精品国产_亚洲人成在线高清,国产精品成人久久久久,国语自产偷拍精品视频偷拍

最新文章

加載中,請稍候。。。

熱讀文章

加載中,請稍候。。。

當期雜志
訂閱
雜志紙刊
網站
移動訂閱
--
--
--
黑客面面觀
 作者: Shelley DuBois    時間: 2011年06月21日    來源: 財富中文網
 位置:         
字體 [   ]        
打印        
發表評論        

黑客世界臥虎藏龍,很難以一管而窺全豹。以下我們僅對黑客作簡單分類——從獨行俠到有組織的政府行為,究竟誰才是最近網絡安全事故的背后主使?
轉貼到: 微信 新浪微博 關注騰訊微博 人人網 豆瓣

????最近美國接連曝出大公司和政府機構網站被“黑”的消息,讓人感覺我們似乎已經被卷入了一場網絡戰爭。最近幾周,花旗集團(Citigroup)、索尼(Sony)和國際貨幣基金組織(IMF)的網站相繼被黑。而就在上周三,美國中情局(CIA)網站也遭到了黑客的攻擊。

????正如IT服務提供商BT公司的首席安全技術官、網絡安全專家布魯斯·施奈德指出的那樣,黑客的確無處不在。雖然近期網絡攻擊事件頻發,但對于黑客界來說,這些攻擊只不過是家常便飯。施奈德表示:“這就是黑客行為,幾十年來一貫如此?!?/span>

????施奈德說,老百姓們可能以為,黑客就是像莉絲貝·莎蘭德(瑞典作家斯蒂格·拉赫松的驚悚小說《千禧年》三部曲中的女主角——譯注)那樣的電腦天才,整天到全球各大主要網絡里黑來黑去,如入無人之境。但事實上,黑客生活遠遠沒有那么刺激。不過黑客圈子生態環境很微妙,也很難梳理。黑客的隊伍十分龐大,既有在自家地下室里搞搞小破壞的電腦怪才,也包括有組織的國家政府部門。黑客究竟在做些什么?他們的行事方式如何?這兩個問題往往是人們心中的疑團。不過全球每天都有許多行為被歸入“黑客侵入”這柄大傘之下。

獨行俠

????人們當黑客的根本原因是為了消遣。施奈德指出:“大部分黑客只是普通人?!边@意味著他們本身并不屬于某個黑客網絡,一般只是通過聊天室和在線論壇進行聯系。“他們只是一些四處搗亂的普通人?!?/span>

????這類黑客中的某些人最終投向了企業的懷抱。例如Linux操作系統的核心組件程序是萊納斯·托瓦茲寫出來的,他一度曾是黑客界高山仰止的人物,甚至還與人合寫了一本書,名字就叫《黑客的道德準則》(The Hacker Ethic),該書已于2001年出版。另一位知名度頗高的黑客是蘋果(Apple)的共同創始人史蒂夫·沃茲尼亞克,他公開坦承自己早年在加州大學伯克利分校(UC Berkeley)學習期間,曾經制作并銷售過能夠侵入電話網絡免費打電話的設備。

“黑客主義”

????還有一類黑客專門以獲得曝光率為目的。這類黑客出現得相對較晚。哈佛大學伯克曼互聯網與社會中心(Berkman Center for Internet and Society)研究員伊?!ぴ寺硎荆@類黑客一般都是具有某種政治動機的團體,而他們所進行的黑客攻擊,“實際目的是要獲得媒體曝光率”。

????其中最出名的黑客團體之一叫作“匿名”(Anonymous)。這是一個松散的黑客網絡,經常組織起來對某些網站進行攻擊,有時是為了好玩,有時則是為了某些政治目的。通常這個團體會對目標發動一次“阻斷服務”(DdoS)攻擊,目的是要使某個特定網站癱瘓。“匿名”已經進行了好幾次這樣的攻擊,其中最著名的一次當屬2008年對山達基教會(Church of Scientology)網站的攻擊。黑客們網上網下兩線作戰,既發動了阻斷服務攻擊,又組織其成員戴著面具進行抗議示威。最近,“匿名”還在Youtube上發了一個警告視頻,稱要對美聯儲(the Federal Reserve)進行攻擊,要求美聯儲主席本·伯南克下臺。不過到目前為止,還沒有任何一個美聯儲的網站被“黑”掉。

