Ka’idojin Mu’amala da “Password” (7)

Hanyoyin Sace “Password”

A makon jiya mai karatu ya karanta irin yadda ‘yan Dandatsa (Hackers) ke sace “Password” din kamfanoni ba ma mutane kadai ba, masu dimbin yawa, saboda manufofin da bayaninsu ya gabata.  Da yawa cikin mutane kanyi mamakin yadda haka kan kasance, musamman ganin cewa shi “Password” kalma ce ta “Sirri.”  Ba abin mamaki bane.  Domin ni kaina sadda na fara mu’amala da wadannan kafafe na sadarwa tare da hanyoyi da na’urorin da ake amfani dasu wajen yin hakan, na sha mamakin hakan.  Amma daga baya sai na fahimci (sanadiyyar zurfafa karatu da kuma dabi’ar yau da gobe) wannan ba wani abin mamaki bane, sai dai abin bakin ciki ne.  Shiga hakkin mai kaya ne, wanda bai dace ba.  Sannan sanadiyyar hakan ma, mutunci da dukiya masu dimbin yawa kan salwanta.  Duk da haka, ta wace hanya wadannan mutane ko duk ma wani mai satan “Password” ke bi wajen yin hakan?  Abu ne mai sauki, wai cire wando ta ka.

A duk sadda aka ce ga wata hanya mai sauki wajen tafiyar da harkokin rayuwa, wacce ke baiwa dan adam karin ‘yanci daga kangin kunci da wahala da a baya ya samu kansa, a yayin da mutane ke farin ciki da murnar samun wannan sabuwar hanyar saukake al’amuran rayuwa, wasu na can a cikin dakunansu ko zaurensu ko dakunan bincike, suna tunanin yadda za su iya waske wannan sabuwar hanya don wata bukata ta kashin kansu mummuna.  Misali, bayyanar shafukan Dandalin abota (irin su Facebook da Twitter da Youtube da Google Plus da MySpace dsr) ya bayar da hanya mafi sauki wajen tafiyar da rayuwa a bangaren sadarwa.  Zumunci ya samu wata sabuwar hanyar bunkasa shi.  Kasuwanci ya samu sabuwar hanyar habbaka shi. Alakoki sun samu sabuwar hanyar karfafa su – duk nisan masu alaka kuwa.  Wannan ci gaba ne.  To amma da mujurimai suka lura da yadda jama’a suka ahama wajen turbude rayuwarsu a wadannan wurare don fa’idantuwa da amfanonin dake cikinsu, sai su kuma suka kirkiri hanyoyin sace-sace, da kisan gilla, da sace jama’a musamman kananan yara, da yada batsa da ashararanci da dai sauran miyagun hanyoyi.

Wannan tsari ne na rayuwa.  Tunda kirkirar “Password” na da manufofi (kamar yadda mai karatu ya gani makonni biyu da suka gabata), hakan ne ya baiwa masu satar “Password” damar kokarin kaiwa ga su “Password” din, don mallakar hakkokin da ba nasu ba, ko don wasu manufofi na shirme maras kima.  Dangane da haka, binciken masu bincike a fannin hanyoyi da na’urorin sadarwa na zamani ya tabbatar da samuwar hanyoyin sace “Password” da dama.  Wasu daga cikinsu na gama-gari ne, wasunsu kuma sai kwararru, hakikanin ‘yan ta’adda a fannin kenan.  Allah tsare mu da ta’addanci.  Ga wadannan hanyoyi nan, kashi na farko:

Aminci da Amintuwa

Wannan ita ce hanya mafi sauki kuma mafi hadari.  Karkashin wannan tsari, mai “Password” ne zai baka “Password” dinsa da kansa, saboda amince maka da yayi don ka aiwatar da wani abu na gyara ko maslaharsa ko maslahar kanka.  Saukin wannan hanya kenan.  Hadarin dake cikinsa fa?  Shi ne hakan na iya sa ka rika amfani da “Password” din wajen shiga shafinsa ko akwatinsa na Imel misali, ba tare da saninsa ko amincewarsa ba.  Nan ne laifin yake, kuma shi yasa hakan ya zama sata.  Galibin samari da ‘yan mata dake alaka a dandalin abota kan yi haka.  Budurwa ta baiwa saurayinta “Password” din shafinta na Facebook, ko dai saboda tsananin soyayya da amincewa ko kuma sanadiyyar tuhuma da yake mata ko take tsoron nan gaba zai mata.  Wasu samari ma kanyi haka.  Amma galibi ‘yan mata sun fi yin wannan.  A karshe, irin wannan shiri kan kare da matsala mai girman gaske ne, wasu lokuta ma ya kai ga rabuwa.  A takaice dai, hanyar “Aminci da Amintuwa” ita ce hanyar farko kuma mafi sauki da masu satan “Password” ke bi wajen sacewa.

