A hacker akawana gomba rakakomba rekuchengetedza mukati safari, Apple's browser yemuno, kuburikidza nayo imwe yeruzivo rwepachivande rweGoogle account yako inogona kuburitswa, kusanganisira nhoroondo yemazuva ano yekubhurawuza.
Mushandisi uyu akatotora yakazivisa kambani, saka tinovimba kuti ramangwana rebhurawuza rinogadzirisa dambudziko raonekwa rekuchengetedza munguva pfupi. Tichange takarinda.
Mubiridzi akadana FingerprintJS yakaburitsa mune yake Blog zvakawanikwa zvinokatyamadza. Gomba rekuchengetedza muApple Safari browser, kuburikidza neiyo yakakosha ruzivo rwemushandisi inogona "kubirwa" kunze kweMac.
Kukundikana uku kunosanganisira kukanganisa mukushandiswa kwe YakarongedzwaDB yeSafari paMac uye iOS. Izvi zvinoreva kuti webhusaiti inogona kuona mazita edhatabhesi kubva kune chero domain, kwete yayo chete. Mazita eDatabase anogona kushandiswa kuburitsa ruzivo rwekuziva kubva patafura yekutarisa. Pano iwe unogona kuona kuti iyi yekuchengetedza bug inoshanda sei.
Masevhisi a Google vanochengeta muenzaniso weIndexedDB kune imwe neimwe yeakaundi yako, ine zita re database rinoenderana neGoogle yako mushandisi ID. Saka uchishandisa kubiridzira kwakatsanangurwa mublog post, webhusaiti ine hutsinye inogona kutora yako Google mushandisi ID uye yobva yashandisa iyo ID kutsvaga rumwe ruzivo rwemunhu, sezvo ID ichishandiswa kuita zvikumbiro zveAPI kumasevhisi eGoogle.
Inotumira mhino izvo nemamwe mabhurawuza, akadai Chrome, izvi hazviitike, uye webhusaiti inogona kungoona dhatabhesi rakagadzirirwa mushandisi weGoogle wenzvimbo yayo, uye kwete yeimwe. Ndinovimba Apple ichagadzirisa munguva pfupi.
Apple haisati yagadzirisa.
FingerprintJS inotaura kuti yakatozivisa Apple nezvekukanganisa kwakataurwa munguva yakapfuura 28 of noviembre. Zvinoshamisa kuti nanhasi hazvisati zvagadziriswa neSafari update. Asi tine chokwadi chokuti nokukurumidza zvichadaro.