【10.1.14 紐約時報】在一片對中國的指責聲中，焦點落到網路安全上

來源：ＡＣ四月青年　　　　　　2010-1-15

【原文標題】In Rebuke of China, Focus Falls on Cybersecurity
【中文標題】在一片對中國的指責聲中，焦點落到網路安全上
【登載媒體】紐約時報
【來源地址】http://www.nytimes.com/2010/01/14/technology/14google.html?pagewanted=all
【聲明】本翻譯僅供Anti-CNN/ACCN使用，未經譯者或AC許可，謝絕轉載；謝謝合作。
【譯者】rhapsody

【譯文】

SAN FRANCISCO — Even before Google threatened to pull out of China in response to an attack on its computer systems, the company was notifying activists whose e-mail accounts might have been compromised by hackers.

　　舊金山——就在谷歌因其計算機系統受到攻擊而威脅退出中國之前，該公司還在通知一些（人權）活動者其電子郵箱賬戶可能受到了黑客的入侵。

In a world where vast amounts of personal information stored online can quickly reveal a network of friends and associates, Google』s move to protect individuals from government surveillance required quick action. In early January, Tenzin Seldon, a 20-year-old Stanford student and Tibetan activist, was told by university officials to contact Google because her Gmail account had been hacked.

　　當今世界有大量存儲在網際網路上的個人信息可以很快地展示出朋友和夥伴的網路，谷歌保護個人用戶不受政府監視的行動必須迅速。一月初，20歲的斯坦福大學生，也是藏族活動者的丹增·塞爾冬[1]被學校官員告知，要她聯繫Google公司，因為她的Gmail賬戶受到黑客入侵。

Ms. Seldon, the Indian-born daughter of Tibetan refugees, said she immediately contacted David Drummond, Google』s chief legal officer.

　　塞爾冬小姐出生在印度，父親是藏族難民。她說她立刻聯繫了谷歌首席法律顧問大衛·德魯蒙德。
【大衛·德魯蒙德也是谷歌的公司發展顧問及高級副總裁，之前正是他在谷歌官方博客發表文章表示谷歌可能退出中國，其中一個原因就是「很多註冊地在美國、中國和歐洲的Gmail郵箱賬戶似乎經常受到第三方侵入」——譯註】

「David informed me that my account was hacked by someone in China,」 Ms. Seldon said in a telephone interview. 「They were concerned and asked whether they could see my laptop.」

　　「大衛跟我說我的賬號受到某個在中國的黑客入侵」，塞爾冬小姐在電話訪問中表示，「他們很關心，詢問是否可以看看我的筆記本電腦。」

Ms. Seldon immediately changed her password and became more careful of what she wrote. She also allowed Google to examine her personal computer at the company』s request. Google returned it this week, saying that while no viruses or malware had been detected, her account had indeed been entered surreptitiously.

　　塞爾冬小姐立即換了密碼，寫東西也更小心。她還應谷歌請求允許公司檢查她的個人電腦。谷歌本周早些時候歸回給她電腦，告訴她沒發現病毒或蠕蟲，不過賬號確實被偷偷入侵過。

Google confirmed Ms. Seldon』s account of events, but declined to say whether it had notified other activists who might have been victims of hacking.

　　谷歌證實塞爾冬小姐賬號事件，不過拒絕透露是否通知其他可能受到網路攻擊的活動者。

Mr. Drummond said that an attack originating in China was aimed at its corporate infrastructure.

　　德魯蒙德先生聲稱源自中國的一次（網路）攻擊所針對的是該公司基礎設施【可能指的就是網路設備——譯註】。

While the full scope of the attacks on Google and several dozen other companies remains unclear, the events set off immediate alarms in Washington, where the Obama administration has previously expressed concern about international computer security and attacks on Western companies.

　　儘管對谷歌和其他數十家公司的攻擊仍無清晰的全景，這些事件即刻在華盛頓敲響了警鐘，奧巴馬政府此前已表達過對國際計算機安全以及西方公司受到（網路）攻擊的關注。

Neither the sequence of events leading to Google』s decision nor the company』s ultimate goal in rebuking China is fully understood. But this was not the first time that the company had considered withdrawing from China, according to a former company executive. It had clashed repeatedly with Chinese officials over censorship demands, the executive said.

