{"id":10485,"date":"2022-02-03T14:08:52","date_gmt":"2022-02-03T11:08:52","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10485"},"modified":"2022-02-03T14:08:52","modified_gmt":"2022-02-03T11:08:52","slug":"spectre-meltdown-in-practice","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/spectre-meltdown-in-practice\/10485\/","title":{"rendered":"Ortaya \u00e7\u0131k\u0131\u015f\u0131n\u0131n \u00fczerinden ge\u00e7en 4 y\u0131lda Spectre g\u00fcvenlik a\u00e7\u0131\u011f\u0131"},"content":{"rendered":"<p>Modern i\u015flemcilerde bulunan donan\u0131m a\u00e7\u0131klar\u0131 Spectre ve Meltdown ile <a href=\"https:\/\/spectreattack.com\/\" target=\"_blank\" rel=\"noopener nofollow\">ilgili ara\u015ft\u0131rman\u0131n ilk yay\u0131nland\u0131\u011f\u0131 tarihin<\/a> \u00fczerinden d\u00f6rt y\u0131l ge\u00e7ti. O zamandan beri ara\u015ft\u0131rmac\u0131lar, potansiyel olarak gizli verileri s\u0131zd\u0131rma yetene\u011fine sahip birka\u00e7 benzer a\u00e7\u0131k ke\u015ffettiler. Ara\u015ft\u0131rmac\u0131lar, her ne kadar ger\u00e7ek hayatta kullan\u0131lmas\u0131 muhtemel olmasa da, bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n kullan\u0131ld\u0131\u011f\u0131 sald\u0131r\u0131 \u00f6rneklerini g\u00f6sterdiler. Yaz\u0131m\u0131zda, bu donan\u0131m sorunlar\u0131n\u0131n g\u00fcn\u00fcm\u00fczdeki durumuna ve i\u015fletmelere sald\u0131rmak i\u00e7in potansiyel kullan\u0131mlar\u0131na g\u00f6z at\u0131yoruz.<\/p>\n<h2>Spectre\u2019nin farkl\u0131 t\u00fcrleri<\/h2>\n<p>A\u011fustos 2018\u2019de yap\u0131lan ilk duyuruda \u00fc\u00e7 g\u00fcvenlik a\u00e7\u0131\u011f\u0131 yer al\u0131yordu: Spectre v1 ve v2 ve Meltdown. Bu g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131n birka\u00e7 ortak \u00f6zelli\u011fi bulunuyor:<\/p>\n<ul>\n<li>D\u00fc\u015f\u00fck ayr\u0131cal\u0131klarla da olsa, g\u00fcvenlik a\u00e7\u0131klardan yararlanma genellikle a\u00e7\u0131\u011f\u0131 bulunan bir sistemde k\u00f6t\u00fc ama\u00e7l\u0131 kodun y\u00fcr\u00fct\u00fclmesini i\u00e7eriyor. En tehlikeli olas\u0131l\u0131k, \u201cvir\u00fcs bula\u015fm\u0131\u015f\u201d bir web sayfas\u0131n\u0131 ziyaret ederken taray\u0131c\u0131 arac\u0131l\u0131\u011f\u0131yla yap\u0131lan sald\u0131r\u0131d\u0131r.<\/li>\n<li>Pratikte a\u00e7\u0131ktan yararlan\u0131lmas\u0131 i\u00e7in bir dizi ko\u015fulun ger\u00e7ekle\u015fmesi gereklidir; \u00f6zellikle sald\u0131r\u0131ya u\u011frayan uygulaman\u0131n kodunun, veri s\u0131z\u0131nt\u0131s\u0131na izin vererek, sald\u0131r\u0131y\u0131 m\u00fcmk\u00fcn k\u0131lan bir \u201cayg\u0131t\u201d eri\u015fimi olmas\u0131 gerekir.<\/li>\n<li>Veri s\u0131z\u0131nt\u0131s\u0131 yan kanallar arac\u0131l\u0131\u011f\u0131yla ger\u00e7ekle\u015fir. Bu nedenle, veri s\u0131z\u0131nt\u0131s\u0131n\u0131n h\u0131z\u0131 son derece d\u00fc\u015f\u00fckt\u00fcr.