Yekunyepedzera CCleaner yekuvandudza yakashandiswa kutapudza zviuru zvemakomputa kuburikidza ne "supply chain attack."
Vhiki rapfuura zvakazozivikanwa izvozvo zviuru zvevatengi veASUS, uye mamwe matatu makambani asingazivikanwe, anga atambira malware. Zvirinani mune iyo ASUS ivo vaive kusanzwisisika sekuvandudzwa kwekuchengetedza. Rudzi urwu rwekurwisa rwunozivikanwa se "Kurwisa paketani yekuparadzira. Tiri vashandisi veLinux takachengeteka here?
Sekureva kwekambani yekuchengetedza Kasperly, boka rematsotsi rakakwanisa kukanganisa sevha inoshandiswa neASUS yekuvandudza system. Izvi zvakavatendera kuisirwa faira ine malware, asi yakasainwa nezvitupa zvechokwadi zvemadhijitari. Ruzivo irwo rwakasimbiswa neSymantec.
Chii chinonzi kurwisa cheni kurwisa?
En Mukurwiswa kwetcheni yekuparadzira, iyo malware inoiswa panguva yegungano rehurongwa. Izvo zvinogona zvakare kuitika panguva kuiswa kweiyo inoshanda sisitimu kana zvinotevera zvinotevera. Ngatisakanganweiwo madhiraivha kana zvirongwa zvakaiswa gare gare. Seizvo nyaya yeASUS inoratidza, kuongororwa kwechokwadi kushandisa zvitupa zvedigital zvinoita kunge kusiri kubudirira.
Muna 2017, CCleaner, chirongwa chakakurumbira cheWindows, chakarwiswa necheni yekuparadzira. Iyo yekunyepera yekuvandudza yakatapura anopfuura mamirioni maviri emakomputa.
Mhando dzekurwiswa pacheni yekuparadzira
Gore rimwe chetero mamwe makesi mana akafanana aizivikanwa. Matsotsi akapinda mu server zvivakwa kuti aparadzire manyepo. Kuti uite kurwisa kwakadai, zvishandiso zvemushandi zvakakanganiswa. Nenzira iyi ivo vanokwanisa kuwana iyo yemukati network uye vanowana anodiwa ekuwana magwaro. Kana iwe uchishanda mukambani yesoftware, usavhure mharidzo dzinosetsa kana kushanyira nzvimbo dze porno kubasa.
Asi iyi haisi iyo chete nzira yekuzviita. Varwisi vanogona kutora kurodha pasi kwefaira, kuisa kodhi yakaipa mairi, uye voitumira kukomputa yakanangwa. Izvi zvinozivikanwa sekuchengetedzwa kweketeni. Makambani asingashandisi zvinyorwa zvakavanzika senge HTTPS inofambisa idzi mhando dzekurwiswa kuburikidza neanokanganisa netiweki dzeWi-Fi uye ma routers.
Panyaya yemakambani asingatore matanho ekuchengetedza zvakanyanya, matsotsi inokwanisa kuwana maseva ekurodha pasi. Nekudaro, zvakaringana kuti zvitupa zvemadhijitari uye maitiro ekusimbisa anoshandiswa kuzvishayisa simba.
Imwe sosi yenjodzi iri Zvirongwa zvisingaburitse zvidzoreso semafaira akapatsanurwa. Maapplication anotakura uye unomhanya nawo zvakananga mundangariro.
Hapana chirongwa chakanyorwa kubva pakutanga. Vazhinji vanoshandisa maraibhurari, masisitimu uye ekuvandudza makiti zvinopihwa nevechitatu mapato. Kana chero ipi zvayo ikakanganiswa, dambudziko richapararira kune izvo zvinoshandiswa.
Ndiyo nzira yawakazvipira kumapurogiramu makumi mashanu kubva kuchitoro cheGoogle.
Kudzivirirwa ku "kurwiswa pane cheni yekutengesa"
Wakambotenga a yakachipa piritsi ine Android? Vazhinji vavo vanouya ne Mafaira ekushandisa anotakurwa mu firmware yako. Ma-pre-akaisirwa manyorerwo anowanzo kuve nerunyararo rwehurongwa uye haagone kubviswa. Mobile antivirus ine mikana yakafanana seyakajairwa kunyorera, saka haishande kana.
