

2023-10-29    11'41''

主播: 英文小酒馆 LHH

519 2

可以搜索公号【璐璐的英文小酒馆】或者添加【luluxjg2】咨询课程or加入社群,查看文稿和其他精彩内容哦~ Welcome back to Geek Time advanced. Welcome, Lulu. Hi, Brad. So we're gonna continue on with talking about cyber security. Remember, last time when we were finishing up, I asked a question if there are so many people who are experts in cyber security, why are the attackers still winning in a lot of the situations? Why are they still able to make the attacks successful, so to speak. Well, one thing that makes it difficult is that they are always looking for new ways. There's always new computer systems. They make a new operating system. Windows does this every like 5 years or so. And whenever they make a new operating system, there is always going to be some flaws in it. And so basically, while the defenders are out there trying to keep the system defended, the attackers or the bad people are going out there and finding things and then using those exploits to hack into the system. The defenders are always two steps behind the attackers. Can you not preempt some of these attacks if you already know, or if you already see the potential of a loophole? You can. And sometimes people will find a loophole before anyone attacks it. Sometimes they don't even know if anyone has attacked it before they find it. So it's always really difficult. There's... whenever they make a new system, they can look for all the loopholes, but they're never going to find them all. I suppose as the defending side, you have to be all encompassing, all enveloping. You have to really take care of every little detail, but as the attacker, you only need one loophole to be in. I see, so cyber security essentially is ultra important because last time we were talking about it is linked with the integrity of critical infrastructure. Right. People's livelihood, the stock exchange is all on the internet. People transfer money from bank to bank via their computers. People pay their bills nowadays via computer. Everything is online. Can I just ask like a I don't know if it's a related question, so talking about who has access to certain internet. Who has like, I don't know if it's called privilege, security clearance, how does that work? When you work for a company, basically, the idea is to give every user as limited a privilege as possible. We often call this privilege. So basically, they say okay you need access to these rooms, you need access to this data. And We're only going to give you access to those bits of data because that's what you need. And so limits the liability for the company saying that okay you don't have access to the things you don't need. If you did access those that might be a problem. So you're breaking the law. Yeah. Basically the ideas that we want to limit the accessibility to things as much as possible.