在线英语听力室_免费在线英语听力学习网站

(单词翻译:双击或拖选)

　　The bad guys stole more than three million Social Security numbers from the State of South Carolina. As many as seventy million credit card numbers from Sony PlayStation. They got access to all of the personal details of some customers of a nationwide mortgage lending firm. But cybercriminals aren’t just looking to steal personal information and credit card numbers when they break into corporate⁵ computers -- they’re looking for other valuable information.

　　STEWART BAKER⁶: Everything about your business is accessible to an attacker.

　　RICK KARR: Stuart Baker is former general counsel of the NSA who’s now a computer security consultant⁷.

　　STEWART BAKER: They can steal your designs. They can steal your-- knowhow. They can steal your customer list and your internal analysis of what the biggest problems are in your product. This is pretty scary.

　　RICK KARR: The bad guys are mostly working from China and former Soviet⁸ states. They’re well-trained. Some of them are protected by -- or even working for -- their governments, so they don’t care about getting caught. And they might be able to do even more that steal information from businesses. Security experts worry that they could cripple the banking⁹ system ... or shut down parts of the electric grid¹⁰. Baker says ... American businesses need a new mindset if they’re going to defend themselves.

　　STEWART BAKER: I'm a big believer that-- the best defense¹¹ is an offense¹². And-- if we're going to have an offense-- we've got to have people who are really talented drawn¹³ to that field.

　　RICK KARR: People like these college undergraduates, who just might be able to save America’s corporations and governments from the bad-guy hackers: They’re students at Carnegie Mellon University, one of the nation’s top computer science schools ... and they’re learning to fight off the bad guys ... by thinking the same way they do. They’re learning to be the good guy hackers.

　　DAVID BRUMLEY: You have to understand and be able to anticipate how attackers are going to come at you. Cause if you're only doing defense, if you don't look at offense at all, you're always reacting andyou're always one step behind.

　　RICK KARR: Is that different? Is that a change in the way computer science faculties¹⁴ have approached this?

　　DAVID BRUMLEY: Traditionally, yeah. Traditionally, there hasn't been a lot of expertise¹⁵ in offensive computer security. And it really hasn't been taught at the university level.

　　RICK KARR: Computer security professor David Brumley says ... it’s tough stuff to teach ... because the brand-new, cutting-edge cyberattack of today will be available to anyone with a web browser¹⁶ by next week.

　　DAVID BRUMLEY: For example, my courses in computer security? We don't have textbooks. Everything's so new. We have to go out and look at websites, we have to go look at-- the latest things from conferences, and really teach from that. Every year it's a significant update.

　　RICK KARR: Is it ever the case that you actually have a student discover something that nobody knew about, in the middle of a semester?

　　DAVID BRUMLEY: Oh, that's actually a course requirement. One of the things we ask students to do is go out and find a vulnerability that no one else has found, figure out if it's exploitable, and then report it ethically¹⁷.

　　RICK KARR: Which means what?

　　DAVID BRUMLEY: It really means they're going and finding something they could use to break into someone's computer. And then they go tell the programmer, look, here is a flaw; fix it.

　　RICK KARR: All those flaws that Carnegie Mellon’s undergrads find every semester ... don’t necessarily mean that the software on your P-C or your bank’s web site is badly written. Almost every piece ofsoftware, every computer system has vulnerabilities that can be exploited -- it’s virtually impossibleto make anything that’s connected to the internet perfectly¹⁸ secure. And today -- compared to 10 or 20 years ago, all of us have just so many more computers and smartphones and tablets -- all of them connected and vulnerable. So we’re vulnerable, too.

　　Carnegie Mellon’s students are so good at exploiting those vulnerabilities ... that the NSA enlisted¹⁹ them to create a game that teaches hacking²⁰ skills to high-school-aged students -- and paid for the job.Cylab, the university’s cybersecurity institute, is home to the to-ranked competitive hacking team in the world: the Plaid Parliament of Pwning -- “pwn” is hacker³-speak for “own”, as in the hacker takes a computer over and owns it. For third straight year, the team won top honors at international contests that pit teams of hackers against one another ... and utterly²¹ demolished²² the competition at a prestigious²³ contest in Las Vegas.

