Google
Nws tau sau tseg tias tam sim no ntau dua 90% ntawm qhov chaw qhib los ntawm Chrome cov neeg siv HTTPS. Lub xub ntiag ntawm cov khoom ntim uas tsis muaj encryption tsim kev nyab xeeb los ntawm kev hloov kho cov ntsiab lus tsis muaj kev tiv thaiv yog tias muaj kev tswj hwm kev sib txuas lus (piv txwv li, thaum txuas ntawm qhib Wi-Fi). Cov ntsiab lus sib xyaw ua ke tau pom tias tsis muaj txiaj ntsig thiab ua rau tus neeg siv dag zog, vim nws tsis muab qhov kev ntsuam xyuas meej ntawm kev ruaj ntseg ntawm nplooj ntawv.
Tam sim no, hom kev phom sij tshaj plaws ntawm cov ntsiab lus sib xyaw, xws li cov ntawv sau thiab iframes, twb raug thaiv los ntawm lub neej ntawd, tab sis cov duab, cov ntaub ntawv audio thiab cov yeeb yaj kiab tseem tuaj yeem rub tawm ntawm http://. Los ntawm cov duab spoofing, tus neeg tawm tsam tuaj yeem hloov cov neeg siv taug qab cov ncuav qab zib, sim siv qhov tsis zoo hauv cov duab processors, lossis ua yuam kev los ntawm kev hloov cov ntaub ntawv hauv daim duab.
Kev taw qhia txog kev thaiv kev thaiv yog muab faib ua ob peb theem. Chrome 79, tau teem rau lub Kaum Ob Hlis 10th, yuav muaj qhov chaw tshiab uas yuav tso cai rau koj los cuam tshuam kev thaiv rau cov chaw tshwj xeeb. Qhov kev teeb tsa no yuav raug siv rau cov ntsiab lus sib xyaw uas twb tau thaiv lawm, xws li cov ntawv sau thiab iframes, thiab yuav raug hu los ntawm cov ntawv qhia zaub mov uas poob qis thaum koj nyem rau ntawm lub cim xauv, hloov qhov taw qhia yav dhau los rau kev cuam tshuam kev thaiv.
Chrome 80, uas xav kom Lub Ob Hlis 4, yuav siv cov phiaj xwm muag muag rau cov ntaub ntawv audio thiab video, txhais tau tias tsis siv neeg hloov pauv ntawm http:// txuas nrog https://, uas yuav khaws cia ua haujlwm yog tias cov khoom muaj teeb meem tseem tuaj yeem siv tau ntawm HTTPS . Cov duab yuav txuas ntxiv mus thauj khoom yam tsis muaj kev hloov pauv, tab sis yog tias rub tawm ntawm http: //, nplooj ntawv https:// yuav tso saib qhov ntsuas kev sib txuas tsis ruaj ntseg rau tag nrho nplooj ntawv. Txhawm rau hloov pauv mus rau https lossis thaiv cov duab, cov chaw tsim khoom yuav tuaj yeem siv CSP cov khoom hloov kho-tsis ruaj ntseg-thov thiab thaiv-tag nrho-sib xyaw-cov ntsiab lus. Chrome 81, teem rau lub Peb Hlis 17, yuav pib kho http:// rau https:// rau cov duab sib xyaw.
Tsis tas li ntawd, Google
Txhawm rau tswj kev tsis pub lwm tus paub, thaum nkag mus rau API sab nraud, tsuas yog thawj ob bytes ntawm hash ntawm tus ID nkag mus thiab tus password raug xa mus (tus hashing algorithm yog siv.
Tau qhov twg los: opennet.ru