Masu haɓaka dandamali don rarraba saƙon Matrix sun ba da sanarwar rufewar gaggawa na sabobin Matrix.org da Riot.im (babban abokin ciniki na Matrix) saboda kutse na kayan aikin. Kashewar farko ta faru ne a daren jiya, bayan an dawo da sabobin kuma an sake gina aikace-aikacen daga tushe. Amma 'yan mintoci kaɗan da suka gabata an yi sulhu da sabobin a karo na biyu.
Maharan sun buga a babban shafi na aikin dalla-dalla game da tsarin uwar garken da bayanai game da kasancewar rumbun adana bayanai tare da hashes kusan miliyan biyar da rabi masu amfani da Matrix. A matsayin shaida, zaton kalmar sirri na jagoran aikin Matrix yana samuwa ga jama'a. An buga lambar rukunin yanar gizon da aka gyara a cikin ma'ajiyar maharan akan GitHub (ba a cikin ma'ajin matrix na hukuma ba). Ba a samu cikakkun bayanai game da hack na biyu ba tukuna.
Bayan hack na farko, ƙungiyar Matrix ta buga rahoto da ke nuna cewa an yi hack ɗin ta hanyar lahani a cikin tsarin haɗin kai na Jenkins wanda ba a sabunta ba. Bayan samun damar shiga uwar garken Jenkins, maharan sun katse maɓallan SSH kuma sun sami damar shiga wasu sabar kayan aikin. An bayyana cewa harin bai shafi lambar tushe da kunshin ba. Har ila yau harin bai shafi sabar Modular.im ba. Amma maharan sun sami damar shiga babban DBMS, wanda ya ƙunshi, da sauran abubuwa, saƙonnin da ba a ɓoye ba, alamun shiga da hashes.
An umurci duk masu amfani da su canza kalmomin shiga. Amma a cikin aiwatar da canza kalmomin shiga a cikin babban abokin ciniki na Riot, masu amfani sun fuskanci bacewar fayiloli tare da kwafin maɓallan maɓalli don maido da rufaffen wasiku da rashin samun damar shiga tarihin saƙonnin da suka gabata.
Bari mu tuna cewa dandamali don tsara tsarin sadarwar da ba a san shi ba ana gabatar da Matrix azaman aikin da ke amfani da buɗaɗɗen ka'idoji kuma yana ba da kulawa sosai don tabbatar da tsaro da sirrin masu amfani. Matrix yana ba da ɓoyayyen ƙarshen-zuwa-ƙarshe bisa ingantacciyar siginar algorithm, yana tallafawa bincike da kallon mara iyaka na tarihin wasiƙa, ana iya amfani da shi don canja wurin fayiloli, aika sanarwa, tantance kasancewar mai haɓaka kan layi, tsara tarho na tarho, yin murya da kiran bidiyo. Hakanan yana goyan bayan fasalulluka na ci gaba kamar buga sanarwar, karanta tabbatarwa, sanarwar turawa da binciken gefen uwar garken, aiki tare da tarihin abokin ciniki da matsayi, zaɓuɓɓukan ganowa daban-daban (imel, lambar waya, asusun Facebook, da sauransu).
source: budenet.ru