在購買Wi-Fi路由器的時候,你很可能不會優(yōu)先考慮強大的網(wǎng)絡安全性。
After all, when we think about wireless connectivity in our homes, most of us generally care more about speed of data transmissions and how much range the router can cover.
畢竟,當我們在考慮家里的無線連接時,大多數(shù)人基本上都會更加關(guān)心數(shù)據(jù)傳輸?shù)乃俣纫约奥酚善鞯母采w范圍。
But it’s time to change our views. Network security needs to be high on our list of considerations because a Wi-Fi station is the gateway for devices to get on the internet. If your router is infected with malicious software, all your internet-connected devices become vulnerable, including your smartphone, computer, smartwatch, television and Amazon Echo.
但現(xiàn)在是時候改變我們的觀點了。在我們的考慮中,網(wǎng)絡安全應該排行更高,因為Wi-Fi工作站就是設(shè)備入網(wǎng)的關(guān)口。如果你的路由器受到了惡意軟件感染,那么你所有聯(lián)網(wǎng)的設(shè)備都容易受到攻擊,包括你的手機、電腦、智能手表、電視和亞馬遜Echo。
Our remedy? For starters, make sure your Wi-Fi station is always running the latest version of its firmware, or software system, just as you are supposed to keep operating systems up-to-date for your smartphone and computer. In a 2014 survey of IT professionals and employees who work remotely conducted by the security firm Tripwire, only 32 percent said they knew how to update their routers with the latest firmware.
我們的應對措施?首先,確保你的Wi-Fi工作站所運行的固件或軟件系統(tǒng)是最新版本,就好比你的手機和電腦也應該運行最新的操作系統(tǒng)一樣。2014年,由安全公司Tripwire在IT專業(yè)人士以及遠程工作者中展開的調(diào)查顯示,只有32%的人表示他們知道如何為路由器更新最新的固件。
“Most consumers don’t know to patch these things,” said Matt Watchinski, a senior director of Cisco Talos, who helped research the VPNFilter malware. “They don’t treat it like they do their air-conditioner or refrigerator, where we all know we should change the filters.”
“大部分用戶都不知道如何為這些產(chǎn)品安裝補丁,”思科(Cisco)Talos團隊的高級主管馬特·沃琴斯基(Matt Watchinski)說,他曾參與對惡意軟件VPNFilter的研究。“他們不像是對待空調(diào)或冰箱一樣,大家都知道自己應該更換濾網(wǎng)。”
Here’s a guide to some of the best practices you can embrace to ensure that your router — and, by extension, all your internet gadgets — is safe.
為了確保你的路由器以及由此擴展開來的所有互聯(lián)網(wǎng)設(shè)備的安全,下面是你可以采用的一些最佳方法指南。
Even though a router lacks moving parts, it needs to be maintained with the latest security updates. Easier said than done, right? Here is a basic step-by-step for how to do that:
雖然路由器沒有活動部件,但也需要使用最新的安全更新進行維護。說得容易做來難,對吧?以下便是基本的詳細操作步驟:
— Consult the instruction manual for your router to get its IP address, a string of numbers that you will punch into a web browser for access to the router’s web dashboard. Jot down the number and store it somewhere safe like your filing cabinet.
——請查閱路由器的使用說明書以獲取它的IP地址,你需要在一個網(wǎng)頁瀏覽器內(nèi)輸入這串數(shù)字,由此進入路由器的網(wǎng)頁控制臺。請記下這串數(shù)字,并將其保存在安全的地方,比如你的文件柜中。
— After entering the router’s IP address into a web browser, log in to the base station with your username and password. In the router’s web dashboard, click on the firmware settings. Look for a button that lets you check for the latest firmware version.
——將路由器的IP地址輸入網(wǎng)頁瀏覽器后,使用你的用戶名和密碼登陸基站。在路由器的網(wǎng)頁控制臺中,點擊固件設(shè)置。找到一個可以查看到最新固件版本的按鈕。
— If an update is available, choose to install it and let the router restart. Repeat this process every three to six months.
——如果有更新可用,選擇安裝并讓路由器重啟。每三到六個月重復一次這個過程。
When you log in to your router, if your username and password are something like “admin” and “password,” you have a problem. Many Wi-Fi stations come with weak, generic passwords by default that manufacturers intend for you to change.