????另一個叫LulzSec的黑客團體最近也曝出新聞。本周三該組織攻擊了美國中央情報局的公共網站cia.gov,導致該網站暫時關閉。LulzSec還宣稱對美國公共廣播公司(PBS)、??怂闺娨暸_(Fox)和索尼的被“黑”負責。標槍戰略研究公司(Javelin Strategy & Research)的高級安全性分析師菲爾·布蘭克表示,LulzSec之所以要攻擊索尼,僅僅是為了證明索尼的網絡安全性低得可憐,而且他們成功了。布蘭克說:“這是一次非常基本、非常初級的攻擊,任何一家現代企業都不應該抵擋不住這樣一次攻擊——實在太丟人了?!?/span>

????扎克曼表示,盡管索尼被輕松拿下,但一般說來,黑客組織的實力還是比較有限的。他注意到,在黑客界內部,阻斷服務攻擊以及類似的攻擊方式只能算是雕蟲小技,甚至還不夠格被稱作真正的“黑”。真正的“黑”是要對一個網絡造成真正的危害,而不是暫時關掉一個網站。到目前為止,LulzSec并沒有試圖對重要的大型基礎架構造成危害,“匿名”雖然嘗試過,但剎羽而歸——如“匿名”曾在201012月對亞馬遜(Amazon)發起攻擊,但未能得手。扎克曼說:“從本質上講,黑客們關掉的只不過是網站的營銷文案?!?/span>

黑客間諜

????由政府支持的黑客行為就是另一回事了。他們資金更雄厚,而且幾乎無法追蹤他們的行蹤。施奈德表示:“美國這么干,中國也這么干。各國相互秘密偵察的做法已經有幾千年的歷史了。”

????復雜、密集的黑客攻擊行動背后可能都有政府資助的影子,但要證實這種聯系卻很困難。本月早些時候,國際貨幣基金組織(IMF)向其工作人員通報IMF遭受了一次網絡攻擊,不過并沒有公布細節。標槍戰略研究公司的高級安全性研究員菲爾·布蘭克表示,有人推測這次攻擊獲得了某個外國政府的資助,但卻幾乎沒有任何公開的證據能證實這種猜測。布蘭克說:“如此長距離的遠程攻擊需要一個龐大的基礎架構以及一支龐大的IT工作和研究力量。一般說來,這種攻擊超出了大多數個人的能力,而且可能并不是企業的刺探行為?!?/span>

????最近Gmail的被黑也是如此:谷歌(Google)本月早些時候宣布有人侵入了數百個Gmail用戶的個人賬戶。布蘭克表示,需要非常復雜和定向的侵入才能造成這種效果。谷歌追蹤到入侵者的IP地址來自中國濟南地區,這也是表明本次侵入可能是受政府支持的唯一證據。不過這次侵入之所以看似可疑,還因為被“黑”的用戶包括美國政府官員和中國的政治激進份子。不過布蘭克也表示,IP地址是可以偽造的,而且中國政府也竭力否認與此事有關。

????這宗謎案也可能和許多其他網絡懸案一樣,成為人們心中永遠的問號。盡管這起網絡侵入的規模和其復雜程度能夠為我們提供一些線索,但就像施奈德所說的那樣:“人們永遠無法確切地知道誰是背后主使??傊阌肋h不知道這是誰干的,他們為什么要這樣做,”

????譯者:樸成奎

? ??It's hard to get a handle on the hacker community, but here's a look at the range of people -- from lone geeks to organized governments -- who could be behind recent security breaches.

