[新聞] 英國立法封殺強度過低的預設&通用密碼

備註請放最後面 違者新聞文章刪除 1.媒體來源: 外媒 techtimes.com 2.記者署名: Aldohn Domingo 3.完整新聞標題: World's First: UK to Officially Ban Weak Passwords 世界首創：英國封殺弱雞密碼 No more common passwords. 不再存在通用密碼 4.完整新聞內文: World's First: UK to Officially Ban Weak Passwords No more common passwords. Aldohn Domingo, Tech Times 28 April 2024, 10:04 pm The United Kingdom is reportedly set to crack down on common and weak passwords, requiring manufacturers of internet-connected devices to direct users to change commonly used security keys. The new legislation is also set to make security and update reports clearer. 全球首個：英國正式禁止弱密碼 不再有通用密碼。 科技時報 奧爾多恩·多明戈2024 年 4 月 28 日，晚上 10:04 據報道，英國將打擊 常用密碼和弱密碼，要求網路連接設備製造商指導用戶更改常用的 安全密鑰。 新立法還旨在使安全和更新報告更加清晰。 The PSTI regime, or Product Security and Telecommunications Infrastructure, plans to impose minimal requirements that must be met to avoid penalties. According to the government, the regulations are a "world first" that will guard UK businesses and consumers against cybercrime and increase security. PSTI 制度（即產品安全和電信基礎設施）計畫實施必須滿足的最低要求，以避免處罰。 據政府稱，這些法規是“世界首創”，將保護英國企業和消費者免受網路犯罪並提高安全 性。 As a result, producers of various electronics, including phones, TVs, and smart doorbells, are now obligated, by law, to safeguard internet-connected gadgets from hackers and remind consumers to update any default passwords. Cyber Security Concerns In The Global Wake of Hacking Threat 因此，根據法律，包括手機、電視和智慧門鈴在內的各種電子產品的生產商現在有義務保 護連網設備免受駭客攻擊，並提醒消費者更新任何預設密碼。 全球駭客威脅引發的網路安全擔憂 Brands must provide contact details and maintain transparency regarding the timing of security upgrades to facilitate bug and concern reporting. 品牌必須提供聯絡方式並保持安全升級時間的透明度，以方便報告錯誤和問題。 At a time when hackers are attacking consumers and businesses more frequently than ever, the new safeguards are anticipated to increase people's confidence in purchasing and using technology. According to the Department for Science, Innovation, and Technology (DSIT), more than half of UK households reportedly have a voice assistant, such as Alexa. 在駭客比以往任何時候都更頻繁地攻擊消費者和企業之際，新的保護措施預計將增強人們 購買和使用科技的信心。 據科學、創新和技術部 (DSIT) 稱，據報道，超過一半的英國家庭擁有 Alexa 等語音助 理。 According to reports, home networks typically included nine devices. These can include web-enabled toys or remotely controlled equipment such as stoves, refrigerators, radiators, and standard broadband routers. Since their widespread use, an increasing number of hackers have gained control of these devices and abused them—sometimes secretly photographing or recording, spying on individuals, or stealing personal information. 據報道，家庭網路通常包括九個設備。 這些可以包括連網玩具或遠端控制設備，例如爐灶、冰箱、散熱器和標準寬頻路由器。 自從它們廣泛使用以來，越來越多的駭客控制了這些設備並濫用它們—有時秘密拍照或 錄音、監視個人或竊取個人資訊。 Experts Weigh In According to security expert Ken Munro of Pen Test Partners, a company that conducts ethical hacking against smart gadgets, the new regulation is a positive move. He also said it has historically been far too simple for manufacturers to discontinue support for older models when they introduced new ones, and it would be helpful for buyers to compare the number of years of support that a product was guaranteed to provide. 專家參與 針對智慧型裝置進行道德駭客攻擊的 Pen Test Partners 公司的安全專家 Ken Munro 表 示，新規定是一項積極舉措。 他還表示，從歷史上看，製造商在推出新型號時停止對舊型號的支援太簡單了，買家比較 產品保證提供的支援年限將很有幫助。 According to him, a manufacturer prioritizing cyber-security could be indicated by a more extended support period. Jonathan Berry, the minister of science and technology, said the risks posed by the internet grow as our daily lives depend more and more on linked gadgets. 據他介紹，製造商優先考慮網路安全可能會透過更長的支援期來體現。 科技部長喬納森·貝裡 (Jonathan Berry) 表示，隨著我們的日常生活越來越依賴連網設 備，網路帶來的風險也在增加。 UK on Cyberattacks The United Kingdom's Government Communications Headquarters issued a warning about cyberattacks and artificial intelligence in January, stating that as these technologies advance, cyberattacks are likely to increase in frequency. This makes the new cybersecurity-focused legislation timely. 英國應對網路攻擊 英國政府通訊總部在一月份發布了有關網路攻擊和人工智慧的警告，指出隨著這些技術的 進步，網路攻擊的頻率可能會增加。 這使得新的以網路安全為重點的立法非常及時。 In the next two years, AI may make it simpler for inexperienced hackers to wreak havoc online, according to a recent warning about ransomware attacks and phishing scams that potentially affect the entire world. The article asserts, in particular, that threat actors' social engineering skills will be enhanced by artificial intelligence. 根據最近關於可能影響整個世界的勒索軟體攻擊和網路釣魚詐騙的警告，未來兩年，人工 智慧可能會讓缺乏經驗的駭客更容易在網路上造成嚴重破壞。 文章特別斷言，威脅行為者的社會工程技能將透過人工智慧得到增強。 Genetic artificial intelligence (GenAI) can enable convincing contact with victims, including creating lure documents without requiring translation, spelling, or grammar checks, often signs of phishing. 基因人工智慧 (GenAI) 可以與受害者建立令人信服的聯繫，包括建立誘餌文檔，而無需 翻譯、拼字或語法檢查（通常是網路釣魚的跡象）。 5.完整新聞連結 (或短網址)不可用YAHOO、LINE、MSN等轉載媒體: https://reurl.cc/Gjx26A 6.備註: 英國厲害了，客服準備被全線打爆。銀髮人士又開不了啦！ -- ※ 發信站: 批踢踢實業坊(ptt.cc), 來自: 1.34.17.2 (臺灣) ※ 文章網址: https://www.ptt.cc/bbs/Gossiping/M.1714478222.A.C86.html