　　無論是這一連串導致谷歌作出決定的事件，還是該公司譴責中國的最終目的，都未有全面披露。但根據一位公司前任高管的說法，這不是該公司第一次考慮退出中國。谷歌與中國官員之間已在屏蔽的要求上有過反覆的衝突，這位高管說道。

Google said on Tuesday that that in its investigation of the attacks on corporations, it found that the Gmail accounts of Chinese and Tibetan activists, like Ms. Seldon, had been compromised in separate attacks involving phishing and spyware.

　　谷歌在周二表示，在其對公司受到的攻擊的調查中，發現一些中國和西藏（人權）活動者，比如塞爾冬小姐，他們的Gmail賬戶分別受到了涉及網路釣魚和間諜軟體等方式的入侵。

Independent security researchers said that at least 34 corporations had been targets of the attacks originating in China.

　　獨立的安全研究者表示至少有34家公司是這些源自中國的網路攻擊所針對的目標。

Adobe, a software maker, said it had been the victim of an attack, but said that it did not know if it was linked to the hacking of Google. Some reports suggested that Yahoo had been a victim, but a person with knowledge said that Yahoo did not think that it been subject to the same attack as Google.

　　軟體製造商Adobe聲稱自己蒙受了（網路）攻擊之害，但表示不清楚自己受到的攻擊是否與谷歌被入侵有聯繫。一些報道暗示雅虎也受到了攻擊，但一位知情人士表示雅虎並不認為自己和谷歌受到了一樣的攻擊。

The decision by Google to draw a line and threaten to end its business operations in China brought attention to reports of Chinese high-technology espionage stretching back at least a decade. But despite Google』s suggestion that the hacking came from within China, it remained unclear who was responsible. Nevertheless, it presented the Obama administration with a problem of how to respond.

　　谷歌決定（與網路審查）劃清界限並威脅終止在華商業運營，將人們的注意力帶到了中國在高科技領域間諜行為的報道上，而這至少可以追溯到十年以前。但儘管谷歌提出黑客行為源自中國境內，對於誰該為此負責谷歌仍不清楚。不管怎麼說，這還是給奧巴馬政府出了個該如何回應的問題。

Google』s description of the attacks closely matches a vast surveillance system called Ghostnet that was reported in March by a group of Canadian researchers based at the Munk Center for International Studies at the University of Toronto. They found that an automated espionage system based in China was using targeted e-mail messages to compromise thousands of computers in hundreds of governmental organizations. In each case, after the computers were controlled by the attackers, they were able to scan for documents that were then stolen and transferred to a digital storage facility in China.

　　谷歌對（所受）攻擊的描述與被稱為「幽靈網」[2]——多倫多大學蒙克國際研究一組研究人員在去年三月披露的龐大監視系統非常吻合。他們發現了一個位於中國的自動化間諜系統，通過發送有目的的電子郵件訊息入侵了數以百計的政府組織的計算機。對每一案例而言，當計算機被攻擊者控制以後，他們就能檢索檔案，接著竊取並傳輸到位於中國的數字存儲設備。

The researchers stopped short of directly accusing the Chinese government of masterminding the attacks. However, for years there have been reports of attacks planned by so-called patriotic hackers in China, and many American security specialists argue that these are simply irregular elements of the People』s Liberation Army. At the same time, hackers frequently use so-called false flag espionage or denial of service attacks to route their activities through the computers of a third country and hide their identity.

　　研究人員不願直接指證中國政府策劃了這些攻擊。然而，幾年來已有一些報道稱這些攻擊是由中國一些所謂的「愛國黑客」組織的，而多位美國安全專家表示這些（黑客）就是中國解放軍的非常規組成部分。與此同時，黑客頻繁使用所謂的假旗間諜伎倆或拒絕服務攻擊，讓其行動通過第三國的電腦（進行）並隱藏自己的身份。

One of the Canadian researchers said that fellow computer security researchers suspected that the attack on Google and other recent intrusions relied on hackers sending booby-trapped documents that were stored in Adobe』s Acrobat Reader format, which then infect victims』 computers. This method was seen in a recent wave of attacks on the Dalai Lama』s computers. 「We』ve seen a huge upsurge in attacks using Adobe Acrobat,」 said Greg Walton, an editor at Information Warfare Monitor, a publication of the Canadian research group.