????The recent hacking headlines make it seem like we're in the middle of a cyberwar: In the past few weeks, there have been revelations of security breaches at organizations including Citigroup, Sony, the IMF, and -- as recently as yesterday -- the CIA's website.

????Indeed, hackers are everywhere, according to Bruce Schneier, security expert and chief security technology officer for IT service-provider BT. But for the hacker community, the apparent cluster of attacks is really just business as usual: "This is hacking, it hasn't changed in decades," he says.

????While the public may picture shadowy groups of Lisbeth Salander-like computer nerds taking down major networks around the globe, the truth is much less glamorous, Schneier says. Still, the hacker pecking order can be nuanced and tough to de-tangle. It runs the gamut from geeks messing around in their basements to organized national governments. What hackers do and how they do it often remains a mystery, but every day there are activities that fall under the wide umbrella of digital subversion called "hacking."

The lone wolf

????Hacking has its roots in recreation. "The majority of people hacking are just people," Schneier says, meaning they aren't connected to a hacking network other than chat rooms and online forums. "It's just guys messing around."

????Some members of this breed of hacker eventually go corporate. For example, Linus Torvalds, the man who wrote the central component for the Linux operating system, has a well-respected hacking history. He even co-authored a book called The Hacker Ethic, published in 2001. Another high-profile hacker is Apple (AAPL) co-founder Steve Wozniak, who speaks openly about his early days at UC Berkeley, building and selling devices that could hack phone networks to make free calls.

"Hacktavism"

????There's another, relatively new breed of hacker that seeks publicity. These are typically politically-motivated groups, says Ethan Zuckerman, a researcher at Harvard University's Berkman Center for Internet and Society. The attacks they launch, he says, are "really designed to get the press release."

????One of the most famous groups is Anonymous, an anarchic network of hackers that periodically organizes to shut down websites, either for fun or for some political purpose. Generally, the group launches a "denial of service" (DDoS) attack, which targets and cripples a specific site. Anonymous has launched several such campaigns, most famously its 2008 efforts to take down the digital presence of the Church of Scientology, which involved a DDoS attack and offline protests by masked members. Recently, the group forewarned an attack against the Federal Reserve, calling for the resignation of Chairman Ben Bernanke via a YouTube video, though none of the Fed's websites have been shut down yet.

????Another group called LulzSec has also stirred up news recently. On Wednesday, it temporarily crashed the Central Intelligence Agency's public website, Cia.gov. LulzSec has also claimed responsibility for breaches at PBS, Fox and Sony (SNE). For the Sony attack, LulzSec's goal was to showcase a pitiful lack of online security at the company, according to Phil Blank, a senior security analyst at Javelin Strategy & Research, and it succeeded. "It's a very fundamental, basic attack that no modern corporation should be subjected to -- it's embarrassing."

????While attacks like the one on Sony can be easy, the muscle power of hacktivist groups is generally limited, says Zuckerman. In fact, he notes that within the hacker community, DDoS and similar attacks don't even qualify as true hacking, which involves actually compromising a network, not taking down a site. LulzSec hasn't tried to harm large, critical infrastructures so far, and Anonymous has tried and failed, he says: The group couldn't pull through an attempt to crash Amazon (AMZN) in December 2010, for example. "Essentially, they're taking down people's marketing copy," says Zuckerman.

Hacking spies

????Government-backed hacking efforts are a different story -- they have much more funding, but can still be next to impossible to trace. They're also happening all the time, Schneier says: "The U.S. is doing it, China is doing it. Governments have spied on each other for thousands of years."

????While complicated, expensive hacks are more likely to involve government investment, it can be difficult to prove the connection. Earlier this month, the IMF announced to its faculty and staff that it had suffered a cyberattack, but hasn't released details. There has been speculation that the attack received funding from a foreign government, says Phil Blank, a senior security analyst at Javelin Strategy & Research, but there's little public proof. "To be able to create the attack from that distance requires a substantial infrastructure, IT work and research," he says. "Generally speaking, that is out of the scope of most individuals, and it's probably not corporate espionage."

