Hackers-ku waxay isticmaaleen sifo ka mid ah borotokoolka OpenPGP kaas oo la yaqaanay in ka badan toban sano.
Waxaan kuu sheegaynaa waxa ujeedadu tahay iyo sababta aysan u xiri karin.
/Fursaar/
Dhibaatooyinka shabakada
Bartamihii Juunyo, lama garanayo
Hackers-ku waxay jabiyeen shahaadooyinka laba ilaaliye mashruuca GnuPG, Robert Hansen iyo Daniel Gillmor. Soo dejinta shahaado kharriban serferka waxay sababtaa GnuPG inuu fashilmo—nidaamka si fudud ayuu u qaboojinayaa. Waxaa jira sabab lagu aamino in kuwa weerarka soo qaaday aysan halkaas ku joogsan doonin, oo tirada shahaadooyinka la jabiyay ayaa kordhin doona oo keliya. Waqtigan xaadirka ah, dhibaatada inta ay le'eg tahay lama garanayo.
Nuxurka weerarka
Hackers waxay ka faa'iidaysteen nuglaanta nidaamka OpenPGP. Muddo tobanaan sano ah ayay bulshadu garanaysay. Xitaa GitHub
Dhowr doorasho oo ka soo baxay blog-keena Habré:
Marka loo eego qeexitaanka OpenPGP, qof kastaa wuxuu ku dari karaa saxeexyada dhijitaalka ah shahaadooyinka si loo xaqiijiyo mulkiilahooda. Waxaa intaa dheer, tirada ugu badan ee saxeexyada sinaba looma habeeyo. Oo halkan dhibaato ayaa ka soo baxda - shabakadda SKS waxay kuu ogolaaneysaa inaad meel dhigto ilaa 150 kun oo saxeex hal shahaado, laakiin GnuPG ma taageerto lambarkaas. Markaa, marka la shubayo shahaadada, GnuPG (iyo sidoo kale hirgelinta OpenPGP kale) way barafoobaan.
Mid ka mid ah dadka isticmaala
$ gpg --homedir=$PWD --recv C4BC2DDB38CCE96485EBE9C2F20691179038E5C6
gpg: key F20691179038E5C6: 4 duplicate signatures removed
gpg: key F20691179038E5C6: 54614 signatures not checked due to missing keys
gpg: key F20691179038E5C6: 4 signatures reordered
gpg: key F20691179038E5C6: public key "Daniel Kahn Gillmor <[email protected]>" imported
gpg: no ultimately trusted keys found
gpg: Total number processed: 1
gpg: imported: 1
$ ls -lh pubring.gpg
-rw-r--r-- 1 filippo staff 17M 2 Jul 16:30 pubring.gpg
Si ay arrinta uga sii darto, OpenPGP server-yada muhiimka ah kama saaraan macluumaadka shahaadada. Tan waxaa loo sameeyaa si aad u raadraacdo silsiladda dhammaan ficillada shahaadooyinka oo aad ka hortagto beddelkooda. Sidaa darteed, waa wax aan suurtagal ahayn in la tirtiro walxaha la isku halleyn karo.
Asal ahaan, shabakadda SKS waa "faylka server-ka" weyn oo qof kasta uu u qori karo xogta. Si loo qeexo dhibaatada, sanadkii hore GitHub degane
Maxaa loo xiri waayey baylahda?
Ma jirin sabab loo xiro baylahda. Markii hore, looma isticmaalin weerarrada hackers-ka. Inkasta oo bulshada IT-ga
Si aad u noqoto mid caddaalad ah, waxaa habboon in la ogaado in bisha Juun ay weli yihiin
/Fursaar/
Xagga cayayaanka ku jira nidaamka asalka ah, habka isku-dhafka adag ayaa ka hortagaya in la hagaajiyo. Shabakadda server-ka muhiimka ah waxaa markii hore loo qoray si ay u noqoto caddayn fikradda qoraalka PhD ee Yaron Minsky. Waxaa intaa dheer, luqad gaar ah, OCaml, ayaa loo doortay shaqada. By
Si kastaba ha ahaatee, GnuPG ma rumaysna in shabakadu weligeed la hagaajin doono. Boostada GitHub, horumariyayaashu xitaa waxay qoreen inaysan ku talineynin la shaqeynta SKS Keyserver. Dhab ahaantii, tani waa mid ka mid ah sababaha ugu waaweyn ee ay u bilaabeen u gudubka furayaasha adeegga cusub.openpgp.org. Waxaan kaliya daawan karnaa horumarka dheeraadka ah ee dhacdooyinka.
Dhowr walxood oo ka soo baxay blog-ga shirkadda:
Source: www.habr.com