Onye na-edeba aha APNIC, onye na-ahụ maka nkesa adreesị IP na mpaghara Eshia-Pacific, kọrọ ihe merenụ n'ihi nke a mere ka a na-ekpofu SQL nke ọrụ Whois, gụnyere data nzuzo na paswọọdụ hashes, n'ihu ọha. Ọ bụ ihe kwesịrị ịrịba ama na nke a abụghị nkwụsị mbụ nke data onwe onye na APNIC - na 2017, a na-emepụtaworị data Whois n'ihu ọha, nakwa n'ihi nlekọta ndị ọrụ.
N'ime usoro iwebata nkwado maka usoro RDAP, nke e mere iji dochie usoro WHOIS, ndị ọrụ APNIC na-etinye SQL nke nchekwa data eji na ọrụ Whois na nchekwa igwe ojii Google Cloud, mana egbochighị ịnweta ya. N'ihi njehie na ntọala ahụ, SQL mkpofu dị n'ihu ọha maka ọnwa atọ ma kpugheere eziokwu a naanị na June 4, mgbe otu n'ime ndị nchọpụta nchekwa onwe ha hụrụ nke a ma gwa onye na-edeba aha banyere nsogbu ahụ.
Ihe mkpofu SQL nwere njirimara “auth” nwere hashes okwuntughe maka ịgbanwe ihe ndị na-ahụ maka njikwa na ihe omume (IRT), yana ụfọdụ ozi ndị ahịa nwere mmetụta nke na-egosighi na Whois n'oge ajụjụ nkịtị (na-abụkarị ozi kọntaktị na ndetu gbasara onye ọrụ) . N'ihe banyere mgbake okwuntughe, ndị mwakpo ahụ nwere ike ịgbanwe ọdịnaya dị n'ọhịa yana paramita nke ndị nwe ihe mgbochi adreesị IP na Whois. Ihe Maitainer na-akọwa onye na-ahụ maka ịhazigharị otu ndekọ nke jikọtara site na njirimara "mnt-by", na ihe IRT nwere ozi kọntaktị maka ndị nchịkwa na-anabata ọkwa nsogbu. A naghị enye ozi gbasara paswọọdụ hashing algọridim eji eme ihe, mana na 2017, MD5 na CRYPT-PW algọridim (okwuntughe mkpụrụedemede 8 nwere hashes dabere na ọrụ UNIX crypt) ejiri mee hashing.
Mgbe achọpụtachara ihe merenụ, APNIC butere nrụpụta okwuntughe maka ihe dị na Whois. N'akụkụ APNIC, achọpụtabeghị ihe ịrịba ama nke omume iwu na-akwadoghị, mana enweghị nkwa na data ahụ adabaghị n'aka ndị mwakpo, ebe ọ bụ na enweghị ndekọ zuru oke nke ịnweta faịlụ na Google Cloud. Dị ka mgbe ihe omume gara aga gasịrị, APNIC kwere nkwa ime nyocha ma mee mgbanwe na usoro nkà na ụzụ iji gbochie nkwụsịtụ yiri nke ahụ n'ọdịnihu.
isi: opennet.ru