Bayan karanta wannan labarin, zakuyi tunani sau biyu game da zuwa cin abincin rana yayin barin kwamfutarka a kula a ofis. Sabuwar kayan aikin da ke sa shi wahala ga masu satar bayanai don shiga shafukan yanar gizo kamar su, samun dama ga ku hanyar sadarwa na hanyar sadarwa, da kuma kaddamar da wasu hare-hare.
Sabuwar na'urar $ 5 da aka sani da Guba mai Guba, wanda dan dandatsa kuma mai kirkira Samy Kamkar ya kirkira, harma zai iya shiga cikin kwamfutocin da ke da kariya ta kalmar sirri, muddin akwai wani burauzar da aka bude a bayan fage. Kudin masu fashin kwamfuta dala 5 ne kacal kuma dakika 30 kacal don shiga cikin kowace kwamfuta. Samy Kamkar ya kirkiro kayan aiki masu rahusa, wannan lokacin da zai dauki sakan 30 kawai don girka bangon sirri mai kutsawa cikin kwamfutarka, koda kuwa an kulle shi da kalmar sirri mai karfi
Duk aikin da dan dandatsa zai yi shine toshe cikin na'urar ka jira na wani lokaci. Yana ɗaukar kasa da minti, kuma banda toshe shi da cire shi, babu wasu fasahohin da ake buƙata.
Ta yaya GubaTap ke aiki:
An gina ta a cikin karamin microputer na Rasberi Pi Zero, da zarar an saka PoisonTap a cikin tashar USB, yana yin kwaikwayon na'urar sadarwa kuma yana kai hari ga duk hanyoyin sadarwa ta hanyar yin kamannin su duka intanet ne, yana yaudarar kwamfutar don aikawa da dukkan hanyoyin zuwa gareta. Idan hakan bai isa ba, bayan an sanya na'urar, tana iya satar cookies din wanda aka azabtar, muddin suka fito daga gidajen yanar gizo wadanda basa amfani da yanar gizo HTTPS.
Yin aiki a matsayin mutum-a-tsakiyar, daga nan na'urar zata fara satar duk wani kukis na tabbatar da ingancin HTTP da zaka yi amfani da shi wajen shiga asusu masu zaman kansu, da kuma bayanan zaman daga miliyoyin manyan shafukan yanar gizo. Saboda yadda aka tsara shi, ingantaccen abu biyu bazai taimaka ba.
Masana harkar tsaro da suka yi nazari kan binciken Kamkar na Motherboard sun yarda cewa wannan wani sabon labari ne, kuma hanya ce mai kyau don tona asirin amanar da kwamfutocin Mac da Windows ke da ita kan na'urorin sadarwar. Wannan shine mabuɗin hare-haren PoisonTap sau ɗaya abin da yake kama da na'urar hanyar sadarwa an saka ta cikin kwamfutar tafi-da-gidanka, kwamfutar tana magana da ita kai tsaye kuma tana musayar bayanai da ita.
Menene Kayan Aikin Hacking Ke Yi?
Har ila yau, kayan aikin shiga yanar gizo suna baiwa maharin damar girka dindindin hanyoyin yanar gizo a cikin akwatin HTTP na ɗaruruwan ɗaruruwan yankuna, yin mai binciken gidan yanar gizon wanda aka azabtar da kuma cibiyar sadarwar gida ta maharin. Har ila yau harin ya ba “maharin damar tilasta mai amfani da shi ya yi buƙatun HTTP da martani na wakili (GET & POSTs) tare da cookies ɗin mai amfani a kowane yanki na bayan fage,” in ji Kamkar.
Kalli Bidiyon Zanga-zangar:
Kamkar yana da tipsan shawarwari don kare kanku, kodayake yawancin basu da amfani:
- Saita kwamfutarka zuwa hibernate, maimakon bacci. A cikin hibernation, kwamfutar ta dakatar da dukkan matakai.
- Rufe burauzar yanar gizonku duk lokacin da kuka yi nesa da injinku.
- Kullum share akwatin bincikenka.
- Yi amfani da ɓoyayyen fayel-fayel da kuma yanayin ɓoye na'urarka.
- Kashe tashar USB
Mafita ɗaya ita ce rufe kwamfutarka gabaɗaya lokacin da kake tafiya daga gare ta, ko kuma a haya don rufe burauzarka, tun da PoisonTap yana buƙatar alakanta shi don aiki. A matakin hanyar sadarwa, gidajen yanar sadarwar da ke amfani da HTTPS ba su da kariya daga irin wannan kutse, wani dalili kuma da ya sa za a ɓoye dukkan intanet ɗin.
Cikakken bayani game da kayan aikin - nan
