I-Linux Kernel Flaw Efaka amadivaysi e-Android engozini

Jan 21, 2016

Ezinsukwini ezimbalwa ezedlule, i-Perception Point, inkampani ye-cybersecurity yase-Israel, ithole ukuphepha kokuphepha kwansuku zonke ku-kernel ye-Linux enika inani elingenamkhawulo lamaseva, ama-PC edeskithophu futhi, okubaluleke kakhulu, amadivaysi eselula e-Android . I-hacker efuna ukusizakala ngalokhu kuhlaselwa, ingathola ama-level-level privileges kudivayisi futhi ingathola ukufinyelela okungagunyaziwe kwedatha noma yenza ikhodi ngokuthanda kwayo.

• I-FAQ kumaSikhuselo Wokuvikelwa Kwemininingwane Yebhizinisi

Okuningi mayelana neLinel Kernel Flaw

Ngokusho kochwepheshe, isizathu sokuthi iphutha likhona kwi- Linux kernel eyinhloko, okufanayo nakuma-server, ama-PC namadivayisi we-Android. Leli phutha, elinikezwe igama elithi CVE-2016-0728, likholwa ukuthi liye lachaphazela amaphesenti angaphezu kwangu-60 kuwo wonke amadivayisi we-Android amandla. Ngokusobala, leli phutha laqala ukubonakala ekuqaleni kuka-2012 ku-Linux version 3.8 futhi lisekhona kuma- 32-bit namasethingi angu-64-bit Linux-based.

Into ephazamisayo lapha ukuthi ukulimala sekube khona iminyaka ecishe ibe ngu-3 futhi kungenzeka ukuthi bavumela abaduni ukuba bathole ukulawulwa okungagunyaziwe kuma-server we-Linux-run, ama-PC, i-Android namanye amadivayisi afakiwe. Ivela ngokuyinhloko kusikhungo sokukhiya i-kernel futhi ivumela izinhlelo zokusebenza ezisebenzayo ngaphansi komsebenzisi wendawo ukwenza ikhodi ku-kernel. Lokhu kusho ukuthi ubungozi bungenza ulwazi olubucayi lwabasebenzisi, kufaka phakathi ukuqinisekiswa kanye nezinkinobho zokubhala, engozini yokuchayeka.

• Abathuthukisi be-App bangaqinisekisa kanjani ukuthi iKlayenti yezokuThuthukiswa kwamaSelula ingcono?

Yeka indlela engayifaka ngayo insalela ku-Android

Into engase ibe yinto ebangela ukukhathazeka okukhulu ukuthi iyathinta zonke izakhiwo, kubandakanya i-ARM. Lokhu kusho ngokuzenzakalelayo, ukuthi wonke amadivaysi e-Android asebenzisa i- Android 4.4 KitKat futhi ngokuhamba kwesikhathi, ume ukuze ahlaselwe. Njengamanje, lokhu kubandakanya cishe amaphesenti angu-70 kuwo wonke amadivayisi we-Android.

I-Android OS isivele yaziwa ngezinga layo eliphakeme lokuhlukaniswa nokubuyekezwa kokubuyekeza. I-Google yabelana ngamasheya wokuphepha nabakhiqizi bedivaysi, abese bezisebenzisa ngokuhlukile. Le nkampani isakaza ezinye izibuyekezo ngokuxhumana nabathwali beselula abathintekayo . Ukuze uqhubeke ucindezela izindaba, iningi lala madivayisi lithola ukwesekwa kwesofthiwe kuphela izinyanga ezingu-18, ngemva kwalokho abatholi izibuyekezo noma ama-patches. Lokhu kusho ukuthi abasebenzisi abaningi bedivaysi, ikakhulukazi labo abasebenzisa amadivayisi asekudala we-Android, bangase bangalutholi ukuthola izibuyekezo zakamuva kanye nokulungisa izigigaba.

Lesi senzakalo singabonakala sibonisa kubasebenzisi ukuthi izinguqulo ze-Android ezindala ngeke zisakwazi ukuphephile ukusetshenziswa nokuthi kufanele zihlale zivuselela amadivaysi awo ukuze zibone izici zokuvikeleka zakamuva nezinye izinhlelo zokusebenza. Lokho futhi kungaba yisixazululo esingenakwenzeka kule nkinga - akuwona wonke umuntu ozimisele ukuqhubeka eguqulela i-smartphone noma ithebhulethi yakhe kanye njalo eminyakeni embalwa.

Kuze kube manje, imboni ehamba phambili iye yavezwa ezinhlobonhlobo ze-malware ephathekayo okungakaze ibe yinkimbinkimbi. Kuze kube manje, akukho ukuhlaselwa kwe-hack okwenze kube yingozi enkulu kubasebenzisi. Noma kunjalo, iqiniso lihlala liwukuthi i-Android iyilona elithambile le-malware futhi kungaba yisikhathi sesikhathi ngaphambi kokuthi umuntu aqale ukuhlaselwa okukhulu ngokukhubazeka kwawo okwamanje.

• ESET Hambayo Security for Android - Free Version

Yiliphi i-Linux ne-Google Plan Yokukwenza

Ngenhlanhla, nakuba ubungozi bukhona, akukho ukuhlaselwa kwe-hack okwamanje okwamanje. Kodwa-ke, ochwepheshe bezokuphepha bazobe sebemba ngokujulile ukuthola ukuthi leli phutha lixhashaziwe yini ngesikhathi esithile esidlule. Amaqembu e-Linux ne-Red Hat asebenza kakade ukuze akhiphe ama-patches ahlobene - kufanele atholakale ekupheleni kwaleli sonto. Kodwa-ke, kuzomele kube nezinye izinhlelo ezingase zihlale zisengozini, okungenani isikhathi esithile.

I-Google ayikwazanga ukunikeza impendulo esheshayo necacile mayelana nokuthi iphutha lizobe lilandelwa kanjani ngaphakathi kwekhodi ye-Android. Lolu hlelo lokusebenza, oluwumthombo ovulekile, luyoba kubakhiqizi bezinsiza nabathuthukisi ukwengeza nokusabalalisa isiqephu kumakhasimende abo. Phakathi naleso sikhathi, i-Google, njengenhla njalo, izoqhubeka nokukhipha izibuyekezo zenyanga zonke nezilungiso ze-bug ye-Nexus line yedivayisi ye-Android. I-giant ihlela ukusekela ngayinye yezinhlobo zayo okungenani iminyaka emibili ngemuva kokudayiswa kokuqala esitolo sayo se- intanethi .

• I-Android OS Vs. Apple iOS - Yikuphi okungcono kubathuthukisi?