Zano harisi rekutenga iyi mhando yehardware, kunyangwe dzimwe nguva iwe usina sarudzo. Imwe nzira inogoneka ndeyekuisa LineageOS kana imwewo musiyano weApple, kunyangwe kuita kudaro kuchida imwe nhanho yezivo.
Yega uye yakanyanya kudzivirirwa ine vashandisi veWindows kurudzi urwu rwekurwisa chishandiso chehardware. Vhenekesa makenduru kune iye mutsvene uyo anobata nemhando idzi dzezvinhu uye achikumbira kudzivirirwa.
Zvinoitika izvozvo hapana magumo-mushandisi dziviriro software iri munzvimbo yekudzivirira kurwiswa kwakadai. Chero iyo yakagadziridzwa firmware inovaparadza, kana kurwisa kunoitwa mu RAM.
Inyaya ye trust makambani kutora mutoro wezvekuchengetedza matanho.
Linux ne "supply chain attack"
Makore apfuura isu takatenda kuti Linux yakanga isingakundike kumatambudziko ekuchengetedza. Makore mashoma apfuura akaratidzira kwete. Kunyangwe kuve kwakanaka, matambudziko ekuchengetedzeka akaonekwa nekugadziriswa vasati vagona kushandiswa.
Software zvinyorwa
MuLinux tinokwanisa kuisa maviri marudzi esoftware: yemahara uye yakavhurwa sosi kana proprietary. Kana iri yekutanga, iyo kodhi inoonekwa kune chero munhu anoda kuiongorora. Kunyangwe uku kuri kwekudzivirira kwedzidziso kupfuura chaiko sezvo pasina vanhu vakaringana vanowanikwa nenguva uye neruzivo rwekuongorora kodhi yese.
Ko kana zvikaitika kudzivirirwa zvirinani ndiyo repository system. Mazhinji emapurogiramu aunoda anogona kutorwa pasi kubva kumaseva ekugovera kwese. Y zvemukati zvayo zvakanyatso kuongororwa zvisati zvabvumira kurodha pasi.
Zvematongerwo enyika ezvekuchengetedza
Kushandisa maneja wepakeji padhuze neyakavakirwa repamutemo zvinoderedza njodzi yekuisa software yakaipa.
Zvimwe zvinogoverwa senge Debian inotora nguva yakareba kuisa chirongwa mubazi rayo rakagadzikana. Munyaya ye Ubuntu, kuwedzera kune yakavhurika sosi yenzvimbo, tAkashandira vashandi vachiongorora kuvimbika kwepakeji imwe neimwe uwandu. Vashoma kwazvo vanhu vanotarisira kutumira zvinyorwa. Kugovera kunovhara mapakeji, uye masiginecha anoongororwa munharaunda neSoftware Center yemidziyo yega yega usati watendera kuisirwa.
Maitiro anonakidza ndee Pop! OS, iyo Linux-based operating system inosanganisirwa mune eSystem76 mabhuku ekunyorera.
Firmware inogadziridzwa inoendeswa uchishandisa yekuvaka server, iyo ine iyo nyowani firmware, uye yekusaina server, iyo inosimbisa kuti iyo nyowani firmware iri kuuya kubva mukati mekambani. Iwo maseva maviri batanidza chete kuburikidza neiyo serial tambo. Kushaikwa kwenetiweki pakati pezviviri zvinoreva kuti sevha haigone kuwanikwa kana iko kuiswa kuchiitwa kuburikidza neimwe sevha
System76 inogadzira akawanda ekuvaka maseva pamwe neiyo huru. Kuti firmware iratidzwe, inofanira kunge yakafanana pamaseva ese.
Nhasi, cZvirongwa zvakawandisa uye zvakawanda zvinogoverwa mumafomati anezvayo-ega anonzi Flatpak uye Snap. Sezvo eaya mapurogiramu haafambidzane nezvikamu zvehurongwa, inogadziridza yakaipa haizokwanise kukuvadza.
Zvisinei, kunyangwe iyo yakachengetedzeka kwazvo sisitimu yekushandisa inodzivirirwa kubva mukushaya hanya kwevashandisi. Kuiswa kwezvirongwa zvevasingazivikanwe mavambo, kana kumisikidzwa kwakashata kwemvumo kunogona kukonzera matambudziko akafanana neari muWindows.