下載App 希平方
攻其不背
App 開放下載中
下載App 希平方
攻其不背
App 開放下載中
IE版本不足
您的瀏覽器停止支援了😢使用最新 Edge 瀏覽器或點選連結下載 Google Chrome 瀏覽器 前往下載

免費註冊
! 這組帳號已經註冊過了
Email 帳號
密碼請填入 6 位數以上密碼
已經有帳號了?
忘記密碼
! 這組帳號已經註冊過了
您的 Email
請輸入您註冊時填寫的 Email,
我們將會寄送設定新密碼的連結給您。
寄信了!請到信箱打開密碼連結信
密碼信已寄至
沒有收到信嗎?
如果您尚未收到信,請前往垃圾郵件查看,謝謝!

恭喜您註冊成功!

查看會員功能

註冊未完成

《HOPE English 希平方》服務條款關於個人資料收集與使用之規定

隱私權政策
上次更新日期:2014-12-30

希平方 為一英文學習平台,我們每天固定上傳優質且豐富的影片內容,讓您不但能以有趣的方式學習英文,還能增加內涵,豐富知識。我們非常注重您的隱私,以下說明為當您使用我們平台時,我們如何收集、使用、揭露、轉移及儲存你的資料。請您花一些時間熟讀我們的隱私權做法,我們歡迎您的任何疑問或意見,提供我們將產品、服務、內容、廣告做得更好。

本政策涵蓋的內容包括:希平方學英文 如何處理蒐集或收到的個人資料。
本隱私權保護政策只適用於: 希平方學英文 平台,不適用於非 希平方學英文 平台所有或控制的公司,也不適用於非 希平方學英文 僱用或管理之人。

個人資料的收集與使用
當您註冊 希平方學英文 平台時,我們會詢問您姓名、電子郵件、出生日期、職位、行業及個人興趣等資料。在您註冊完 希平方學英文 帳號並登入我們的服務後,我們就能辨認您的身分,讓您使用更完整的服務,或參加相關宣傳、優惠及贈獎活動。希平方學英文 也可能從商業夥伴或其他公司處取得您的個人資料,並將這些資料與 希平方學英文 所擁有的您的個人資料相結合。

我們所收集的個人資料, 將用於通知您有關 希平方學英文 最新產品公告、軟體更新,以及即將發生的事件,也可用以協助改進我們的服務。

我們也可能使用個人資料為內部用途。例如:稽核、資料分析、研究等,以改進 希平方公司 產品、服務及客戶溝通。

瀏覽資料的收集與使用
希平方學英文 自動接收並記錄您電腦和瀏覽器上的資料,包括 IP 位址、希平方學英文 cookie 中的資料、軟體和硬體屬性以及您瀏覽的網頁紀錄。

隱私權政策修訂
我們會不定時修正與變更《隱私權政策》,不會在未經您明確同意的情況下,縮減本《隱私權政策》賦予您的權利。隱私權政策變更時一律會在本頁發佈;如果屬於重大變更,我們會提供更明顯的通知 (包括某些服務會以電子郵件通知隱私權政策的變更)。我們還會將本《隱私權政策》的舊版加以封存,方便您回顧。

服務條款
歡迎您加入看 ”希平方學英文”
上次更新日期:2013-09-09

歡迎您加入看 ”希平方學英文”
感謝您使用我們的產品和服務(以下簡稱「本服務」),本服務是由 希平方學英文 所提供。
本服務條款訂立的目的,是為了保護會員以及所有使用者(以下稱會員)的權益,並構成會員與本服務提供者之間的契約,在使用者完成註冊手續前,應詳細閱讀本服務條款之全部條文,一旦您按下「註冊」按鈕,即表示您已知悉、並完全同意本服務條款的所有約定。如您是法律上之無行為能力人或限制行為能力人(如未滿二十歲之未成年人),則您在加入會員前,請將本服務條款交由您的法定代理人(如父母、輔助人或監護人)閱讀,並得到其同意,您才可註冊及使用 希平方學英文 所提供之會員服務。當您開始使用 希平方學英文 所提供之會員服務時,則表示您的法定代理人(如父母、輔助人或監護人)已經閱讀、了解並同意本服務條款。 我們可能會修改本條款或適用於本服務之任何額外條款,以(例如)反映法律之變更或本服務之變動。您應定期查閱本條款內容。這些條款如有修訂,我們會在本網頁發佈通知。變更不會回溯適用,並將於公布變更起十四天或更長時間後方始生效。不過,針對本服務新功能的變更,或基於法律理由而為之變更,將立即生效。如果您不同意本服務之修訂條款,則請停止使用該本服務。

