An gano haɗin haɗin TLS tare da boye-boye na yarjejeniyar saƙon nan take XMPP (Jabber) (Man-in-the-Middle harin) akan sabar sabis ɗin jabber.ru (aka xmpp.ru) akan masu ba da sabis na Hetzner da Linode a Jamus. .
Maharin ya ba da sabbin takaddun shaida na TLS da yawa ta amfani da sabis ɗin Let's Encrypt, waɗanda aka yi amfani da su don shiga ɓoyayyen haɗin STARTTLS akan tashar jiragen ruwa 5222 ta amfani da wakili na MiTM na gaskiya. An gano harin ne sakamakon karewar daya daga cikin takardar shaidar MiTM, wanda ba a sake bayar da shi ba.
Ba a sami alamun satar sabar uwar garken ko hare-hare ba a sashin cibiyar sadarwa; maimakon haka, akasin haka: an saita karkatar da zirga-zirga a cikin hanyar sadarwar mai ba da sabis.
source: linux.org.ru