蘋(píng)果發(fā)布最新防監(jiān)控系統(tǒng)補(bǔ)丁

One of the world’s most evasive digital arms dealers is believed to have been taking advantage of three security vulnerabilities in popular Apple products in its efforts to spy on dissidents and journalists.

據(jù)信，一家屬于全球滲透性最強(qiáng)之列的數(shù)字武器交易商，一直在利用熱銷的蘋(píng)果(Apple)產(chǎn)品中的三個(gè)安全漏洞，來(lái)監(jiān)視異見(jiàn)人士和新聞工作者。

Investigators discovered that a company called the NSO Group, an Israeli outfit that sells software that invisibly tracks a target’s mobile phone, was responsible for the intrusions. The NSO Group’s software can read text messages and emails and track calls and contacts. It can even record sounds, collect passwords and trace the whereabouts of the phone user.

調(diào)查人員發(fā)現(xiàn)，這個(gè)名為NSO集團(tuán)(NSO Group)的以色列公司對(duì)多起入侵事件負(fù)有責(zé)任。該公司銷售的軟件能夠在無(wú)形中追蹤目標(biāo)的移動(dòng)電話、讀取短信和電子郵件、追蹤通話和聯(lián)系人信息，甚至還能記錄聲音、收集密碼并追蹤手機(jī)用戶的下落。

In response, Apple on Thursday released a patched version of its mobile software, iOS 9.3.5. Users can get the patch through a normal software update.

作為回應(yīng)，蘋(píng)果周四發(fā)布了經(jīng)過(guò)修復(fù)的移動(dòng)軟件版本iOS 9.3.5。用戶可通過(guò)正常的軟件升級(jí)獲取補(bǔ)丁。

Apple fixed the holes 10 days after a tip from two researchers, Bill Marczak and John Scott Railton, at Citizen Lab at the University of Toronto’s Munk School of Global Affairs, and Lookout, a San Francisco mobile security company.

在收到來(lái)自多倫多大學(xué)(University of Toronto)蒙克全球事務(wù)學(xué)院(Munk School of Global Affairs)“公民實(shí)驗(yàn)室”(Citizen Lab)的研究人員比爾·馬爾切克(Bill Marczak)和約翰·斯科特·雷爾頓(John Scott Railton)，以及舊金山移動(dòng)安全公司Lookout的提醒十天后，蘋(píng)果修復(fù)了相關(guān)漏洞。

“We advise all of our customers to always download the latest version of iOS to protect themselves against potential security exploits,” said Fred Sainz, a company spokesman.

“我們建議全體顧客堅(jiān)持下載最新版本的iOS，以保護(hù)自己遠(yuǎn)離潛在的安全漏洞，”蘋(píng)果公司的發(fā)言人弗雷德·賽恩斯(Fred Sainz)說(shuō)。

In interviews and manuals, the NSO Group’s executives have long boasted that their spyware worked like a “ghost,” tracking the moves and keystrokes of its targets, without leaving a trace. But until this month, it was not clear how exactly the group was monitoring its targets, or who exactly it was monitoring.

在采訪和產(chǎn)品使用手冊(cè)中，NSO集團(tuán)的高管長(zhǎng)期夸耀道，他們的間諜軟件工作時(shí)就像“幽靈”一樣，在追蹤目標(biāo)的動(dòng)作和按鍵時(shí)，不會(huì)留下一絲痕跡。但在本月之前，外界并不知道該集團(tuán)究竟是如何監(jiān)視目標(biāo)的，也不知道它到底在監(jiān)視誰(shuí)。

A clearer picture began to emerge on Aug. 10, when Ahmed Mansoor, a prominent human rights activist in the United Arab Emirates, who has been tracked by surveillance software several times, began receiving suspicious text messages. The messages purported to contain information about the torture of U.A.E. citizens.

8月10日，當(dāng)多次被監(jiān)視軟件跟蹤的阿拉伯聯(lián)合酋長(zhǎng)國(guó)著名人權(quán)活動(dòng)人士艾哈邁德·曼蘇爾(Ahmed Mansoor)開(kāi)始收到可疑短信時(shí)，更清晰的畫(huà)面開(kāi)始浮現(xiàn)。那些短信宣稱包含有關(guān)阿聯(lián)酋公民被刑訊逼供的信息。

Mr. Mansoor passed the messages to researchers at the Citizen Lab, who confirmed they were an attempt to track him through his iPhone.

