首页 >> 新闻 >> 正文


2018年12月10日 09:41:12来源:国际助手

  • Science and technology科学技术Invasive species侵略性物种Thorny questions棘手问题The ecological effects of buckthorn in North America北美鼠李属植物的生态影响CONSERVATIONISTS, being by definition conservative, usually view the introduction of new species into an environment with horror.生态环境保护者,从定义上看就偏于保守,常对固有环境中新物种的引入恐惧不已。If such a species is successful, it is described as invasive—a rather pejorative word.一种新物种一旦引入成功,它常常具有侵略性—一个含贬义的词语。But how much change such species actually cause is often moot.然而,这些物种究竟造成环境多少改变?So two recent studies of European buckthorn in North America, which attempt to find this out, are a welcome shaft of light on the debate.常常引来争论。最近对鼠李属植物的两项研究有助于搞清这一问题。所以该研究在这场争论中受人瞩目。Buckthorn was imported from Europe to America in the 19th century, to make garden hedges.鼠李属植物在19世纪从欧洲出口到美国,用来制作花园围篱。Since then it has sp through the countrys woodlands, which many naturalists think has been bad for local wildlife.从那时起,它席卷了美国林地。在许多自然主义者眼中,它对当地野生物种产生了不利影响。The new studies suggest they are right—if you are a frog or a small bird.但新的研究明他们的观点仅适用于青蛙或是小鸟。If you are a coyote or a raccoon, though, buckthorn is a good thing.对于土狼和浣熊,鼠李属植物可是好东西。Seth Magle, of Lincoln Park Zoo, in Chicago, suspected these predators are commoner where buckthorn grows.赛思在芝加哥林肯动物园工作,他认为在鼠李属植物生长的地方,这些食肉动物是常客。He therefore set up motion-activated cameras in 35 woods near the city.于是他在芝加哥周围的35处丛林中架设了移动追踪照相机。Some sites had a lot of buckthorn. Some did not.一些丛林鼠李属植物繁盛,一些则不然。He did indeed find more coyotes and raccoons where buckthorn is common—particularly in spring, when birds are nesting.在鼠李属植物常见地区,他的确发现了更多土狼和浣熊,—尤其是春天,鸟儿筑巢的时节。Buckthorn is notorious for overshadowing other plants and thus inhibiting their growth.鼠李属植物臭名昭著,因为它遮挡其他植物,继而抑制其生长。That thins the forest understorey and increases visibility which, Dr Magle reckons, helps predators spot nests that denser vegetation would hide.玛格拉士认为,森林下层林木由此变稀薄,能见度增加。这有利于肉食动物找到能被密集植物隐藏的巢穴。So the predators come looking.于是,肉食动物前来寻找。Besides overshadowing its neighbours, buckthorn also engages in chemical warfare.鼠李属植物除了挡住了他的邻居,还参与了化学战争。Its leaves are full of a toxin called emodin that discourages browsers.它的叶子充满了一种名为大黄素的毒素,使得食草动物望而却步。Allison Sacerdote-Velat, one of Dr Magles colleagues at Lincoln Park Zoo, and Richard King of Northern Illinois University, wondered what effect this chemical has on the world when the leaves fall off.阿里森,和北部伊利诺斯州大学的瑞查德,均好奇当叶子脱落后,这种化学物对地面有何影响。Emodin, they found, when they tested it on frogspawn, kills embryonic frogs. And when they analysed some local ponds, they discovered the chemical in them. Amphibian numbers have been falling in many places, including America, and many causes have been suggested. Emodin is surely not the only one. But it probably does not help.他们在对蛙卵的实验中发现,大黄素可以杀死胚胎期的青蛙。他们又调查了一些当地的池塘,发现大黄毒蕴含其中。包括美国在内的许多地方,两栖类动物数量均在下降,其原因有许多。大黄毒毫无疑问并非唯一原因,但它也不大可能起到什么好的作用。 /201311/265678。
  • This was as welcome as it was unexpected.这是受欢迎的,因为它意想不到。Not only does Khri bKra shis Grags pa lde proclaim the pair to be his personal guests, he invites them to stay and teach their beliefs even altering the building and the chapel.不仅管理这一切克里克巴宣告两人为自己的客人,他甚至邀请他们留下来传授信仰改变建筑和教堂。Such behavior would have infuriated the Buddhists at Tholing.这样的行为会激怒了在托灵的佛教徒们。They saw the kings actions as a betrayal against Buddihism.他们认为国王的行为是对佛教的背叛。It was a move that would not go unanswered.必须针对此举采取行动。According to stories later recorded Andrade, what happened next was an uprising against the king that would forever change the course of Guges history.根据故事后安德拉德的记录,接下来发生的事情是将永远改变古格的历史反抗国王的起义。 201403/279443。
