Daniel Hruska Ukuthumela imilayezo nge-iMessage kuyindlela edumile yokuxhumana phakathi kwamadivayisi we-iOS namakhompyutha we-Mac. Amashumi ezigidi zemilayezo acutshungulwa amaseva akwa-Apple nsuku zonke, futhi njengoba ukuthengiswa kwamadivayisi alunywe yi-Apple kukhula, kanjalo nokuduma kwe-iMessage kuyakhula. Kodwa ingabe uke wacabanga ukuthi imilayezo yakho ivikelwa kanjani kubahlaseli abangase babe khona?
I-Apple isanda kukhishwa dokumente echaza ukuphepha kwe-iOS. Ichaza kahle izindlela zokuphepha ezisetshenziswa ku-iOS - uhlelo, ukubethelwa kwedatha nokuvikelwa, ukuphepha kohlelo lokusebenza, ukuxhumana kwenethiwekhi, izinsizakalo ze-inthanethi nokuvikeleka kwedivayisi. Uma uqonda kancane mayelana nokuphepha futhi ungenayo inkinga ngesiNgisi, ungathola i-iMessage ekhasini lenombolo 20. Uma kungenjalo, ngizozama ukuchaza isimiso sokuphepha kwe-iMessage ngokucacile ngangokunokwenzeka.
Isisekelo sokuthumela imilayezo ukubethela kwayo. Kubantu abavamile, lokhu kuvame ukuhlotshaniswa nenqubo lapho ubhala khona umlayezo ngokhiye futhi umamukeli awususe ngalo khiye. Ukhiye onjalo ubizwa ngokuthi i-symmetric. Iphuzu elibalulekile kule nqubo ukunikeza ukhiye kumamukeli. Uma umhlaseli ekuthola, angavele asuse ukubethela imilayezo yakho futhi azenze umemukeli. Ukwenza lula, cabanga ngebhokisi elinengidi, lapho ukhiye owodwa kuphela ulingana, futhi ngalo khiye ungafaka futhi ususe okuqukethwe kwebhokisi.
Ngenhlanhla, kukhona i-cryptography ye-asymmetric esebenzisa okhiye ababili - abasesidlangalaleni nabangasese. Umgomo wukuthi wonke umuntu angakwazi ukhiye wakho osesidlangalaleni, vele nguwe kuphela owazi ukhiye wakho oyimfihlo. Uma othile efuna ukukuthumela umlayezo, uzowubhala ngemfihlo ngokhiye wakho osesidlangalaleni. Umlayezo obethelwe ungabe usususwa ukubethela ngokhiye wakho oyimfihlo. Uma ucabanga ngebhokisi leposi futhi ngendlela eyenziwe lula, kulokhu lizoba nezingidi ezimbili. Ngokhiye osesidlangalaleni, noma ubani angakwazi ukuwuvula ukuze afake okuqukethwe, kodwa nguwe kuphela onokhiye wakho oyimfihlo ongawukhetha. Ukuqinisekisa, ngizongeza ukuthi umlayezo obethelwe ngokhiye womphakathi awukwazi ukususwa ukubethela ngalo khiye osesidlangalaleni.
Ukuphepha kusebenza kanjani ku-iMessage:
- Uma i-iMessage yenziwe yasebenza, amapheya okhiye amabili akhiqizwa kudivayisi - 1280b RSA ukuze ibethelwe idatha kanye no-256b ECDSA ukuze kuqinisekiswe ukuthi idatha ayizange iphazanyiswe endleleni.
- Okhiye ababili basesidlangalaleni bathunyelwa ku-Apple's Directory Service (IDS). Impela, okhiye ababili abayimfihlo bahlala begcinwe kuphela kudivayisi.
- Ku-IDS, okhiye basesidlangalaleni bahlotshaniswa nenombolo yakho yocingo, i-imeyili, nekheli ledivayisi kusevisi ye-Apple Push Notification (APN).
- Uma othile efuna ukukuthumelela umlayezo, idivayisi yakhe izothola ukhiye wakho osesidlangalaleni (noma okhiye abaningi basesidlangalaleni uma isebenzisa i-iMessage kumadivayisi amaningi) kanye namakheli e-APN amadivayisi akho ku-IDS.
- Ubhala ngemfihlo umlayezo esebenzisa i-128b AES futhi awusayine ngokhiye wakhe oyimfihlo. Uma umlayezo uzofinyelela kuwe kumadivayisi amaningi, umlayezo uyagcinwa futhi ubethelwe kumaseva e-Apple ngokwehlukana kwawo ngamunye.
- Enye idatha, njengezitembu zesikhathi, ayibethelwe nhlobo.
- Konke ukuxhumana kwenziwa nge-TLS.
- Imilayezo emide nezinanyathiselwa zibethelwa ngokhiye ongahleliwe ku-iCloud. Into ngayinye enjalo ine-URI yayo (ikheli lokuthile kuseva).
- Uma umlayezo ulethiwe kuwo wonke amadivayisi akho, uyasuswa. Uma ingalethwanga okungenani kudivayisi yakho eyodwa, ishiywa eziphakelini izinsuku ezingu-7 bese iyasuswa.
Le ncazelo ingase ibonakale iyinkimbinkimbi kuwe, kodwa uma ubheka isithombe esingenhla, ngokuqinisekile uzosiqonda isimiso. Inzuzo yalolu hlelo lokuphepha ukuthi lungahlaselwa ngaphandle kuphela ngamandla anonya. Nokho, okwamanje, ngoba abahlaseli baya ngobuhlakani.
Usongo olungase lube khona ku-Apple uqobo. Lokhu kungenxa yokuthi uphatha yonke ingqalasizinda yokhiye, ngakho ngokombono angabela enye idivayisi (enye ipheya yokhiye oyimfihlo nowasesidlangalaleni) ku-akhawunti yakho, isibonelo ngenxa yomyalelo wenkantolo, lapho imilayezo engenayo ingase isuswe ukubethela. Kodwa-ke, lapha i-Apple ithe ayikwenzi futhi ngeke iyenze into enjalo.
Futhi ibhalwe phambi kobani? Ingabe i-SSL evamile ngeke yanele, umlayezo uthunyelwa ku-apula ne-apula bese uthumela umlayezo futhi nge-SSL? I-Apple inamandla okulalela imiyalezo noma kunjalo, kungani-ke wonke umsindo oyizungezile? Kunoma yikuphi, kuyindaba nje yokuvimbela umuntu wesithathu ukuthi alalele umlayezo, futhi i-SSL yanele lokho.
Uma sikholelwa ukuthi u-Apple akabathumeli okhiye abayimfihlo, naye ngeke abafunde. Futhi noma kunjalo, i-SSL iwukuqaliswa kokubethela kwe-asymmetric ekuxhumekeni kweseva yeklayenti.
Ngakho-ke sithumela umlayezo 2x obethelwe nge-SSL futhi i-Apple ingawufunda, noma i-2x ingabethelwe neqiniso lokuthi sicela okhiye basesidlangalaleni kusenesikhathi futhi sisebenzise i-cipher efanayo nasesimweni se-SSL futhi i-Apple ngeke iwafunde ngombono.
Futhi kungani idatha ibethelwe ngisho naku-Apple? Ngoba isisebenzi esithile sizokwazi ukufinyelela kuzo. Uqhathwe yintombi yakhe, useqala ukudawuniloda imiyalezo yakhe - iyaputshuka futhi u-Apple usenkingeni.
Kumemeza okuhlekisayo..