Jiya mun buga a Actualidad iPhone cewa an gano wata babbar matsalar tsaro da ta shafi na'urorin da ke amfani da tsarin aiki na iOS da OS X Matsalar an tsarkake XARA, Hanyoyin Samun Kayan Gida mara izini (wanda X na ɗauka na "gicciye") ne kuma yana nufin maɓallin keɓaɓɓen iCloud, kasancewar abin damuwa a cikin yanayin OS X. Apple yana buƙatar gyara wannan kwaro, amma ba kwa buƙatar firgita ko dai.
A cikin wannan labarin za mu yi ƙoƙari mu bayyana komai game da XARA.
[UPDATE 20/6/2015] Apple yayi magana game da XARA:
"A farkon wannan makon mun ƙara sabunta tsaro a cikin hanyar aikace-aikace a kan sabar da ke amintar da bayanan aikace-aikacen da toshe aikace-aikace tare da matsalolin daidaita sandbox daga Mac App Store." Sun kuma amsa ga wata tambaya suna cewa "Muna da sauran facin ci gaba kuma muna aiki tare da masu bincike don magance matsalar a wurin."
Menene XARA?
XARA shine sunan da ake amfani dashi don haɗuwa a cikin wannan kalmar zuwa rukuni na masu amfani da suke amfani da muguwar aikace-aikace don samun damar amintaccen bayani ta hanyar halattacciyar aikace-aikace. Suna yin hakan ta hanyar amfani da hanyar "mutum-a-tsakiya", wanda ke nufin cewa suna tsakaninmu da halattacciyar uwar garken da ke amfani da leƙen asirri don yaudarar mu da ba su takaddun shaidarmu.
Menene burin XARA?
A kan OS X, XARA yana nufin da iCloud keychain database (iCloud Keychain), inda muke adana masu amfani da kalmomin shiga; WebSockets, tashar sadarwa tsakanin aikace-aikace da haɗi da sabis; da kuma masu gano kunshin, wanda kawai yake gano aikace-aikacen sandbox kuma ana iya amfani dashi azaman kwantena bayanai masu manufa.
A kan iOS, XARA yana niyya makircin URL. Satar URL ba rauni ba ne tsarin aiki. Ana iya amfani da shi idan babu tsarin tsaro na hukuma don cimma ayyukan da ake so. Da alama cewa a cikin iOS gazawar ba ta da mahimmanci tunda tasirin ta yafi iyaka.
Ta yaya ake rarraba fa'idodi?
Masu binciken tsaro sun kirkiro aikace-aikace kuma sun loda su a Mac App Store da App Store. Dangane da OS X kuma ana iya rarraba su ta wani gidan yanar gizo kuma za mu iya shigar da su idan muka saita shi daga abubuwan da muke so.
Shagunan App suna kokarin gano idan akwai mummunan hali. Idan suka gano irin wannan halayyar a cikin App Store, kamar yadda lamarin yake ga XARA, ana amfani da bayanin don sake dubawa na gaba don hana irin wannan damar samun damar App Store a gaba. Don haka ba a daidaita matsalar App Store ba.
Ta yaya waɗannan aikace-aikacen ke aiki?
A taƙaice, suna aiki azaman matsakaita tsakanin musayar bayanai ko cikin aikace-aikacen sandbox. Abin da suke yi shi ne jira kuma "gicciye yatsunsu" suna jiran a yi amfani da su. Idan kuwa ba haka ba, ba za su iya yin komai ba.
Game da OS X iCloud Keychain, zaku iya yin rijista ko sharewa da sake yin rijistar takardun shaidarku. Tare da WebSockets, zaka iya mamaye tashar jirgin ruwa da sauri. Tare da masu gano kunshin, zaku iya ƙara ƙananan ƙananan manufofi zuwa halal ɗin aikace-aikacen halal na halal.
A kan iOS, zaku iya satar adiresoshin URL kawai kuma kuyi phishing.
Wani irin bayanai ke cikin haɗari?
ICloud Keychain bayanai, Websockets, da URLs.
Me za ayi don hana XARA?
Mafi kyawun shine tsarin da za'a tabbatar da aikace-aikace a cikin duk hanyoyin sadarwa. Aikin Apple kenan.
Idan muka ga cewa an share wani abu a kan maɓallin mu, za mu iya tunanin cewa gazawa ne, amma idan muka ga rikodin da ba mu yi ba, alama ce ta cewa wani ya sami damar hakan.
Dole Apple ya sabunta tsarin, wannan shine mafi mahimmanci. Kuma dole ne ku yi shi da wuri-wuri.
Shin zai yiwu a san ko an katse bayanan na?
A kan iOS, dole ne mu ga ƙa'idar ƙarya don a ɗan ƙanƙanin lokaci kafin mu ci gaba zuwa halal ɗin ƙa'idar. Idan muna neman gazawa, za mu lura, amma idan ba haka ba, zai yi wahala.
Me yasa aka buga XARA?
Masu binciken sun gano aibin a bara. Sun kai rahoton hakan ga Apple kuma mutanen Cupertino sun nemi a kalla watanni 6 don magance matsalar. Bayan watanni 6, masu binciken sun bayyana shi ga jama'a.
Mafi mawuyacin hali, rashin aiki ne kawai ke mai da kansu mahimmanci a matsayin masu bincike na tsaro. Abin da zan yi yayin gano irin wannan kwaro shine aiki tare da kamfanin har sai an gyara shi. Bayan haka, sannan kawai, zai buga bayanan.
Bugu da kari, masu bincike sun gane hakan Apple yana ta aiki a kai tun lokacin da suka kai rahoton lamarin, don haka buga wanzuwar wannan aibin na tsaro ba zai taimaka wa Apple yin sauri ba. Zai yi aiki ne kawai don inganta kansa da sanya bayanan mai amfani cikin haɗari, tunda yanzu duk wani mai amfani da zalunci na iya amfani da bayanan da aka buga.
A gefe guda, Apple ya gyara mahimmancin kwari da yawa a wannan lokacin. Kuma ba wai cewa XARA ba mai haɗari bane, idan ba hakan bane don fifita shi ko kuma faɗakar da mu kamar yadda muke aikatawa. Kira don kwantar da hankali
Don haka me ya kamata mu yi?
XARA rukuni ne na fa'idodi waɗanda dole ne a gyara su, amma dole ne Apple ya gyara su. Kamar yadda suke fada a ciki iMore, wanda shine asalin wannan labarin, bai kamata ka firgita ba, amma duk wani mai amfani da Mac, iPhone ko iPad ya kamata a sanar dashi. Har sai Apple ya gyara matsalar, mafi kyau shine kasuwanci kamar yadda aka saba: kar a zazzage aikace-aikacen asali na asali. Kuma na sanya misalai guda biyu: idan muka zazzage sabon wasa daga wani masanin da ba a sani ba daga App Store kuma suka nemi mu sanya kalmar sirrin mu don samun damar maɓallan mu, ba ma yin hakan. Haka nan tare da masu amfani waɗanda ke da yantad da na'urarka, amma a waɗannan sharuɗɗan kuma yana da mahimmanci a yi amfani da tweaks daga wuraren adana bayanan hukuma.
Kamar koyaushe, labaranku suna da ma'ana da ban sha'awa, gaisuwa daga Meziko!