<\/li>\n<li>Ba\u015far\u0131l\u0131 bir sald\u0131r\u0131, yetkisiz veri eri\u015fimine ili\u015fkin hi\u00e7bir iz b\u0131rakmayabilir.<\/li>\n<\/ul>\n<p>Son durum tam olarak, bu, g\u00f6r\u00fcn\u00fc\u015fte teorik bilimsel \u00e7al\u0131\u015fmaya \u00f6zel ilgi uyand\u0131ran \u015feydir. Her durumda ara\u015ft\u0131rmac\u0131lar, dallanma \u00f6ng\u00f6r\u00fc sisteminden yararland\u0131lar. Programda, y\u00fcr\u00fct\u00fclmesi i\u00e7in yap\u0131lan a\u00e7\u0131k bir istekten \u00f6nce bile bir dizi talimat\u0131n y\u00fcr\u00fct\u00fclmesiyle performans art\u0131\u015f\u0131na olanak tan\u0131yan bu mekanizma 20 y\u0131ldan daha uzun bir s\u00fcre \u00f6nce tan\u0131t\u0131ld\u0131. Tahmin do\u011fruysa, i\u015flemci kaynaklar\u0131 daha verimli kullan\u0131lm\u0131\u015f olur. Tahmin yanl\u0131\u015fsa, hesaplamalar at\u0131l\u0131r.<\/p>\n<p>Spectre v1\u2019e ait POC (kavram kan\u0131t\u0131), i\u015flemcinin program taraf\u0131ndan eri\u015filemeyen verileri okudu\u011funu g\u00f6sterdi. Bu veriler \u00f6nbellekte saklan\u0131r ve oradan yan kanallar arac\u0131l\u0131\u011f\u0131yla al\u0131nabilir. Hatal\u0131 okunan bu \u201cgizli\u201d bilgi programa iletilmedi\u011fi i\u00e7in bu mekanizma g\u00fcvenli kabul ediliyordu. Ancak ara\u015ft\u0131rmac\u0131lar bu verileri dolayl\u0131 olarak okuman\u0131n yollar\u0131n\u0131 buldular.<\/p>\n<p>Spectre ve Meltdown ile ilgili \u00e7al\u0131\u015fmalar\u0131n yay\u0131nlanmas\u0131ndan sonra, birka\u00e7 benzer g\u00fcvenlik a\u00e7\u0131\u011f\u0131 daha ke\u015ffedildi. Ara\u015ft\u0131rmac\u0131lar, i\u015flemcilerin g\u00fcvenlik a\u00e7\u0131klar\u0131ndan yararlanarak gizli verileri \u00e7\u0131karmaya y\u00f6nelik yeni y\u00f6ntemler aramaya devam ediyor. Intel\u2019in \u00f6zet tablosu, orijinal \u00fc\u00e7 soruna ek olarak 20\u2019den fazla sorunu daha <a href=\"https:\/\/software.intel.com\/content\/www\/us\/en\/develop\/topics\/software-security-guidance\/processors-affected-consolidated-product-cpu-model.html\" target=\"_blank\" rel=\"noopener nofollow\">listeliyor<\/a>.<\/p>\n<h2>Spectre\u2019yle nas\u0131l m\u00fccadele edilir?<\/h2>\n<p>Teoride bir i\u015flemcideki g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan faydalanmay\u0131 daha az olas\u0131 hale getirmenin \u00fc\u00e7 yolu vard\u0131r: Sa\u011flay\u0131c\u0131lar mevcut i\u015flemciler i\u00e7in bir mikro kod g\u00fcncellemesi yay\u0131nlayabilir, CPU\u2019lar\u0131 yenisiyle de\u011fi\u015ftirebilir veya sorunu yaz\u0131l\u0131m g\u00fcncellemeleri yoluyla \u00e7\u00f6zmeye \u00e7al\u0131\u015fabilir. Genellikle ger\u00e7ek etki azaltma i\u00e7in \u00fcr\u00fcn yaz\u0131l\u0131m\u0131 ve yaz\u0131l\u0131m g\u00fcncellemelerinin bir kombinasyonunu gerekir. G\u00fcvenlik a\u00e7\u0131klar\u0131ndan baz\u0131lar\u0131n\u0131 kapsayan yeni mikro kod, Intel\u2019in 2013 Haswell nesli i\u015flemcilerden beri mevcuttur. Donan\u0131m \u00e7\u00f6z\u00fcmleri ilk olarak sekizinci nesil Intel i\u015flemcilerinde ve AMD\u2019nin Zen 2 CPU\u2019lar\u0131nda uyguland\u0131.