  • So there it is, the Orange River, with splendid in all its glory.就是这里,奥兰治河,流淌着本身就是辉煌的荣耀。Its journey leads all the way across Africa before making its dramatic plunge.在急速下降入海前这条河的旅程触及非洲每一个角落。The life blood of the area.称它为这个地区的生命血液也不为过。This has been my most remote walk so far and weve crossed some pretty harsh terrain.这是我到目前为止最偏远的行走,而且我们已经越过一些相当严酷的地形。In Marsel Bay walk one, I said Id always want to make a series here.在马瑟尔湾的探寻中,我曾经坦言道一直想做这个系列。I didnt think it would be a walking series,我不认为这会成为一个徒步旅行系列,but actually walk better way to explore this geography, the color, the history of South Africa that on foot under your own stem.但实际上用你的双脚去感知,去探索这里的地貌,色及南非的历史是再好不过的方法,一切尽皆通过你自己的双脚。My walk in this country has taken me on an evolutionary curve,我在这个国家的行走已经带领我历经了人类演化的旅途,from the rich history in bustling tourism of the Garden Route to the colorful majesty of the Drakensberg, the wonderful isolation of wilderness of the Kruger Park.从花园路线具有丰富历史的游览到多姿多威严的德拉肯斯堡,再到美不胜收的世外桃源般的荒野克鲁格公园。And now on my final walk, this wild desert adventure.现在在这个野生沙漠探险就是我的最后终点。 201310/260866。
  • Science and technology科学技术Computer passwords电脑密码Speak, friend, and enter说,朋友和进入Computer passwords need to be memorable and secure.电脑密码须具备两个特性:易记及难猜。Most peoples are the first but not the second.但是大部分人的密码只注重了前者却忽略了后者。Researchers are trying to make it easier for them to be both研究人员正努力让两者兼而有之变得更以实现。PASSWORDS are ubiquitous in computer security.密码在电脑安全领域的应用相当普遍。All too often, they are also ineffective.但他们往往没起什么作用。A good password has to be both easy to remember and hard to guess, but in practice people seem to plump for the former over the latter.一个好密码必须具备易记及难猜两个特征,而实际上人们好像只注意到了前者而忽略了后者。Names of wives, husbands and children are popular.以妻子,丈夫或孩子的名字作为密码的人大有人在。Some take simplicity to extremes: one former deputy editor of The Economist used z for many years.有些人的密码简单到了极点:The Economist的一位前副主编多年来一直用Z作密码。And when hackers stole 32m passwords from a social-gaming website called RockYou, it emerged that 1.1% of the sites users—365,000 people—had opted either for 123456 or for 12345.当黑客在社交游戏网站盗取了3200万用户的密码后,人们才发现原来这个网站大约1.1%的用户-也就是365,000人-选择了12345或123456作为密码。That predictability lets security researchers create dictionaries which list common passwords, a boon to those seeking to break in.安全性研究人员于是根据密码的这种可预见性编制了一些罗列处各种常见密码的字典,这对那些有志于破解他人密码的人来说可说是找到了福音。But although researchers know that passwords are insecure, working out just how insecure has been difficult.但即使研究人员已经知道了密码不安全,要确切地给出个不安全系数却是很困难的。Many studies have only small samples to work on—a few thousand passwords at most.许多研究项目的对象只有一小块样本-最多只有几千个密码。Hacked websites such as RockYou have provided longer lists, but there are ethical problems with using hacked information, and its availability is unpredictable.像Rockyou这样被黑的网站能够提供更多的密码,但使用黑客盗取的密码不仅会引发道德问题上的争议,其可行性也是未知的。However, a paper to be presented at a security conference held under the auspices of the Institute of Electrical and Electronics Engineers, a New York-based professional body, in May, sheds some light.然而,在五月份由总部位于纽约的一个专业组织-电气电子协会持下召开了一场安全性研讨会议,会上公布的一份文件让我们看到了解决这个难题的一丝曙光。With the co-operation of Yahoo!, a large internet company, Joseph Bonneau of Cambridge University obtained the biggest sample to date—70m passwords that, though anonymised, came with useful demographic data about their owners.