{"id":28440,"date":"2022-05-17T19:18:03","date_gmt":"2022-05-17T16:18:03","guid":{"rendered":"https:\/\/kutaybilen.com.tr\/?p=28440"},"modified":"2022-05-17T19:18:03","modified_gmt":"2022-05-17T16:18:03","slug":"cagdas-islemcilerin-yeni-ataklara-acik-oldugu-kesfedildi","status":"publish","type":"post","link":"https:\/\/kutaybilen.com.tr\/?p=28440","title":{"rendered":"\u00c7a\u011fda\u015f \u0130\u015flemcilerin Yeni Ataklara A\u00e7\u0131k Oldu\u011fu Ke\u015ffedildi"},"content":{"rendered":"

Graz Teknoloji \u00dcniversitesi ve CISPA Helmholtz Bilgi G\u00fcvenli\u011fi Merkezi'nden ara\u015ft\u0131rmac\u0131lar\u0131n yapt\u0131klar\u0131 yeni \u00e7al\u0131\u015fma, g\u00fcn\u00fcm\u00fczde neredeyse t\u00fcm \u00e7a\u011fda\u015f i\u015flemcileri etkileyen<\/strong> bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 ortaya \u00e7\u0131kard\u0131. Ara\u015ft\u0131rmac\u0131lar\u0131n yay\u0131nlad\u0131\u011f\u0131 \u00e7al\u0131\u015fma, hackerlar\u0131n hassas bilgileri nas\u0131l ele ge\u00e7irdiklerini de a\u00e7\u0131klad\u0131.<\/p>\n

Bu temastan da<\/strong> ula\u015fabilece\u011finiz ara\u015ft\u0131rmaya nazaran mikro mimari baz al\u0131narak yap\u0131lan ak\u0131nlar asl\u0131nda kernel'de bulunan kullan\u0131c\u0131 alan\u0131n\u0131n 'dereferance (haf\u0131zada bulunan bir k\u0131ymetin al\u0131nmas\u0131, referanstan ay\u0131rmak)'\u00a0olmas\u0131 nedeniyle<\/strong> ger\u00e7ekle\u015fiyordu. Bu da taarruzlar\u0131n sadece son ku\u015fak Intel i\u015flemcileri de\u011fil, ARM, IBM ve AMD<\/strong> \u00fczere i\u015flemcilerin de <\/strong>ataklara a\u00e7\u0131k olabilece\u011fi manas\u0131na geliyor.<\/p>\n

Yanl\u0131\u015f \u00e7\u0131kar\u0131mlar sonucunda yanl\u0131\u015f tedbirler al\u0131nd\u0131:<\/b><\/p>\n

<\/p>\n

\u00c7al\u0131\u015fmaya nazaran bu g\u00fcvenlik a\u00e7\u0131\u011f\u0131, g\u00fcn\u00fcm\u00fczde Meltdown <\/strong>ve Foreshadow <\/strong>\u00fczere \u00e7a\u011fda\u015f i\u015flemcilere kar\u015f\u0131 d\u00fczenlenen ak\u0131nlar\u0131n m\u00fcmk\u00fcn olmas\u0131n\u0131 sa\u011flayan g\u00fcvenlik a\u00e7\u0131\u011f\u0131yd\u0131. M\u00fcnasebetiyle donan\u0131m \u00fcreticileri, sistemlerine y\u00fckledikleri tedbirler ve g\u00fcncellemelerle asl\u0131nda g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131 kapatamam\u0131\u015flard\u0131<\/strong>, zira sorunun as\u0131l kayna\u011f\u0131 yanl\u0131\u015f biliniyordu.<\/p>\n

\u00c7al\u0131\u015fmay\u0131 yay\u0131nlayan ara\u015ft\u0131rmac\u0131lar, The Hacker News'e bir a\u00e7\u0131klama yapt\u0131lar. O a\u00e7\u0131klamaya nazaran ara\u015ft\u0131rmac\u0131lar, son 4 y\u0131l\u0131 a\u015fk\u0131n m\u00fcddettir<\/strong> yay\u0131nlanan akademik makalelerde sorunun yol a\u00e7t\u0131\u011f\u0131 \u015feyler tam manas\u0131yla anla\u015f\u0131lamam\u0131\u015f, yanl\u0131\u015f tedbirlerin al\u0131nmas\u0131na yol a\u00e7m\u0131\u015ft\u0131.<\/p>\n

<\/p>\n

\u00c7al\u0131\u015fmayla ortaya \u00e7\u0131kan sonu\u00e7lara nazaran ak\u0131nlar\u0131n gerisindeki as\u0131l nedenin ortaya \u00e7\u0131kmas\u0131yla asl\u0131nda yeni<\/strong>\u00a0yan kanal atak<\/strong>\u00a0da\u00a0kendili\u011finden ortaya \u00e7\u0131kt\u0131. Ara\u015ft\u0131rmac\u0131lar, bu ak\u0131nlar\u0131n tesirini g\u00f6stermek i\u00e7in \u00e7al\u0131\u015fmalar\u0131nda Intel Core i7-6500 U i\u015flemcisinde \u00e7al\u0131\u015fan bir s\u00fcre\u00e7ten bilinmeyen bir s\u00fcrece<\/strong> bilgi aktarmay\u0131 ba\u015fard\u0131.<\/p>\n

Bununla birlikte \u00e7al\u0131\u015fmaya nazaran birtak\u0131m h\u00fccumlar internet taray\u0131c\u0131lar\u0131nda JavaScript kullan\u0131m\u0131yla<\/strong> uzaktan ger\u00e7ekle\u015ftirilebilir oldu. Ara\u015ft\u0131rmac\u0131lara nazaran bu ak\u0131nlar\u0131n \u00f6n\u00fcne ge\u00e7mek i\u00e7inse i\u015flemcilerde 'repoline' \u00fczere Spectre-BTB risk azaltman\u0131n\u00a0<\/strong>faal hale getirilmesi gerekiyor.<\/p>\n

<\/div>\n","protected":false},"excerpt":{"rendered":"

Graz Teknoloji \u00dcniversitesi ve CISPA Helmholtz Bilgi G\u00fcvenli\u011fi Merkezi'nden ara\u015ft\u0131rmac\u0131lar\u0131n yapt\u0131klar\u0131 yeni \u00e7al\u0131\u015fma, g\u00fcn\u00fcm\u00fczde neredeyse t\u00fcm …<\/p>\n","protected":false},"author":1,"featured_media":28441,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[851],"tags":[4108],"aioseo_notices":[],"_links":{"self":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/28440"}],"collection":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=28440"}],"version-history":[{"count":1,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/28440\/revisions"}],"predecessor-version":[{"id":28442,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/posts\/28440\/revisions\/28442"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=\/wp\/v2\/media\/28441"}],"wp:attachment":[{"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=28440"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=28440"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/kutaybilen.com.tr\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=28440"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}