<\/p>\n<p>Yaz\u0131l\u0131msal \u00e7\u00f6z\u00fcmler olduk\u00e7a zor olabilir: \u00d6rne\u011fin, Spectre v1 ve v2\u2019ye kar\u015f\u0131 Linux \u00e7ekirde\u011findeki olas\u0131 de\u011fi\u015fikliklere <a href=\"https:\/\/www.kernel.org\/doc\/html\/latest\/admin-guide\/hw-vuln\/spectre.html\" target=\"_blank\" rel=\"noopener nofollow\">bakabilirsiniz<\/a>. CPU performans\u0131nda ciddi sonu\u00e7lar do\u011furacak \u015fekilde spek\u00fclatif kod y\u00fcr\u00fctmenin tamamen devre d\u0131\u015f\u0131 b\u0131rak\u0131lmas\u0131 da dahil olmak \u00fczere, belirli bir sistemin ama\u00e7 ve hedeflerine ba\u011fl\u0131 olarak \u00e7ok \u00e7e\u015fitli \u00f6nlemler g\u00fcndeme geldi.<\/p>\n<p>\u0130\u015f modeli b\u00fcy\u00fck bir sunucu filosunun performans\u0131na ba\u011fl\u0131 olan \u00e7o\u011fu i\u015fletme i\u00e7in Spectre kar\u015f\u0131t\u0131 \u00f6nlemlerin en belirgin etkisi, bu t\u00fcr performans d\u00fc\u015f\u00fc\u015f\u00fc olacakt\u0131r. Phoronix sitesindeki, \u00e7e\u015fitli sunucu uygulamalar\u0131n\u0131n performans\u0131n\u0131 inceleyen nispeten yeni bir <a href=\"https:\/\/www.phoronix.com\/scan.php?page=article&amp;item=3-years-specmelt&amp;num=9\" target=\"_blank\" rel=\"noopener nofollow\">kar\u015f\u0131la\u015ft\u0131rmal\u0131 analiz<\/a>, Linux i\u015fletim sisteminde t\u00fcm Spectre kar\u015f\u0131t\u0131 \u00f6nlemler etkinle\u015ftirildi\u011finde ortalama olarak %25\u2019lik bir performans d\u00fc\u015f\u00fc\u015f\u00fc ya\u015fand\u0131\u011f\u0131n\u0131 g\u00f6steriyor.<\/p>\n<h2>Uygulanabilir sald\u0131r\u0131lar ve kavram kan\u0131tlar\u0131<\/h2>\n<p>\u00c7ok say\u0131daki sald\u0131r\u0131 t\u00fcr\u00fcne ra\u011fmen, Spectre kaynakl\u0131 veri h\u0131rs\u0131zl\u0131\u011f\u0131 tehdidi hala teoriktir. Her ara\u015ft\u0131rma, s\u0131z\u0131nt\u0131y\u0131 g\u00f6steren baz\u0131 kodlar i\u00e7erse de bu, kodun ger\u00e7ek bir sisteme kar\u015f\u0131 kullan\u0131labilece\u011fi anlam\u0131na gelmez. Genel olarak bu demolara ili\u015fkin k\u0131s\u0131tlar veya kavram kan\u0131tlar\u0131 a\u015fa\u011f\u0131daki gibidir:<\/p>\n<ul>\n<li>Rastgele bir veri s\u0131z\u0131nt\u0131s\u0131 g\u00f6sterirler. Uygulamada bir anlam ifade etmeyebilir, sadece sald\u0131rgan\u0131n daha \u00f6nce eri\u015femedi\u011fi rastgele bilgilerdir.<\/li>\n<li>Sald\u0131r\u0131 i\u00e7in ideal ko\u015fullar ara\u015ft\u0131rmac\u0131lar yarat\u0131ld\u0131. \u00d6rne\u011fin, sistemde s\u0131n\u0131rs\u0131z eri\u015fime sahiplerdi. Bu durumda, karma\u015f\u0131k veri h\u0131rs\u0131zl\u0131\u011f\u0131 y\u00f6ntemlerini kullanmaya gerek yoktur.