　　DAVID BRUMLEY: It's a little bit like a little, mini-cyber-war that's going on. And you get points byhow well you find exploits in your adversaries²⁴ and how well you can defend against their attacks. They're-- secure from the normal internet and they're set up specifically for this purpose.

　　RICK KARR: How stiff is the competition here? I mean, who's on your heels in terms of the top ten rankings.

　　MALE STUDENT #3: Man, so, you know, who's not? There's all sorts of government contractors²⁵ who have, you know, teams that we compete with. And, you know, they do this professionally.

　　RICK KARR: “Hacker” is a label the students embrace. The word has a long history in computer science circles -- where it was originally meant as praise. The students say ... it still can be.

　　MALE STUDENT #2: We don't think of it as bad. We think of it as-- getting a deeper understanding for how something works in order to make it do something that maybe it wasn't intended to do but it's capable of doing.

　　ANDREW CONTE: It's often the people who as young high school students they started goofin' around with-- electronics or computers, and they started figuring out, you know, how to do simple attacks, how to get inside of-- machines.

　　RICK KARR: Andrew Conte is an investigative reporter at the Pittsburgh Tribune-Review who’s written dozens of articles about hackers and cybersecurity.

　　ANDREW CONTE: And at some point they make the decision. You know, "Am I going to be-- a good hacker or a bad hacker? And there's not that much difference between them in terms of-- their abilities. Huge difference in terms of their motivations.

　　RICK KARR: That raises the question of how wise it is to teach these abilities to students barely outof their teens ... with unknown motivations. Cylab graduate student Peter Chapman says not to worry.

　　RICK KARR: If you're figuring out how to attack things, isn't it possible that somebody who comes outta here isn't going to do it for the right reasons?

　　PETER CHAPMAN: If that person's motivated, they can certainly find it out on their own. This isn't hidden information. Someone who's determined²⁶ to break into a system, they can take normal courses and just add this, "How am I going to ruin the world mindset" to it. It's the same way a locksmith who knows how to fix locks can probably also break into them.

　　RICK KARR: Cybersecurity consultant Stewart Baker says ... sometimes it makes sense for a company that’s been the target of bad-guy hackers to engage in a little digital breaking and entering of its own -- to hack² back, in other words. He thinks it could be an important weapon in the cybersecurity arsenal²⁷. But it isn’t always so clear-cut ethically. Or legally, because in can violate federal computer security laws.

　　STEWART BAKER: I have been making a very public-- argument that we should allow this and we should read the Computer Fraud and Abuse Act to permit it.

　　RICK KARR: What if the machine in question is outside the U.S.? I mean, is that still a violation²⁸ ofthe act?

　　STEWART BAKER: Unfortunately, it is.

　　RICK KARR: Baker says good-guy hackers who have “hacked back” have learned that cybercriminals aren’t always as clever as they seem to be. Take the example of a hacker who broke into law-enforcement computers, copied personal information about officers ... and posted it online. He also left a ... provocative²⁹ ... picture of his girlfriend as a calling card, which turned out to be a mistake.

　　STEWART BAKER: They took the picture with an iPhone. And that meant that somebody had helpfully included the-- geographic³⁰ coordinates³¹ where the picture was taken. So the F.B.I. finds the girlfriend of the hacker, and went and busted³² the guy in Texas. So these digital clues are everywhere.

　　RICK KARR: The hacker pleaded guilty to accessing a protected computer without authorization³³; and received a sentence of twenty seven months in prison. Stewart Baker says ... that’s the kind of outcome he’d like to see from good-guy hackers, like the students at Carnegie Mellon.

点击收听单词发音