| 双语新闻 Bilingual News | 双语对照阅读 分级系列阅读 智能辅助阅读 在线英语学习 |
|
| 双语新闻 Bilingual News | 双语对照阅读 分级系列阅读 智能辅助阅读 在线英语学习 |
| [英文] [中文] [双语对照] [双语交替] [] |
| Apple on Monday issued emergency software updates for a critical vulnerability in its products after security researchers uncovered a flaw that allows highly invasive spyware from Israel’s NSO Group to infect anyone’s iPhone, iWatch or Mac computer without so much as a click. | 在安全研究人员发现苹果公司产品中的一个关键漏洞后,苹果周一发布了紧急软件更新,该漏洞允许以色列NSO集团(NSO Group)的高侵入性间谍软件无需点击即可感染任何人的iPhone、iWatch或Mac电脑。 |
| Apple’s security team has been working around the clock to develop a fix since Tuesday, after researchers at Citizen Lab, a cybersecurity watchdog organization at the University of Toronto, discovered that a Saudi activist’s iPhone had been infected with spyware from NSO Group. | 在多伦多大学网络安全监督组织“公民实验室”(Citizen Lab)的研究人员发现一名沙特活动人士的iPhone感染了NSO集团的间谍软件之后,苹果的安全团队上周二以来一直在夜以继日地开发修复程序。 |
| The spyware, called Pegasus, used a novel method to invisibly infect an Apple device without the victim’s knowledge for as long as six months. Known as a “zero click remote exploit,” it is considered the Holy Grail of surveillance because it allows governments, mercenaries and criminals to secretly break into a victim’s device without tipping them off. | 这种名为飞马(Pegasus)的间谍软件采用了新方法,在受害者不知情的情况下悄无声息地感染苹果设备,甚至长达六个月之久。它被称为“零点击远程漏洞利用”,被视为监视的最高境界,因为它允许政府、雇佣军和犯罪分子在受害者不会得到任何提示的情况下秘密侵入他们的设备。 |
| Using the zero-click infection method, Pegasus can turn on a user’s camera and microphone, record their messages, texts, emails, calls — even those sent via encrypted messaging and phone apps like Signal — and send it back to NSO’s clients at governments around the world. | 使用零点击感染方法,飞马可以打开用户的摄像头和麦克风,记录他们的消息、短信、电子邮件、电话(甚至是通过Signal那样加密过的消息和手机应用程序发送的),并将其发送回NSO在世界各国的政府客户。 |
| “This spyware can do everything an iPhone user can do on their device and more,” said John Scott-Railton, a senior researcher at Citizen Lab, who teamed with Bill Marczak, a senior research fellow at Citizen Lab, on the finding. | “这个间谍软件可以做iPhone用户在他们的设备上做的所有事情,甚至更多,”公民实验室的高级研究员约翰·斯科特—雷尔顿(John Scott-Railton)说道,他与公民实验室的高级研究员比尔·马尔恰克(Bill Marczak)合作进行了该发现的研究。 |
| In the past, victims only learned their devices were infected by spyware after receiving a suspicious link texted to their phone or email. But NSO Group’s zero-click capability gives the victim no such prompt, and enables full access to a person’s digital life. These capabilities can fetch millions of dollars on the underground market for hacking tools. | 过去,受害者只有在收到发送到他们手机或电子邮件的可疑链接后,才知道自己的设备已被间谍软件感染。但是NSO集团的零点击功能不会给受害者这样的提示,就可以完全接触一个人的数字生活。这些功能可以在黑客工具的地下市场上赚取数百万美元。 |
| An Apple spokesman confirmed Citizen Lab’s assessment and said the company planned to add spyware barriers to its next iOS 15 software update, expected later this year. | 苹果发言人证实了公民实验室的评估,并表示该公司计划在今年晚些时候推出的下一次iOS 15软件更新中增加间谍软件屏障。 |
| NSO Group did not immediately respond to inquiries Monday. | NSO集团周一没有立即回应询问。 |
