Cov neeg nyiag nkas tau siv qhov tshwj xeeb ntawm OpenPGP raws tu qauv uas tau paub ntau tshaj kaum xyoo.
Peb qhia koj tias lub ntsiab lus yog dab tsi thiab vim li cas lawv tsis tuaj yeem kaw.
/unsplash/
Network teeb meem
Hauv nruab nrab Lub Rau Hli, tsis paub
Hackers cuam tshuam cov ntawv pov thawj ntawm ob tus neeg saib xyuas GnuPG project, Robert Hansen thiab Daniel Gillmor. Thauj daim ntawv pov thawj tsis zoo los ntawm lub server ua rau GnuPG ua tsis tiav - lub kaw lus tsuas yog khov. Muaj qhov laj thawj ntseeg tias cov neeg tawm tsam yuav tsis tso tseg, thiab cov ntawv pov thawj tsis txaus ntseeg tsuas yog nce ntxiv. Tam sim no, qhov teeb meem ntawm qhov teeb meem tseem tsis paub.
Lub ntsiab ntawm kev tawm tsam
Hackers tau siv qhov zoo ntawm qhov tsis zoo hauv OpenPGP raws tu qauv. Nws tau paub rau cov zej zog ntau xyoo lawm. Txawm nyob ntawm GitHub
Ob peb xaiv los ntawm peb qhov blog ntawm Habre:
Raws li OpenPGP specification, leej twg tuaj yeem ntxiv kos npe digital rau daim ntawv pov thawj los txheeb xyuas lawv tus tswv. Ntxiv mus, qhov siab tshaj plaws ntawm kev kos npe tsis raug tswj nyob rau hauv txhua txoj kev. Thiab ntawm no muaj teeb meem tshwm sim - SKS network tso cai rau koj tso li 150 txhiab kos npe rau ntawm ib daim ntawv pov thawj, tab sis GnuPG tsis txhawb nqa tus lej ntawd. Yog li, thaum thauj daim ntawv pov thawj, GnuPG (nrog rau lwm qhov kev siv OpenPGP) khov.
Ib ntawm cov neeg siv
$ gpg --homedir=$PWD --recv C4BC2DDB38CCE96485EBE9C2F20691179038E5C6
gpg: key F20691179038E5C6: 4 duplicate signatures removed
gpg: key F20691179038E5C6: 54614 signatures not checked due to missing keys
gpg: key F20691179038E5C6: 4 signatures reordered
gpg: key F20691179038E5C6: public key "Daniel Kahn Gillmor <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
$ ls -lh pubring.gpg
-rw-r--r-- 1 filippo staff 17M 2 Jul 16:30 pubring.gpg
Txhawm rau ua qhov tsis zoo, OpenPGP cov servers tseem ceeb tsis tshem tawm cov ntaub ntawv pov thawj. Qhov no ua tiav kom koj tuaj yeem taug qab cov saw ntawm txhua qhov kev ua nrog daim ntawv pov thawj thiab tiv thaiv lawv cov kev hloov pauv. Yog li ntawd, nws tsis yooj yim sua kom tshem tawm cov ntsiab lus cuam tshuam.
Qhov tseem ceeb, SKS network yog "cov ntaub ntawv server" loj uas leej twg tuaj yeem sau cov ntaub ntawv. Txhawm rau piav qhia qhov teeb meem, xyoo tas los GitHub neeg nyob
Vim li cas ho tsis muaj qhov tsis zoo kaw?
Tsis muaj laj thawj los kaw qhov tsis zoo. Yav dhau los, nws tsis tau siv rau hacker tawm tsam. Txawm tias IT zej zog
Yuav kom ncaj ncees, nws tsim nyog sau cia tias nyob rau lub Rau Hli lawv tseem
/unsplash/
Raws li cov kab laum nyob rau hauv thawj qhov system, ib tug complex synchronization mechanism tiv thaiv nws los ntawm kev kho. Cov neeg rau zaub mov tseem ceeb hauv lub network tau sau los ua pov thawj ntawm lub tswv yim rau Yaron Minsky's doctoral thesis. Ntxiv mus, ib hom lus tshwj xeeb, OCaml, tau raug xaiv los ua haujlwm. Los ntawm
Txawm li cas los xij, GnuPG tsis ntseeg tias lub network yuav raug kho. Hauv kev tshaj tawm ntawm GitHub, cov neeg tsim khoom txawm sau tias lawv tsis pom zoo ua haujlwm nrog SKS Keyserver. Qhov tseeb, qhov no yog ib qho laj thawj tseem ceeb vim li cas lawv tau pib hloov mus rau qhov kev pabcuam tshiab keys.openpgp.org. Peb tsuas tuaj yeem saib qhov kev txhim kho ntxiv ntawm cov xwm txheej.
Ob peb ntawm cov ntaub ntawv los ntawm peb cov tuam txhab blog:
Tau qhov twg los: www.hab.com