angT_2100_00_02C
Citizenship and virtual worlds
anglais
32
Citizenship and virtual worlds Sujet zéro 2020
Hacking for better or for worse
compréhension de l'oral • compréhension de l'écrit • expression écrite
Intérêt du sujet • Les hackers sont généralement perçus comme des hors-la-loi. Et s'ils mettaient au contraire leurs talents au service des entreprises et du public ?
Vous disposez d'abord de 5 minutes pour prendre connaissance de l'intégralité du sujet. Puis vous écouterez 3 fois le document 1. À l'issue de la 3e écoute, vous organiserez votre temps comme vous le souhaitez pour traiter la compréhension de l'oral, la compréhension de l'écrit et un sujet d'expression écrite.
Document 2Would you click for a free gift? Businesses phish their own workers
“A Gift for You,” the email said. “All WakeMed employees and contractors are eligible for a holiday gift. Please using the link below to claim your gift!”
It was among the thousands of surprise emails that land in employee in-boxes throughout the region on a clockwork timetable, offering something for free or requiring an urgent response from a bank or government agency. These time-sensitive messages are crafted and sent to workers by the companies themselves, often mimicking suspicious email trapped in spam filters, to see how many employees are caught off-guard and potentially vulnerable to data breaches.
Data security experts say that large organizations routinely spam their own employees to test their systems for human vulnerability. Several North Carolina employers described the process to The News and Observer and explained the rationale behind it.
The companies stressed that their intention is not to embarrass or punish the employees, but to make sure they are properly trained in data security precautions. Workers who fall for the ploy are required to take online training or participate in some other activity to hone their skills.
At WakeMed Health & Hospitals, the Christmas gift offer was sent to all 9,600 employees on Dec. 4 at 10:08 a.m. One clue that the message was fishy was the clumsy grammatical error: “Please using the link…”
Sloppy grammar is one of the weaknesses of cyber-thieves, and a clue that your email is not friendly.
Most of WakeMed's health care workers knew better than to claim their gift, according to company officials. But hundreds did click on the link.
Those employees are none too happy about getting outed.
John Murawski, www.newsobserver.com, 25 January 2019 (adapted)
Document 3
In the worldwide community of hackers, Hiro is a talented drifter. This is the kind of lifestyle that sounded romantic to him as recently as five years ago. But in the bleak light of full adulthood, which is to one's early twenties as Sunday morning is to Saturday night, he can clearly see what it really amounts to: he's broke and unemployed. And a few short weeks ago, his tenure as pizza deliverer – the only pointless dead-end job he really enjoys – came to an end. Since then, he's been putting a lot more emphasis on his auxiliary emergency backup job: freelance stringer for the CIC, the Central Intelligence Corporation of Langley, Virginia.
The business is a simple one. Hiro gets information. It may be gossip, videotape, audiotape, a fragment of a computer disk, a copy of a document. It can even be a joke based on the latest highly publicized disaster.
He uploads it to the CIC database – the Library, formerly the Library of Congress1, but no one calls it that anymore. Most people are not entirely clear on what the word “congress” means. And even the word “library” is getting hazy. It used to be a place full of books, mostly old ones. Then they began to include videotapes, records, and magazines. Then all of the information got converted into machine-readable form, which is to say, ones and zeroes.
And as the number of media grew, the material became more up to date, and the methods for searching the Library became more and more sophisticated, it approached the point where there was no substantive difference between the Library of Congress and the Central Intelligence Agency (CIA). Fortuitously, this happened just as the government was falling apart anyway. So they merged.
Millions of other CIC stringers are uploading millions of other fragments at the same time. CIC's clients, mostly large corporations and Sovereigns, rifle through the Library looking for useful information, and if they find a use for something that Hiro put into it, Hiro gets paid.
Neal Stephenson, Snow Crash, 1992 (adapted)
1. The Library of Congress is the research library that serves the United States.
Compréhension de l'oral 10 points
Vous ferez le compte rendu en français du document 1 (vidéo).
Compréhension de l'écrit 10 points
Answer the following questions in English.
▶ 1. Documents 2 et 3. Give an account of the two texts, in English.
▶ 2. Documents 1, 2 et 3. Consider the three documents (1, 2 and 3) and compare the uses of hacking that are presented in the dossier.
Expression écrite 10 points
Vous traiterez, en anglais, un seul des deux sujets suivants, au choix. Répondez en 120 mots au moins.
Sujet A
A company wants to hire Hiro to protect its data against hacking. Write the recruiter's e-mail.
Sujet B
These are some of the reactions collected in street interviews about data protection. Which one corresponds best to your own views? Justify your choice.
Les clés du sujet
Compréhension de l'oral
Identifier les caractéristiques clés du document (1re écoute)
Affiner sa compréhension (2e et 3e écoutes)
Compréhension de l'écrit
Comprendre les documents
Organiser ses réponses
▶ 1. Commencez en évoquant le problème auquel certaines entreprises font face : certains employés sont à l'origine de failles du système de sécurité car ils se laissent tenter par des mails d'hameçonnage. Puis, évoquez le cas précis de WakeMed, qui piège ses propres employés pour trouver les maillons faibles.