<\/li>\n<li>Pek de olas\u0131 olmayan ko\u015fullarda ya\u015fanan ger\u00e7ek bir veri ihlali oldu\u011funu g\u00f6sterir.<\/li>\n<\/ul>\n<p>En etkileyici teorik \u00e7al\u0131\u015fma (olas\u0131 sonu\u00e7lar a\u00e7\u0131s\u0131ndan) <a href=\"https:\/\/martinschwarzl.at\/media\/files\/netspectre.pdf\" target=\"_blank\" rel=\"noopener nofollow\">NetSpectre<\/a> sald\u0131r\u0131s\u0131d\u0131r. Ara\u015ft\u0131rmac\u0131lar saatte 15 ila 60 bit h\u0131z\u0131nda veri s\u0131zd\u0131rarak, g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan uzaktan da yararlan\u0131labildi\u011fini g\u00f6sterebildiler. Sald\u0131r\u0131ya ili\u015fkin s\u0131n\u0131rlamalar olduk\u00e7a a\u00e7\u0131k: D\u00fc\u015f\u00fck veri aktar\u0131m h\u0131z\u0131, s\u0131zd\u0131r\u0131lan verilerin b\u00fcy\u00fck miktarda \u00f6nemsiz trafik verisi i\u00e7ermesi ve ayr\u0131ca ba\u015far\u0131 i\u00e7in sald\u0131r\u0131ya u\u011frayan sunucuda \u201cdo\u011fru yerde\u201d savunmas\u0131z kod bulunmas\u0131.<\/p>\n<p>Ge\u00e7en y\u0131l ITW ko\u015fullar\u0131na m\u00fcmk\u00fcn oldu\u011funca yak\u0131n uygulamal\u0131 iki sald\u0131r\u0131 g\u00f6sterildi. Mart ay\u0131nda Google, bir <a href=\"https:\/\/security.googleblog.com\/2021\/03\/a-spectre-proof-of-concept-for-spectre.html\" target=\"_blank\" rel=\"noopener nofollow\">leaky.page<\/a>, RAM\u2019den veri \u00e7\u0131karabilen bir web sayfas\u0131 konsepti g\u00f6sterdi. Eyl\u00fcl ay\u0131nda, Spectre korumal\u0131 (web sayfalar\u0131n\u0131n ayr\u0131 taray\u0131c\u0131 s\u00fcre\u00e7lerinde izole edilmesi) ara\u015ft\u0131rma s\u0131ras\u0131ndaki en son Google Chrome (92) s\u00fcr\u00fcm\u00fcne d\u00fczenlenen bir <a href=\"https:\/\/www.spookjs.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Spook.js<\/a> sald\u0131r\u0131s\u0131 g\u00f6sterildi. Bu y\u00f6ntem ger\u00e7ek veri h\u0131rs\u0131zl\u0131\u011f\u0131na izin veriyordu: Ara\u015ft\u0131rmac\u0131lar bir sosyal a\u011fdaki kimlik bilgilerine, parola y\u00f6neticisi verilerine ve bir kullan\u0131c\u0131 taraf\u0131ndan \u00f6zel buluta y\u00fcklenen bir g\u00f6r\u00fcnt\u00fcye eri\u015fti. Ancak t\u00fcm bu durumlar i\u00e7in, ba\u015far\u0131l\u0131 veri yolunun ayn\u0131 alan ad\u0131 alt\u0131nda bulunan \u201cvir\u00fcsl\u00fc\u201d bir sayfaya sahip olmas\u0131 gerekiyor. \u00d6rne\u011fin, bir Tumblr \u015fifresini \u00e7almak i\u00e7in ayn\u0131 sosyal a\u011fdaki ba\u015fka bir sayfaya k\u00f6t\u00fc ama\u00e7l\u0131 Javascript kodu y\u00fcklemek gerekiyor.<\/p>\n<h2>Peki tehdit ne kadar tehlikeli?