关注这里
每天进步一点点
收获成长和自信
MOUNTAINAS
翻译 | 栏目二第三组
审核 |椰子
小编 | 毛毛
Data security
数据安全
That’s the way to do it
醉翁之意不在酒
A Cambridge don shows the FBI how to save money on phone hacking
一位剑桥大学老师向FBI展示了如何在手机窃听方面省钱
Sep 24th 2016 | From the print edition
2016年9月24日|摘自印刷版
IN FEBRUARY the Federal Bureau of Investigation (FBI), America’s national police force, took Apple, a tech giant, to court. At issue was an iPhone that had belonged to Syed Farook, a terrorist who, with his wife, had shot and killed 14 people in California the previous December. Farook was subsequently killed.
二月份时,美国的警察组织,联邦调查局(FBI)将技术巨头Apple公司告上了法庭。这次事件是由一个属于恐怖分子Syed Farook的iphone所引起的,去年十二月,他和妻子在加利福尼亚州开枪打死了14个人。随后Farook被杀了。
The FBI wanted Apple to write a special operating system to let it bypass the phone’s security and get at any data stored inside. Apple objected, on the ground that doing so would undermine the security of its own products and that, once created, such a digital “ skeleton key” would pose a risk to every iPhone in existence. The FBI, for its part, insisted there was no other way into the iPhone in question.
联邦政府想要让苹果公司写一个特殊操作程序来绕过手机的安全系统,进而得到所有手机内部存储数据。这一要求被苹果公司拒绝了,理由是这样做会损害自己产品的安全性。而且此程序一旦创建,将像一个数字"万能钥匙"一样,可能会对每一部iPhone构成威胁。FBI坚持道:除此之外,没有其他的方法可以获取iPhone的内部数据。
skeleton key 万能钥匙
perts were dubious about the bureau’s argument. A paper published by Sergei Skorobogatov, a computer scientist at Cambridge University, proves that they were right to be sceptical. Farook’s phone, it seems, could probably have been cracked in two days, using off-the-shelf electronics equipment, for less than $100.
专家们对FBI的说法表示怀疑。剑桥大学的计算机科学家Sergei Skorobogatov发表的论文中证明了专家们的怀疑是正确的。由此文看出用现成的电子设备,或许两天内就能破解Farook的手机,并且还花不了100美元。
The problem the FBI faced was that the phone was encrypted, as are all iPhones. It was also locked with a PIN. Encryption meant the information stored in it was a mass of meaningless gibberish. To restore it to readability required that the phone be unlocked, by entering the PIN correctly. On the face of it, that is not a big obstacle. By default,such codes are four digits long, giving only 10,000 possible combinations. In principle, it is easy to try every combination until you hit the right one by chance.
正如所有的iPhone手机一样,FBI需要调查的手机也被加密了。此手机还同时被SIM卡的个人识别密码锁住了。加密意味着的信息是以一堆毫无意义的乱码的形式储存在手机里的。想要恢复它的可读性需要输入正确的PIN密码解锁。从字面上看,这没多难。默认情况下,这些密码是四位数,这意味着有10000种可能的数字组合。原则上说,去一一尝试每一种组合直到碰到正确的密码是一件很容易的事。
Encrypt v.加密
PIN :(personal identification number )SIM卡的个人识别密码
gibberish n.令人费解的话,莫名其妙的话,胡扯;混字;无意义数据;
By default 默认情况下
But iPhones also contain features designed to make such “brute-forcing” hard. After six wrong guesses a user must wait a minute before trying again. That delay rises rapidly with subsequent failures. And iPhones can also be set to wipe themselves clean after ten failed attempts to log in.
