Kamfanin Tsaro na farkawa game da ganowa zuwa Google Chrome, aika bayanan mai amfani na sirri zuwa sabar waje. Add-ons kuma sun sami damar ɗaukar hotunan kariyar kwamfuta, karanta abubuwan da ke cikin faifan allo, nazarin kasancewar alamun shiga cikin Kukis, da shigar da bayanai a cikin sifofin yanar gizo. Gabaɗaya, add-ons ɗin da aka gano suna da abubuwan zazzagewa miliyan 32.9 a cikin Shagon Yanar Gizo na Chrome, kuma mafi mashahuri (Mai sarrafa Bincike) an zazzage shi sau miliyan 10 kuma ya haɗa da sake dubawa dubu 22.
An ɗauka cewa duk abubuwan da aka yi la'akari da su an shirya su ne ta ƙungiyar maharan guda ɗaya, tun da duka makirci na yau da kullun don rarrabawa da tsara kama bayanan sirri, da abubuwan ƙira na gama gari da maimaita lambar. tare da lambar qeta an sanya su a cikin kasidar Store na Chrome kuma an riga an share su bayan aika sanarwa game da ayyukan mugunta. Yawancin add-ons masu ɓarna sun kwafi ayyukan shahararrun add-kan daban-daban, gami da waɗanda ke da nufin samar da ƙarin tsaro na bincike, haɓaka sirrin bincike, jujjuyawar PDF, da jujjuya tsari.
Masu haɓaka ƙarawa sun fara buga sigar tsabta ba tare da lambar ƙeta ba a cikin Shagon Chrome, sun yi bitar takwarorinsu, sannan kuma sun ƙara canje-canje a ɗayan sabuntawar da ke loda lamba mara kyau bayan shigarwa. Don ɓoye alamun ayyukan mugunta, an kuma yi amfani da dabarar amsa zaɓaɓɓiyar - buƙatun farko sun dawo da zazzagewar mugunta, kuma buƙatun na gaba sun dawo da bayanan da ba su da tabbas.
Babban hanyoyin da mugayen add-ons ke yadawa shine ta hanyar haɓaka shafukan ƙwararru (kamar yadda yake cikin hoton da ke ƙasa) da kuma sanyawa a cikin Shagon Yanar Gizon Chrome, ketare hanyoyin tabbatarwa na gaba zazzage lamba daga shafukan waje. Don ketare hani kan shigar da add-ons kawai daga Shagon Yanar Gizo na Chrome, maharan sun rarraba majalisu daban-daban na Chromium tare da shigar da abubuwan da aka riga aka shigar, sannan kuma sun shigar da su ta aikace-aikacen talla (Adware) da aka rigaya a cikin tsarin. Masu bincike sun binciki hanyoyin sadarwa 100 na kudi, kafofin watsa labaru, likitanci, magunguna, kamfanonin mai da iskar gas da na kasuwanci, da cibiyoyin ilimi da na gwamnati, kuma sun sami alamun kasancewar abubuwan add-ons masu cutarwa a kusan dukkanin su.
A lokacin kamfen don rarraba add-ons masu mugunta, fiye da , haɗuwa tare da shahararrun shafuka (misali, gmaille.com, youtubeunblocked.net, da dai sauransu) ko rajista bayan ƙarewar lokacin sabuntawa don wuraren da ake da su a baya. An kuma yi amfani da waɗannan wuraren a cikin kayan aikin sarrafa ayyukan mugunta da kuma zazzage abubuwan shigar da JavaScript na ɓarna waɗanda aka aiwatar a cikin mahallin shafukan da mai amfani ya buɗe.
Masu bincike sun yi zargin wani makirci tare da mai rejista yankin Galcomm, wanda aka yi rajistar yankuna 15 don ayyukan mugunta (60% na duk wuraren da wannan mai rejista ya bayar), amma wakilan Galcomm. Waɗannan zato sun nuna cewa 25% na wuraren da aka jera an riga an share su ko kuma Galcomm ba ta bayar da su ba, sauran kuma, kusan duk wuraren fakin da ba sa aiki. Wakilan Galcomm sun kuma bayar da rahoton cewa, babu wanda ya tuntube su kafin a bayyana rahotan a bainar jama'a, kuma sun samu jerin sunayen wuraren da aka yi amfani da su wajen yin munanan ayyuka daga wani bangare na uku kuma yanzu suna gudanar da bincike a kansu.
Masu binciken da suka gano matsalar sun kwatanta abubuwan da suka ƙeta tare da sabon rootkit - babban aikin masu amfani da yawa ana aiwatar da su ta hanyar mai bincike, ta inda suke samun damar ajiyar daftarin aiki da aka raba, tsarin bayanan kamfanoni da sabis na kuɗi. A cikin irin wannan yanayi, babu ma'ana ga maharan su nemi hanyoyin da za su lalata tsarin aiki gaba ɗaya don shigar da rootkit mai cikakken aiki - yana da sauƙin shigar da ƙari mai ɓarna da sarrafa bayanan sirri ta hanyar. shi. Baya ga saka idanu akan bayanan wucewa, ƙari na iya buƙatar izini don samun damar bayanan gida, kyamarar yanar gizo, ko wuri. Kamar yadda aikin ya nuna, yawancin masu amfani ba sa kula da izinin da aka nema, kuma kashi 80% na shahararrun add-ons 1000 suna buƙatar samun damar shiga bayanan duk shafukan da aka sarrafa.
source: budenet.ru