| 双语新闻 Bilingual News | 双语对照阅读 分级系列阅读 智能辅助阅读 在线英语学习 |
|
| 双语新闻 Bilingual News | 双语对照阅读 分级系列阅读 智能辅助阅读 在线英语学习 |
| [英文] [中文] [双语对照] [双语交替] [] |
| In what may be one of the largest known breaches of Chinese personal data, a hacker has offered to sale a Shanghai police database that could contain information on perhaps one billion Chinese citizens. | 一名黑客提出出售上海警方的一个数据库,它可能包含大约10亿中国公民的信息,这也许是目前已知最大规模的中国个人数据泄露事件之一。 |
| The unidentified hacker, who goes by the name ChinaDan, posted in an online forum last week that the database for sale included terabytes of information on a billion Chinese. The scale of the leak could not be verified. The New York Times confirmed parts of a sample of 750,000 records that the hacker released to prove the authenticity of the data. | 这名身份不明的黑客名叫“ChinaDan”,他上周在一个网上论坛发帖称,出售的数据库包含10亿中国人的信息,数量以万亿字节计算。泄露的规模无法核实。为了证明数据的真实性,《纽约时报》对黑客公布的75万份记录样本的部分内容进行了确认。 |
| The hacker, who joined the online forum last month, is selling the data for 10 Bitcoin, or about $200,000. The individual or group did not provide details on how the data was obtained. The Times reached out to the hacker via an email on the post, though it could not be delivered as the address seemed to be incorrect. | 这名黑客上个月加入该网上论坛,他的要价为10个比特币(约合20万美元,或134万人民币)。该个人或组织没有详细说明数据获取的细节。《纽约时报》通过邮件联系了这名黑客,但由于地址似乎有误,邮件无法发送。 |
| The hacker’s offer of the Shanghai police database highlights a dichotomy in China: Although the country has been at the forefront of collecting masses of information on its citizens, it has been less successful in securing and safeguarding that data. | 黑客提供上海警方的数据库凸显了中国的一种两面性:尽管中国在收集大量公民信息方面遥遥领先,但在保护这些数据的安全性方面却不那么成功。 |
| Over the years, authorities in China have become expert at amassing digital and biological information on people’s daily activities and social connections. They parse social media posts, collect biometric data, track phones, record video using police cameras and sift through what they obtain to find patterns and aberrations. A Times investigation last month revealed that the appetite of Chinese authorities for regular citizens’ information has only expanded in recent years. | 多年来,中国当局已经极为擅长收集人们日常活动和社会关系的数字及生物信息。他们会分析社交媒体上的帖子,收集生物特征数据,追踪手机,用警方的摄像头录制视频,并对所获得的信息进行筛选,从中找到模式和异常情况。《纽约时报》上月的一项调查显示,中国当局对普通公民信息的兴趣近年来有增无减。 |
| But even as Beijing’s appetite for surveillance has ramped up, authorities have appeared to leave the resulting databases open to the public or left them vulnerable with relatively weak safeguards. In recent years, The Times has reviewed other databases used by the police in China. | 不过,尽管北京对监控的胃口越来越大,有关部门似乎仍向社会开放由此产生的数据库,或者安全措施相对薄弱,使其处于易受攻击的状态。近年来,《纽约时报》查阅了中国警方使用的其他数据库。 |
| China’s government has worked to tighten controls over a leaky data industry that has fed internet fraud. Yet the focus of the enforcement has often centered on tech companies, while authorities appear to be exempt from strict rules and penalties aimed at securing information at internet firms. | 中国政府一直在加强对互联网行业数据泄露的管理,这个问题已助长了网上的欺诈行为。不过,政府执法的重点通常是科技公司,政府本身通常不受针对互联网公司的严格规定和处罚的约束。 |
| Yaqiu Wang, a senior China researcher at Human Rights Watch, said if the government doesn’t protect its citizens’ data, there are no consequences. In Chinese law, “there is vague language about state data handlers having responsibility to ensure the security of the data. But ultimately, there is no mechanism to hold government agencies responsible for a data leak,” she said. | 人权观察的中国高级研究员王亚秋说,即使对公民数据不加保护,政府也无需承担任何后果。在中国的法律中,“在国家数据处理机构有责任确保数据安全方面,措辞模糊。但归根结底,没有追究政府机构对数据泄露负责的机制,”她说。 |
| Last year, for example, Beijing cracked down on Didi, China’s equivalent of Uber, after its listing effort on the New York Stock Exchange, citing the risk that sensitive personal information could be exposed. But when local authorities in the Chinese province of Henan misused data from a Covid-19 app to block protesters last month, officials were largely spared from severe penalties. | 例如,去年,滴滴在纽约证交所上市后,中国政府对它进行了严厉整顿,理由是敏感的个人信息可能会被暴露。但上个月,当中国河南省地方政府滥用抗击新冠应用程序的数据来阻止抗议者时,官员们基本上没有受到严厉的惩罚。 |