在一家大型网络公司-雅虎的协助下,剑桥大学的Joseph Bonneau得到了一份迄今为止最大的研究样本,虽然是匿名的,但是包含了其用户极为有用的人口学数据。Mr Bonneau found some intriguing variations.在这份样本中Mr Bonneau发现了一些有趣的差异。Older users had better passwords than young ones.相较于年轻用户,老用户设置的用户更好。People whose preferred language was Korean or German chose the most secure passwords; those who spoke Indonesian the least.母语为韩语或德语的用户所设置的密码安全系数最高,而说印尼语的最低。Passwords designed to hide sensitive information such as credit-card numbers were only slightly more secure than those protecting less important things, like access to games.被设置用来隐藏像信用卡卡号这样的敏感信息的密码,相比较于另外一些保护游戏登录入口这样不那么重要的信息所设置的密码,其安全性高不了多少。Nag screens that told users they had chosen a weak password made virtually no difference.那些提醒用户设置的密码安全性较低的唠叨屏幕其实没有什么作用。And users whose accounts had been hacked in the past did not make dramatically more secure choices than those who had never been hacked.相对于那些从没被黑过的,有过账户被黑经验的用户的安全防范意识也并没得到显著提高。But it is the broader analysis of the sample that is of most interest to security researchers.但是,对研究样本进行更为综合性的分析才是安全性研究人员的兴趣所在。For, despite their differences, the 70m users were still predictable enough that a generic password dictionary was effective against both the entire sample and any demographically organised slice of it.因为尽管存在各种差异,但是通过分析样本中那7000万用户的资料还是可以预见到,一部通用的密码暴力破解字典就能够有效应付这一整个样本,或者任何根据某项人口学特征而从中抽取的一小块资料。Mr Bonneau is blunt: An attacker who can manage ten guesses per account…will compromise around 1% of accounts.Mr Bonneau直言不讳地说:只要每个账号给破解者10次猜测密码的机会...会有大约1%的密码被破解。And that, from the hackers point of view, is a worthwhile outcome.这在黑客看来绝对值得一试。One obvious answer would be for sites to limit the number of guesses that can be made before access is blocked, as cash machines do.对网站而言,很显然,他们可以在系统上进行类似于ATM机的设置:一旦密码输入错误次数达到规定者,即封锁登录入口。Yet whereas the biggest sites, such as Google and Microsoft, do take such measures,many do not.然而,只有谷歌、微软这样的大型网站采取了类似的措施,很多其他网站对此不以为意。A sample of 150 big websites examined in 2010 by Mr Bonneau and his colleague Sren Preibusch found that 126 made no attempt to limit guessing.在2010年,Mr Bonneau和他的同事Sren Preibusch曾对一份囊括了150家大型网站的样本做过调查,结果显示其中126家并没有对密码输入错误次数作出限制。How this state of affairs arose is obscure.这种状况的状况的出现实在是令人费解。For some sites, laxity may be rational, since their passwords are not protecting anything particularly valuable, such as credit-card details.对一些站点来说,在安全防范上的相对松弛是可以理解的,因为它们站设置的密码并非为了保护类似信用卡信息这样特别重要的内容。But password laxity imposes costs even on sites with good security, since people often use the same password for several different places.但即使对拥有良好安全防范措施的网站来说,密码系统上的疏于防范也会大大增加花费,因为人们喜欢在多个地方使用同一个密码。One suggestion is that lax password security is a cultural remnant of the internets innocent youth—an academic research network has few reasons to worry about hackers.有一种说法认为他们在密码上防范疏松的做法乃是源于网上那群不谙世事的年青一代的文化特征-一个专门用于学术研究的网络几乎不需担心黑客入侵。Another possibility is that because many sites begin as cash-strapped start-ups, for which implementing extra password security would take up valuable programming time, they skimp on it at the beginning and then never bother to change.还有一种可能是许多网站在建站初期都面临资金短缺的问题,而为系统配上更安全的保护措施会消耗大量宝贵的编程时间,因此他们一开始就在这一步上偷工减料,然后再也懒得去加以改善了。But whatever the reason, it behoves those unwilling to wait for websites to get their acts together to consider the alternatives to traditional passwords.无论原因何在,与其等待所有网站都建立起一个完善的密码保护系统的那一天到来,不如由我们自己想出一个传统密码的替代方案。One such is multi-word passwords called passphrases.