曼蘇爾把短信轉(zhuǎn)給了“公民實(shí)驗(yàn)室”的研究人員。后者證實(shí)，有人企圖通過(guò)他的手機(jī)跟蹤他。

This latest effort was far more sophisticated than what was found aimed at his devices before. The researchers found it was connecting to 200 servers, several of them registered to the NSO Group. Strewn throughout the spyware code were references to Pegasus, the name of an NSO Group spyware product.

最新這次行動(dòng)，遠(yuǎn)比以前發(fā)現(xiàn)的針對(duì)曼蘇爾的設(shè)備所采取的行動(dòng)更復(fù)雜。研究人員發(fā)現(xiàn)，它和200臺(tái)服務(wù)器相連，其中幾臺(tái)登記在NSO集團(tuán)的名下。間諜軟件代碼中多次提到Pegasus，這是NSO集團(tuán)一款監(jiān)視軟件產(chǎn)品的名字。

Citizen Lab brought in Lookout to help examine the code. Together, they discovered that the spyware relied on three previously unknown iOS vulnerabilities — called “zero days” because Apple didn’t know about them and had zero days to patch them.

“公民實(shí)驗(yàn)室”請(qǐng)Lookout來(lái)協(xié)助研究這些代碼。他們?cè)诤献髦邪l(fā)現(xiàn)，這款間諜軟件依賴之前不為人知的三個(gè)iOS安全漏洞。它們被叫做“零日”(zero days)，因?yàn)樘O(píng)果不知道它們，沒(méi)花哪怕一天時(shí)間去修復(fù)它們。

In many cases, the NSO Group had designed its tools to impersonate those of the Red Cross, Facebook, Federal Express, CNN, Al Jazeera, Google and even the Pokemon Company to gain the trust of its targets, according to the researchers.

研究人員稱，很多情況下，NSO集團(tuán)把自己的工具設(shè)計(jì)得像紅十字會(huì)(Red Cross)、Facebook、聯(lián)邦快遞(Federal Express)、CNN、半島電視臺(tái)(Al Jazeera)、谷歌(Google)，甚至寶可夢(mèng)公司(Pokemon Company)的一樣，以便獲取目標(biāo)的信任。

“NSO Group was very professional, and very effective in staying silent,” said Mike Murray, a vice president at Lookout.

“NSO集團(tuán)非常專業(yè)，在保持沉默方面也非常有效，”Lookout的副總裁邁克·默里(Mike Murray)說(shuō)。

In recent years, zero day flaws have been traded among hackers, brokers, companies like the NSO Group, and spy agencies and law enforcement networks eager for ways to break into devices.

近年來(lái)，零日漏洞在黑客、中間商、NSO集團(tuán)這樣的公司，和迫切地想要破解設(shè)備的間諜機(jī)構(gòu)與執(zhí)法網(wǎng)絡(luò)之間交易。

Flaws in Apple’s iOS software are sold at a premium. Last year, a similar zero-day exploit in Apple’s iOS software was sold to Zerodium, a Washington buyer and seller of zero-days, for $1 million.

蘋(píng)果iOS軟件中的漏洞售價(jià)高昂。去年，蘋(píng)果iOS軟件中一個(gè)類似的零日漏洞被以100萬(wàn)美元(約合670萬(wàn)元人民幣)的價(jià)格，賣給了華盛頓零日漏洞中間商Zerodium公司。

Earlier this year, James Comey, the director of the Federal Bureau of Investigation, announced that his agency had paid hackers who found a way for the F.B.I. to crack into an iPhone used by one of the shooters in last year’s mass killings in San Bernardino, Calif. Neither the hackers nor the F.B.I. have told Apple how this was accomplished.

今年早些時(shí)候，聯(lián)邦調(diào)查局(Federal Bureau of Investigation，簡(jiǎn)稱FBI)局長(zhǎng)詹姆斯·科米(James Comey)宣布，F(xiàn)BI向?yàn)槠湔业狡平庖徊縤Phone的辦法的黑客支付了報(bào)酬。那部iPhone的主人是去年加州圣貝納迪諾大規(guī)模殺人事件中的槍手之一。黑客和FBI均未告訴蘋(píng)果公司他們是怎么做到的。

Apple’s software update patches the NSO Group’s exploits, but it is unclear whether the company has patched the vulnerabilities used by the F.B.I. to crack into its iPhone. Apple recently began a “bug bounty” program to pay hackers who report vulnerabilities in its systems.

