Newsletter No. 461

461 • 19.8.2015 9 字裏高科 Tech Talks 網絡上的攻防戰 Cross-fires on the Internet 一位軍官在巡視興建中的碉堡時這樣問下屬：「敵人要 攻破這個堅固的堡壘，應從哪裏入手？我們又應如何防 禦？」有的說是碉堡朝太陽的方向、有說是頂部。軍官說： 「一個碉堡最脆弱的地方，是碉堡的裏面。試想，如果碉堡 被敵人潛入，我們的士兵被敵人收買，在碉堡內進行破壞， 碉堡便會不攻自破。」 以上的軍事常識，其實早已被應用於今天網絡襲擊和防禦 的策略裏。網絡保安人員能為企業網絡建造與外界隔絕的 內聯網、築起堅實的防火牆，但如果防火牆內的電腦用戶 缺乏安全意識，或不遵守既定的安全守則，則用戶擁有的權 限，反會累及防火牆內的其他用戶。隨便在互聯網下載一個 軟件，或漫不經心地打開一個電郵附件，就足以讓病毒和木 馬程式在內聯網內擴散，第一道防線被攻破，情況就難以控 制。因此，今天的網絡保安策略，既要防禦外部襲擊，亦要 從內建立起足夠的自我保護意識及文化，包括制定安全政 策，並確保能落實執行。 要杜絕網絡入侵，高端的應對策略已從盲目建立挨打式的防 火牆，發展至收集、分析、共享情報以進行預警的方式。原 來，通過收集世界各地電腦系統的作業日誌，以大數據分析 方法，保安專家每每能掌握黑客襲擊的行為模式。例如他們 會向目標網絡發出進行偵察的木馬程式，不定時地進行網絡 查詢以瞭解目標網絡的結構和伺服器分布狀況，向網內已被 佔領的電腦發出指令等。利用軟件分析這些日誌收集的數 據，有助我們警覺下一波的入侵並及早防範。也由於互聯網 聯通全球，這些情報必須與其他國家、網絡和企業整合共享 才能奏效，沒有人能獨善其身。 In surveying a bunker under construction, a general asked his officers, ‘Where would our enemies attack this bunker from? How should we defend?’ Some said the sun-facing side, some said the top. The general said, ‘The most vulnerable part of a bunker is from within. If it is infiltrated by the enemies, or if some of our soldiers were bought, the bunker would be destroyed from the inside.‘ The above military commonplace is equally applicable to today’s internet battleground. Internet security personnel can design self-sufficient intranets and build foolproof firewalls. However, the complacency of those users within the wall or their non-compliance with security measures may wreak havoc to the other users. A casual downloading of a software or unwittingly opening an attachment to an e-mail will send godspeed to a virus or a Trojan horse. Once the first line of defence is breached, the battle is lost. Internet security strategies must therefore address the inculcation of a sense of self-defence on the inside. Internet high-end defence tactics have evolved from merely building firewalls that defend passively to proactive prevention by tools like Security Information and Event Management (SIEM) systems. By collecting system logs from the world over and subject them to Big Data analyses, security specialists can get a handle on the patterns of hackers’ tactics. Hackers would, for example, send reconnaissance Trojan horses to target networks, send ping signals to help them understand the structure and server distribution of their targets, or communicate with zombie computers already under their control. Deep analysis of these activities captured from system logs leads to an understanding of the next possible waves of attack and hence early prevention. Since the Internet is a borderless territory, such intelligence must be consolidated and shared across nations, networks and enterprises. Collective defence is the only winning formula. 梁光漢 Philip Leung 毒白 One Man’s Meat 西諺有云：「一個人的肉是另一個人的毒藥。」這裏的毒藥應 該不是指穿腸潰肚的砒霜之類。但是當你看到藥物盒蓋上 印有「毒藥」字樣，有否停下來想想是怎麼一回事？ 根據《藥劑業及毒藥條例》（第138章），發售所有列於毒藥 表第I及II部分的藥物，都要印上「毒藥」字樣，目的是提醒消 費者有關藥物必須從有牌零售商取得，並按專業醫護人士的 指示服用。 現代毒理學之父帕拉切爾蘇斯曾經說過：萬物皆為毒，只要 分量適宜便無害。藥物能否去病治傷，端視分量是否適當、 使用是否正確。反之，貽害無窮。 藥物的大家庭親屬繁衍，專業的藥劑師也未必能一一盡錄。 令人心寒的有海洛英及大麻等危險藥品，療效有限、容易令 人沉溺，而且對個人身心以至社會成本都會造成嚴重影響。 輕鬆點看，我們都是所謂消閒藥品的使用者，對以酒精、尼 古丁和咖啡因為首的合法藥品絕不陌生。不論是為了消磨時 間、尋求刺激、催谷表現，目的雖然不一，人們卻仍樂此不疲。 動物界中也滿是懂享受的物種，有些野生猿猴便專揀熟透頂 的鮮果來吃，享受其經過發酵後豐富的酒精成分。不過，適 宜的分量仍是個中訣竅，過量或過分依賴都會造成藥濫。 有一種藥叫安慰劑，最是神祕莫測。藥名來自拉丁文，意思是 「我令你好過」。這也是安慰劑的奇妙之處，本身並無任何 藥性，不知就裏的病人服下竟真的覺得好轉。而且服下多幾 顆安慰劑，比服下單單一顆效果更佳；以靜脈注射，又比淨 吞藥丸為佳。 In the saying ‘One man’s meat is another man’s poison’, poison is not meant to be taken literally. But have you ever raised your eyebrows when seeing on the packet of some medicine the word POISON? According to the Pharmacy and Poison Ordinance (CAP. 138), those drugs in Parts I and II of the Poison List have to be labelled POISON when offered for sale. It serves as a warning to consumers that such drugs should be obtained from licensed retailers and used upon the advice of health care professionals. Paracelsus, the father of toxicology, once said that there is poison in everything and only the dose makes a thing not poisonous. The right dosage and proper use would make a drug palliative or health-improving. Otherwise, it is hazardous to your health. The family of drugs is actually much wider and closer to home than we thought. On the dark side, there are dangerous drugs such as heroin and cannabis, which serve little medicinal purpose, are highly addictive and take heavy tolls on individual wellbeing as well as exacting huge social cost. On the safer side, we are all users of recreational drugs, with alcohol, nicotine and caffeine being the leading legalized varieties. We use them on occasions for mind- altering, performance-enhancing or other purposes. Even animals take drugs recreationally. Some apes pick out over-ripe fruits to enjoy their alcohol content due to fermentation. Of course, the question of dosage is still relevant, as overdose or over-dependence would lead to abuses. The most mysterious member of the drug family must be the placebos. Its Latin origin means ‘I shall please’, hence its characteristic feel-good effect. Patients who have taken placebo pills (which to their ignorance contain no medicinal chemicals or substances) would often feel and/ or get better. The placebo effect is even more powerful by taking several tablets instead of one, and by intravenous injection rather than tablets. 寶健保健 Wealth In Health