Amaya Toman Linuz Henze, mai bincike kan harkokin tsaro, ya bayyana nasa Twitter bidiyo yana nuna rashin tsaro a cikin tsarin aiki na macOS. Bug ɗin da aka ambata yana ba da damar samun damar shiga kalmomin shiga da aka adana a cikin Keychain, musamman ga abubuwa a cikin rukunoni Login da System.
Har ila yau, Henze ya yi tsokaci kan shirin kyauta na bug wanda Apple ke gudanarwa. A cikin kalmominsa, ya ji takaicin cewa shirin ya ƙware a cikin tsarin aiki na iOS kuma baya mayar da hankali kan macOS. A cikin nuna rashin amincewa da yadda Apple ke tafiyar da kwari a cikin tsarinsa da rahotonsu, Henze ya yanke shawarar kin sanar da kamfanin bincikensa a hukumance.
Henze ya riga ya yi nasarar gano bug fiye da ɗaya a cikin tsarin aiki na iOS a baya, don haka ana iya ɗaukar kalmominsa amintacce da gaskiya. Ba lallai ba ne a sami gata na gudanarwa don aiwatar da harin, kuma ana iya samun damar yin amfani da kalmomin shiga cikin Keychain akan Mac koda akan kwamfutoci tare da kariyar amincin tsarin aiki. Duk da haka, kuskuren bai shafi maɓalli na iCloud ba saboda yana adana kalmomin shiga ta wata hanya dabam. Yana yiwuwa a ka'ida yana yiwuwa a kare kuskuren ta hanyar tabbatar da keychain kanta tare da kalmar sirri guda ɗaya, amma wannan ba zaɓi ba ne wanda za'a iya samuwa ta hanyar tsoho, duk tsarin yana da rikitarwa kuma sakamakon haka yana haifar da maganganu masu yawa na tabbatarwa yayin aiki a kan. da Mac.
Source: 9to5Mac
Apple yana cikin sauri. Rayuwa sabon emoji. Wata rana wani yaro dan shekara 14 ya gano wani mugun kuskure a FaceTime. Yanzu kai tsaye zuwa Keychain. Yana kusan kamar yana samar da kalmomin shiga, kallon shirin hash, yana yin hashing, yana samun sakamako.
Me game da tsaro, musamman tunda muna da ingantaccen emoji na siyasa da kuma buga tutar bakan gizo akan gidan yanar gizon Apple a daidai ranar. Wannan shine fifiko yanzu!