{"id":8491,"date":"2016-09-05T09:23:23","date_gmt":"2016-09-05T07:23:23","guid":{"rendered":"https:\/\/ihs.com.tr\/blog\/?p=8491"},"modified":"2016-09-05T09:23:23","modified_gmt":"2016-09-05T07:23:23","slug":"68-milyon-dropbox-parolasi-calindi","status":"publish","type":"post","link":"https:\/\/www.ihs.com.tr\/blog\/68-milyon-dropbox-parolasi-calindi\/","title":{"rendered":"68 Milyon Dropbox Parolas\u0131 \u00c7al\u0131nd\u0131"},"content":{"rendered":"<p><span style=\"font-size: 14pt;\">68 milyon Dropbox kullan\u0131c\u0131s\u0131n\u0131n oturum a\u00e7ma bilgileri internete s\u0131zd\u0131r\u0131ld\u0131. Bu olayda hatan\u0131n bir parolay\u0131 yeniden kullanan bir \u00e7al\u0131\u015fana ait oldu\u011fu d\u00fc\u015f\u00fcn\u00fcl\u00fcyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Dropbox 2012 y\u0131l\u0131nda bir ki\u015finin kullan\u0131c\u0131 e-posta bilgilerinin oldu\u011fu dok\u00fcmana yetkisiz olarak eri\u015fmeye \u00e7al\u0131\u015ft\u0131\u011f\u0131n\u0131 tespit etmi\u015fti.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Bulut firmas\u0131 ge\u00e7en hafta parolalar\u0131n\u0131 o g\u00fcnden beri de\u011fi\u015ftirmemi\u015f ki\u015fileri \u201ctedbir olarak\u201d parolalar\u0131n\u0131 de\u011fi\u015ftirmeye davet etti. Sonras\u0131nda yaln\u0131zca e-posta adreslerine de\u011fil, kriptolanm\u0131\u015f kullan\u0131c\u0131 parolalar\u0131n\u0131n da \u00e7al\u0131nd\u0131\u011f\u0131 ortaya \u00e7\u0131kt\u0131. \u0130nternete s\u0131zd\u0131r\u0131lan Dropbox kullan\u0131c\u0131 bilgilerinin say\u0131s\u0131n\u0131n 68 milyon oldu\u011fu \u00f6ne s\u00fcr\u00fcl\u00fcyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">G\u00fcvenlik ihlalleri konusunda uzman bir ara\u015ft\u0131rmac\u0131 olan Troy Hunt, blog yaz\u0131s\u0131nda \u201cbu veri ihlalinin ger\u00e7ek Dropbox parolalar\u0131n\u0131 kapsad\u0131\u011f\u0131ndan \u015f\u00fcphesi olmad\u0131\u011f\u0131n\u0131, bu tarz \u015feylerin \u00f6yle kolayca uydurulamayaca\u011f\u0131n\u0131,\u201d ifade ediyor.<\/span><\/p>\n<p><a href=\"https:\/\/www.ihs.com.tr\/sunucu-kiralama\/owncloud-sunucu.html\" rel=\"attachment wp-att-8492\"><img decoding=\"async\" class=\"alignnone wp-image-8492 size-medium\" src=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2016\/09\/dropbox-hacklendi-300x141.jpg\" alt=\"dropbox hacklendi\" width=\"300\" height=\"141\" srcset=\"https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2016\/09\/dropbox-hacklendi-300x141.jpg 300w, https:\/\/www.ihs.com.tr\/blog\/wp-content\/uploads\/2016\/09\/dropbox-hacklendi.jpg 520w\" sizes=\"(max-width: 300px) 100vw, 300px\" \/><\/a><\/p>\n<p><span style=\"font-size: 14pt;\">Akla gelen ilk soru 2012 y\u0131l\u0131nda hesab\u0131 olanlar\u0131n parolalar\u0131n\u0131n \u00e7al\u0131n\u0131p \u00e7al\u0131nmad\u0131\u011f\u0131. Bunun pek muhtemel olmad\u0131\u011f\u0131 d\u00fc\u015f\u00fcn\u00fcl\u00fcyor. Parolalar hackerlara kar\u015f\u0131 bir kriptolama sistemiyle koruma alt\u0131na al\u0131nm\u0131\u015f durumda. Bu parolalar\u0131n yakla\u015f\u0131k yar\u0131s\u0131nda Hunt\u2019a g\u00f6re \u201ck\u0131r\u0131lmaya kar\u015f\u0131 olduk\u00e7a diren\u00e7li olan\u201d modern bir bcrypt hashing algoritmas\u0131 kullan\u0131lm\u0131\u015f. Dolay\u0131s\u0131yla en k\u00f6t\u00fc parolalar d\u0131\u015f\u0131nda t\u00fcm parolalar bu tarz h\u0131rs\u0131zl\u0131klara ra\u011fmen g\u00fcvenli kalacak.