VOA慢速英语2019 研究人员在互联网上发现数亿条脸书网用户的不安全信息(在线收听) |
A Ukrainian security researcher has reported finding a database with the information of more than 267 million Facebook users on the open internet, the Associated Press reports. 据美联社报道,乌克兰一名安全研究人员报告称,他在开放的互联网上发现了一个数据库,其中包括超过2.67亿条脸书网用户的信息。 The data includes names, phone numbers and other identifying information. Nearly all of the users were based in the United States. 这些数据包括姓名、电话号码和其它身份信息。几乎所有用户都位于美国。 Bob Diachenko is an independent security researcher in Kyiv. He told the Associated Press, or AP, that criminals likely collected this data. 鲍勃·迪亚琴科是基辅市一名独立的安全研究员。他对美联社表示,可能是犯罪分子收集了这些数据。 Diachenko said he discovered the database using a search engine. The database was freely accessible on the internet for at least 10 days beginning on December 4. He informed the internet provider which hosted the database on December 14 when he found it. Five days later it was no longer available. 迪亚琴科表示,他使用搜索引擎找到了这些数据。这些数据从12月4日起至少有10天在互联网上可以免费访问。他在12月14日找到这些数据后,通知了托管该数据库的互联网提供商。5天之后该数据库不再可以访问。 Diachenko said someone downloaded the database to a special group website two days before he discovered it. Hackers, or people who secretly get access to computer systems in order to get information or cause damage, use that website. So the database may have been shared among criminals. 迪亚琴科表示,在他发现该数据库的两天之前,有人将它下载到了一个特殊的群组网站上。黑客们,或者说是偷偷访问计算机系统以获取信息或造成破坏的人士都使用这个网站。所以该数据库可能已经在犯罪分子之间共享。 Paul Bischoff runs the British technology news website Comparitech. It partnered with Diachenko to report his findings earlier this month. Bischoff has been writing about Diachenko's discoveries of unsecured databases for about a year. 保罗·比绍夫运营了英国科技新闻网站Comparitech。该网站与迪亚琴科合作于本月初报告了他的发现。比绍夫这一年多一直在写有关迪亚琴科发现不安全数据库的文章。 The researcher provided the AP with 10 examples from the database. This included unique user identifications, or IDs, and two phone numbers that were answered, all of which were linked to real Facebook users. 研究人员从数据库中为美联社提供了10个示例。其中包括唯一的用户标识,以及两个有人接听的电话号码,所有这些都链接到了真实的脸书网用户。 The evidence suggests it was most likely criminals in Vietnam who illegally collected the data. They may have "scraped" it from public Facebook pages or by somehow getting special, high-level access to the service. Scraping is automated data-gathering done by computer programs. A small part of the database includes details on Vietnam-based users. 证据表明可能是越南的犯罪分子非法收集了这些数据。他们可能是从脸书网的公共页面“爬取”到这些数据,或者以某种特殊的高级别权限访问了这项服务。爬取是指由计算机程序自动完成数据收集。该数据的一小部分包括了越南用户的有关信息。 Diachenko said he did not share the database with Facebook, which did not directly confirm the finding. In a statement, representatives for the social media company said it was investigating the issue. They wrote that the finding "likely" involved information gathered before Facebook took some data-protection measures in recent years. The company did not say what those measures were. 迪亚琴科表示,他并未把该数据库共享给脸书网,脸书网没有直接证实这一发现。这家社交媒体公司的代表在一份声明中表示正在调查这一问题。他们写道,该发现“可能”涉及的是在脸书网近年来采取某些数据保护措施之前收集到的信息。该公司并没有透漏这些数据保护措施指的是什么。 In 2018, the company stopped permitting users to search for one another using their phone numbers. It did so after news spread that the political agency Cambridge Analytica had accessed information on up to 87 million Facebook users without their knowledge or permission. 2018年,该公司停止允许用户使用他们的电话号码互相搜索。剑桥数据分析这家政治机构在用户不知情或未许可的前提下获取了高达8700万脸书网用户数据,该消息传开之后,脸书网采取了这一措施。 Diachenko said he had not confirmed when the data was collected. He said all the records appeared to be from January to June of 2019. He added that it was unclear who created them. 迪亚琴科表示,他尚未证实这些数据是什么时候收集到的。他说,所有记录似乎都来自于2019年1月到6月。他还说,目前尚不清楚是谁收集了这份数据。 Security experts say the affected Facebook users are at higher risk of facing password-stealing attacks and identity stealing attempts. The information can be matched with physical and email addresses and other data collected illegally. Facebook user IDs are unique numbers linked with individual accounts. 安全专家表示,受影响的脸书网用户面临密码盗窃攻击和身份盗用尝试的高度风险。这些信息可以跟物理地址和电子邮件地址以及其它非法收集到的数据进行匹配。脸书网用户标识是指与各个账号相关联的唯一编号。 In September, the news site TechCrunch reported that a researcher found Facebook IDs and phone numbers for more than 400 million users online. 今年9月,新闻网站TechCrunch报道称,研究人员在网上发现了超过4亿条脸书网用户标识和电话号码。 In March, Facebook admitted that it had left hundreds of millions of user passwords readable by its employees for years after a security researcher reported on it. 今年3月,在安全研究人员举报之后,脸书网承认多年来一直允许其员工读取数亿用户的密码。 |
原文地址:http://www.tingroom.com/voa/2019/12/493382.html |