Google za kusintha njira yosinthira zinthu zosakanizika pamasamba otsegulidwa kudzera pa HTTPS. M'mbuyomu, ngati panali zigawo pamasamba zomwe zidatsegulidwa kudzera pa HTTPS zomwe zidatsitsidwa popanda kubisa (kudzera pa http:// protocol), chizindikiro chapadera chidawonetsedwa. M'tsogolomu, adaganiza zoletsa kutsitsa kwazinthu zoterezi mwachisawawa. Chifukwa chake, masamba omwe atsegulidwa kudzera pa "https://" adzatsimikiziridwa kuti ali ndi zida zotsitsidwa kudzera pa njira yolumikizirana yotetezeka.
Zikudziwika kuti panopa oposa 90% a malo amatsegulidwa ndi ogwiritsa ntchito Chrome pogwiritsa ntchito HTTPS. Kukhalapo kwa zoyika zodzaza popanda kubisa kumapangitsa kuti pakhale ziwopsezo zachitetezo posintha zinthu zosatetezedwa ngati pali kuwongolera njira yolumikizirana (mwachitsanzo, mukalumikiza kudzera pa Wi-Fi yotseguka). Chizindikiro chosakanikirana chosakanikirana chinapezeka kuti sichigwira ntchito komanso chosocheretsa kwa wogwiritsa ntchito, chifukwa sichimapereka chidziwitso chomveka cha chitetezo cha tsamba.
Pakalipano, mitundu yowopsa kwambiri yazinthu zosakanikirana, monga zolemba ndi iframes, zatsekedwa kale, koma zithunzi, mafayilo amawu ndi mavidiyo akhoza kumasulidwa kudzera pa http: //. Kupyolera mwa kuwononga zithunzi, wowukira amatha kulowa m'malo mwa ma Cookies otsata, kuyesa kugwiritsa ntchito zofooka mu ma processor azithunzi, kapena kuchita chinyengo posintha zomwe zaperekedwa pachithunzichi.
Kuyambitsa kutsekereza kumagawidwa m'magawo angapo. Chrome 79, yokonzekera pa Disembala 10, ikhala ndi mawonekedwe atsopano omwe angakuthandizeni kuletsa kutsekereza kwamasamba enaake. Zosinthazi zidzagwiritsidwa ntchito pazosakanizidwa zomwe zatsekedwa kale, monga zolemba ndi iframes, ndipo zidzayitanitsidwa kupyolera mu menyu yomwe imatsikira pamene mutsegula chizindikiro cha loko, m'malo mwa chizindikiro chomwe chinaperekedwa kale choletsa kutseka.
Chrome 80, yomwe ikuyembekezeka pa February 4, idzagwiritsa ntchito njira yotsekera yofewa pamafayilo amawu ndi makanema, kutanthauza kusinthidwa kwa http: // maulalo ndi https: //, zomwe zidzasunga magwiridwe antchito ngati vuto likupezekanso kudzera pa HTTPS. . Zithunzizi zipitilira kutsitsa popanda zosintha, koma zikatsitsidwa kudzera pa http: //, masamba a https: // awonetsa chizindikiro cholumikizira patsamba lonse. Kuti musinthe zokha kukhala https kapena kutsekereza zithunzi, omanga masamba azitha kugwiritsa ntchito CSP zopeka-zosatetezeka-zopempha ndi block-all-mixed-content. Chrome 81, yomwe ikukonzekera pa Marichi 17, ikonza http: // ku https: // pazithunzi zosakanizika.
Komanso, Google za kuphatikizika kumodzi mwazotsatira za msakatuli wa Chome wa gawo latsopano la Password Checkup, m'mbuyomu mu mawonekedwe . Kuphatikizika kudzatsogolera kuwonekera kwa woyang'anira achinsinsi wa Chrome wa zida zowunikira kudalirika kwa mawu achinsinsi ogwiritsidwa ntchito ndi wogwiritsa ntchito. Mukayesa kulowa patsamba lililonse, malowedwe anu ndi mawu achinsinsi aziyang'aniridwa ndi nkhokwe yamaakaunti osokonekera, ndi chenjezo lowonetsedwa ngati mavuto apezeka. Chekecho chimachitika motsutsana ndi nkhokwe yomwe ili ndi maakaunti opitilira 4 biliyoni omwe adawonekera m'malo osungidwa a ogwiritsa ntchito. Chenjezo lidzawonetsedwanso ngati mutayesa kugwiritsa ntchito mawu achinsinsi ngati "abc123" (mwa Google 23% ya aku America amagwiritsa ntchito mawu achinsinsi ofanana), kapena akamagwiritsa ntchito mawu achinsinsi pamasamba angapo.
Kusunga chinsinsi, mukalowa ku API yakunja, ma byte awiri oyamba a hashi olowera ndi mawu achinsinsi amatumizidwa (hashing algorithm imagwiritsidwa ntchito. ). Hashi yonse imasungidwa ndi kiyi yopangidwa kumbali ya wogwiritsa ntchito. Ma hashi oyambilira mu nkhokwe ya Google nawonso amasungidwa ndipo ma byte awiri oyamba a hashi ndi omwe atsala kuti alembetse. Kutsimikizira komaliza kwa ma hashes omwe amagwera pansi pa prefix ya ma byte awiri amachitidwa kumbali ya wogwiritsa ntchito pogwiritsa ntchito ukadaulo wa cryptographic "", momwe palibe gulu lomwe likudziwa zomwe zili mu data yomwe ikuwunikiridwa. Kuteteza zomwe zili munkhokwe yamaakaunti osokonekera omwe amatsimikiziridwa ndi nkhanza ndi pempho la prefixes mosasamala, zomwe zimatumizidwa zimasungidwa mwachinsinsi polumikizana ndi kiyi yopangidwa pamaziko a kuphatikiza kotsimikizika kwa kulowa ndi mawu achinsinsi.
Source: opennet.ru