An riga an saki Tor 11.0.2 kuma ya zo tare da wasu gyare-gyare

Darkcrizt

4 minti

Kwanan nan an gabatar da sakin sabon sigar na musamman browser 11.0.2 mai bincike na Tor, wanda aka mayar da hankali kan tabbatar da rashin sanin suna, tsaro da keɓantawa. Lokacin amfani da burauzar Tor, duk zirga-zirgar ababen hawa ana jujjuya su ne kawai ta hanyar hanyar sadarwar Tor, kuma ba shi yiwuwa a tuntuɓar kai tsaye ta hanyar daidaitattun hanyoyin sadarwa na tsarin yanzu, wanda baya ba da damar gano ainihin adireshin IP na mai amfani.

Sabuwar sigar yana daidaitawa tare da lambar tushe na Firefox 91.4.0, wanda ke gyara raunin 15, 10 daga cikinsu suna da alamar haɗari.

7 daga cikin raunin da ya faru yana haifar da matsalolin ƙwaƙwalwa, kamar malalowar buffer da samun damar zuwa wuraren ƙwaƙwalwar ajiya da aka riga aka warware, kuma yana iya yuwuwar haifar da aiwatar da lambar maharin ta buɗe shafuka na musamman.

Hakanan an cire wasu hanyoyin ttf daga ginin Linux, wanda amfaninsa ya haifar da cin zarafin wakilcin rubutu a cikin abubuwan dubawa a cikin Fedora Linux.

An kuma ambata cewa an kashe saitin "network.proxy.allow_bypass"., wanda ke sarrafa ayyukan kariya daga rashin amfani da plugins na Proxy API da kuma cewa don jigilar obfs4, sabon ƙofar "deusexmachina" yana kunna ta tsohuwa.

Kan harin da aka kai wa Tor

A gefe guda, kuma Yana da kyau a lura da buga wani sabon rahoto kan yuwuwar yunƙurin kai hare-hare don ɓoye sunayen masu amfani da Tor. hade da ƙungiyar KAX17, wanda aka sanya ta takamaiman imel ɗin lamba na karya a cikin sigogin kumburi.

A lokacin Satumba da Oktoba, aikin Tor ya toshe nodes 570 masu yuwuwar mugun nufi. A kololuwar sa, ƙungiyar KAX17 ta yi nasarar kawo adadin nodes masu sarrafawa akan hanyar sadarwar Tor zuwa 900 da masu siyar da 50 daban-daban suka shirya, wanda yayi daidai da kusan kashi 14% na jimlar yawan relays (idan aka kwatanta, a cikin 2014 maharan sun sami nasarar samun iko akan kusan rabin relays Tor, kuma a cikin 2020 fiye da 23,95% na fita nodes).

Sannun ku!

Wataƙila wasunku sun lura cewa akwai raguwar watsa shirye-shirye a bayyane akan gidan yanar gizon mu na ijma'in lafiya. [1] Dalilin haka shi ne jiya mun kori kusan matattu 600 daga kan grid. A haƙiƙa, kaɗan ne kawai daga cikinsu ke riƙe da tutar masu gadi, don haka mafi yawancin su ne tsaka-tsaki. Ba mu da wata shaida da ke nuna cewa waɗannan relays suna yin kowane hari, amma akwai yuwuwar harin da relays ɗin zai iya yi daga tsakiyar matsayi. Don haka mun yanke shawarar cire waɗancan relays don kare lafiyar masu amfani da mu.

Yayin da muke bin diddigin wasu relays na ɗan lokaci, wani cypherpunk kuma ya ba da rahoton wani babban gungu na su da kansa kuma nusenu ya taimaka wajen tantance bayanan. Nagode duka a bangarenmu.

Sanya ɗimbin nodes wanda mai aiki ke sarrafa shi yana bawa masu amfani damar cire sunan su ta amfani da harin aji Sybil, wanda za a iya yi idan maharan suna da iko akan nodes na farko da na ƙarshe a cikin sarkar ɓoyewa. Kullin farko a cikin sarkar Tor ya san adireshin IP na mai amfani, kuma na karshen ya san adireshin IP na albarkatun da ake nema, wanda ke ba da damar cire sunan buƙatun ta ƙara takamaiman alamar ɓoye a gefen kumburin shigarwa zuwa fakitin kanun labarai waɗanda ba su canzawa a cikin duka sarƙar ɓoyewa da rarraba wannan alamar don gefen kumburin fitarwa. Tare da kuɗaɗen fita sarrafawa, maharan kuma za su iya yin canje-canje ga zirga-zirgar da ba a ɓoye ba, kamar cire turawa zuwa bambance-bambancen rukunin yanar gizo na HTTPS da satar abun ciki mara rufaffen.

A cewar wakilan cibiyar sadarwar Tor. yawancin nodes da aka cire a cikin fall an yi amfani da su azaman tsaka-tsaki ne kawai, ba a amfani da shi don aiwatar da buƙatun masu shigowa da masu fita. Wasu masu bincike sun nuna cewa nodes ɗin ya kasance na kowane nau'i kuma yiwuwar bugun kumburin shigar da ƙungiyar KAX17 ke sarrafawa shine 16%, kuma a fitarwa, 5%. Amma ko da haka ne, gabaɗayan yuwuwar mai amfani zai buga shigarwar shigarwa da nodes ɗin fitarwa na rukuni na nodes 900 da KAX17 ke sarrafawa ana ƙiyasta 0.8%. Babu wata shaida kai tsaye na amfani da nodes na KAX17 don kai hare-hare, amma ba a keɓance irin waɗannan hare-haren ba.

Finalmente idan kuna sha'awar ƙarin sani game da shi, zaka iya duba bayanan A cikin mahaɗin mai zuwa.


Bar tsokaci

Your email address ba za a buga. Bukata filayen suna alama da *

*

*

  1. Alhakin bayanai: AB Internet Networks 2008 SL
  2. Manufar bayanan: Sarrafa SPAM, sarrafa sharhi.
  3. Halacci: Yarda da yarda
  4. Sadarwar bayanan: Ba za a sanar da wasu bayanan ga wasu kamfanoni ba sai ta hanyar wajibcin doka.
  5. Ajiye bayanai: Bayanin yanar gizo wanda Occentus Networks (EU) suka dauki nauyi
  6. Hakkoki: A kowane lokaci zaka iyakance, dawo da share bayanan ka.