Alukho uhlelo lokusebenza oluphelele. Bekuhlale kushiwo. Eqinisweni, le ndatshana iza nje emva kwemizuzu elandelayo lapho saxoxa Yokuba sengozini kosuku lwe-zero abakudalule emphakathini emahoreni ambalwa adlule. Okufanele sikhulume ngakho manje kuyinto engathi shu, ngoba bekukade kunjalo I-Pwn2Own 2020 lapho izimbungulu zakamuva zitholakale khona Windows 10, macOS, naku-Ubuntu. Okungathi sína ngombono, ngoba manje yizinkampani okufanele zilungise amaphutha atholakele.
El I-Pwn2Own I-2020 ibilokhu iwuhlelo lwalo nyaka lwe- balwela abaduni enye yalabo abakhonza okungenani izinto ezimbili: eyokuqala ukuthatha imali yomklomelo, kanti okwesibili ukuzazisa emhlabeni, okungabavumela ukuthi bathole umsebenzi kwesinye isikhathi ongabenza baphelele enkampanini enkulu njengokuthi Bavele "baqhuma."
Ubuntu baxhashazwa nge-kernel yabo ku-Pwn2Own 2020
Ngokuqondene neLinux, bekuyisistimu yokusebenza Ubuntu lowo owile kuhambisana nethimba leRedRocket CTF. Leli thimba lithole ukuxhashazwa kwe-LPE (Local Privilege Escalation) okubavumele ukuthi bathole ukufinyelela kwezimpande. Ithimba lokugenca lithathe ama- $ 30.000 ngokuxhaphaza kwabo. Kepha amanye amaqembu athatha imali ethe xaxa, kutholakale izimbungulu ezibaluleke kakhulu noma eziningi.
Umklomelo wokuqala uye eqenjini elithole i- ukuxhaphaza eSafari ngenye i-LPE ku-macOS kernel ethinte isiphequluli sakho. Iqembu eliyitholile, iGeorgia Tech Systems Software & Security Lab, lithathe u- $ 70.000 ngokutholakala kwalo, ikakhulu ngoba ukuxhaphaza kwakunezibungulu eziyisithupha. Ithimba futhi likwazile ukukhubaza i-SIP (System Integrity Protection) yohlelo lokusebenza.
Kancane kancane wazuza umsebenzisi owaziwa njengoFluorescence, umakadebona wePwn2Own osebenzise isiphazamisi sakhe se-UAF (sokusetshenziswa ngemuva kokukhululeka) ukuthola amalungelo wokukhulisa uhlelo kuWindows. I-Fluorescence yathatha u- $ 40.000. Elinye isoftware lephuliwe ngesikhathi somncintiswano lalikhona I-VirtualBox, i-Adobe Reader ku-Windows naku-VMWare Workstation, noma ngabe eyokugcina ibingakhonjiswa futhi awutholakalanga mklomelo. Abahleli bakwazile ukuxhaphaza i-VMWare Workstation bug ngokubheka emuva, ngakho-ke okungenani bakhulume ngethimba eliyitholile.
Umncintiswano walo nyaka bewuhlukile kunangeminyaka edlule: ibanjwe ku-inthanethi ngenxa yeCoronavirus. Kunoma ikuphi, kuphinde kwafakazelwa ukuthi alukho uhlelo lokusebenza oluphephile, njengoba nje kungaphephile ukuthi noma ngubani aphumele emgwaqweni ngalesi sikhathi. Ngakho-ke, futhi, sizosho izinto ezimbili: hlala ekhaya futhi ugcine uhlelo lwakho lokusebenza luhlale lubuyekezwa kahle.
Ubuntu bufana neWind * ws. U-Q ugqogqiwe yimfihlo evulekile (vele i-google isihloko). Umbono wakhe wokuphepha ukufaka ukhiye ophakeme ukuze amafushane angafiki kuye. Njengoba isihloko sathi "Linux" ngicabanga ngeLinux yangempela.
I-athikili ethokozisayo.
Noma iyiphi i-distro esebenzisa iSudo ... ilahlekile ... ukwenza njengezimpande usebenzisa iphasiwedi yomsebenzisi akulona ibhizinisi elihle, noma yini abayishoyo nokuthi bacabangani.