第三人網站的連結 本服務或協力廠商可能會提供連結至其他網站或網路資源的連結。您可能會因此連結至其他業者經營的網站,但不表示希平方學英文與該等業者有任何關係。其他業者經營的網站均由各該業者自行負責,不屬希平方學英文控制及負責範圍之內。

兒童及青少年之保護 兒童及青少年上網已經成為無可避免之趨勢,使用網際網路獲取知識更可以培養子女的成熟度與競爭能力。然而網路上的確存有不適宜兒童及青少年接受的訊息,例如色情與暴力的訊息,兒童及青少年有可能因此受到心靈與肉體上的傷害。因此,為確保兒童及青少年使用網路的安全,並避免隱私權受到侵犯,家長(或監護人)應先檢閱各該網站是否有保護個人資料的「隱私權政策」,再決定是否同意提出相關的個人資料;並應持續叮嚀兒童及青少年不可洩漏自己或家人的任何資料(包括姓名、地址、電話、電子郵件信箱、照片、信用卡號等)給任何人。

為了維護 希平方學英文 網站安全,我們需要您的協助:

您承諾絕不為任何非法目的或以任何非法方式使用本服務,並承諾遵守中華民國相關法規及一切使用網際網路之國際慣例。您若係中華民國以外之使用者,並同意遵守所屬國家或地域之法令。您同意並保證不得利用本服務從事侵害他人權益或違法之行為,包括但不限於:
A. 侵害他人名譽、隱私權、營業秘密、商標權、著作權、專利權、其他智慧財產權及其他權利;
B. 違反依法律或契約所應負之保密義務;
C. 冒用他人名義使用本服務;
D. 上載、張貼、傳輸或散佈任何含有電腦病毒或任何對電腦軟、硬體產生中斷、破壞或限制功能之程式碼之資料;
E. 干擾或中斷本服務或伺服器或連結本服務之網路,或不遵守連結至本服務之相關需求、程序、政策或規則等,包括但不限於:使用任何設備、軟體或刻意規避看 希平方學英文 - 看 YouTube 學英文 之排除自動搜尋之標頭 (robot exclusion headers);

服務中斷或暫停
本公司將以合理之方式及技術,維護會員服務之正常運作,但有時仍會有無法預期的因素導致服務中斷或故障等現象,可能將造成您使用上的不便、資料喪失、錯誤、遭人篡改或其他經濟上損失等情形。建議您於使用本服務時宜自行採取防護措施。 希平方學英文 對於您因使用(或無法使用)本服務而造成的損害,除故意或重大過失外,不負任何賠償責任。

版權宣告
上次更新日期:2013-09-16

希平方學英文 內所有資料之著作權、所有權與智慧財產權,包括翻譯內容、程式與軟體均為 希平方學英文 所有,須經希平方學英文同意合法才得以使用。
希平方學英文歡迎你分享網站連結、單字、片語、佳句,使用時須標明出處,並遵守下列原則:

  • 禁止用於獲取個人或團體利益,或從事未經 希平方學英文 事前授權的商業行為
  • 禁止用於政黨或政治宣傳,或暗示有支持某位候選人
  • 禁止用於非希平方學英文認可的產品或政策建議
  • 禁止公佈或傳送任何誹謗、侮辱、具威脅性、攻擊性、不雅、猥褻、不實、色情、暴力、違反公共秩序或善良風俗或其他不法之文字、圖片或任何形式的檔案
  • 禁止侵害或毀損希平方學英文或他人名譽、隱私權、營業秘密、商標權、著作權、專利權、其他智慧財產權及其他權利、違反法律或契約所應付支保密義務
  • 嚴禁謊稱希平方學英文辦公室、職員、代理人或發言人的言論背書,或作為募款的用途

網站連結
歡迎您分享 希平方學英文 網站連結,與您的朋友一起學習英文。

抱歉傳送失敗!

