Uhlelo lwe-Bloomberg, ngonyaka odlule
mayelana ne-spy chip engaqinisekisiwe kumabhodi e-Supermicro, mayelana nokuhlonza i-backdoor kumishini ye-Huawei. Kodwa-ke, i-Vodafone, ehlonze inkinga, ikubiza ngokuthi sengozini, futhi i-Bloomberg yenza ihaba. Ngokusobala, i-backdoor bekungeyona i-backdoor eyenziwe ngamabomu eyengezwe ngenhloso enonya nobunhloli, kodwa kwaba umphumela wokushiya indawo yokufinyelela yobunjiniyela eyalibaleka ukukhutshazwa enguqulweni yokugcina yomkhiqizo ngenxa yokwengamela noma ukwenza lula ukuxilonga isevisi yokusekela.
Inkinga ikhonjwe yi-Vodafone emuva ngo-2011 futhi yalungiswa i-Huawei ngemuva kokwaziswa ngobungozi. Ingqikithi ye-backdoor yikhono lokuthola ukufinyelela kudivayisi ngeseva ye-telnet eyakhelwe ngaphakathi. Imininingwane yenhlangano yokungena ayinikeziwe; akucaci ukuthi ukufinyelela kwenziwe kwasebenza ngephasiwedi echazwe ngaphambilini yobunjiniyela noma iseva ye-telnet yethulwa lapho kwenzeka umcimbi othile (isibonelo, lapho kuthunyelwa ukulandelana okuthile kwamaphakethe enethiwekhi). Kufanele kuqashelwe ukuthi "izicabha ezingemuva" ezifanayo ezivumela ukuxhuma nge-telnet nazo zitholakele kumishini eminyakeni yamuva nje. , , , ΠΈ .
Ngemva kokulungisa inkinga, onjiniyela beVodafone baqaphela ukuthi ikhono lokungena ngemvume ukude alizange lisuswe ngokuphelele futhi iseva ye-telnet isengaqaliswa (akucaci ukuthi kusho ukuthini ngokwenqaba ukususa ngokuphelele iseva ye-telnet ku-firmware noma ukushiya ikhono. ukuyiqala ngaphansi kwezimo ezithile) . U-Huawei ubeke amazwana ngokutholakala kwekhono lokungena nge-telnet enezidingo zokukhiqiza - le sevisi isetshenziselwa ukuhlola nokumisa okokuqala kwamadivayisi. Ngesikhathi esifanayo, uHuawei usebenzise amandla okukhubaza insiza ngemuva kokuqeda lesi sigaba, kodwa ikhodi yesevisi ye-telnet ngokwayo ayizange isuswe ku-firmware.
Source: opennet.ru