Zamba Cikin Aminci

Wannan shi ake kira “Social Engineering” a fannin kimiyya da fasahar sadarwa na zamani.  Tsari ne da barawon “Password” ke bi wajen gano “Password” din wanda yake son sacewa, ta hanyar hira dashi.  Hanyar farko ta kunshi yi masa tambayoyi cikin zance, ko a rubuce, ta hanyar hirar ga-ni-ga-ka (Real Time Chatting), wanda ta wannan dalili zai gaya masa “Password” dinsa da kansa.  Hanya ta biyu ita ce ta hanyar sanin dabi’u da halayyar mai “Password” din.  Misali, ya san sunansa, da danginsa, da ‘ya’yansa, da wurin aikinsa, da abubuwan da yake so a harkokin rayuwa, kamar abinci, ko abin sha, ko wani fim, ko wani gwarzo, ko wata kalma ko kalmomi da yake yawan maimaita su,  da dai sauransu.  A yayin da bawaron “Password” din ke kokarin gano wadannan bayanai daga mai su, ko kadan ba zai taba tunanin yana hakan bane don wata manufa.  Amma a karshe, ta hanyar wadannan bayanai ne zai tsinci abubuwan da za su shiryar dashi zuwa gano hakikanin “Password” din abokinsa ko budurwarsa.  Wannan tsari na “Social Engineering” shi ne masana a yau ke kira: “The Gentleman Thief.”

Kirdado

A wasu lokuta kuma barawon “Password” na iya amfani da tsarin “Kirdado,” ko “Guessing” kamar yadda masana a fannin kariyar bayanai na zamani ke kira.  Bambancin wannan tsari da tsarin “Social Engineering” shi ne, a wannan bangare mai kirdadon bai san mai “Password” din ba, ko kuma ya sanshi, amma babu wata amincewa ko abota a tsakaninsu.  A wancan bangare, mai “Password” din na hira da barawon ne sanadiyyar “amince” masa da yayi.  Ko dai saboda kusanci ko alaka ta ‘yan uwantaka.  A wasu lokuta kuma barawon na iya amfani da wata fuska sananniya don neman aminci da natsuwar mai “Password” din, idan har bai sanshi ba.  Wannan kuma wani nau’i ne daban da bayani zai zo kansa kusa.

A takaice dai, daga cikin hanyoyin da barayin “Password” ke bi wajen sace wa jama’a kalmominsu na sirri akwai tsarin “Kirdado,” wato: ‘Guessing.’  Hakan kuma ya kunshi shigar da kalmomi daban-daban ne, wadanda mai shigarwa ke tsammanin su ne “Password” din, don neman dacewa.  Wannan tsari ya kasu kashi biyu:  akwai na gama-gari, wanda shi ne nake nufi a nan.  Akwai kuma wanda ya kunshi amfani da manhajar kwamfuta ta musamman don aiwatar da wannan tsari.  Bayani kan wannan na tafe karkashin “Manhajojin Satar “Password.”

Leke

Amfani da leke don ganin me ake shigarwa a matsayin “Password” na cikin hanyoyi na gama-gari, kuma shahararru; musamman a wuraren da jama’a ke yawan taruwa – irin su filin saukan jiragen sama, da makarantu, da dakunan mu’amala da kwamfuta da intanet da sai sauransu wurare makamantansu.  Wannan tsari shi ma kashi biyu ne; akwai tsarin kallo na kai tsaye a yayin da mai “Password” ke shigar da kalmomin, ko dai sanadiyyar kusancin wurin zama ko ta hanyar yin mike da wuya don hango abin da ake shigarwa.  Sai hanya ta biyu da ta kunshi dasa na’urorin daukar hoto ko masu nado bidiyo, don hango kalmomin da mai “Password” ke shigarwa.  Duk wadannan yunkuri ne da barawon “Password” ke yi wajen ganin hakikanin kalmomin da ake shigarwa.

Barayin Tsintau

Wannan tsari shahararren tsari ne na satar “Password” din jama’a ta hanyar bibiyar shafukan Intanet don tsinto “Password” din da wasu suka sato daga rumbun adana bayanan wani gidan yanar sadarwa.  Misali, a makon jiya mun yi bayani kan tarihin sace-sacen “Password”  a duniya, har muka bayyana yadda masu yin hakan kan kalato abin da suka sato su zuba su a shafin Intanet, ware-wake don kowa ya gani; ga suna (username) da kalmar izinin shiga (password) a fili kowa na gani.  To bayan sun yi haka, akwai wadanda ke zuwa su kwafi wadannan “Password” din da bayanan da suka dangance su, don amfani dasu a shafukan kasuwanci (irin su PayPal da bankuna da sauransu) don ribatar abin da ke cikinsu na dukiya kafin masu “Password” din su fadaka su canza.

Wannan tsari shi ake kira “Password Recycling” a fannin sadarwa na zamani.  Masu yin hakan kuma na kira su: “Barayin Tsintau” ne saboda sai an sato sannan suke tsintar abin da aka sato.   Sun zama barayi ne su ma tunda abin da suka gani a bayyane na bayanai ba nasu bane, kuma sun san satowa aka yi.