UTroy ukuzingela, umenzi wewebhusayithi edumileyo "Ngaba Ndibotshiwe" yazise Zimbalwa iintsuku ezidlulileyo ukukhutshwa kwekhowudi yomthombo ukusuka kwiwebhusayithi yokujonga igama eliyimfihlo "Ngaba Ndivalelwe?"
Kwabo abangaziyo malunga nokuba ndibe nePwned, kufuneka uyazi ukuba Le yiwebhusayithi edumileyo. que ivumela abasebenzisi be-intanethi ukuba bajonge ukuba idatha yabo yobuqu iye yachatshazelwa kukophulwa kwedatha. Inkonzo iqokelela kwaye ihlalutye amakhulu eendawo zokulahla isiseko sedatha kunye neepasti eziqulethe ulwazi kwiibhiliyoni zeeakhawunti ezivuzayo kwaye ivumela abasebenzisi ukuba bakhangele ulwazi lwabo ngokufaka igama labo lomsebenzisi okanye idilesi ye-imeyile.
Le webhusayithi ibe yinkuthazo kwabanye. iiwebhusayithi ezifanayo okanye ezidityaniswe nale webhusayithi, injalo imeko yeFirefox Monitor okanye iGoogle ngokwayo, eyazisa abasebenzisi bayo ukuba nayiphi na idatha yabo egcinwe kumphathi wephasiwedi yesikhangeli iye yachaphazeleka.
Ngaba ndibanjwe, Ikwanika abasebenzisi amandla okubhalisa ukufumana izaziso. Idilesi yakho ye-imeyile ivela ekuvuzeni okuzayo. Isayithi ikhuthazwe ngokubanzi njengesixhobo esixabisekileyo kubasebenzisi be-Intanethi abafuna ukukhusela ukhuseleko lwabo kunye nobumfihlo.
Malunga nokukhutshwa kwekhowudi yomthombo we Have I of Been Pwned
UTroy Hunt okhankanywe kwisithuba seblogi ukuba ekuqaleni, Injongo yokuvula umthombo weprojekthi yabhengezwa ngo-Agasti kunyaka ophelileyo, kodwa inkqubo yalibaziseka kwaye ikhowudi yapapashwa kuphela kude kube ngoku.
Ngo-Agasti, ndabhengeza ukuba ndicwangcise ukuvula umthombo wekhowudi ye-HIBP. Ndandisazi ukuba kwakungayi kuba lula, kodwa ndandisazi ukuba yayiyeyona nto ilungileyo yokwenza ubomi obude beprojekthi. Into endingayaziyo kukuba inokuba yinto encinci kangakanani kuzo zonke iintlobo zezizathu onokuthi uzicingele kunye nezinye ezininzi ezingabonakali kwangoko. Esinye sezizathu eziphambili kukuba kukho umzamo omkhulu obandakanyekayo ekuthatheni into eqhutywe njengeprojekthi yesilwanyana somntu omnye iminyaka kwaye iyise kwindawo yoluntu. Andizange ndicinge ngendlela yokulawula iprojekthi yomthombo ovulekileyo, ukuseta imodeli yelayisenisi, ukulungelelanisa apho uluntu lutyala khona umzamo, ukufumana iminikelo, ukuyila ngokutsha inkqubo yokukhululwa, kunye nazo zonke iintlobo zezinto endiqinisekileyo ukuba andikacingi. . Kulapho ke. ingena.
Emva kokubhengeza injongo yokuya kumthombo ovulekileyo, umhlobo wam kunye ne-CEO yesiseko uClaire Novotny wafikelela kwaye wanikela ngenkxaso, eqala incoko entsha. Ndimazi uClaire iminyaka njengomnye uMphathi weNgingqi kaMicrosoft, kwaye kamva njengomqeshwa weMicrosoft kunye nomphathi weprojekthi kwiqela le-.NET. Kodwa i.NET Foundation ayiyonxalenye yeMicrosoft, kodwa ngumbutho ozimeleyo ongenzi nzuzo...
Ikhowudi yenkonzo ibhalwe kwi-C # kwaye ikhutshwe phantsi kwelayisensi ye-BSD. Le projekthi icwangciswe ukuba iphuhliswe ngokuthatha inxaxheba koluntu phantsi kwenkxaso yombutho ongenzi nzuzo .NET Foundatuon.
Ngelo xesha, ukuqala kwentsebenziswano yeprojekthi kwabhengezwa UTHIWE kunye ne-US Federal Bureau of Investigation. evakalise ukukulungela kwayo ukudlulisa ulwazi malunga namagama ayimfihlo adityanisiweyo ngenxa yophando oluqhubekayo.
Ngokomzekelo, xa usilwa neebhotnet, i-FBI ihlala ifumana i-database yeephasiwedi ezisetyenziswa kwi-malware ukwenza uhlaselo. Umdla ekudluliseleni ulwazi kwinkonzo ye-HaveIBeenPwned inxulunyaniswa nomnqweno wokufumana inqaku elinye lokuqinisekisa ii-akhawunti ezithotyiweyo. Kucwangciswe ukudlulisa ulwazi malunga neephasiwedi ngendlela ye-SHA-1 kunye ne-NTLM hashes. I-API ekhethekileyo iya kuphuhliswa ukuququzelela itshaneli yokuhambisa i-password ezenzekelayo.
Gqibela ukuba unomdla wokwazi okungakumbi ngayoUngajonga iifayile ze iinkcukacha kwikhonkco elilandelayo.