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Bu veri h\u0131rs\u0131zl\u0131\u011f\u0131n\u0131n ya\u015fanmas\u0131na bir Dropbox \u00e7al\u0131\u015fan\u0131n\u0131n ba\u015fka bir sitede kulland\u0131\u011f\u0131 parolan\u0131n ayn\u0131s\u0131n\u0131 kullanmas\u0131n\u0131n yol a\u00e7t\u0131\u011f\u0131 \u00f6ne s\u00fcr\u00fcl\u00fcyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">\u015eirket 2012 y\u0131l\u0131nda, e-postalar\u0131n \u00e7al\u0131nd\u0131\u011f\u0131n\u0131 fark ettikten sonra (ve kriptolanm\u0131\u015f parolalara eri\u015fim sa\u011fland\u0131\u011f\u0131n\u0131 tespit etmeden \u00f6nce) bir blog postunda hackerlar\u0131n hackledikleri ba\u015fka sitelerdeki e-posta\/parola kombinasyonunu kullanarak Dropbox hesaplar\u0131na girmeye \u00e7al\u0131\u015ft\u0131klar\u0131n\u0131 duyurmu\u015ftu.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">Blog yaz\u0131s\u0131nda \u201c\u00e7al\u0131nan bir parola kullan\u0131larak bir <a href=\"https:\/\/www.ihs.com.tr\/sunucu-kiralama\/owncloud-sunucu.html\" target=\"_blank\">Dropbox<\/a> \u00e7al\u0131\u015fan\u0131n\u0131n i\u00e7inde kullan\u0131c\u0131 e-posta adreslerinin oldu\u011fu bir proje dok\u00fcman\u0131na eri\u015fildi\u011fi\u201d s\u00f6yleniyor. Yaz\u0131da \u201cBu aksakl\u0131\u011fa bahsi ge\u00e7en izinsiz eri\u015fimin neden oldu\u011funu d\u00fc\u015f\u00fcn\u00fcyoruz. Bu konuda \u00e7ok \u00fczg\u00fcn\u00fcz ve olay\u0131n bir daha ya\u015fanmamas\u0131 i\u00e7in gereken t\u00fcm \u00f6nlemleri alaca\u011f\u0131z,\u201d ifadelerine yer veriliyor.<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">\u015eirket ge\u00e7en hafta parolalar\u0131n tedbir ama\u00e7l\u0131 de\u011fi\u015ftirilmesini istedikten sonra parolalar\u0131n da bu ihlal esnas\u0131nda \u00e7al\u0131nd\u0131\u011f\u0131n\u0131 duyurdu. \u201c2012\u2019de ele ge\u00e7irildi\u011fini d\u00fc\u015f\u00fcnd\u00fc\u011f\u00fcm\u00fcz baz\u0131 eski Dropbox kullan\u0131c\u0131 bilgileri (e-posta adresleri ve kriptolanm\u0131\u015f parolalar) hakk\u0131nda duyumlar\u0131m\u0131z var. Analizlerimize g\u00f6re hesap bilgilerini \u00e7al\u0131nmas\u0131 o d\u00f6nemde ya\u015fanm\u0131\u015f bir olaydan kaynaklan\u0131yor.\u201d<\/span><\/p>\n<p><span style=\"font-size: 14pt;\">G\u00fcvenlik uzmanlar\u0131 ayn\u0131 parolan\u0131n farkl\u0131 sitelerde kesinlikle kullan\u0131lmamas\u0131n\u0131, onun yerine her bir hesap i\u00e7in farkl\u0131 ve g\u00fc\u00e7l\u00fc parolalar kullan\u0131lmas\u0131n\u0131 tavsiye ediyor. Gerekti\u011fi takdirde parolalar\u0131n hat\u0131rlanmas\u0131n\u0131 sa\u011flayacak bir parola y\u00f6neticisi uygulamas\u0131 da kullan\u0131labilir. Bu sayede kulland\u0131\u011f\u0131n\u0131z bir hizmet hacklense de, di\u011fer hesaplar\u0131n\u0131z g\u00fcvende olur.<\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>68 milyon Dropbox kullan\u0131c\u0131s\u0131n\u0131n oturum a\u00e7ma bilgileri internete s\u0131zd\u0131r\u0131ld\u0131. Bu olayda hatan\u0131n bir parolay\u0131 yeniden kullanan bir \u00e7al\u0131\u015fana ait oldu\u011fu d\u00fc\u015f\u00fcn\u00fcl\u00fcyor. Dropbox&hellip;<\/p>\n","protected":false},"author":3,"featured_media":8493,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-8491","post","type-post","status-publish","format-standard","has-post-thumbnail","hentry","category-haberler"],"amp_enabled":true,"_links":{"self":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8491","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/users\/3"}],"replies":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=8491"}],"version-history":[{"count":3,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8491\/revisions"}],"predecessor-version":[{"id":8511,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/posts\/8491\/revisions\/8511"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media\/8493"}],"wp:attachment":[{"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=8491"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=8491"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.ihs.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=8491"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}