不明原因問題造成傳送失敗,請儘速與我們聯繫!
希平方 x ICRT

「Mikko Hypponen:打擊電腦病毒,捍衛網路安全」- : Fighting Viruses, Defending the Net

觀看次數:3640  • 

框選或點兩下字幕可以直接查字典喔!

I love the Internet. It's true. Think about everything it has brought us. Think about all the services we use, all the connectivity, all the entertainment, all the business, all the commerce. And it's happening during our lifetimes. I'm pretty sure that one day we'll be writing history books hundreds of years from now—this time, our generation will be remembered as the generation that got online, the generation that built something really and truly global. But yes, it's also true that the Internet has problems, very serious problems, problems with security and problems with privacy. I've spent my career fighting these problems.

So let me show you something. This here is Brain. This is a floppy disk—five and a quarter-inch floppy disk infected by Brain.A. It's the first virus we ever found for PC computers. And we actually know where Brain came from. We know because it says so inside the code. Let's take a look. All right. That's the boot sector of an infected floppy, and if we take a closer look inside, we'll see that right there, it actually says, "Welcome to the Dungeon." And then it continues, saying, 1986, Basit and Amjad. And Basit and Amjad are first names, Pakistani first names. In fact, there's a phone number and an address in Pakistan.

Now, 1986, now it's 2011—that's 25 years ago. The PC virus problem is 25 years old now. So half a year ago, I decided to go to Pakistan myself. So let's see, here's a couple of photos I took while I was in Pakistan. This is from the city of Lahore, which is around 300 kilometers south from Abbottabad, where Bin Laden was caught. Here's a typical street view. And here's the street or road leading to this building, which is 730 Nizam block at Allama Iqbal Town. And I knocked on the door. You want to guess who opened the door? Basit and Amjad; they are still there. So here, standing up is Basit. Sitting down is his brother, Amjad. These are the guys who wrote the first PC virus. Now of course, we had a very interesting discussion. I asked them why. I asked them how they feel about what they started. And I got some sort of satisfaction from learning that both Basit and Amjad had had their computers infected dozens of times by completely unrelated other viruses over these years. So there is some sort of justice in the world after all.

Now, the viruses that we used to see in the 1980s and 1990s obviously are not a problem anymore. So let me just show you a couple of examples of what they used to look like. What I'm running here is a system that enables me to run age-old programs on a modern computer. So let me just mount some drives. Go over there. Now, what we have here is a list of old viruses. So let me just run some viruses on my computer. For example, let's go with the Centipede virus first.

And you can see at the top of the screen, there's a centipede scrolling across your computer when you get infected by this one. You know that you're infected because it actually shows up. Here's another one. This is the virus called Crash, invented in Russia in 1992. Let me show you one which actually makes some sound. And the last example, guess what the Walker virus does? Yes, there's a guy walking across your screen once you get infected. So it used to be fairly easy to know that you're infected by a virus, when the viruses were written by hobbyists and teenagers.

Today, they are no longer being written by hobbyists and teenagers. Today, viruses are a global problem. What we have here in the background is an example of our systems that we run in our labs, where we track virus infections worldwide. So we can actually see in real time that we've just blocked viruses in Sweden and Taiwan and Russia and elsewhere. In fact, if I just connect back to our lab systems through the Web, we can see in real time just some kind of idea of how many viruses, how many new examples of malware we find every single day. Here's the latest virus we've found, in a file called Server.exe. And we found it right over here three seconds ago— the previous one, six seconds ago. And if we just scroll around, it's just massive. We find tens of thousands, even hundreds of thousands. And that's the last 20 minutes of malware every single day.