　　其中一位加拿大研究人員稱其計算機安全研究員同事懷疑谷歌受到的攻擊以及近期其他入侵事件的成因是：黑客發送了帶有誘餌、存儲為Adobe的Acrobat Reader格式的文檔，進而感染用戶的計算機。這種方法曾在近期一波對達賴喇嘛的計算機的攻擊中見到過。「我們觀察到使用Adobe Acrobat的攻擊有了大幅上升」，格雷格·沃頓說道，他是加拿大研究團體出版物《信息戰觀察》[3]的一名編輯。

A spokeswoman for Adobe said the company was investigating the reports, but could not confirm that the Adobe software was linked to the most recent attacks.

　　Adobe的一位發言人表示該公司正在調查這些報道，但不能確認Adobe的軟體是否與最近的（網路）攻擊事件存在聯繫。

For Google, the attacks appeared to have been the final straw in a series of confrontations with Chinese authorities.

　　對谷歌而言，這些攻擊似乎成了一系列與中國當局衝突中（壓倒性）的最後一根稻草。

Top Google executives, including the chief executive, Eric E. Schmidt, and the co-founders, Larry Page and Sergey Brin, were ambivalent about the decision to go into China in 2006, which involved agreeing to censor some search results on the company』s local search engine, according to a former executive with knowledge of the discussions. The resistance was strong from Mr. Brin, who had grown up in the Soviet Union.

　　根據一位前任高管的說法，谷歌的管理層人員，包括首席執行官埃里克·E·施密特，合夥創始人拉里·佩奇和謝爾蓋·布林，都曾對2006年進入中國的決定懷有矛盾的心態，因為這牽涉到要同意屏蔽掉一些公司本地搜索引擎的搜索結果。在前蘇聯長大的布林先生對此有強烈的抵制情緒。

But after discussions and internal lobbying from Chinese and Chinese-American employees inside Google, as well as some of the company』s sales executives, Google』s top executives came around. They were particularly swayed by the argument that even a censored version of Google』s search engine would provide Chinese people more access to information and help promote free expression in that country.

　　但經過討論，以及中國和美籍華人僱員在谷歌內部的遊說，也包括公司里一些銷售主管的遊說，谷歌的管理層還是同意了。他們尤其為這樣一個論點而改觀：即使是一個屏蔽版的谷歌搜索引擎也能給中國人提供更多的信息渠道，並有助於提升該國的言論自由。

Once the decision was made, however, Google began expanding its operation in China, which it expected would grow to be one of the largest Internet markets. During Mr. Schmidt』s 2006 visit to China, shortly after Google introduced the company』s China-based search engine, Google.cn, he told reporters that it would be 「arrogant」 to try to change China』s censorship laws.

　　不管怎樣，一旦做出決定，谷歌就開始拓展其在中國的的業務，中國預計將成為最大的網際網路市場之一。就在谷歌剛剛揭曉位於中國的搜索引擎Google.cn后，施密特先生（谷歌首席執行官）2006年到訪中國期間曾告訴記者，試圖改變中國的審查制度法律是「傲慢自大的」。

But repeated clashes with Chinese authorities caused Google to reconsider its decision on many occasions, the former executives said. Things almost collapsed in 2008, when Chinese government officials asked Google to censor results not only on Google.cn but also on Google.com. the company』s English-language search engine. Google refused, and after the 2008 Olympics, Chinese officials dropped the issue.

　　但與中國當局的反覆衝突使得谷歌多次重新審視自己的決定，那位前任高管說道。2008年時事態幾近崩潰，當時中國政府官員要求谷歌不止要屏蔽掉Google.cn上的（搜素）結果，連Google.com（谷歌的英語搜索引擎）上的也得屏蔽掉。谷歌拒絕了，而2008年奧運會過後，中國官員也不提這個要求了。

Google now says it thinks that its attempt to help bring openness to China has failed.

　　谷歌現在認為自己給中國帶來開放的企圖已經失敗了。

「We were looking at an environment that is more difficult than it was when we started,」 Mr. Drummond said in an interview on Tuesday. 「Far from our presence helping to open things up, it seems that things are getting tighter for open expression and freedom.」

　　「我們面對的環境比我們剛開始時更加困難」，德魯蒙德先生在周二的一次採訪中說道，「我們幫助開放，但似乎開放言論和自由的空間被收得越來越窄了」。

Robert Gibbs, the White House press secretary, said Wednesday that the White House had been briefed by Google on the company』s decision. However, he declined to describe what actions the government might take in response to the claims of Chinese-directed Internet attacks.

