Cov kws tshawb fawb los ntawm Red Balloon tau tshaj tawm ob qhov tsis zoo uas pom hauv Cisco 1001-X series routers. Vulnerabilities nyob rau hauv active Cisco network khoom tsis yog xov xwm, tab sis qhov tseeb ntawm lub neej. Cisco yog ib qho ntawm cov tuam txhab ua lag luam ntawm routers thiab lwm yam khoom siv hauv network, yog li muaj kev txaus siab ntxiv rau kev ntseeg siab ntawm nws cov khoom ob qho tib si los ntawm cov kws tshaj lij tiv thaiv cov ntaub ntawv thiab los ntawm kev xav ntawm cov neeg tawm tsam.
Saib tom ntej, peb nco ntsoov tias Red Balloon cov kws tshaj lij tau ceeb toom rau Cisco txog qhov tsis zoo tshiab ob peb lub hlis dhau los, yog li qhov teeb meem tau daws tau qee yam, lossis tsawg kawg Cisco paub daws nws li cas. Ib qho ntawm ob qhov tsis zoo tuaj yeem raug kaw yooj yim los ntawm kev hloov kho cov firmware, thiab lub tuam txhab tso tawm cov firmware nag hmo rau hauv pej xeem sau, cov ntawv tshaj tawm hauv online . Peb tab tom tham txog kab laum pom nyob rau hauv Cisco IOS operating system uas muab tus neeg tua neeg hauv paus nkag mus rau routers ntawm cov ntawv teev tseg.
Qhov thib ob qhov tsis zoo yog qee yam tshwj xeeb thiab txaus ntshai heev, cov kws tshawb fawb tau hais. Nws kov lub hauv paus ntawm kev ruaj ntseg rau ntau pua lab ntawm lub tuam txhab network pab kiag li lawm, los ntawm routers mus hloov mus rau firewalls. Red Balloon cov kws tshaj lij muaj peev xwm hla dhau qhov kev tiv thaiv kho vajtse ntawm Cisco cov cuab yeej ua Trust Anchor. "Trust Anchor," raws li lo lus no tuaj yeem txhais tau, yog ib qho kev txhim kho ntawm lub tuam txhab cov cuab yeej cuab tam kev lees paub kev ncaj ncees (yav tas los ACT). Lub ACT module tau qhia los tiv thaiv kev ua txhaum cai thiab tom qab ntawd tau hloov mus rau hauv ib qho qauv rau kev saib xyuas kev ncaj ncees ntawm software tivthaiv ntawm Cisco network li. Niaj hnub no, Trust Anchor yog tam sim no nyob rau hauv tag nrho cov active network khoom ntawm lub tuam txhab. Nws tsis nyuaj rau xav txog qhov kev sib haum xeeb ntawm Trust Anchor yuav ua li cas. Networks ntawm Cisco cov cuab yeej tom qab ntawd yuav tsis muaj kev ntseeg ntxiv lawm.
Cov kws tshawb fawb tau pom ib txoj hauv kev los ntxias Trust Anchor. Cov cuab yeej hacked txuas ntxiv qhia cov neeg siv khoom txog kev tsis cuam tshuam, thaum cov kws tshaj lij tau ua txhua yam lawv xav tau nrog nws. Qhov no, los ntawm txoj kev, ua rau peb xav txog txoj hmoo ntawm kev txhim kho zoo sib xws los ntawm ARM (TrustZone), Intel (SGX) thiab lwm yam khoom siv zoo sib xws rau kev tiv thaiv kev siv computer. Nws yuav zoo li qhov no yog kev daws teeb meem rau kaw qhov hauv processor architectures. Ib lub chips ntseeg siab lossis module hauv chipset tuaj yeem ua rau cov khoos phis tawj muaj kev nyab xeeb dua tiv thaiv kev nyiag. Hauv kev xyaum, ib lub qhov lossis lub sijhawm los hla kev tiv thaiv tau pom txawm tias nyob rau hauv qhov kev daws teeb meem uas qhov kev nkag tsis tshua muaj kev txwv thiab feem ntau tsuas yog ua tau nyob rau hauv ib puag ncig tsim khoom.
Qhov xwm txheej kawg yuav yog qhov tseem ceeb rau kev kaw qhov cuam tshuam nrog kev cuam tshuam ntawm Trust Anchor modules. Txawm hais tias Cisco tau cog lus tias yuav tso tawm thaj ua rau thaj txhawm rau txhim kho Trust Anchor qhov tsis zoo rau tag nrho nws cov khoom siv, rub tawm qhov hloov tshiab yuav tsis daws qhov teeb meem no. Cisco hais tias qhov no yuav xav tau "loj reprogramming," txhais tau tias nws yuav tsis tuaj yeem hloov kho kho vajtse nyob deb. Zoo, cov hnub tsis khoom tos tos cov neeg ua haujlwm pabcuam kev pabcuam siv cov khoom siv Cisco. Thiab lub caij ntuj sov los txog tsis muaj dab tsi ua nrog qhov no.
Tau qhov twg los: 3d xov.ru