Kusanthula pambuyo: zomwe zimadziwika za kuwukira kwaposachedwa pa netiweki ya SKS Keyserver ya ma seva achinsinsi a crypto

Obera adagwiritsa ntchito gawo la protocol ya OpenPGP yomwe yadziwika kwa zaka zopitilira khumi.

Timakuuzani zomwe mfundo yake ndi chifukwa chake sangathe kutseka.

/Chotsani / Chunle Ju

Mavuto a netiweki

Pakati pa June, osadziwika anachita chiwembu ku netiweki ya makiyi achinsinsi a cryptographic SKS Keyserver, yomangidwa pa protocol ya OpenPGP. Ichi ndi muyezo wa IETF (RFC 4880), yomwe imagwiritsidwa ntchito kubisa maimelo ndi mauthenga ena. Netiweki ya SKS idapangidwa zaka makumi atatu zapitazo kuti igawane ziphaso zapagulu. Zimaphatikizapo zida monga GnuPG kubisa deta ndikupanga siginecha zamagetsi zamagetsi.

Obera adasokoneza ziphaso za oyang'anira projekiti awiri a GnuPG, Robert Hansen ndi Daniel Gillmor. Kutsegula satifiketi yowonongeka kuchokera pa seva kumapangitsa GnuPG kulephera - makina amangozizira. Pali chifukwa chokhulupirira kuti omwe akuwukirawo sadzayima pamenepo, ndipo kuchuluka kwa ziphaso zosiyidwa kumangowonjezeka. Pakali pano, kukula kwa vutoli sikudziwika.

Chofunika cha kuukira

Obera adatengera mwayi pachiwopsezo cha OpenPGP protocol. Iye wakhala akudziwika kwa anthu kwa zaka zambiri. Ngakhale pa GitHub angapezeke zopambana zofananira. Koma pakadali pano palibe amene adatenga udindo wotseka "dzenje" (tidzakambirana za zifukwazo mwatsatanetsatane pambuyo pake).

Zosankha zingapo pabulogu yathu ya Habré:

• SDN digest - emulators asanu ndi limodzi otseguka
• Momwe Mungamangire SDN - Zida zisanu ndi zitatu zotseguka
• Network digest: zida 17 zaukadaulo za Wi-Fi ndi 5G

Malinga ndi mafotokozedwe a OpenPGP, aliyense atha kuwonjezera ma signature a digito ku satifiketi kuti atsimikizire mwini wake. Komanso, kuchuluka kwa ma signature sikumayendetsedwa mwanjira iliyonse. Ndipo apa pali vuto - netiweki ya SKS imakupatsani mwayi woyika siginecha mpaka 150 pa satifiketi imodzi, koma GnuPG sichigwirizana ndi nambala yotere. Chifukwa chake, mukatsitsa satifiketi, GnuPG (komanso zina za OpenPGP) zimaundana.

Mmodzi wa ogwiritsa ntchito adachita kuyesa - kuitanitsa satifiketi kunamutengera pafupifupi mphindi 10. Satifiketiyo inali ndi siginecha zopitilira 54, ndipo kulemera kwake kunali 17 MB:

$ gpg --homedir=$PWD --recv C4BC2DDB38CCE96485EBE9C2F20691179038E5C6
gpg: key F20691179038E5C6: 4 duplicate signatures removed
gpg: key F20691179038E5C6: 54614 signatures not checked due to missing keys
gpg: key F20691179038E5C6: 4 signatures reordered
gpg: key F20691179038E5C6: public key "Daniel Kahn Gillmor <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg:               imported: 1
$ ls -lh pubring.gpg
-rw-r--r--  1 filippo  staff    17M  2 Jul 16:30 pubring.gpg

Kuti zinthu ziipireipire, ma seva makiyi a OpenPGP samachotsa zidziwitso za satifiketi. Izi zachitika kuti muthe kutsatira unyolo wa zochita zonse ndi satifiketi ndi kupewa m'malo awo. Choncho, n'zosatheka kuchotsa zinthu zowonongeka.

Kwenikweni, netiweki ya SKS ndi "seva yamafayilo" yayikulu yomwe aliyense amatha kulembapo zambiri. Kuti muwonetse vutoli, chaka chatha wokhala ku GitHub adapanga fayilo ya fayilo, yomwe imasunga zolemba pa netiweki ya makiyi achinsinsi.

Chifukwa chiyani chiwopsezocho sichinatsekedwe?

Panalibe chifukwa chotseka chiwopsezocho. M'mbuyomu, sichinagwiritsidwe ntchito polimbana ndi owononga. Ngakhale gulu la IT anafunsa kwa nthawi yaitali Opanga SKS ndi OpenPGP akuyenera kulabadira vutoli.

Kunena zowona, ndikofunikira kudziwa kuti mu June akadali anayambitsa makiyi oyeserera keys.openpgp.org. Zimapereka chitetezo ku zowawa zamtunduwu. Komabe, database yake ili ndi anthu kuyambira pachiyambi, ndipo seva yokhayo si gawo la SKS. Choncho, zidzatenga nthawi kuti zigwiritsidwe ntchito.

/Chotsani / Rubén Bagües

Ponena za cholakwika mu dongosolo loyambirira, njira yovuta yolumikizira imalepheretsa kukhazikitsidwa. Netiweki ya seva yayikulu idalembedwa ngati umboni wa lingaliro la Yaron Minsky's PhD thesis. Kuphatikiza apo, chilankhulo chapadera, OCaml, chidasankhidwa kuti chigwire ntchito. Wolemba malinga ndi wosamalira Robert Hansen, khodiyo ndi yovuta kumvetsetsa, kotero kuwongolera pang'ono kokha kumapangidwira. Kuti musinthe kamangidwe ka SKS, iyenera kulembedwanso kuyambira poyambira.

Mulimonse momwe zingakhalire, GnuPG sakhulupirira kuti netiweki idzakonzedwa. Mu positi pa GitHub, Madivelopa adalembanso kuti samalimbikitsa kugwira ntchito ndi SKS Keyserver. Kwenikweni, ichi ndi chimodzi mwazifukwa zazikulu zomwe adayambitsa kusintha kupita ku keys.openpgp.org. Titha kungoyang'ana zomwe zikuchitika.

Zida zingapo zochokera patsamba lathu lamakampani:

• Botnet "spams" kudzera ma routers: zomwe muyenera kudziwa
• DDoS ndi 5G: "chitoliro" chochuluka chimatanthauza mavuto ambiri
• Firewall kapena DPI - zida zodzitetezera pazolinga zosiyanasiyana
• Intaneti kumudzi - kumanga wailesi ya Wi-Fi network

Source: www.habr.com