So where are all these coming from then? Well today, it's the organized criminal gangs writing these viruses because they make money with their viruses. It's gangs like—let's go to GangstaBucks.com. This is a website operating in Moscow where these guys are actually buying infected computers. So if you are a virus writer and you're capable of infecting Windows computers, but you don't know what to do with them, you can sell those infected computers—somebody else's computers—to these guys. And they'll actually pay you money for those computers. So how do these guys then monetize those infected computers? Well, there's multiple different ways, such as banking trojans, which will steal money from your online banking accounts when you do online banking, or keyloggers. Keyloggers silently sit on your computer, hidden from view, and they record everything you type. So you're sitting on your computer and you're doing Google searches. Every single Google search you type is saved and sent to the criminals. Every single email you write is saved and sent to the criminals, same thing with every single password and so on.

But the thing that they're actually looking for most are sessions where you go online and do online purchases in any online store. Because when you do purchases in online stores, you will be typing in your name, the delivery address, your credit card number and the credit card security codes. Here's an example of a file we found from a server a couple of weeks ago. That's the credit card number, that's the expiration date, that's the security code, and that's the name of the owner of the card. And once you gain access to other people's credit card information, you can just go online and buy whatever you want with this information. And that, obviously, is a problem. We now have a whole underground marketplace and business ecosystem built around online crime.

One example of how these guys actually are capable of monetizing their operations: we go and have a look at the pages of INTERPOL and search for wanted persons. We find guys like Bjorn Sundin, originally from Sweden, and his partner in crime, also listed on the INTERPOL wanted pages, Mr. Shaileshkumar Jain, a U.S. citizen. These guys were running an operation called I.M.U., a cybercrime operation through which they netted millions. They are both right now on the run. Nobody knows where they are. U.S. officials, just a couple of weeks ago, froze a Swiss bank account belonging to Mr. Jain, and that bank account had 14.9 million U.S. dollars on it. So the amount of money online crime generates is significant. And that means that the online criminals can actually afford to invest into their attacks.

We know that online criminals are hiring programmers, hiring testing people, testing their code, having back-end systems with SQL databases. And they can afford to watch how we work—like how security people work—and try to work their way around any security precautions we can build. And they also use the global nature of Internet to their advantage. I mean, the Internet is international. That's why we call it the Internet.

And if you just go and take a look at what's happening in the online world, here's a video built by Clarified Networks, which illustrates how one single malware family is able to move around the world. This operation, believed to be originally from Estonia, moves around from one country to another as soon as the website is tried to shut down. So you just can't shut these guys down. They will switch from one country to another, from one jurisdiction to another—moving around the world, using the fact that we don't have the capability to globally police operations like this. So the Internet is as if somebody would have given free plane tickets to all the online criminals of the world.

Now, the criminals who weren't capable of reaching us before can reach us. So how do you actually go around finding online criminals? How do you actually track them down? Let me give you an example. What we have here is one exploit file. Here, I'm looking at the Hex dump of an image file, which contains an exploit. And that basically means, if you're trying to view this image file on your Windows computer, it actually takes over your computer and runs code.

Now, if you'll take a closer look at this image file—well, there's the image header, and there the actual code of the attack starts. And that code, it has been encrypted, so let's decrypt it. It has been encrypted with XOR function 97. You just have to believe me, it is, it is. And we can go here and actually start decrypting it. Well, the yellow part of the code is now decrypted. And I know it doesn't really look much different from the original. But just keep staring at it. You'll actually see that down here, you can see a Web address:unionseek.com/d/ioo.exe. And when you view this image on your computer, it actually is going to download and run that program. And that's a backdoor which will take over your computer.

But even more interestingly, if we continue decrypting, we'll find this mysterious string, which says O600KO78RUS. That code is there underneath the encryption as some sort of a signature. It's not used for anything. And I was looking at that, trying to figure out what it means. So obviously, I googled for it. I got zero hits. It wasn't there. So I spoke with the guys at the lab. And we have a couple of Russian guys in our labs, and one of them mentioned, well, it ends in RUS like Russia. All right, and 78 is the city code for the city of St. Petersburg. For example, you can find it from some phone numbers and car license plates and stuff like that. So I went looking for contacts in St. Petersburg, and through a long road, we eventually found this one particular website.

