Boka revatsvakurudzi vezvekuchengetedza, akati wandei ayo akapinda mukuonekwa kwekutanga kwekunyunguduka kweMelt and Specter, yakagadzira mhando nyowani yekurwisa yechitatu-bato nzira.
Uku kurwisa yakaitwa zvichibva pane peji cache zvemukati kuongorora, iyo iine ruzivo rwakawanikwa semhedzisiro yekushandisa system kuwana kune disks, SSDs, uye mamwe madhivha ekuvhara.
Kusiyana nekurwiswa kweSpecter, iyo nyowani nyowani haina kukonzerwa nematambudziko ehurdware, asi chete zvine chekuita nekuitwa kwesoftware yeiyo peji cache uye inoratidza muLinux (CVE-2019-5489), Windows uye pamwe mamwe akawanda masisitimu anoshanda.
Nekunyengedza iyo mincore (Linux) uye QueryWorkingSetEx (Windows) system inoshevedza kuona kuvepo kweye memory peji mune system peji cache, anorwisa wemuno anorwisa anogona kutsvaga kumwe kuyeuka kweimwe nzira.
Kurwiswa kunokutendera iwe kuteedzera kupinda padanho re block 4 kilobytes ine resolution yenguva ye2 microseconds paLinux (6.7 zviyero pasekondi) uye 446 nanoseconds paWindows (223 zviyero pasekondi).
Peji cache inounganidza data rakasiyana siyana, kusanganisira anokwenenzverwa mafaira akatorwa, raibhurari dzakagovaniswa, dhata rakatakurwa kudiski, akafananidza mafaira mundangariro uye rumwe ruzivo rwunowanzo chengetwa pane diski uye runoshandiswa nehurongwa hwekushandisa nemaapplication.
Kurwiswa uku ndekwei?
Kurwisa yakavakirwa pachokwadi chekuti maitiro ese anoshandisa yakajairika system peji cache uye kuvapo kana kusavapo kweruzivo mune ino cache kunogona kutemerwa nekuchinja kunonoka mukuverenga data disk kana kutaura kune echirongwa mafoni anotaurwa pamusoro.
Mapeji akachengetedzwa anogona kuratidzwa munzvimbo yekumusoro yekurangarira inoshandiswa nemaitiro mazhinji (semuenzaniso, imwe chete kopi yeraibhurari yakagovaniswa ndiyo inogona kuve iripo mundangariro, inoonekwa mune chaiyo ndangariro yezvishandiso zvakasiyana).
Mukuita kwekutsikisa ruzivo kubva pane peji cache uye kurizadza kana kurodha zvakajairika dhata kubva pane diski, unogona kuongorora mamiriro emapeji akafanana mune chaiyo ndangariro yezvimwe zvinoshandiswa.
Iyo mincore uye QueryWorkingSetEx system inoshevedza zvakanyanya kurerutsa kurwisa nekutendera iwe kuti uone pakarepo kuti ndeapi mapeji endangariro kubva kune yakapihwa kero renji aripo mune peji cache.
Sezvo saizi yebato rinotariswa (4Kb) rakakura kwazvo kuti uone zvirimo paiteration, kurwisa kwacho kunogona chete kushandiswa kwekuhwanda kwedhata.
Kuderedza kusimba kwema cryptographic mashandiro nekutevera maitiro ealgorithm, kuongorora zvakajairika memory yekuwana maitiro eanozivikanwa maitiro, kana kuongorora kufambira mberi kweimwe maitiro.
Kurongeka kwedata mundangariro kunozivikanwa nemurwi (Semuenzaniso, kana zviri mukati mebhafa zvichizivikanwa pakutanga panguva yekubuda mubhokisi rekusimbisa, unogona kuona Arola zvichibva nechiratidzo chekubiridzira panguva yako yekushandisa.)
Pane mhinduro here pamusoro peizvi?
Hongu, kana patova nemhinduro kubva kuLinux uye ndeyekuti mhando iyi yekuferefeta inobatsira kuona matambudziko pamberi pevamwe vane zvinangwa zvinokuvadza vatore mukana wavo.
Kune iyo Linux kernel, mhinduro yatovepo sechigamba, icho chatovepo akatsanangura uye zvakanyorwa pano.
Muchiitiko che Windows 10, dambudziko rakagadziriswa muyedzo yekuvaka (Insider Preview Vaka) 18305.
Maitiro anoshanda ekurwiswa kwenzvimbo yemuno yakaratidzirwa nevatsvagiri anosanganisira kugadzirwa kwenzvimbo yekuparadzira dhata kubva kunzvimbo dzakasarudzika, kutandara kwe-on-screen interface zvinhu (semuenzaniso, edhisheni dialogs), tsananguro yemakiyi uye kudzoreredzwa otomatiki anogadzira mapassword echinguva).