<\/h2>\n<p>Spook.js, Google Chrome taray\u0131c\u0131s\u0131 i\u00e7in \u00e7\u0131kar\u0131lan bir yaz\u0131l\u0131m yamas\u0131 ile etkisiz hale getirildi. Dolay\u0131s\u0131yla \u015fu anda, ger\u00e7ek ko\u015fullarda Spectre g\u00fcvenlik a\u00e7\u0131klar\u0131ndan yararlanmaya ili\u015fkin bir tehdit s\u00f6z konusu de\u011fildir. Bilinen t\u00fcm sald\u0131r\u0131lar son derece karma\u015f\u0131kt\u0131r ve sald\u0131rgan\u0131n en \u00fcst d\u00fczeyde kabiliyete sahip olmas\u0131n\u0131 gerektirir.<\/p>\n<p>En ger\u00e7ek\u00e7i kavram kan\u0131tlar\u0131 i\u00e7in yamalar \u00e7\u0131kar\u0131ld\u0131 ve yamalar olmadan bile, bu a\u00e7\u0131klardan faydalanmak i\u00e7in olduk\u00e7a \u00e7ok say\u0131da ko\u015fulun ger\u00e7ekle\u015fmesi gerekiyor. Ger\u00e7ek \u201cSpectre g\u00fcvenlik a\u00e7\u0131\u011f\u0131ndan yararlanma\u201d hakk\u0131nda medyada \u00e7\u0131kan medya haberler <a href=\"https:\/\/www.virusbulletin.com\/virusbulletin\/2018\/07\/does-malware-based-spectre-exist\/\" target=\"_blank\" rel=\"noopener nofollow\">do\u011frulanmasa da<\/a> g\u00fcvenlik sa\u011flay\u0131c\u0131lar\u0131 her ihtimale kar\u015f\u0131 bilinen sald\u0131r\u0131lar\u0131 tespit etmek i\u00e7in ara\u00e7lar eklediler. Bu nedenle b\u00fcy\u00fck olas\u0131l\u0131kla mevcut k\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m tespit mekanizmalar\u0131 \u015firketinizi korumaya yard\u0131mc\u0131 olacakt\u0131r.<\/p>\n<p>Ancak, Spectre\u2019i tamamen g\u00f6rmezden gelmemeliyiz: Ara\u015ft\u0131rman\u0131n devam etmesi \u00f6nemlidir. K\u00fc\u00e7\u00fck bir ihtimal ile zamanla, \u201cen k\u00f6t\u00fc durum senaryosu\u201d ke\u015ffedilecek: K\u00f6t\u00fc ama\u00e7l\u0131 yaz\u0131l\u0131m y\u00fcklenmesini gerektirmeyen ve iz b\u0131rakmadan veri s\u0131z\u0131nt\u0131s\u0131na izin veren bir sald\u0131r\u0131.<\/p>\n<p>Teorik olarak, \u00e7al\u0131nan verilerin de\u011feri buna de\u011fiyorsa, donan\u0131msal g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 kullanarak hedefli bir sald\u0131r\u0131 ger\u00e7ekle\u015ftirmek gayet olas\u0131d\u0131r. Bu t\u00fcr risklere kar\u015f\u0131 koruma, potansiyel sald\u0131r\u0131 vekt\u00f6rlerini belirleme, i\u015fletim sistemi geli\u015ftiricilerinin tavsiyelerini takip etme veya ciddi bir performans d\u00fc\u015f\u00fc\u015f\u00fc pahas\u0131na bile koruma uygulama konusunda ciddi yat\u0131r\u0131mlar gerektirir. Ancak \u00e7o\u011fu, hatta b\u00fcy\u00fck \u015firketler i\u00e7in yaz\u0131l\u0131m ve i\u015fletim sistemi geli\u015ftiricilerine, i\u015flemci \u00fcreticilerine ve <a href=\"https:\/\/www.kaspersky.com.tr\/small-to-medium-business-security?icid=tr_kdailyplacehold_acq_ona_smm__onl_b2b_kasperskydaily_wpplaceholder_______\" target=\"_blank\" rel=\"noopener\">g\u00fcvenlik \u00e7\u00f6z\u00fcmlerine<\/a> g\u00fcvenmek yeterlidir.<\/p>\n<input type=\"hidden\" class=\"category_for_banner\" value=\"kesb-trial-leadgen\">\n","protected":false},"excerpt":{"rendered":"<p>CPU&#8217;daki donan\u0131msal g\u00fcvenlik a\u00e7\u0131klar\u0131 i\u015fletmeler i\u00e7in uygulanabilir bir tehdit mi olu\u015fturuyor?