其中一种选择是使用密码组,Using several words instead of one means an attacker has to guess more letters, which creates more security—but only if the phrase chosen is not one likely to turn up, through familiar usage, in a dictionary of phrases.它由多个词组合起来形成,使用多个词而不是一个词用作密码的优势在于:这使得破解者需要猜出更多的字母,从而提高了密码的安全性-但前提是选择的词组不能是词典里经常出现的惯用语,Which, of course, it often is.可惜这个前提常常未被满足。Mr Bonneau and his colleague Ekaterina Shutova have analysed a real-world passphrase system employed by Amazon, an online retailer that allowed its American users to employ passphrases between October and February 2012.Mr Bonneau和他的同事Ekaterina Shutova曾经研究过一个真实的密码组系统,该系统由网上零售商Amazon使用,Amazon曾与年10月至2012年2月间允许他们的用户使用密码组作为密码。They found that, although passphrases do offer better security than passwords, they are not as good as had been hoped.他们发现,密码组虽然较一般密码而言安全性更高,但实际效果并不如预期中好。A phrase of four or five randomly chosen words is fairly secure. But remembering several such phrases is no easier than remembering several randomly chosen passwords.用一串由4,5个随机选择的词组合成密码是相当安全的,但问题是记住这样一些组合并不比那些随机选择的密码容易。Once again, the need for memorability is a boon to attackers.又一次,密码需具备易记性成为了破解者的福音。By scraping the internet for lists of things like film titles, sporting phrases and slang, Mr Bonneau and Dr Shutova were able to construct a 20,656-word dictionary that unlocked 1.13% of the accounts in Amazons database.通过在网上一点点搜集像电影名,体育相关用语和俚语这样的一个个词组,Mr Bonneau和Dr Shutova编制了一部囊括了20,656个词的字典,它已经成功开启了Amazon数据库里1.13%的账号。The researchers also suspected that even those who do not use famous phrases would still prefer patterns found in natural language over true randomness.研究人员还怀疑,即使是那些不使用著名短语的,他们也会更倾向于按照自然语言中得模式而不会安全基于随机性。So they compared their collection of passphrases with two-word phrases extracted at random from the British National Corpus, and from the Google NGram Corpus.所以他们将收集的密码组同从英国国家语料库中随机选取的两词组合短词,还有google的Google NGram Corpus进行了比较。Sure enough, they found considerable overlap between structures common in ordinary English and the phrases chosen by Amazons users.果然,他们发现在惯常英语中得常见结构与Amazon的用户所选的短语间出现了一定程度的重叠。Some 13% of the adjective-noun constructions which the researchers tried were on the money, as were 5% of adverb-verb mixes.在研究人员分析的样本里面,在与金钱有关的组合中,有13%的形容词-名词,而副词-动词则达到了5%。One way round that is to combine the ideas of a password and a passphrase into a so-called mnemonic password.一个折中的解决办法是将普通密码和密码组的概念揉合成一种所谓的助记性密码,This is a string of apparent gibberish which is not actually too hard to remember.它是一种看起来莫名其妙的字符串,但实际上要记住并不太难。It can be formed, for example, by using the first letter of each word in a phrase, varying upper and lower case, and substituting some symbols for others—8 for B, for instance.助记性密码可以这样形成:挑出一个词组里每个单词的第一个字母,可以将其中一些进行大小写变化,另外一些则用某些符号来代替,例如8代替B。Even mnemonic passwords, however, are not invulnerable.然而,助记密码也并非是牢不可破的。A study published in 2006 cracked 4% of the mnemonics in a sample using a dictionary based on song lyrics, film titles and the like.在2006年就有一项公布的研究成果显示一个样本里4%的助记密码遭到破解,手段是利用一部基于歌词,电影名及相似内容的字典。The upshot is that there is probably no right answer.看来这个难题是找不到完美的了。All security is irritating,and there is a constant tension between peoples desire to be safe and their desire for things to be simple.任何安全措施都是烦人的。在人们对安全的需求及万事从简的愿望间存在着不可调和的矛盾。While that tension persists, the hacker will always get through.只要这种矛盾存在,黑客们就总能找到. /201403/279627。
分页 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29