評論
打印
Cyber-security
網絡安全
The internet of things (to be hacked)
(或將遭遇黑客的)物聯網
Hooking up gadgets to the web promises huge. But security must not be an afterthought
將各種東西交聯到互聯網上似乎前景極大,但首先應該考慮到安全問題。
CYBER-SECURITY is now part of all our lives. “Patches” and other security updates arrive for phones, tablets and PCs. Consultants remind us all not to open unknown files or plug unfamiliar memory sticks into our computers. The bosses of some Western firms throw away phones and laptops after they have been to China assuming they have been hacked. And yet, as our special report this week points out, digital walls keep on being breached. Last year more than 800m digital records, such as credit- and debit-card details, were pinched or lost, more than three times as many as in 2012. According to a recent estimate by the Centre for Strategic and International Studies, a think-tank, the cost to the global economy of cybercrime and online industrial espionage stands at 445 billion a year—about as much as the GDP of Austria.
如今,網路安全與我們每個人息息相關。手機、平板電腦以及個人電腦上的各種“補丁”以及其他的安全更新應運而生。安全顧問提醒我們不要打開未知文件或將陌生的記憶棒連接到自己的電腦上。一些西方公司的老板如果在中國遭遇黑客,他們就會將手機跟筆記本電腦扔掉。正如本周的特別報道中指出的,數字墻正遭受著源源不斷的攻擊。去年,諸如信用卡和借記卡記錄在內的超過800m的數字文件被刪除或丟失,是2012年的三倍之多。據戰略和國家問題研究中心—一個智庫—最新評估稱,全球經濟網絡犯罪和網絡工業間諜活動一年耗資為4450億美元,將近奧地利的GDP。
Now a new phase in this contest is emerging: “the internet of things”. This involves embedding miniature computers in objects and connecting them to the internet using wireless technology. Cisco, a technology company, predicts that 50 billion connected devices will be in circulation by the end of the decade, up from 11 billion last year. Web-connected cars and smart appliances in homes are becoming more common, as are medical devices that can be monitored by doctors many miles from their patients. Tech companies are splurging cash: witness Google's punt on driverless cars and the 3.2 billion it has spent buying Nest, a maker of smart thermostats.
如今,這場對抗的新階段正在形成——即物聯網。包括將微型計算器嵌入物體中并利用無線技術將他們連入互聯網。思科技術公司預測,在去年110億的基礎上,2020年底以前將有500億連接裝置處于流通。聯網汽車和智能家電以及能供醫生遠距離監控病人的醫療裝置越來越普遍??萍脊境饩拶Y于此,例如谷歌投資無人駕駛汽車并花費32億美元收購智能恒溫器公司Nest。
Such connectivity offers many advantages, from being able to adjust your house's heating when you are in the office to alerting your doctor that your insulin level has risen. But it also gives malicious hackers an easy way to burrow deeper into people's lives. The small, embedded computers at the centre of the internet of things do not have as much processing power or memory as, say, a smartphone, so security software on them tends to be rudimentary. There have already been instances of nefarious types taking control of webcams, televisions and even a fridge, which was roped into a network of computers pumping out e-mail spam. And security researchers have found ways of hacking into some kinds of medical devices and cars, though this still requires specialist knowledge and kit. The wireless heart monitor of Dick Cheney, America's former vice-president, was modified to stop remote assassination attempts.
這樣連通性提供了許多好處,例如當你在辦公室就能夠調節房子的供暖設備,又或是在你的胰島素水平上升時提醒醫生。但同時它也使得惡意黑客們很容易就深入挖掘到人們的生活。物聯網中心的小型嵌入式計算機沒有像只能手機那樣的多處理能力或內存,所以往往需要安全軟件。已經有通過網絡群發垃圾郵件控制攝像頭、電視甚至冰箱的例子。盡管需要專業的知識和裝備,安全研究人員仍發現一些侵入某些醫療設備和汽車的方法。美國前副總統迪克·切尼的無線心臟監視器就是通過修改來停止遠程暗殺的。
Beware the fridge in Ealing
當心伊林的冰箱
For the companies building the internet of things, its vulnerability could be costly. The tactic of pumping out new software as fast as possible and then issuing patches later to fix flaws in the code may be tolerable if all that is lost is data, but if it involves personal safety, consumers will be less tolerant. In order to avoid lurid headlines about cars crashing, insulin overdoses and houses burning, tech firms will surely have to embrace higher standards. Just as with computers and phones, there will be more passwords and more updates, though that may make the internet of things less easy to use—a blow for a business based on making life more convenient.
對于構建物聯網的公司而言,計算機的漏洞可能會使其付出巨大代價。如果只是丟失了數據,盡快推出新的軟件然后發布補丁修復代碼中的缺陷這一策略是可以被接受,但如果涉及到人身安全,消費者將不會那么寬容了。為了避免關于撞車、胰島素過量以及房屋失火等聳人聽聞的標題,科技公司必將執行更高的標準。就像電腦和電話,物聯網將會需要更多的密碼和更新,盡管使用上不再方便,但這是為了使生活有更多的便利。
For governments, the temptation will be to panic and do too much. They should make clear that web-connected gadgets are covered by existing safety laws and existing product-liability regimes: last year Japan's Toyota was successfully sued for installing malfunctioning, but not web-connected, software. Wrongdoers should be punished, but the best prompt for securing the internet of things is competition. Either tech firms will find ways to make web-connected gadgets more dependable, or people will decide they can live without them. Who needs a smart fridge anyway?
對于政府來說,這種誘惑是危與機并存的。他們理應明確上網設備是由現有的安全法律、現有的產品責任制度所涵蓋。去年日本豐田成功起訴了安裝故障而不是網絡連接或軟件。違法者應該受到懲罰,但保障物聯網的最好方式是競爭。是科技公司設法使上網設備更可靠,還是人們決定他們生活中是否應該依賴于此?到底是誰需要一個智能冰箱呢?
