Nidaamka qalliinka ee qumman ma jiro waana ficil ahaan wax aan macquul ahayn in la abuuro mid 100% ammaan ah. Dhawaan, baarayaasha amniga waxay ku guuleysteen inay fuliyaan a weerar ku saabsan qalabka IOS iyo Android in si guul leh u xado furayaasha crypto loo isticmaalay in lagu ilaaliyo Bitcoins, xisaabaadka Apple Pay, iyo hantida kale ee qiimaha sare leh. The loogana faa'iidaysto Waa waxa loo yaqaan 'cryptographers' ay ugu yeeraan weji aan duullaan ahayn oo kanaal kana weerara Elliptic Curve Digital Saxiixa Algorithm, oo ah nidaam sireed si ballaaran loo adeegsado maxaa yeelay way ka dhakhso badan tahay nidaamyo badan oo sir ah.
Weerarku wuu shaqeynayaa baaris ku ag dhigida qalab mobilada inta lagu gudajiro hawlgallada loo yaqaan 'cryptographic operating', xilligaas oo weeraryahan cabbiro emanations ku filan si uu si buuxda uga soo saaro furaha sirta ah ee tilmaamaya xogta isticmaalaha dhammaadka ama dhammaadka macaamillada. Intaa waxaa dheer, sidoo kale waa la samayn karaa haddii aad marin u hesho marinka jir ahaaneed, kiiskan adoo ku xiraya adabtarada USB-ga lacag-bixinta.
Weeraryahanku wuxuu cabbiri karaa saameyntan jir ahaaneed ee aan duullaan ahayn isagoo adeegsanaya $ 2 baaris magnetic ah oo la dhigo agtarka aaladda, ama adabbar USB ah oo macmal ah oo ku xiran taleefanka USB-ga iyo kaarka codka USB-ga. Tallaabooyinkan, waxaan awoodnay inaan si buuxda uga soo saarno furayaasha saxiixa sirta OpenSSL iyo CoreBitcoin qalabka iOS. Waxaan sidoo kale muujineynaa wax soo saar muhiim ah oo ka socda OpenSSL oo ku shaqeynaya Android iyo iOS CommonCrypto.
Android sidoo kale waa u nugul yahay weerarkan
macruufka 9 ma sii aha nugul Weerarkan waxaa sabab u ah amniga lagu soo kordhiyay nooca cusub ee ka hortagaya weerarada kanaalka, laakiin xitaa dadka isticmaala ee leh nooca ugu dambeeya ee nidaamka mobilada ee Apple ee rakibay waxay ku jiri karaan khatar iyadoo ku xiran dalabka saddexaad ee aan isticmaalno. Mid ka mid ah codsiyada macruufka ah ee nugul waa CoreBitcoin, maaddaama ay isticmaasho hirgelintiisa gaarka ah ee loo yaqaan 'cryptographic' oo aan ahayn maktabadda 'iOS CommonCrypto'. Soosaarayaasha CoreBitcoin waxay u sheegeen cilmi baarayaasha inay qorsheynayeen inay ku badalaan maktabadooda hadda loo yaqaan 'crypto library' mid aan u nugulayn weerarkan. Nooca ugu dambeeyay ee Bitcoin Core ayaa ka baxay kaynta.
Dhinaca kale, cilmi-baarayaashu waxay kaloo sheegeen inay ku guuleysteen inay qeyb ahaan furaha ka soo saaraan Xperia X10 oo wata Android, laakiin waxay xaqiijiyeen inay sidaas sameyn karaan waxayna xuseen koox kale oo cilmi-baarayaal ah oo helay a u nuglaanta la midka ah nooca Android laga bilaabo maktabadda BouncyCastle cryptographic.
Laakiin ha faafin argagax. In kasta oo ay sharraxayaan in la samayn karo iyadoo ku dhow aaladda marka la isticmaalayo mid ka mid ah barnaamijyada nugul, ma dhihi karno way fududahay in la sameeyo wax kasta oo lagama maarmaan u ah soo saaridda furayaashan. Waxa caadiga ahi waxay noqon karaan inay jidh ahaan ku heli karaan qalabka, wax la mid ah dhammaan hababka "jabsiga" Aqoonsiga dokumentiga jira. Dabcan, sida had iyo jeer, tan ugu fiican xagga amniga waa in had iyo jeer la helo nooca ugu dambeeya ee nidaamka hawlgalka ee qalabkeenna loo rakibo.
