[38]Cyber-security.

感谢收听,期待你对本期节目的评论留言哦～ 2017.5.20 Economist Science and Technology Cyber-security网络安全 The exploits of bug hunters TO HELP shield保护 their products from ransomware勒索软件 like the recent worldwide WannaCry attack, most big software-makers pay “bugbounties” to those who report vulnerabilities漏洞 in their products that need to be patched修补. Payouts 支出of up to $20,000 are common. Google’s bounties reach $200,000, says Billy Rios, a former member of that firm’s award panel. This may sound like good money for finding a programming设计 oversight疏忽, but it is actually “ridiculously low” according to Chaouki Bekrar, boss ofZerodium, a firm in Washington, DC, that is a dealer in “exploits”, as programs which take advantage of vulnerabilities are known. Last September Zerodium’s payment rates for exploits that hack iPhones tripled （使）增至三倍, from $500,000 to $1.5m. Yuriy Gurkin, the boss of Gleg, an exploit broker in Moscow, tells a similar story. Mundane [mʌnˈdeɪn]平凡的 exploits for web browsers 浏览器[ˈbraʊzə(r)], which might, a few years ago, have fetched $5,000 or so, are now, he says, worth “several dozen thousand”. Unsurprisingly, Zerodium and Gleg are not alone in the market. Philippe Langlois,head of P1 Security, a Parisian firm, reckons there are more than 200 exploit brokers in the world. Such brokers buy exploits from freelance hackers, who make a profitable hobby out of searching for vulnerabilities. They then sell them to those who can use them. Some, Zerodium and Gleg among them, are perfectly respectable, and choosy爱挑剔的; 难讨好的 about whom they deal with (Zerodium says it declines more sales than it makes). Government agencies in America and western Europe, in particular, are eager customers. Others are less scrupulous [ˈskru:pjələs]严谨的. For example, e-mails posted to WikiLeaks in 2015 show that Hacking Team, a Milanese broker, sold exploits to Bahrain, Egypt, Morocco, Russia, Saudi Arabia, Sudan and the United Arab Emirates, none of which has a sparkling record of democracy and freedom. Exploits are also sold in shadowy online markets, where customers are often out-and-out criminals. At some point, no doubt, WannaCry changed hands this way. Nor is that lack of doubt rhetorical [rɪˈtɒrɪkl]修辞的,虚夸的 for monitoring activity in the nether [rɪˈtɒrɪkl] 下面的parts of the web can, and in this case did, offer omens[ˈəʊmən] 征兆; 预兆 of trouble to come. Just as someone will sell you an exploit, so someone else will sell you a warning. One such is CYR3CON, in Phoenix, Arizona. This firm produces reports of possible threats, based on the results of its software sifting筛分; 精选 automatically through the online writings, in 15 languages, of hackers involved in the field. On April 15th, a month before Wanna-Cry began freezing data on Windows basedcomputers, CYR3CON’s software picked up chatter about exploits designed for just that task. Eleven days later, it highlighted exchanges about one such exploit that had been installed but not yet activated on more than 62,000 computers. Many were in medical facilities that had previously paid up “without unnecessary conversations”. Forewarned [fɔ:ˈwɔ:n]预先警告, those who had been using CYR3CON’s services could take precautions预防措施. Others were not so fortunate. 1.Never grow old----The Cranberries.