蘋(píng)果的軟件更新修復(fù)了被NSO集團(tuán)利用的漏洞，但尚不清楚該公司是否修復(fù)了被FBI用來(lái)破解那部iPhone的漏洞。最近，蘋(píng)果啟動(dòng)了一個(gè)“漏洞獎(jiǎng)勵(lì)”計(jì)劃，出錢讓黑客報(bào)告其系統(tǒng)中的漏洞。

Among the other NSO targets, besides Mr. Mansoor, were Rafael Cabrera, a Mexican journalist, who broke a story on conflicts of interest among Mexico’s ruling family. In several cases, NSO Group’s tools had been crafted to target users in Yemen, Turkey, Mozambique, Mexico, Kenya and the U.A.E.

除曼蘇爾外，NSO的其他目標(biāo)還包括墨西哥記者拉斐爾·卡布雷拉(Rafael Cabrera)。他寫(xiě)了一篇揭露墨西哥統(tǒng)治家族中的利益沖突的報(bào)道。在幾個(gè)案例中，NSO集團(tuán)制作的工具被用來(lái)追蹤也門、土耳其、莫桑比克、墨西哥、肯尼亞和阿拉伯聯(lián)合酋長(zhǎng)國(guó)境內(nèi)的用戶。

Zamir Dahbash, an NSO Group spokesman, said in an email, “The company sells only to authorized governmental agencies, and fully complies with strict export control laws and regulations.”

NSO集團(tuán)的發(fā)言人扎米爾·達(dá)巴什(Zamir Dahbash)在電子郵件中表示，“本公司只面向獲得授權(quán)的政府機(jī)構(gòu)銷售產(chǎn)品，并完全遵守嚴(yán)格的出口管控法律規(guī)定。”

Mr. Dahbash added that NSO Group does not operate any of its systems and requires that its customers use its products in a “lawful manner.” “Specifically,” he said, “the products may only be used for the prevention and investigation of crimes.”

達(dá)巴什接著表示，NSO集團(tuán)不操作自己的任何系統(tǒng)，并且要求客戶“合法”使用其產(chǎn)品。“具體來(lái)說(shuō)，”他說(shuō)。“相關(guān)產(chǎn)品僅用于預(yù)防和調(diào)查犯罪。”

He would not say if the software is used by government agencies in the U.A.E. or Mexico.

他沒(méi)有透露阿拉伯聯(lián)合酋長(zhǎng)國(guó)或墨西哥的政府機(jī)構(gòu)是否使用了相關(guān)軟件。

In 2014, NSO Group sold a majority stake to San Francisco-based private equity firm Francisco Partners Management LLC for $120 million. Francisco Partners declined to comment.

2014年，NSO集團(tuán)將多數(shù)股權(quán)作價(jià)1.2億美元，賣給了總部設(shè)在舊金山的私募股權(quán)公司Francisco Partners Management LLC。后者拒絕置評(píng)。

Mr. Mansoor said in an interview that the discoveries were a sad reminder that no matter what he does to protect his devices and digital security, he will continue to be a target for companies that provide this sort of spying technology.

曼蘇爾在接受采訪時(shí)表示，這些發(fā)現(xiàn)令人遺憾，提醒他注意，不管為保護(hù)自己的設(shè)備和數(shù)字安全采取了何種措施，他依然會(huì)成為提供這種間諜技術(shù)的公司的目標(biāo)。

“I guess I am their regular customer,” he said. “I am the guinea pig.”

“我猜我是他們的老客戶，”他說(shuō)。“我就是那個(gè)試驗(yàn)對(duì)象。”

Bill Marczak, the researcher at Citizen Lab who has been helping Mr. Mansoor protect his digital security, said that the surveillance experienced by Mr. Mansoor is likely to expand.

一直在幫助曼蘇爾保護(hù)其數(shù)字安全的“公民實(shí)驗(yàn)室”研究人員比爾·馬爾切克說(shuō)，曼蘇爾經(jīng)歷的這種監(jiān)視可能會(huì)擴(kuò)大。

“The targeting of these activists and dissidents is a taste of what’s to come,” Mr. Marczak said. “What they’re facing today will be faced by ordinary users tomorrow.”

“針對(duì)這些活動(dòng)人士和異見(jiàn)人士的活動(dòng)預(yù)示著未來(lái)的發(fā)展趨勢(shì)，”馬爾恰克說(shuō)。“他們今天面臨的情況，普通用戶明天也會(huì)遇到。”