Iqembu labacwaningi abavela emanyuvesi aseMelika, e-Australia nase-Israel liphakamise isu elisha lokuhlasela lesiteshi eseceleni ukuze lisebenzise ubungozi be-Specter-class kuziphequluli ezisekelwe enjini ye-Chromium. Ukuhlasela, okune-codenamed Spook.js, kukuvumela ukuthi udlule indlela yokuhlukanisa isayithi ngokusebenzisa ikhodi ye-JavaScript futhi ufunde okuqukethwe kwendawo yonke yekheli yenqubo yamanje, i.e. finyelela idatha emakhasini asebenza kwamanye amathebhu, kodwa acutshungulwe ngenqubo efanayo.
Njengoba i-Chrome isebenzisa amasayithi ahlukene ngezinqubo ezihlukene, amandla okwenza ukuhlasela okungokoqobo akhawulelwe kumasevisi avumela abasebenzisi abahlukene ukuthi baphathe amakhasi abo. Indlela ivumela, ekhasini lapho umhlaseli enethuba lokushumeka ikhodi yakhe ye-JavaScript, ukuze anqume ukuba khona kwamanye amakhasi avulwe ngumsebenzisi kusayithi elifanayo futhi akhiphe ulwazi oluyimfihlo kubo, isibonelo, izifakazelo noma imininingwane yasebhange efakwe esikhundleni. ngohlelo lwezinkambu zokugcwalisa ngokuzenzakalelayo kumafomu ewebhu. Njengomboniso, kuboniswa ukuthi ungahlasela kanjani ibhulogi yomunye umuntu kusevisi ye-Tumblr uma umnikazi wayo evula ibhulogi yabahlaseli ebanjwe kusevisi efanayo kwenye ithebhu.
Enye inketho yokusebenzisa indlela ukuhlaselwa kwezengezo zesiphequluli, okuvumela, lapho ufaka isengezo esilawulwa umhlaseli, ukukhipha idatha kwezinye izengezo. Njengesibonelo, sibonisa ukuthi ngokufaka isengezo esinonya ungakhipha kanjani ulwazi oluyimfihlo kumphathi wephasiwedi we-LastPass.
Abacwaningi bashicilele i-prototype ye-exploit esebenza ku-Chrome 89 kumasistimu ane-CPUIntel i7-6700K kanye ne-i7-7600U. Lapho udala ukuxhashazwa, ama-prototypes ekhodi ye-JavaScript eshicilelwe ngaphambilini i-Google asetshenziselwa ukuhlasela kwe-Specter-class. Kuyaphawuleka ukuthi abacwaningi bakwazi ukulungiselela ukuxhashazwa okusebenzayo kwezinhlelo ezisekelwe ku-Intel ne-Apple M1 processors, okwenza kube lula ukuhlela ukufundwa kwememori ngesivinini sama-byte angu-500 ngomzuzwana kanye nokunemba kwe-96%. Kucatshangwa ukuthi le ndlela iyasebenza naku-AMD processors, kodwa kwakungenakwenzeka ukulungiselela ukuxhashazwa okusebenzayo ngokugcwele.
Lokhu kuhlasela kusebenza kunoma yiziphi iziphequluli ezisekelwe enjini yeChromium, okuhlanganisa i-Google Chrome, iMicrosoft Edge neBrave. Abacwaningi bakholelwa nokuthi indlela ingashintshwa ukuze isebenze neFirefox, kodwa njengoba injini yeFirefox ihluke kakhulu kuChrome, umsebenzi wokudala ukuxhashazwa okunjalo ushiyelwe ikusasa.
Ukuze uvikele ekuhlaselweni okusekelwe kusiphequluli okuhlobene nokuqagelwa kwemiyalelo, i-Chrome isebenzisa ukuhlukaniswa kwesikhala sekheli - ukuhlukaniswa kwe-sandbox kuvumela i-JavaScript ukuthi isebenze kuphela ngezikhombi ezingu-32-bit futhi yabelane ngenkumbulo yezibambi kuzinqwaba ezihlukene ezingu-4GB. Ukuze unikeze ukufinyelela kuso sonke isikhala sekheli lenqubo futhi badlule umkhawulo we-32-bit, abacwaningi basebenzise indlela ebizwa ngokuthi Uhlobo Ukudideka, okuphoqa injini ye-JavaScript ukuthi icubungule into ngohlobo olungalungile, okwenza kube lula ukwenza i-64-bit. i-pointer esekelwe kwinhlanganisela yamanani amabili angu-32-bit.
Ingqikithi yokuhlasela ukuthi lapho kucutshungulwa into enonya eklanywe ngokukhethekile enjinini ye-JavaScript, izimo ziyadalwa eziholela ekwenziweni kokuqagela kwemiyalelo efinyelela amalungu afanayo. Into ikhethwa ngendlela yokuthi izinkambu ezilawulwa umhlaseli zibekwe endaweni lapho kusetshenziswa khona i-pointer ye-64-bit. Njengoba uhlobo lwento enobungozi lungafani nohlobo lwamalungu afanayo olucutshungulwayo, ngaphansi kwezimo ezijwayelekile izenzo ezinjalo zivinjwa ku-Chrome ngendlela yokunciphisa ukufaneleka kwekhodi esetshenziselwa ukufinyelela amalungu afanayo. Ukuze uxazulule le nkinga, ikhodi yokuhlaselwa kohlobo lokudideka ibekwe endaweni enemibandela ethi "uma", engasebenzi ngaphansi kwezimo ezijwayelekile, kodwa yenziwa ngemodi yokucabangela, uma iphrosesa ibikezela ngokungalungile ukuqhubeka kwegatsha.
Ngenxa yalokho, iphrosesa ifinyelela ngokuqagela i-pointer ekhiqiziwe engu-64-bit bese ibuyisela emuva isimo ngemva kokunquma ukuqagela okuhlulekile, kodwa iminonjana yokwenziwa isala kunqolobane eyabiwe futhi ingabuyiselwa kusetshenziswa izindlela zokuthola inqolobane yesiteshi eseceleni ezihlaziya izinguquko kunqolobane eyabiwe. izikhathi zokufinyelela kudatha egcinwe kunqolobane nengagciniwe . Ukuhlaziya okuqukethwe kwenqolobane ngaphansi kwezimo zokunemba okwanele kwesibali sikhathi esitholakala ku-JavaScript, kusetshenziswa indlela ehlongozwa i-Google, ekhohlisa isu lokukhipha inqolobane ye-Tree-PLRU elisetshenziswa kumaphrosesa futhi ivumela, ngokwandisa inani lemijikelezo, ukwandisa kakhulu umehluko ngesikhathi lapho inani likhona futhi lingekho kunqolobane. .
Source: opennet.ru