| NSO Group has long drawn controversy. The company has said it sells its spyware to only governments that meet strict human rights standards. But over the past six years, its Pegasus spyware has turned up on the phones of activists, dissidents, lawyers, doctors, nutritionists and even children in countries like Saudi Arabia, the United Arab Emirates and Mexico. | NSO集团长期以来一直引起争议。该公司表示,它只向严格符合人权标准的政府出售其间谍软件。但在过去的六年里,它的飞马间谍软件已经出现在沙特阿拉伯、阿拉伯联合酋长国和墨西哥等国家的活动人士、持不同政见者、律师、医生、营养师甚至儿童的手机上。 |
| In July, NSO Group became the subject of intense media scrutiny after Amnesty International, the human rights watchdog, and Forbidden Stories, a group that focuses on free speech, teamed up with a consortium of media organizations on “The Pegasus Project” to publish a list they said contained some 50,000 people — including hundreds of journalists, government leaders, dissidents and activists — selected as targets by NSO’s clients. | 7月,NSO集团成为媒体密切关注的对象,此前,人权监督机构国际特赦组织(Amnesty International)和关注言论自由的组织“禁忌故事”(Forbidden Stories)与媒体组织联盟合作开展“飞马计划”,发布了一份他们称包含大约5万人的名单,其中有数百名记者、政府领导人、持不同政见者和活动人士,这些人被NSO集团的客户选为目标。 |
| The consortium did not disclose how it obtained the list, and it was unclear whether the list was aspirational or whether the people were actually targeted with NSO spyware. | 该联盟没有透露它是如何获得这份名单的,目前尚不清楚这是一份计划入侵的名单还是这些人已成为NSO间谍软件的目标。 |
| Among those listed were Azam Ahmed, a former New York Times Mexico City bureau chief who has reported widely on corruption, violence and surveillance in Latin America, including on NSO itself; and Ben Hubbard, The Times’ bureau chief in Beirut, who has investigated rights abuses and corruption in Saudi Arabia and wrote a recent biography of Saudi Crown Prince Mohammed bin Salman. | 名单中包括前《纽约时报》墨西哥城分社社长阿扎姆·艾哈迈德(Azam Ahmed),他广泛报道了拉丁美洲的腐败、暴力和监控情况,包括NSO集团本身;以及《纽约时报》驻贝鲁特分社社长本·哈伯德(Ben Hubbard),他调查了沙特阿拉伯侵犯人权和腐败问题,并撰写了近期出版的沙特王储穆罕默德·本·萨勒曼(Mohammed bin Salman)的传记。 |
| Shalev Hulio, a co-founder of NSO Group, vehemently denied the list’s accuracy, telling The Times, “This is like opening up the white pages, choosing 50,000 numbers and drawing some conclusion from it.” | NSO集团的联合创始人沙莱夫·胡里欧(Shalev Hulio)坚决否认了该名单的准确性,并告诉《纽约时报》,“这就像打开电话簿,选择5万个数字并从中得出一些结论。” |
| NSO’s clients previously infected their targets using text messages that cajoled victims into clicking on a link. Those links made it possible for journalists to investigate the possible presence of NSO’s spyware. But the new zero-click method makes the discovery of spyware by journalists and cybersecurity researchers much harder. | NSO的客户之前诱使受害者点击他们发送的信息中的链接来感染病毒。这些链接使记者能够调查可能存在的NSO间谍软件。但是新的零点击方法使记者和网络安全研究人员更难发现间谍软件。 |
| “The commercial spyware industry is going darker,” said Marczak, a researcher at Citizen Lab who helped uncover the exploit on a Saudi activist’s phone. | 帮助发现了沙特活动人士手机漏洞的公民实验室研究员马尔恰克说:“商业间谍软件行业正在变得更加暗黑。” |
| Scott-Railton urged Apple customers to run their software updates. | 斯科特—雷尔顿敦促苹果客户运行他们的软件更新程序。 |
| “Do you own an Apple product? Update it today,” he said. | “你有苹果产品吗?今天就更新吧,”他说。 |
OK阅读网 版权所有(C)2017 | 联系我们