Vatsvagiri kubva kuRed Balloon vakashuma kusagadzikana kuviri kwakawanikwa muCisco 1001-X akatevedzana ma routers. Kusagadzikana mune inoshanda Cisco network michina haisi nhau, asi ichokwadi chehupenyu. Cisco ndeimwe yevanotungamira kugadzira ma routers uye mamwe maturusi etiweki, saka kune yakawedzera kufarira mukuvimbika kwezvigadzirwa zvayo kubva kunyanzvi dzekudzivirira data uye kubva pakuona kwevanorwisa.
Tichitarisa kumberi, tinoona kuti nyanzvi dzeRed Balloon dzakazivisa Cisco nezve hutsva hutsva mwedzi yakati wandei yapfuura, saka dambudziko rakagadziriswa neimwe nzira, kana kuti Cisco anoziva nzira yekurigadzirisa. Imwe yekusagadzikana kuviri kunogona kuvharwa zvakangoita nekuvandudza firmware, uye kambani yakaburitsa firmware yakadaro nezuro munzvimbo yeruzhinji, iyo online yekudhirowa inoshuma. . Tiri kutaura nezve bug inowanikwa muCisco IOS inoshanda sisitimu inopa anorwisa midzi yekuwana kune marouters eakatsanangurwa akateedzana.
Kusagadzikana kwechipiri chinhu chakakosha uye chine njodzi zvakanyanya, vanoongorora vanodaro. Inobata hwaro hwekuchengetedza kwemazana emamiriyoni emakambani network network, kubva kuma routers kuenda kune switch kune firewall. Red Balloon nyanzvi dzakakwanisa kunzvenga chengetedzo yemidziyo yeCisco seTrust Anchor. "Trust Anchor," sekududzirwa kweshoko iri, kusimudzira kwekambani yemidziyo yekuvimbika verification modules (yaimbova ACT). Iyo ACT module yakaunzwa kuti idzivirire kubva kune yekunyepedzera uye yakazoshandurwa kuita module yekutarisa kuvimbika kwechikamu chesoftware cheCisco network zvishandiso. Nhasi, Trust Anchor iripo mune ese anoshanda network michina yekambani. Izvo hazvina kuoma kufungidzira kuti kukanganiswa kweTrust Anchor kunosanganisirei. Networks paCisco midziyo haichazovimbwa zvakare.
Vatsvagiri vakawana nzira yekunyengedza Trust Anchor. Midziyo yakabiwa yakaramba ichizivisa vatengi nezvekusavhiringidza, nepo nyanzvi dzichiita zvese zvavaida nazvo. Izvi, nenzira, zvinotiita kuti tifunge nezve mafambiro ezvinoitika zvakafanana neArM (TrustZone), Intel (SGX) nedzimwe nzira dzakafanana dzehardware dzekudzivirira mapuratifomu ekombuta. Zvingaita sekuti iyi ndiyo mhinduro yekuvhara maburi muma processor architecture. Chip yakavimbika kana module mune chipset inogona kuita kuti makomputa achengetedzeke pakubira. Mukuita, gomba kana mukana wekunzvenga dziviriro wakawanikwa kunyangwe mune mhinduro uko kupinda kwakanyanya kushomeka uye kazhinji kunogoneka chete munzvimbo yekugadzira yevaridzi.
Mamiriro ekupedzisira achave akakosha pakuvhara makomba ane hukama nekukanganisika kweTrust Anchor modules. Kunyangwe Cisco yakavimbisa kuburitsa zvigamba kugadzirisa iyo yakaonekwa Trust Anchor kusagadzikana kune yayo yese michina, kudhawunirodha yekuvandudza kunogona kusagadzirisa dambudziko iri. Cisco inoti izvi zvinoda "kugadziridza zvekare," zvichireva kuti hazvizogone kugadzirisa hardware kure. Zvakanaka, mazuva akabatikana akamirira vashandi vanosevha network vachishandisa Cisco michina. Uye zhizha rinoswedera harina chokuita neizvi.
Source: 3dnews.ru