但iphone也带有反对“暴力破解”的功能。密码输入错误六次之后,使用者必须等一分钟才能再次输入。由此延误的时间会随着失败次数快速累积。10次登陆错误以后,iPhone会自我重置,清除所有内部存储数据。
At the time of the court case, therefore, several independent experts suggested the FBI try something called NAND mirroring (“NAND” refers to the type of memoryused in smartphones). James Comey, the FBI’s boss, said that would not work. But it is exactly what Dr Skorobogatov has done. NAND mirroring makes a copy of a phone’s memory in its undisturbed state. Using an iPhone of his own, Dr Skorobogatov was able repeatedly to overwrite its memory with the copy he had made before he began his guesses. This caused the instrument to forget that he had made any guesses at all, avoiding any temporary lockouts and ensuring that the data would never be wiped clean. That, in turn, permitted him to brute-force the PIN six guesses at a time, resetting the phone to its original condition between each batch of guesses.(读者试译)
因此在这次案件中,几位独立专家建议FBI使用一种称为NADA镜像的技术(“NADA”指的是智能手机的内存类型)。FBI的局长James Comey对此表示否认,说这方法不管用。但Skorobogatov博士确实曾经这样做过。NADA镜像能在不干扰手机正常使用的情况下复制其内存信息。Skorobogatov博士用自己的iPhone手机,在开始猜测其密码之前,反复地用已完成的备份来覆盖原有手机内存。 (期待您的翻译。)
the type of memory 内存的种类
Each PIN must be entered by hand, which is laborious. Resetting the phone’s memory requires that the device be rebooted, which takes several seconds each time. An exhaustive check of all 10,000 variants of a 4-digit 4位PIN would therefore take about 40 hours, he reckons, although on average the time to find the correct number will be half as long.
PIN密码必须手动输入,这是一件很费力的事情。而且,重置手机的内存需要重新启动设备,重启每次还会用上几秒。尽管全部尝试4位PIN密码的10000种随机变量组合将耗时约40个小时,但Skorobogatov估计,找到正确密码平均只需要一半的时间。
Laborious adj. 费劲的
Reckon vt.估计;认为
Why, then, did the FBI believe going to court was the only way to recover Farook’s data? One suspicion at the time was that it did not. Instead, it wanted to set a broader legal precedent, forcing information-technology firms to help it when asked. On this view, the case was chosen because refusing would make Apple look bad.
既然可以“暴力”破解iPhone,为什么FBI还认为上法庭是恢复Farook的手机数据的唯一途径呢?当时有人怀疑这并不是FBI的目的。FBI是想创立一个广义上法律先例,在要求信息技术公司协助时会得到帮助。从这个角度来说,选中这个案子是因为拒绝FBI会使苹果公司很难看。
In the event, the bureau pulled out just before an appeal was to be held. And it did, eventually, find a way into the phone. Reports suggest it paid an unknown cyber-security company $1.3m to hack the phone. On the basis of Dr Skorobogatov’s evidence, it seems it overpaid by $1,299,900.
在这起事件中,FBI在诉讼开庭前退出。其最终还是找到进入的手机的方法。据报道,它支付给一个网络安全公司(名字不详)130万美元以破解手机。而基于Skorobogatov博士的说法,这似乎它多花了1,299,900美元。
往期精彩
经济学人|外壳,不不不,不是手机壳|2016.07.29|总第612期
Smart Phone Application Tracks Mental Health 智能手机应用程序跟踪心理健康
Try to translate
This caused the instrument to forget that he had made any guesses at all, avoiding any temporary lockouts and ensuring that the data would never be wiped clean. That, in turn, permitted him to brute-force the PIN six guesses at a time, resetting the phone to its original condition between each batch of guesses.
Put Chinese below
声明
1、英文材料来自网络,如有侵权请联系删除;
2、中文翻译仅供学习交流,未经我社许可或授权,严禁商业用途;
3、阅读原版文章请前往《经济学人》官网订阅。
考研英语时事阅读
M外刊翻译社
欢迎大家关注我们哟~每天凌晨5点20见!
社长M
推荐
长按识别左侧二维码,获取 考研专业课真题信息
标签: 经济学人安卓版