登錄路由器時,如果你的用戶名和密碼是類似于“admin”和“password”的東西,就有問題。很多Wi-Fi站點默認的普通密碼安全性弱,廠商想讓你自行修改。
The problem with having a weak username and password is that anybody within range of your router could log in to it and change its settings, potentially opening it up to the outside world, said Dave Fraser, chief executive of Devicescape,a company that helps make public Wi-Fi networks more reliable for mobile phone service.
Devicescape公司首席執(zhí)行官戴夫·弗雷澤(Dave Fraser)說,用戶名和密碼安全性弱存在的問題是,處在路由器信號范圍內(nèi)的任何人都可以登錄并更改設(shè)置,這可能會導致路由器向外部世界開放。他的公司的業(yè)務包括改進公共Wi-Fi網(wǎng)絡,讓它們在移動電話服務方面更可靠。
So while you are checking for firmware updates in your router’s web dashboard, make sure to also check your security settings and change the username and password to something strong and unique. Security experts recommend creating long, complex passwords consisting of nonsensical phrases and added numbers and special characters. (Examples: My fav0rite numb3r is Gr33n4782# or The cat ate the C0TT0n candy 224%.) Write down these credentials on the same piece of paper where you recorded your IP address.
因此,在路由器的網(wǎng)站頁面上檢查固件更新時,一定要檢查你的安全設(shè)置,并修改用戶名和密碼,改成安全性強且獨特的用戶名和密碼。安全專家建議創(chuàng)建復雜的長密碼,由沒有意義的短語、中間插入的數(shù)字和特殊符號組成(比如“My fav0rite numb3r is Gr33n4782#”或“The cat ate the C0TT0n candy 224%”)。把它們和你的IP地址記在同一張紙上。
Even if your router still appears to work properly, the device has reached the end of its life when manufacturers stop supporting it with firmware updates, leaving it vulnerable to future cyberthreats. You can expect this to happen every three to five years. At that point, it is crucial to upgrade to a new piece of hardware.
當廠商停止提供固件更新時,即使路由器看上去仍在正常工作,它也已經(jīng)到了生命的盡頭,因為固件不更新會導致它將來易受網(wǎng)絡威脅的攻擊。這種情況每三到五年就會發(fā)生一次。此時,升級成新的硬件至關(guān)重要。
The best way to check is to look up your router on the manufacturer’s website and read notes about its firmware releases. If there hasn’t been a firmware update in the last year, the router has probably been discontinued.
最好的檢查辦法是在廠商的網(wǎng)站上查找你使用的路由器,并閱讀有關(guān)其固件發(fā)布的通知。如果過去一年都沒有固件更新,這款路由器可能已經(jīng)停產(chǎn)了。
If it is time to update your router, check for Wi-Fi systems that offer automatic updates to spare you the headache of having to check and download updates periodically. Many modern Wi-Fi systems include automatic updates as a feature. My favorite ones are Eero and Google Wifi, which can easily be set up through smartphone apps.
該升級路由器的時候,看看那些提供自動更新的Wi-Fi系統(tǒng),這樣你就不必為必須定期檢查和下載更新而頭疼了。許多現(xiàn)代Wi-Fi系統(tǒng)都有自動更新功能。我最喜歡的是Eero和Google Wifi,它們可以通過智能手機應用程序輕松設(shè)置。
The caveat is that smarter Wi-Fi systems tend to cost more than cheap routers that people are accustomed to. Eero’s base stations start at $199, and a Google Wifi station costs $119, compared with $50 for a cheap router. For both of these systems, you can also add base stations throughout the home to extend their wireless connections, creating a so-called mesh network.
需要注意的是,智能Wi-Fi系統(tǒng)大多比人們熟悉的廉價路由器更貴。Eero基站的起價為199美元,Google Wifi基站的起價為119美元,而便宜的路由器只要50美元。對于這兩個系統(tǒng),你還可以在整個家中添加基站,以擴展無線連接,創(chuàng)建一個所謂的網(wǎng)狀網(wǎng)絡。
Another bonus? Fraser noted that more modern Wi-Fi systems should have longer life spans because the companies sometimes relied on different revenue streams, like selling subscriptions to network security services.
另一個好處是什么?弗雷澤指出,更現(xiàn)代的Wi-Fi系統(tǒng)壽命應該更長,因為這些公司有時依賴不同的收入來源,比如網(wǎng)絡安全服務訂購。