▶ 2. Le texte, roman de science-fiction publié il y a 30 ans, aborde des faits de société actuels. Résumez les informations que vous trouvez sur le personnage principal, puis décrivez son activité avec (pour l'implicite) l'utilisation que peut faire un organisme comme la CIA de données aussi personnelles que celles qu'Hiro hacke.
Expression écrite
Sujet A
Key ideas. Use the information you already have about Hiro: who he works for, what he is good at, what motivates him. Think about the arguments that may be used to attract him. The ethical one may prove unexpected, but money is obviously his main motivation.
A few tools. Start by introducing yourself as the writer of the email, then explain how you heard about Hiro, what your problem is and how you think he can help you solve it.
Sujet B • Key ideas and a few tools
Compréhension de l'oral
Script
Gloria Macarenko: Their intellectual powers are often used for evil, but there is a whole world of hackers out there using their skills for good. Here's online and interactive reporter, Theresa Lalonde
Theresa Lalonde (voice over): In the movies, hacking looks easy: a few keystrokes and the secrets are out. In real life, computer security experts spend countless hours learning all they can about the systems we use.
Theresa Lalonde: They don't wear white hats or capes, but they are cyberheroes. These are the hacking elite finding new ways to keep your laptop and your mobile phone safe.
Aaron Portnoy: White hats would be considered the security researchers who work on a defensive side, or who responsibly disclose vulnerabilities, which means, you find the way to hack into someone's computer, and instead of using it, you report it to Microsoft, you say “please patch this, I'm not going to tell anyone until you're done”.
Theresa Lalonde (voice over): This week, 500 security researchers from all over the world are here in Vancouver for a conference, and there is a contest called “Pwn2Own”. Pwn is a video gaming term meaning to conquer, its aim is to see who can find the most holes in today's popular systems in mobile phones.
Aaron Portnoy: This contest attempts to show to vendors, to the public, to pretty much the community at large that, pretty much exactly how unsafe they really are.
Theresa Lalonde (voice over): The winner gets $100,000. They also get the laptop and the phone they hacked. But the real winner? All of us! All the holes in this software are reported to the companies, so they can be patched up.
Proposition de compte rendu en français
Les hackers sont souvent perçus négativement. Pourtant, certains œuvrent pour le bien commun.
Être pirate informatique est bien plus difficile dans la vraie vie que dans les films. Ainsi, certains traquent sans relâche les failles dans les systèmes, et agissent comme des cyber-héros, en révélant aux entreprises ces failles pour qu'elles puissent améliorer les systèmes, au lieu d'en tirer un profit personnel.
À Vancouver, 500 experts du monde entier sont réunis pendant une semaine autour d'une conférence et d'un concours nommé « Pwn2Own » qui verra récompensé de 100 000 dollars, d'un ordinateur et d'un portable, celui qui aura détecté le plus de failles. Mais le vrai gagnant est le public, qui gagne en sécurité sur les systèmes qu'il utilise.
des points en +
PWN (prononcer comme pawn, le pion) est une entreprise de jeu canadienne. Le nom est un jeu de mots : pawn to own (« pion à posséder »).
Compréhension de l'écrit
▶ 1. As some companies face weaknesses in their security systems, WakeMed recently launched a phishing campaign in order to test its employees'vulnerability. Indeed, in spite of a grammatical mistake that should have acted as a warning, hundreds of them clicked on the link in the email, thus falling into the trap; yet their only risk is retraining.
▶ 2. After having a string of part time jobs most of his time, Hiro is now a hacker who browses the net in his spare time to make money. His goal is to find documents to upload to the “CIC” database – an organisation into which the Library of Congress and the CIA merged. He only gets paid if someone finds a use for the information he finds. This questions our data privacy and the complete disregard for it shown in Hiro's mentality.
Expression écrite
Sujet A
Dear Hiro,
Let me introduce myself: I work in Human Resources at BigDataBiz. I would like to expand our team of experts as we are facing more and more external threats, and I want to offer you a job.
vocabulaire
to expand : élargir
skills : compétences
asap (as soon as possible) : dès que possible
Indeed, a CIC member has told me about you and how efficient you are. This is exactly what we need in our company. We would like you to use your skills working for us, and for the security of our system.
We recognise how frustrated someone with your talent must feel with the limited financial gain you currently receive, but BigDataBiz can change all that! Of course, you could work from home, as you have always done. But the best thing would probably be to meet if you are interested. Let me know asap.
Mr Churn
(135 words)
Sujet B (2nd opinion)
Nowadays, the internet plays a big part in our lives. It is useful and convenient for trivial as well as serious activities such as job hunting, research, etc.
However, it is also dangerous. Our data is monitored constantly, which questions our privacy. Moreover, some people are victims of cyberbullying. Besides, algorithms allow fake news to expand exponentially, and we can no longer make the difference between what is true and what isn't.
Therefore, it is necessary to inform and educate people, so that they know more about online dangers, and also to put more regulations into place, be it by the state, by organisations (like the CNIL with its GDPR) or by the social networks themselves – so that the internet remains a safe virtual place.
des points en +
Le RGPD (GDPR en anglais) est un règlement de l'UE de 2016 qui régit l'utilisation des données numériques.
(124 words)