Ofungiyar masu bincike daga jami'o'i daban-daban Amurkawa, Isra’ilawa da Australiya ya ƙaddamar da hare-hare uku da ke niyya ga masu binciken yanar gizon da ke ba da damar hakar bayanai game da ƙunshin bayanan mai sarrafawa. Hanyar yana aiki a cikin bincike ba tare da JavaScrip bat da sauran biyun suna keta hanyoyin kariya na yanzu game da hare-hare ta hanyoyin mutum na uku, gami da wadanda aka yi amfani da su a Tor Tor da DeterFox.
Don nazarin abubuwan da ke ciki a cikin duk hare-hare suna amfani da hanyar "Prime + Probe", cewa ya ƙunshi cika ma'ajin tare da ƙididdigar ƙimomin tunani da ƙayyade canje-canje ta hanyar auna lokacin samun dama zuwa gare su lokacin da aka sake caji. Don ƙetare hanyoyin tsaro da ke cikin masu bincike, waɗanda ke hana ƙididdigar lokaci daidai, a cikin sifofi biyu ana kiran mai kai hari DNS ko WebSocket uwar garken, wanda ke riƙe rikodin lokacin karɓar buƙatun. A cikin wata alama, ana amfani da tsayayyen lokacin amsa DNS azaman bayanin lokaci.
Matakan da aka yi amfani da su sabobin DNS na waje ko WebSocket, godiya ga amfani da tsarin rarrabuwa dangane da koyon inji, sun isa su hango ƙimomi tare da daidaito na 98% a cikin mafi kyawun yanayi (a kan kusan 80-90%). An gwada hanyoyin kai harin a wasu dandamali na kayan masarufi (Intel, AMD Ryzen, Apple M1, Samsung Exynos) kuma sun tabbatar da dacewa.
Na farko bambance-bambancen na DNS Racing hari yana amfani da tsarin aiwatarwa na yau da kullun na hanyar Firayim Minista ta amfani da JavaScript arrays. Bambance-bambancen sun sauko zuwa amfani da mai ƙidayar lokaci na tushen DNS da mai kula da kuskure wanda ke kunna wuta yayin ƙoƙarin ɗora hoto daga yankin da babu shi. Lokaci na waje yana ba da damar kai hare-hare Firayim + Bincike a cikin masu bincike waɗanda ke ƙuntata ko hana musanya damar mai ƙayyadadden lokaci na JavaScript.
Don uwar garken DNS da aka shirya akan wannan hanyar sadarwar Ethernet, an kiyasta ƙayyadadden lokacin zuwa kusan 2 ms, wanda ya isa don aiwatar da harin tashar tashar (don kwatanta: daidaitaccen lokacin saita JavaScript a cikin Tor browser yana da an rage zuwa 100ms). Don harin, ba a buƙatar ikon sarrafa uwar garken DNSyayin da aka zaɓi lokacin zartar da aiki don lokacin amsa DNS ɗin ya zama alama ce ta kammalawar tabbatarwa da wuri (dangane da ko an jawo maƙerin kuskuren a baya ko kuma daga baya). , an kammala cewa aikin tabbatarwa tare da cache an kammala) ...
Hari na biyu "String and Sock" an tsara shi ne don ƙetare dabarun tsaro wanda ke ƙuntata amfani da ƙananan matakan JavaScript. Madadin tsararru, String da Sock suna amfani da manyan ayyuka na zare, waɗanda aka zaɓi girman su don mai canzawa ya rufe duka ɓoyayyen LLC (babban matakin ɓoye).
Na gaba, ta amfani da aikin indexOf (), ana bincika ƙaramin abu a cikin kirtani, wanda da farko babu shi a cikin asalin kirtani, ma'ana, aikin bincike yana haifar da tsawaitawa a kan dukkan layin. Tunda girman layin yayi daidai da girman ma'aunin LLC, sikan ɗin yana ba da damar aiwatar da cache ba tare da sarrafa abubuwa ba. Don auna jinkiri, maimakon DNS, wannan roko ne ga uwar garken WebSocket mai kai hare-hare wanda maharin ke sarrafawa: kafin farawa da bayan ƙarshen aikin binciken, ana aika buƙatu a cikin sarkar,
Kashi na uku na harin "CSS PP0" ta hanyar HTML da CSS, kuma yana iya aiki a cikin masu bincike tare da nakasassu JavaScript. Wannan hanyar tana kama da "String and Sock" amma ba a ɗaure shi da JavaScript ba. Harin yana haifar da saitin masu zaɓen CSS waɗanda ke bincika ta hanyar rufe fuska. Babban layi na asali wanda ya cika cache an saita ta ƙirƙirar sigar div tare da suna mai girman gaske, kuman wanda a ciki akwai wasu saiti na daban tare da alamun ganowa.
Kowane ɗayan wadannan kwalliyar nested din ana musu fasali tare da mai zaba wanda ke neman kewayawa. Lokacin sanya shafi, mai binciken yana fara ƙoƙarin aiwatar da ƙididdigar ciki, wanda ke haifar da bincike akan babban kirtani. Ana yin binciken ne ta amfani da abin rufe fuska mara kyau kuma yana haifar da ambaton duka layin, bayan haka sai yanayin 'babu' ya shiga kuma aka yi ƙoƙarin loda hoton baya.