Zvinoita sekuti GitHub manejimendi iri kufunga zvakanyanya nezve chengetedzo yesoftware. Kutanga kwaiva nedura re data muSvalbard uye rutsigiro rwemari kune vanogadzira. Saka zvino iyo GitHub Security Lab initiative, iyo inosanganisira kutora chikamu kwevose vanofarira nyanzvi mukuvandudza kuchengetedzeka kweyakavhurika sosi software.
F5, Google, HackerOne, Intel, IOActive, JP Morgan, LinkedIn, Microsoft, Mozilla, NCC Group, Oracle, Trail of Bits, Uber neVMWare vari kutotora chikamu muchirongwa ichi. Kwemakore maviri apfuura, vakabatsira kuona nekubvisa kusagadzikana kwe105 muzvirongwa zvakawanda.
Vamwe vatori vechikamu vakavimbiswa mibairo inosvika $3000 yekusagadzikana kwakaonekwa. Iyo GitHub interface yatove nekwaniso yekuwana iyo CVE identifier yenyaya uye kugadzira chirevo pamusoro payo. Rondedzero yezvekusagadzikana yakatangwa , ine ruzivo nezve matambudziko ane maapplication akabatwa paGitHub, ari panjodzi mapakeji, zvichingodaro.
Uye zvakare, kuchengetedzwa kwakagadziridzwa kwatove kwakawedzerwa kune sisitimu, iyo inovimbisa kuti yemunhu uye yakavanzika data, senge tokens, makiyi, nezvimwe zvakadaro, haigumiri mumatura eruzhinji. Sezvineiwo, iyo sisitimu inoongorora otomatiki mafomati akakosha kubva makumi maviri masevhisi uye makore masisitimu. Kana dambudziko rikaonekwa, chikumbiro chinotumirwa kumupi webasa kuti asimbise dambudziko uye adzore makiyi akakanganiswa.
Ziva kuti GitHub yakambotorwa neMicrosoft. Zvinoita sekuti Redmond yafunga kutora kuchengetedzwa kwedata zvakanyanya.
Source: 3dnews.ru