　　白宮新聞秘書羅伯特·吉布斯在周三表示，白宮已經獲悉谷歌的決定。但是，他拒絕說明政府會對中國人發起網際網路攻擊的說法採取什麼相應的行動。

「The recent cyberintrusion that Google attributes to China is troubling, and the federal government is looking into it,」 said a White House spokesman, Nicholas Shapiro. He said that the president had stated that Internet freedom was a central human rights issue on a recent China trip. He also said that the president had made Internet security a national priority.

　　「近來谷歌歸結於中國的網路入侵讓人困擾，聯邦政府正在進行調查」，白宮發言人尼可拉斯·夏皮洛說道。他說總統在近期訪問中國時已說明網際網路自由是一項關鍵的人權議題，還說到總統已把網際網路安全作為一項國家重點。

Gabriel Stricker, a Google spokesman, said Google』s decision to publicize the attacks was motivated in part by its desire to alert activists that their accounts could have been compromised.

　　谷歌發言人加布里埃爾·斯特里克爾聲稱谷歌公開攻擊的決定，一定程度上是出於這樣的意願，即提醒（人權）活動者們，他們的賬戶可能受到了入侵。

The attacks present a challenge for the Obama administration, which last year debated the role of a federal Internet security adviser. The administration is grappling on how to balance stricter security controls and the freedom of technology companies to innovate.

　　這些（網路）攻擊是對奧巴馬政府的一個挑戰。去年當局就聯邦網際網路顧問這一職位進行了辯論，對如何在更嚴厲的安全管制以及科技公司的創新自由之間取得平衡有著激烈爭論。

Several Internet security specialists were quick to point out that a group within the White House led by Lawrence H. Summers, the national economic adviser, had pointed to Google in debates on the appointment as an example of an innovative Silicon Valley company that might be hamstrung by strict new Internet security restrictions.

　　幾位網際網路安全專家會很快指出，國家經濟顧問勞倫斯·H·薩默斯領銜的一個白宮內部團體，在任命（職位）的辯論中以谷歌為例，說明這樣的創新型矽谷公司可能受到嚴厲的網際網路安全規限措施的束縛。

「It』s ironic that the new economy folks at the White House were pushing back against faster movement on cybersecurity to protect companies like Google from stricter regulations,」 said James Lewis, an Internet security specialist at the Center for Strategic and International Studies in Washington. Last year, Mr. Lewis led a bipartisan study calling for the creation of a strong Internet czar reporting directly to the president to combat a rash of new security threats.

　　「具有諷刺意味的是白宮的新經濟官員在排斥保護谷歌等公司免受嚴厲管制的網路安全上的迅速舉動」，華盛頓的戰略與網際網路研究中心的網際網路安全專家詹姆斯·劉易斯說道。去年，劉易斯先生領銜了一項兩黨參與的研究，呼籲創立一個強有力的網際網路「沙皇」（職位），直接向總統報告以對抗大量湧現的新式安全威脅。

The White House said on Tuesday that Howard A. Schmidt, a compromise candidate who was chosen last month to be the Internet security adviser, would not start in the position until later in the month.

　　白宮在周二表示，上月被選為網際網路安全顧問的折衷候選人霍華德·A·施密特，在本月晚些時候才會上任。

-------------------------------------------------------全文翻譯完畢，下為註釋及背景資料-------------------------------------------------------

　　[1]這篇文章裡邊提到的被黑的那位藏族活動者丹增·塞爾冬（Tanzin Seldon）應該也是是自由西藏學生組織（Students for a Free Tibet）成員，而且她參與了去年到中國駐舊金山領事館舉行的抗議活動，其間有一人（不是她）爬上領館建築的屋頂上模擬「絞刑」以示抗議。但繩子突然斷裂，該人從約4.6米高的屋頂摔到陽台上，后被送往醫院治療，應無大礙

　　舊金山媒體的報道：http://www.sfgate.com/cgi-bin/article.cgi?f=/c/a/2008/08/06/BA091269F9.DTL

　　一個相關中文簡介：http://www.macbbs.ca/?viewnews-982

　　[2]《紐約時報》對「幽靈網」的報道：http://www.nytimes.com/2009/03/29/technology/29spy.html?pagewanted=all

　　[3]《信息戰觀察》（Information Warfare Monitor）正是登載「幽靈網」調查報告的媒體，報告的PDF文檔詳見：http://www.f-secure.com/weblog/archives/ghostnet.pdf

谷歌聲稱Gmail被黑的「人權活動者」原來是藏獨----laodai