2015考研英语阅读英文原刊《经济学人》网络商业及网络安全

　　2015考研英语复习正是强化复习阶段，考研英语阅读在考研英语中占了40分，所以考研英语阅读是英语科目中重要的一项。新东方名师范猛老师曾建议过考研生需要坚持每天泛读10-15分钟的英文原刊。强烈推荐了杂志《经济学人》.杂志中的文章也是考研英语的主要材料来源.希望考研考生认真阅读，快速提高考研英语阅读水平。

　　Online business and security

　　网络商业及网络安全

　　A digital heart attack

　　电子心脏病

　　A flaw in popular internet-security software couldhave serious consequences for all sorts of business

　　广泛使用的网络安全软件出现漏洞，可能会殃及几乎所有企业

　　THE Heartbleed bug sounds like a nasty coronary condition. But it is in fact a software flawthat has left up to two-thirds of the world's websites vulnerable to attack by hackers. “This ispotentially the most dangerous bug that we have seen for a long, long time,” says JamesBeeson, the chief information security officer of GE Capital Americas, an arm of GE. Since itsexistence was revealed on April 7th by researchers at Codenomicon, a security outfit, andGoogle, countless companies around the world that rely on the internet for part or all of theirbusiness have been scrambling to fix the flaw.

　　“心脏流血”，听起来像是某种严重的心脏病的名称。但事实上，它是一个软件漏洞的名字，此漏洞使得全球三分之二的网站暴露于被黑客攻击的危险之中。“这可能是近些年来发现过的最危险的漏洞了，”通用电气旗下的通用电气金融服务公司的首席信息安全官詹姆士·比森说道。这个漏洞是由网络安全研究团队Codenomicon和谷歌于四月七日发现的，自从那时起，全球范围内，只要是或多或少依靠互联网的公司，都火急火燎地在修补漏洞。

　　Ironically, the bug was discovered in OpenSSL, encryption software that was designed tomake the internet more secure. Available free, this open-source code is popular withbusinesses and governments, which use it to help secure everything from online credit-cardtransactions to public services. On April 9th, for instance, Canada's tax authority shut offpublic access to its online services while it checked the security of its systems in the light ofnews about the bug.

　　讽刺的是，这个漏洞是在OpenSSl中发现的，而后者是一个用于提升网络安全的加密软件。OpenSSL是一个免费的开源软件，被企业和政府部门广泛使用，用于保护信用卡交易或公共服务的安全。比如加拿大税务部门的提供的公众网络服务就使用了OpenSSL，在得知漏洞的存在后，税务部门便在四月九日关闭了服务。

　　The flaw makes it possible for hackers to trick a server into spewing out data held in itsmemory. OpenSSL has a feature known as a “heartbeat” that allows a computer at one endof an encrypted link to send occasional signals to the computer at the other end of it, tocheck that it is still online. The researchers discovered that a hacker with knowledge of thebug could replicate this signal and use it to steal all manner of data from a remotecomputer.

　　“心血”漏洞增加了黑客套取存储在服务器上的数据的可能性。OpenSSL有一个名为“心跳”的功能，允许加密链接一端的电脑随机发出一条信息，确认另一端的电脑是否仍然在线。研究人发现，一个熟悉“心血”漏洞的黑客，可以通过复制这个信号来盗取远程计算机上的所有数据。

　　Those data could include encryption keys that let hackers decipher traffic. To make mattersworse, the researchers found that the bug, which is present in some versions of OpenSSL thathave been available since March 2012, allows attacks to be mounted without leaving a tracein targeted computers' “server logs”, so victims are unaware their systems have beencompromised. That means it is impossible to tell for sure what damage has been done.

　　这些数据可能包括可以让黑客解码之前通信内容的密钥。更糟糕的是，研究人员发现，此漏洞从2012起就开始在OpenSSL的一些版本中出现;而且，黑客通过此漏洞攻击时不会在其目标计算机的“服务器日志”中留下痕迹，所以，受害者无法察觉到自己的系统已经被入侵了。

　　The bug has forced companies to find out fast how many of their systems employ thevulnerable versions of OpenSSL. “Everyone knows they have to patch their customer-facinginternet websites, but that is only the tip of the iceberg,” says Jonathan Sander ofSTEALTHbits Technologies, a security firm that is helping one of America's biggest bankswork out where it has deployed the buggy software. Web-connected systems that handlethings such as accounting and personnel data will also need to be checked for the bug.

　　这个漏洞促使企业迅速查明它们自己有哪些系统使用了存在漏洞的OpenSSL。“所有人都知道要去修补他们面向客户的网站，但那些只是冰山一角，”安全公司STEALTHbits Technologies的乔纳森·桑德说。该公司正在帮助美国的一家大型银行定位其系统上的漏洞。其他联网系统，例如处理帐务和私人信息的联网系统，都有必要检查一下是否有漏洞。

　　Mr Sander likens the discovery of the Heartbleed bug to finding a faulty part in nearly everymake and model of car. The problem is that the internet cannot be recalled. Big webcompanies such as Google and Yahoo have moved fast to deal with the bug. But millions ofsmaller e-commerce sites and other businesses face the worrying prospect of being attackedby hackers alerted to the bug's existence as the firms race to fix the problem.