<\/p>\n","protected":false},"author":665,"featured_media":10486,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194],"tags":[790,1504,1505],"class_list":{"0":"post-10485","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"tag-guvenlik-aciklari","10":"tag-meltdown","11":"tag-spectre"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/spectre-meltdown-in-practice\/10485\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/spectre-meltdown-in-practice\/23859\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/spectre-meltdown-in-practice\/19356\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/spectre-meltdown-in-practice\/26100\/"},{"hreflang":"en-gb","url":"https:\/\/www.kaspersky.co.uk\/blog\/spectre-meltdown-in-practice\/24069\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/spectre-meltdown-in-practice\/23858\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/spectre-meltdown-in-practice\/26793\/"},{"hreflang":"it","url":"https:\/\/www.kaspersky.it\/blog\/spectre-meltdown-in-practice\/26370\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/spectre-meltdown-in-practice\/32334\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/spectre-meltdown-in-practice\/43525\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/spectre-meltdown-in-practice\/18496\/"},{"hreflang":"pl","url":"https:\/\/plblog.kaspersky.com\/spectre-meltdown-in-practice\/15768\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/spectre-meltdown-in-practice\/28040\/"},{"hreflang":"ja","url":"https:\/\/blog.kaspersky.co.jp\/spectre-meltdown-in-practice\/32371\/"},{"hreflang":"nl","url":"https:\/\/www.kaspersky.nl\/blog\/spectre-meltdown-in-practice\/28065\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/spectre-meltdown-in-practice\/24802\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/spectre-meltdown-in-practice\/30205\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/spectre-meltdown-in-practice\/29994\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/guvenlik-aciklari\/","name":"g\u00fcvenlik a\u00e7\u0131klar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10485","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/665"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=10485"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10485\/revisions"}],"predecessor-version":[{"id":10487,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10485\/revisions\/10487"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/10486"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=10485"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=10485"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=10485"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}