4 minute read
Unit 27 Zero-day Vulnerabilities: World War on the Net
from ACE Reading Lite
by 翰林出版
Zero-day Vulnerabilities:
World War on the Net
Advertisement
5
10
15
Aaron Portnoy started his hacking career when he was still in high school, and now he is the co-founder of a company called Exodus Intelligence. His company finds and sells “zero-day vulnerabilities,” meaning undetected bugs, or flaws, in applications or software. The term “zeroday” indicates that the bug is new and fresh, having existed for exactly zero days, so no one has tried to fix it yet.
Vulnerabilities in popular applications and operating systems are worth hundreds of thousands of dollars because the Internet is a war zone. In this war, bugs are weapons, and people like Portnoy are arms dealers. When a researcher at Exodus finds a vulnerability, he or she makes technical documentation that discloses what it does, where it exists, how to root it out, and so on. Most importantly, Exodus provides clients with an exploit, which is the procedure they have to follow to actually initiate the bug and take advantage of it.
Exodus’ clients come in two basic types, offensive and defensive. Playing for the defense are security firms and antivirus vendors who are looking for information they can integrate into their products, or who want to keep their clients updated on what threats are out there. On offense are testers who use Exodus’ zero-days to stage simulated attacks on their own or other people’s networks.
20
Stuxnet―a highly infectious computer worm―is a good example of what makes zero-day vulnerabilities so useful. Stuxnet was utilized by the U.S. and Israel in 2009 to disrupt Iranian nuclear plants. It was introduced into the facility’s computer system by a spy with a USB drive. The worm checked out the place and transmitted detailed intelligence back to its masters. What made Stuxnet so effective? In a word: bugs. To get the access it needed, Stuxnet took advantage of at least four distinct vulnerabilities, including one in Microsoft Windows.
Cyberwar isn’t the future; it’s already here. Below the fancy and social surface, the Net is a fierce warzone, and vulnerabilities and their exploits are the keys to winning the battle.
Reading Comprehension
1. What is the main idea of this passage?
AThe cyberwar is a serious problem that influences everyone’s lives.
BVulnerabilities can be taken advantage of, which gives rise to businesses.
CThere are hackers who, like Aaron Portnoy, make a living by selling vulnerabilities.
DCyber weapons, such as Stuxnet, are threatening national security.
2. What does “masters” refer to in the fourth paragraph?
AComputer systems.
BThe U.S. and Israel.
CNuclear plants.
DVulnerabilities.
3. According to the passage, what is the function of an exploit? ATo enable the clients to benefit from a vulnerability. BTo document the information about a vulnerability. CTo increase the number of zero-day vulnerabilities. DTo help find out the existence of vulnerabilities.
4. What is the tone of the author in this passage?
AObjective. BApproving. CSkeptical. DConcerned.
Words and Idioms
1. intelligence [In `tHlEdZEns] n. 1情報 2智力
The spy was on a mission to steal crucial intelligence from Russia.
2. undetected [cOndI `tHktId] adj. 未被偵測的(detect v. 偵測;偵查)
It surprised Sam that his scissors went undetected through the airport security check. 3. flaw [flG] n. 瑕疵;缺陷
The company recalled its products because some major flaws were found in them. 4. arms [Frmz] n. 軍火;武器(常用複數)
The government has reduced the budget for arms and also cut down on the number of soldiers. 5. disclose [dIs
`kloz] v. 揭露
As a journalist, Judy was never afraid of disclosing the scandals of powerful politicians.
6. initiate [I ` nISIet] v. 啟動;開啟
The students initiated a project to reduce plastic waste on campus. 7. firm [fQm] n. 公司
The law firm was established by a friend of mine who used to be a judge.
8. vendor [` vHndP] n. 小販;攤販
The vendor has been selling vegetables and fruit in the market for more than 20 years.
9. integrate [` IntEcgret] v. 整合;融入;合併
It is not easy for immigrant workers to integrate into the local culture in a short time.
10. utilize [`jutBcaIz] v. 使用;利用
Many students utilize applications on the cell phone to learn English by themselves. 11. disrupt [dIs
` rOpt] v. 中斷;擾亂
Changing schools frequently is likely to disrupt a child’s education. 12. root out ph. 根除
You can’t do things efficiently unless you root out the habit of procrastination.
Words for Recognition
★ vulnerability n. 弱點 ★ dealer n. 交易商
★ simulated adj. 模擬的 ★ hacking adj. 駭客的 ★ exploit n. (程式)漏洞利用 ★ transmit v. 傳送;傳播
Vocabulary Exercises
I. Words in Context: Fill in each blank with a word or an idiom from the box. Change the word form if necessary.
vendor utilize firm arms initiate disrupt disclose root out detect flaw intelligence integrate
1. The shouts of the many street made the market full of energy. 2. Heavy rain the baseball game, which was put off as a result. 3. The police received that some terrorists had planned to bomb a train station. 4. Dennis works in an advertising that specializes in graphic design. 5. The government has tax reforms to bridge the gap between the rich and the poor. 6. The sniffer dogs are able to illegal drugs with their highly sensitive noses. 7. Mr. Smith often his teaching with play by designing fun games for his students. 8. The chef refused to the secret ingredients in his curry sauce.
II. Scrambled Sentences: Rearrange the chunks of words to form a correct sentence. 1. a series of / were initiated / by the government / to improve learning results / educational reforms
2. took advantage of / the flaws in the software / to help arms dealers / the hackers / sell weapons
3. for Jason / it is challenging / his habit of smoking / to root out
4. the local residents / to build houses / and make tools / utilize stones / such as knives and forks