| When smaller leaks have been reported by so-called white-hat hackers, who search out and report vulnerabilities, Chinese regulators have warned local authorities to better protect the data. Even so, ensuring discipline has been difficult, with the responsibility to protect the data often falling on local officials who have little experience overseeing data security. | 每当有所谓的“白帽黑客”(指找到漏洞后把风险告诉人们的黑客)报告了规模较小的数据泄露时,中国监管机构会警告地方当局更好地保护数据。尽管如此,加强这方面的纪律一直很难,保护数据的责任往往落在地方官员身上,他们缺乏监管数据安全的经验。 |
| Despite this, the public in China often expresses confidence in authorities’ handling of data and typically considers private companies less trustworthy. Government leaks are often censored. News of the Shanghai police breach has also been mostly censored, with China’s state-run media not reporting it. | 尽管如此,中国公众通常对当局的数据管理充满信任,他们一般认为私营企业不太可信。政府泄露数据的消息一般都会遭到审查。上海警方数据库被入侵的消息也是如此。中国官媒没有报道这个消息。 |
| “In this Shanghai police case, who is supposed to investigate it?” said Ms. Wang of Human Rights Watch. “It’s the Shanghai police itself.” | “在这个上海警方的案件中,应该由谁来调查?”人权观察的王亚秋说。“是上海警方本身。” |
| In the hacker’s online post, samples of the Shanghai database were provided. In one sample, the personal information of 250,000 Chinese citizens — such as name, sex, address, government-issued ID number and birth year — was included. In some cases, the individuals’ profession, marital status, ethnicity and education level, along with whether the person was labeled a “key person” by the country’s public security ministry, could also be found. | 这名黑客在网帖提供了上海数据库的样本。其中一个样本里包含了25万中国公民的个人信息,如姓名、性别、地址、政府颁发的身份证号码,以及出生年份。在某些情况下,个人的职业、婚姻状况、种族和教育水平,以及是否被国家公安部列为“重点人物”也可以查到。 |
| Another sample set included police case records, which included records of reported crimes as well as personal information like phone numbers and IDs. The cases dated from as early as 1997 until 2019. The other sample set contained information that appeared to be individuals’ partial mobile phone numbers and addresses. | 另一个样本集里是警方的案件记录,包括报案的犯罪记录以及电话号码和身份证等个人信息。这些记录覆盖的时间范围从1997年至2019年。还有一个样本集里的信息似乎是未全部显示的个人手机号码和地址。 |
| When a Times reporter called the phone numbers of people whose information was in the sample data of police records, four people confirmed the details. Four others confirmed their names before hanging up. None of the people contacted said they had any previous knowledge about the data leak. | 《纽约时报》的记者拨打了这些警方数据样本中一些人的电话,四名接听电话者证实了数据细节。另外四人在确认了自己的姓名后挂断了电话。记者联系到的这些人都说,他们此前没听说数据泄露的事情。 |
| In one case, the data provided the name of a man and said that, in 2019, he reported to the police a scam in which he paid about $400 for cigarettes that turned out to be moldy. The individual, reached by phone, confirmed the details described in the leaked data. | 警方记录中的一个案件数据包括一名男子的姓名,记录称他在2019年因遭遇诈骗报警,称花了大约3000元买烟,结果发现香烟发霉了。记者通过电话联系到这名人士证实了泄露数据中描述的细节。 |
| Shanghai’s public security bureau declined to respond to questions about the hacker’s claim. Calls to the Cybersecurity Administration of China went unanswered on Tuesday. | 上海市公安局拒绝回答记者有关黑客说法的问题。记者在周二多次致电国家互联网信息办公室,均无人接听。 |
| On Chinese social media platforms, like Weibo and the communication app WeChat, posts, articles and hashtags about the data leak have been removed. On Weibo, accounts of users who posted or shared related information have been suspended, and others who talked about it have said online that they had been asked to visit the police station for a chat. | 在微博和微信等中国社交媒体平台上,有关数据泄露的帖子、文章和标签已被删除。在微博上发布或分享过相关信息的用户有的已被封号,有的在网上表示,他们已被当地派出所请去“喝茶”。 |
OK阅读网 版权所有(C)2017 | 联系我们