【英语语言学习】系统漏洞
时间:2019-01-24 作者:英语课 分类:英语语言学习
英语课
LINDA WERTHEIMER, HOST:
Millions of computers and networks are at risk after a security flaw, which is being called Shellshock, was found last week. Now this is not a virus. It's a bug 1 - a mistake in code. And it turns out, it's actually been around for a while. It took 22 years to discover this bug. And the impact could be huge if the security flaw is exploited by hackers 3.
NPR's Elise Hu is here to explain Shellshock. So, Elise, what has security companies worried about this thing?
ELISE HU, BYLINE 4: Well, your computer has a type of program called a shell. And that lets you give it commands - for instance, run my web browser 5, open up this file, that sort of thing. Now if you use a Mac, that shell is likely a shell called Bash. Bash is where this software bug was discovered.
And since this is what runs when you give your computer commands, the worry here is that Shellshock could be used to take control of your machine. You can imagine, Linda, if - the danger if a malicious 6 hacker 2 were to give it the wrong command, such as delete my files or download a nasty virus. So the main concern here is that your computer could be shelled into, remotely, making users quite vulnerable.
WERTHEIMER: So what is it that has the security companies so worried?
HU: It's the wide scope of the computers and the networks affected 7. And the potential here for wreaking 8 havoc 9 for any system connected to the Internet. Shellshock, as it's been named, effects websites and computers running operating systems like Mac OS, which many of us run, and Linux. It's estimated that more than 80 percent of the Internet serves its websites on that Bash software affected by this bug.
WERTHEIMER: So do the Internet companies have to do something?
HU: They have to release patches. And since it does affect so much of the Internet, the big companies, like Google and Amazon, you don't have to worry about. They have already rolled out software patches for this. The question now is whether smaller sites and programs will patch things up quickly or leave themselves and their users vulnerable.
WERTHEIMER: So is there something that individual users, like me - is there something I should do?
HU: Well, Linda, for now know that the vulnerability does not affect Microsoft Windows users, but Mac users are more at risk here. Apple says not to worry, there's going to be an operating system update, or a patch, for anyone running the more advanced systems on Mac's. But generally, just keep up-to-date with any software updates, and update your computer and mobile devices as Apple releases those.
And for the websites you commonly use, the best way you can limit your exposure is just to use different passwords for different services. And also you can find out who's making the software you're using, and what the manufacturer is saying about the Shellshock bug so that you can better protect yourself.
But Linda, we really won't see the fallout immediately. It's likely to play out over the next few months, or even years, as the sites that don't patch themselves up and monitor their security closely could leave themselves vulnerable for a long time. And that's when a hacker could to take control.
WERTHEIMER: NPR's Elise Hu covers technology and culture for us. You can read more about Shellshock on our tech blog, All Tech Considered, at npr.org. Elise, thanks.
HU: You're welcome.
Millions of computers and networks are at risk after a security flaw, which is being called Shellshock, was found last week. Now this is not a virus. It's a bug 1 - a mistake in code. And it turns out, it's actually been around for a while. It took 22 years to discover this bug. And the impact could be huge if the security flaw is exploited by hackers 3.
NPR's Elise Hu is here to explain Shellshock. So, Elise, what has security companies worried about this thing?
ELISE HU, BYLINE 4: Well, your computer has a type of program called a shell. And that lets you give it commands - for instance, run my web browser 5, open up this file, that sort of thing. Now if you use a Mac, that shell is likely a shell called Bash. Bash is where this software bug was discovered.
And since this is what runs when you give your computer commands, the worry here is that Shellshock could be used to take control of your machine. You can imagine, Linda, if - the danger if a malicious 6 hacker 2 were to give it the wrong command, such as delete my files or download a nasty virus. So the main concern here is that your computer could be shelled into, remotely, making users quite vulnerable.
WERTHEIMER: So what is it that has the security companies so worried?
HU: It's the wide scope of the computers and the networks affected 7. And the potential here for wreaking 8 havoc 9 for any system connected to the Internet. Shellshock, as it's been named, effects websites and computers running operating systems like Mac OS, which many of us run, and Linux. It's estimated that more than 80 percent of the Internet serves its websites on that Bash software affected by this bug.
WERTHEIMER: So do the Internet companies have to do something?
HU: They have to release patches. And since it does affect so much of the Internet, the big companies, like Google and Amazon, you don't have to worry about. They have already rolled out software patches for this. The question now is whether smaller sites and programs will patch things up quickly or leave themselves and their users vulnerable.
WERTHEIMER: So is there something that individual users, like me - is there something I should do?
HU: Well, Linda, for now know that the vulnerability does not affect Microsoft Windows users, but Mac users are more at risk here. Apple says not to worry, there's going to be an operating system update, or a patch, for anyone running the more advanced systems on Mac's. But generally, just keep up-to-date with any software updates, and update your computer and mobile devices as Apple releases those.
And for the websites you commonly use, the best way you can limit your exposure is just to use different passwords for different services. And also you can find out who's making the software you're using, and what the manufacturer is saying about the Shellshock bug so that you can better protect yourself.
But Linda, we really won't see the fallout immediately. It's likely to play out over the next few months, or even years, as the sites that don't patch themselves up and monitor their security closely could leave themselves vulnerable for a long time. And that's when a hacker could to take control.
WERTHEIMER: NPR's Elise Hu covers technology and culture for us. You can read more about Shellshock on our tech blog, All Tech Considered, at npr.org. Elise, thanks.
HU: You're welcome.
n.虫子;故障;窃听器;vt.纠缠;装窃听器
- There is a bug in the system.系统出了故障。
- The bird caught a bug on the fly.那鸟在飞行中捉住了一只昆虫。
n.能盗用或偷改电脑中信息的人,电脑黑客
- The computer hacker wrote that he was from Russia.这个计算机黑客自称他来自俄罗斯。
- This site was attacked by a hacker last week.上周这个网站被黑客攻击了。
n.计算机迷( hacker的名词复数 );私自存取或篡改电脑资料者,电脑“黑客”
- They think of viruses that infect an organization from the outside.They envision hackers breaking into their information vaults. 他们考虑来自外部的感染公司的病毒,他们设想黑客侵入到信息宝库中。 来自《简明英汉词典》
- Arranging a meeting with the hackers took weeks againoff-again email exchanges. 通过几星期电子邮件往来安排见面,他们最终同意了。 来自互联网
n.署名;v.署名
- His byline was absent as well.他的署名也不见了。
- We wish to thank the author of this article which carries no byline.我们要感谢这篇文章的那位没有署名的作者。
n.浏览者
- View edits in a web browser.在浏览器中看编辑的效果。
- I think my browser has a list of shareware links.我想在浏览器中会有一系列的共享软件链接。
adj.有恶意的,心怀恶意的
- You ought to kick back at such malicious slander. 你应当反击这种恶毒的污蔑。
- Their talk was slightly malicious.他们的谈话有点儿心怀不轨。
adj.不自然的,假装的
- She showed an affected interest in our subject.她假装对我们的课题感到兴趣。
- His manners are affected.他的态度不自然。
诉诸(武力),施行(暴力),发(脾气)( wreak的现在分词 )
- Coal mining is a messy business, often wreaking terrible environmental damage nearby. 采矿是肮脏的行业,往往会严重破坏周边环境。
- The floods are wreaking havoc in low-lying areas. 洪水正在地势低洼地区肆虐。