Ndị otu Google Project Zero ebipụtala nyocha teknụzụ nke IGBO erigbu nke NSO Group ji butere iPhones lekwasịrị anya na Pegasus spyware site na iMessage.
Citizen Lab chọpụtara FORCEDENTRY na iPhone nke onye na-akwado Saudi nwere na March; nzukọ ahụ kpughere na-erigbu na September. Apple weputara patches maka adịghị ike dị n'okpuru, nke metụtara iOS, watchOS na ngwaọrụ macOS, ụbọchị iri ka ekpughere ahụ gasịrị.
Project Zero kwuru na ọ nyochara FORCEDENTRY mgbe Citizen Lab kesara ihe nlele nke nrigbu ahụ site n'enyemaka sitere na otu Apple's Security Engineering and Architecture (SEAR). (Ọ na-ekwukwa na ọ nweghị Citizen Lab ma ọ bụ SEAR kwenyesiri ike na "echiche nchịkọta akụkọ.")
"Dabere na nyocha anyị na nchoputa anyị," Project Zero na-ekwu, "anyị na-achọpụta nke a ka ọ bụrụ otu n'ime ngwa ngwa kachasị arụ ọrụ nke anyị hụtụrụla, na-egosikwa na ike NSO na-enye ndị na-emegide ya ndị e chere na ọ ga-enweta naanị ole na ole. nke obodo steeti."
Nhụsianya a sitere na kpuchiri ihe niile site na nkwado wuru n'ime iMessage maka GIF-nke Project Zero na-enyere aka na-akọwa dị ka “ihe onyonyo onyonyo pere mpe na nke dị ala na-ewu ewu na omenala meme”—ruo ihe nzacha PDF na-akwado codec oyiyi JBIG2 ochie.
Kedu ihe GIF, PDFs na JBIG2 nwere metụtara imebi ekwentị site na iMessage? Project Zero na-akọwa na NSO Group chọtara ụzọ isi jiri JBIG2 nweta ihe ndị a:
“JBIG2 enweghị ikike ide ihe, mana ọ bụrụ na ejikọtara ya na adịghị ike, ọ nwere ike iṅomi sekit nke ọnụ ụzọ mgbagha aka ike na-arụ ọrụ na ebe nchekwa aka ike. Yabụ kedu ihe ma ị jiri naanị nke ahụ wuo kọmpụta nke gị na edemede ahụ!? Nke ahụ bụ kpọmkwem ihe nrigbu a na-eme. N'iji ihe karịrị iwu akụkụ 70,000 na-akọwapụta arụmọrụ bit ezi uche dị na ya, ha na-akọwapụta obere ụlọ ọrụ kọmputa nwere njirimara dịka ndekọ na ihe nkwụnye 64-bit zuru ezu na comparator nke ha na-eji chọọ ebe nchekwa ma rụọ ọrụ mgbakọ na mwepụ. Ọ bụghị ngwa ngwa dị ka Javascript, mana ọ dabara n'ụzọ zuru ezu. "
Ihe niile bụ ịsị na NSO Group jiri codec onyonyo emebere ka mpịachi PDF na-acha ọcha ka o wee nweta ihe “ụkpụrụ nke dabara adaba” na asụsụ mmemme nke na-enye ohere weebụ. apps na-arụ ọrụ jidesie a lekwasịrị si iPhone.
Ndị ndezi anyị kwadoro
"Edere arụmọrụ bootstrapping maka mgbanarị igbe ájá ka ọ na-agba ọsọ na sekit mgbanaka a na ihe niile na-aga n'ihu na gburugburu ebe a dị egwu, nke eṅomiri site na otu nkwụsịtụ gafere site na iyi JBIG2," Project Zero na-ekwu. "Ọ mara mma nke ukwuu, ma n'otu oge ahụ, ọ mara mma nke ukwuu."
Ozi ọma ahụ: Apple mechiri FORCEDENTRY na ntọhapụ nke iOS 14.8 ma tinye mgbakwunye mgbakwunye na iOS 15 iji gbochie mwakpo yiri ya. Akụkọ ọjọọ ahụ: Project Zero na-agbaji nyocha ọrụ ya n'ime blọgụ blọgụ abụọ, ọ na-ekwu na nke abụọ emechabeghị.
Mana ọbụlagodi ọkara nke nyocha ahụ na-enyere aka demystify nrigbu nke butere mkpesa ọha, NSO Group etinyere na Ndepụta aha nke Ngalaba Azụmahịa US, yana ikpe Apple megide ụlọ ọrụ ahụ. Otu NSO kere Pegasus; ugbu a Project Zero na-ekpughe ka o si mụta ife efe.
Dị ka Ihe Ị Na-agụ?
Debanye maka Nche nche akwụkwọ akụkọ maka akụkọ nzuzo anyị kacha elu yana nchekwa ewepụtara ozugbo na igbe mbata gị.
Akwụkwọ akụkọ a nwere ike ịnwe mgbasa ozi, azụmahịa, ma ọ bụ njikọ mmekọ. Ịdenye aha na akwụkwọ akụkọ na-egosi nkwenye gị na anyị Usoro ojiji na amụma nzuzo. Ị nwere ike ịwepụ aha na akwụkwọ akụkọ n'oge ọ bụla.
English
Arabic
Belarusian
Bengali
Bosnian
Bulgarian
Chinese (Simplified)
Croatian
Czech
Danish
Dutch
English
Estonian
Filipino
Finnish
French
Georgian
German
Greek
Gujarati
Hausa
Hebrew
Hindi
Hmong
Hungarian
Igbo
Indonesian
Italian
Japanese
Javanese
Kazakh
Korean
Kurdish (Kurmanji)
Kyrgyz
Lao
Latvian
Lithuanian
Macedonian
Malagasy
Norwegian
Persian
Polish
Portuguese
Punjabi
Romanian
Russian
Serbian
Slovak
Slovenian
Spanish
Swedish
Thai
Turkish
Ukrainian
Vietnamese
Yoruba