Michal Ždanský Kusan yana da ban tsoro, tsawon lokacin da Apple ya bar masu amfani da shi, musamman duk masu amfani da App Store, suna fuskantar hadarin da ba a ɓoye ba tsakanin App Store da uwar garken kamfanin. Yanzu ne kawai Apple ya fara amfani da HTTPS, fasahar da ke ɓoye bayanan da ke gudana tsakanin na'urar da App Store.
Wani mai bincike na Google Elie Bursztein ya ba da rahoton matsalar a ranar Juma'a shafi. Tuni a cikin watan Yuli na shekarar da ta gabata, ya gano lahani da yawa a cikin tsaron Apple a cikin lokacinsa kuma ya kai rahoto ga kamfanin. HTTPS mizanin tsaro ne wanda aka yi amfani da shi tsawon shekaru kuma yana ba da rufaffen sadarwa tsakanin mai amfani da ƙarshen sabar da sabar gidan yanar gizo. Gabaɗaya yana hana ɗan gwanin kwamfuta shiga cikin sadarwa tsakanin wuraren ƙarshe biyu da fitar da mahimman bayanai, kamar kalmomin shiga ko lambobin katin kiredit. A lokaci guda, yana bincika ko mai amfani da ƙarshen ba ya sadarwa tare da sabar karya. An yi amfani da ƙa'idodin gidan yanar gizo na tsaro na ɗan lokaci ta, misali, Google, Facebook ko Twitter.
A cewar Bursztein's blog post, an riga an adana wani ɓangare na Store Store ta HTTPS, amma sauran sassan ba a ɓoye su ba. Ya nuna yuwuwar harin a cikin bidiyo da yawa akan YouTube, inda, alal misali, mai kai hari zai iya yaudarar masu amfani da shafi maras kyau a cikin App Store don shigar da sabuntawar karya ko shigar da kalmar sirri ta hanyar tagar yaudara. Ga mai kai hari, ya isa ya raba haɗin Wi-Fi akan hanyar sadarwa mara tsaro tare da manufarsa a wani ɗan lokaci.
Ta hanyar kunna HTTPS, Apple ya warware ramukan tsaro da yawa, amma ya ɗauki lokaci mai yawa tare da wannan matakin. Kuma ko a lokacin, ya yi nisa da yin nasara. A cewar tsaron kamfanin Kayan aiki Har yanzu tana da tsaga a cikin tsaron Apple akan HTTPS kuma ta kira shi bai isa ba. Koyaya, ba a iya gano lahani cikin sauƙi ga masu kai hari, don haka masu amfani ba dole ba ne su damu da yawa.
Yaya irin. Yanzu za su iya a karshe buga bugun gudu. Yana da matuƙar jinkirin watanni da yawa yanzu.