Here's this Russian guy, who's been operating online for a number of years, who runs his own website, and he runs a blog under the popular Live Journal. And on this blog, he blogs about his life, about his life in St. Petersburg—he's in his early 20s—about his cat, about his girlfriend. And he drives a very nice car. In fact, this guy drives a Mercedes-Benz S600 V12 with a six-liter engine with more than 400 horsepower. Now that's a nice car for a 20-something year-old kid in St. Petersburg.
How do I know about this car? Because he blogged about the car. He actually had a car accident. In downtown St. Petersburg, he actually crashed his car into another car. And he put blogged images about the car accident—that's his Mercedes. Right here is the Lada Samara he crashed into. And you can actually see that the license plate of the Samara ends in 78RUS. And if you actually take a look at the scene picture, you can see that the plate of the Mercedes is O600KO78RUS. Now, I'm not a lawyer, but if I would be, this is where I would say, "I rest my case."

So what happens when online criminals are actually caught? Well, in most cases it never gets this far. The vast majority of the online crime cases, we don't even know which continent the attacks are coming from. And even if we are able to find online criminals, quite often there is no outcome. The local police don't act, or if they do, there's not enough evidence, or for some reason we can't take them down. I wish it would be easier; unfortunately it isn't.

But things are also changing at a very rapid pace. You've all heard about things like Stuxnet. So if you look at what Stuxnet actually did is that it infected these. That's a Siemens S7-400 PLC, programmable logic computer. And this is what runs our infrastructure. This is what runs everything around us. PLC's, these small boxes which have no display, no keyboard, which are programmed, are put in place, and they do their job. For example, the elevators in this building most likely are controlled by one of these. And when Stuxnet infects one of these, that's a massive revolution on the kinds of risks we have to worry about. Because everything around us is being run by these. I mean, we have critical infrastructure. You go to any factory, any power plant, any chemical plant, any food processing plant, you look around—everything is being run by computers.

Everything is being run by computers. Everything is reliant on these computers working. We have become very reliant on Internet, on basic things like electricity, obviously, on computers working. And this really is something which creates completely new problems for us. We must have some way of continuing to work even if computers fail.

So preparedness means that we can do stuff even when the things that we take for granted aren't there. It's actually very basic stuff—thinking about continuity, thinking about backups, thinking about the things that actually matter. Now I told you—I love the Internet. I do. Think about all the services we have online, and think about if they are taken away from you, if one day you don't actually have them for some reason or another. I see beauty in the future of the Internet, but I'm worried that we might not see that. I'm worried that we are running into problems because of online crime. Online crime is the one thing that might take these things away from us.

I've spent my life defending the Net, and I do feel that if we don't fight online crime, we are running a risk of losing it all. We have to do this globally, and we have to do it right now. What we need is more global, international law enforcement work to find online criminal gangs—these organized gangs that are making millions out of their attacks. That's much more important than running anti-viruses or running firewalls. What actually matters is actually finding the people behind these attacks, and even more importantly, we have to find the people who are about to become part of this online world of crime, but haven't yet done it. We have to find the people with the skills but without the opportunities, and give them the opportunities to use their skills for good.

Thank you very much.

播放本句

登入使用學習功能

使用Email登入

HOPE English 播放器使用小提示

  • 功能簡介

    單句重覆、重複上一句、重複下一句:以句子為單位重覆播放,單句重覆鍵顯示綠色時為重覆播放狀態;顯示白色時為正常播放狀態。按重複上一句、重複下一句時就會自動重覆播放該句。
    收錄佳句:點擊可增減想收藏的句子。

    中、英文字幕開關:中、英文字幕按鍵為綠色為開啟,灰色為關閉。鼓勵大家搞懂每一句的內容以後,關上字幕聽聽看,會發現自己好像在聽中文說故事一樣,會很有成就感喔!
    收錄單字:框選英文單字可以收藏不會的單字。
  • 分享
    如果您有收錄很優秀的句子時,可以分享佳句給大家,一同看佳句學英文!