????The same is true for recent Gmail hacks: Earlier this month, Google (GOOG) announced that someone had broken into hundreds of Gmail users' personal accounts. That required fairly complicated, targeted hacks, Blank says. But the only evidence that a government was behind it was that Google traced the origin of the attack to computers with Internet Protocol (IP) addresses in the Jinan region in China. Also, the hack seemed suspicious because victims included U.S. government officials and Chinese political activists. But IP addresses can be fabricated, Blank says, and the Chinese government vehemently denied anything to do with the incident.

????That hacking mystery, like so many others, may go unsolved. While the size or complexity of the hack can provide clues, "You never know who's behind anything really," says Schneier. "In general, you never know who did it or why."

?







更多




最佳評論

@關子臨: 自信也許會壓倒聰明,演技的好壞也許會壓倒腦力的強弱,好領導就是循循善誘的人,不獨裁,而有見地,能讓人心悅誠服。    參加討論>>
@DuoDuopa:彼得原理,是美國學者勞倫斯彼得在對組織中人員晉升的相關現象研究后得出的一個結論:在各種組織中,由于習慣于對在某個等級上稱職的人員進行晉升提拔,因而雇員總是趨向于晉升到其不稱職的地位。    參加討論>>
@Bruce的森林:正念,應該可以解釋為專注當下的事情,而不去想過去這件事是怎么做的,這件事將來會怎樣。一方面,這種理念可以幫助員工排除雜念,把注意力集中在工作本身,減少壓力,提高創造力。另一方面,這不失為提高員工工作效率的好方法??赡芎笳呤歉鞔驜OSS們更看重的吧。    參加討論>>


Copyright ? 2012財富出版社有限公司。 版權所有,未經書面許可,任何機構不得全部或部分轉載。
《財富》(中文版)及網站內容的版權屬于時代公司(Time Inc.),并經過時代公司許可由香港中詢有限公司出版和發布。
深入財富中文網

雜志

·   當期雜志
·   申請雜志贈閱
·   特約???/font>
·   廣告商

活動

·   科技頭腦風暴
·   2013財富全球論壇
·   財富CEO峰會

關于我們

·   公司介紹
·   訂閱查詢
·   版權聲明
·   隱私政策
·   廣告業務
·   合作伙伴
行業

·   能源
·   醫藥
·   航空和運輸
·   傳媒與文化
·   工業與采礦
·   房地產
·   汽車
·   消費品
·   金融
·   科技
頻道

·   管理
·   技術
·   商業
·   理財
·   職場
·   生活
·   視頻
·   博客

工具

·     微博
·     社區
·     RSS訂閱
內容精華

·   500強
·   專欄
·   封面報道
·   創業
·   特寫
·   前沿
·   CEO訪談
博客

·   四不像
·   劉聰
·   東8時區
·   章勱聞
·   公司治理觀察
·   東山豹尉
·   山??纯?/font>
·   明心堂主
榜單

·   世界500強排行榜
·   中國500強排行榜
·   美國500強
·   最受贊賞的中國公司
·   中國5大適宜退休的城市
·   年度中國商人
·   50位商界女強人
·   100家增長最快的公司
·   40位40歲以下的商業精英
·   100家最適宜工作的公司

            主站蜘蛛池模板: 凤庆县| 厦门市| 仁布县| 本溪| 隆昌县| 河北区| 湘潭市| 于都县| 嘉峪关市| 牡丹江市| 专栏| 广南县| 鱼台县| 文水县| 乌兰察布市| 巴马| 吴江市| 嘉善县| 宕昌县| 兴宁市| 林甸县| 陈巴尔虎旗| 安福县| 贡觉县| 金华市| 江安县| 玉门市| 胶州市| 额尔古纳市| 黄平县| 嘉荫县| 雷山县| 文安县| 宜昌市| 洛川县| 伊宁县| 绵阳市| 卢氏县| 秀山| 宁明县| 定边县|