　　桑德说，发现“心血”漏洞，就好比汽车厂商在它的每款车里都发现一个同一个缺陷。但问题是，互联行业里没有召回这一说。像谷歌和雅虎这样的大型网络公司已经立即处理了漏洞。但是还有大量的小型的电商网站和其他类型的小公司只能一边抢修，一边担心被那些获悉漏洞存在的黑客的攻击。

　　The cure includes applying a software “patch” and then choosing new encryption keys toreplace those that may have been compromised. Once this has been done, customers willoften need to change their passwords too. Tumblr, a blogging service owned by Yahoo, hasurged its users to change the passwords they use for all of the secure online services thathold sensitive data about them. Some companies even chose to suspend services whilethey were working on a fix. Bitstamp, a Bitcoin e-currency exchange, temporarilysuspended new account registrations and logins to its existing accounts.

　　补救的办法包括给软件打“补丁”，然后用新密钥替换那些可能被盗取的密钥。完成了这两步之后，用户通常还需要更改他们的密码。雅虎旗下提供博客服务的Tumblr就强烈建议用户更改所有包含他们敏感信息的服务的密码。有些公司甚至在其修补漏洞期间暂停了服务。比特币交易网站Bitstamp就暂时关闭了注册和登录服务。

　　Another Y2 K?

　　另一个千年虫?

　　Perhaps the risk posed by the Heartbleed bug will turn out to be overblown. But if it emergesthat companies' systems have indeed been hacked because of it, this could open a legal canof worms. Firms could argue that they ought not to be punished for using widely trustedsecurity software. But aggrieved customers—and their lawyers—may see things differently.

　　也许，“心血”漏洞可能造成的风险被夸大了。但是一旦真的有公司因此漏洞被黑客入侵了，就可能引起极为棘手的法律纠纷。企业可能会自辩说其不应该因使用被广泛信任的安全软件受罚。但受害的用户和他们的律师可不会这么想。

　　Quite how the bug got into the OpenSSL software in the first place is a mystery. BruceSchneier, an internet-security expert, argues in a blog post that “the probability is close toone” that intelligence agencies have exploited the glitch to nab the encryption keys neededto decipher information about their targets. His guess is that the glitch is the result of acoding error rather than the handiwork of spies, though he says he cannot be sure.

　　至于究竟这个漏洞最初是如何出现在OpenSSL中的，这还是一个谜。网络安全专家布鲁斯·施奈尔在他的一篇博客里称，“毫无疑问”，情报部门已利用此漏洞盗取密钥以获取其监控目标的信息。虽然他不能完全肯定，但他认为漏洞是编程失误的结果，不太可能是间谍的杰作。

　　No matter who is to blame, this episode is another reminder of the security challengescompanies face as ever more economic activity shifts online. According to eMarketer, aresearch outfit, worldwide business-to-consumer e-commerce sales are likely to grow byjust over a fifth this year, to $1.5 trillion. That is a huge commercial opportunity, but it willalso encourage cyber-crooks to target businesses even more vigorously. Expect morecomputer-security heartburn in boardrooms.

　　不管幕后黑手到底是谁，这个事件再一次提醒我们，在企业不断将经济活动向线上转移的过程中，它们将面临大量的安全挑战。据一个名为eMarketer的市场调查公司称，今年全球B2C电商的销售总额将有望达到1.5万亿美元，同比增长超过五分之一。这是巨大的商机，同时也会让网络罪犯们更坚定地咬住企业这块肥肉。就让董事会的老爷们为此烧心窝火吧。

　　词语解释

　　1.vulnerable to 脆弱的

　　As a result, our economy and society arevulnerable to little shocks.

　　于是，在小问题面前，我们的经济和社会变得脆弱不堪。

　　Just as with certain species and theenvironment, some people are more vulnerableto toxic atmospheres than others.

　　正如某些物种和环境一样，有的人在有害的氛围内会比其他人更容易受到伤害。

　　2.design to 用于设计

　　On his personal blog, he compared his design to the previous two dragon stamps.

　　在其个人博客上，他将自己的设计同之前两次发行的龙票设计进行了比较。

　　They reported the results in the summer of 2008 and plan to transfer the design to structuralmaterials such as armor.

　　科学家们已经在2008年夏天提交了报告，并准备把结构信息应用到装甲等材料的设计中。

　　3.shut off 停止;关掉;隔绝

　　The engine shut off and tapped as it cooled.

　　关掉的发动机逐渐冷却，发出轻响。

　　Shut off your computer, and your self stops raging quite as much or quite as loud.

　　关掉你的电脑，那么你的内心就不会有这么多的烦恼，也不会这么招摇地烦恼。

　　4.allow to 允许

　　Allow to freeze solid for 3-4 hours or overnight.

　　允许冻结3-4小时或隔夜固体。

　　Apply solution to the tube and allow to become tacky.

　　在内胎上涂抹胶水并让它发粘。

　　进入8月，很多高校2015年考研招生简章已经发布，请广大15年考生关注，预计到8月底9月初，2015年全国硕士研究生招生简章会陆续发布完成，新东方在线小编第一时间跟踪发布，请大家收藏关注！另有研究生专业目录、考研参考书等最新考研信息，帮助考生及时了解目标院校招生政策及信息。另有西医综合专业考试

新东方名师考研课程 购买进行中