacks.

　　对于苹果是否已经确认中国政府为攻击来源，穆勒拒绝置评。

　　Security experts said users should not visit websites if they receive a browser warning. Mr.Sutton also advised users to turn on two-factor authentication whenever possible, aprocedure in which a user is prompted to enter a second one-time password that has beentexted to the user’s phone. That way, he said, even if an attacker intercepts a password, theycannot use it to log into a site without the second password.

　　安全专家称，如果收到浏览器发出的警告，用户应该停止访问相应网站。苏顿还建议用户尽可能地开启双因素认证。在进行双因素认证时，用户需要输入另一个一次性密码，而该密码会通过短信发送到用户的手机上。他说，通过这种方式，即便攻击者截获了某个密码，他们也无法在没有第二个密码的情况下用其登录网站。

　　“Users should treat this seriously,” Mr. Sutton said.

　　苏顿说，“用户应该严肃对待这个问题。”

本文关键字: 中国黑客攻击苹果iCloud云存储