{"id":10883,"date":"2022-07-26T18:28:15","date_gmt":"2022-07-26T15:28:15","guid":{"rendered":"https:\/\/www.kaspersky.com.tr\/blog\/?p=10883"},"modified":"2022-07-26T18:28:15","modified_gmt":"2022-07-26T15:28:15","slug":"hertzbleed-attack","status":"publish","type":"post","link":"https:\/\/www.kaspersky.com.tr\/blog\/hertzbleed-attack\/10883\/","title":{"rendered":"Hertzbleed nedir, ne onu bu kadar e\u015fsiz k\u0131lar?"},"content":{"rendered":"<p>Haziran ay\u0131nda \u00fc\u00e7 ABD \u00fcniversitesinden ara\u015ft\u0131rmac\u0131lar, CPU frekans\u0131ndaki de\u011fi\u015fikliklerin \u00fczerindeki y\u00fcke ba\u011fl\u0131 olmas\u0131n\u0131 (modern CPU\u2019lar\u0131n standart davran\u0131\u015f\u0131) k\u00f6t\u00fcye kullanan ger\u00e7ek bir sald\u0131r\u0131y\u0131 anlatan bir makale <a href=\"https:\/\/www.hertzbleed.com\/\" target=\"_blank\" rel=\"noopener nofollow\">yay\u0131nlad\u0131<\/a>. Hertzbleed ad\u0131 CPU frekans\u0131n\u0131n hertz birimiyle \u00f6l\u00e7\u00fclmesinden geliyor. \u0130sim, frekanstaki de\u011fi\u015fikli\u011fin veri s\u0131z\u0131nt\u0131s\u0131na yol a\u00e7mas\u0131na i\u015faret ediyor.<\/p>\n<p>Bu y\u00f6ntem bir donan\u0131m sald\u0131r\u0131s\u0131 olarak, yani donan\u0131mdaki g\u00fcvenlik a\u00e7\u0131klar\u0131n\u0131 ya da di\u011fer belirli zay\u0131fl\u0131kl\u0131klar\u0131 k\u00f6t\u00fcye kullanan bir sald\u0131r\u0131 olarak s\u0131n\u0131fland\u0131r\u0131labilir. Bu t\u00fcrde bir\u00e7ok sald\u0131r\u0131 olsa da neredeyse hepsi hedef bilgisayara veya belirli bir \u00e7ipe do\u011frudan eri\u015fim gerektiriyor. Ancak Hertzbleed uzaktan \u00e7al\u0131\u015fabiliyor!<\/p>\n<p>B\u00fcy\u00fck ilgi g\u00f6ren ara\u015ft\u0131rma karma\u015f\u0131k olmas\u0131na ra\u011fmen basit ve anla\u015f\u0131l\u0131r bir dille \u00f6zetlenebiliyor. Ancak konunun inceliklerini anlayabilmek i\u00e7in biraz arkaplan bilgisi gerekli. Bu y\u00fczden hem Hertzbleed\u2019in basit bir a\u00e7\u0131klamas\u0131n\u0131 hem de daha karma\u015f\u0131k (fakat yine de s\u00fcsl\u00fc grafikler veya anla\u015f\u0131lmas\u0131 g\u00fc\u00e7 hesaplamalar i\u00e7ermeyen) bir a\u00e7\u0131klamas\u0131n\u0131 yay\u0131nlamaya karar verdik.<\/p>\n<div id=\"attachment_10885\" style=\"width: 1034px\" class=\"wp-caption aligncenter\"><img loading=\"lazy\" decoding=\"async\" aria-describedby=\"caption-attachment-10885\" class=\"wp-image-10885 size-large\" src=\"https:\/\/media.kasperskydaily.com\/wp-content\/uploads\/sites\/91\/2022\/07\/25122308\/hertzbleed-attack-logo-1024x1024.png\" alt=\"\" width=\"1024\" height=\"1024\"><p id=\"caption-attachment-10885\" class=\"wp-caption-text\">Art\u0131k al\u0131\u015f\u0131ld\u0131\u011f\u0131 \u00fczere Hertzbleed\u2019in kendi sitesi ve logosu var. Logo, g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n \u00f6z\u00fcn\u00fc, yani CPU frekans\u0131 de\u011fi\u015ftirmenin s\u0131z\u0131nt\u0131lara yol a\u00e7mas\u0131n\u0131 yans\u0131t\u0131yor. <a href=\"https:\/\/www.hertzbleed.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Kaynak<\/a>.<\/p><\/div>\n<p>\u00a0<\/p>\n<h2>Basit a\u00e7\u0131klama<\/h2>\n<p>Modern CPU\u2019lar g\u00fc\u00e7ten tasarruf etmek i\u00e7in s\u00fcrekli ayn\u0131 frekans\u0131 s\u00fcrd\u00fcrmezler. Bunun yerine frekans (ve CPU voltaj\u0131) CPU\u2019nun y\u00fck\u00fcne g\u00f6re otomatik olarak ayarlan\u0131r. G\u00f6revler az oldu\u011funda frekans \u00e7ok d\u00fc\u015f\u00fck olabilir (\u00f6rne\u011fin nominal 3,2GHz\u2019in yerine 900MHz). \u00c7ok fazla g\u00f6rev varsa bir veya t\u00fcm CPU \u00e7ekirdeklerinin frekans\u0131 taban \u00e7izgisinin \u00fcst\u00fcne y\u00fckseltilebilir. Pratikte frekans de\u011fi\u015fiminin tek kriteri y\u00fck (yani g\u00f6revlerin say\u0131s\u0131 ve karma\u015f\u0131kl\u0131\u011f\u0131) de\u011fildir. \u00d6rne\u011fin, CPU fazla \u0131s\u0131nd\u0131\u011f\u0131nda da frekans d\u00fc\u015f\u00fcr\u00fclebilir.<\/p>\n<p>Ara\u015ft\u0131rmac\u0131lar bu yerel fonksiyonu kullanarak CPU\u2019nun bir veri \u015fifreleme program\u0131 kullan\u0131rkenki durumunu \u00f6l\u00e7meyi ve b\u00f6ylece hassas bilgileri \u00e7almay\u0131 ba\u015fard\u0131. Modern bir \u015fifreleme algoritmas\u0131n\u0131n belirli verileri i\u015flerken CPU\u2019yu frekans y\u00fckseltmeye \u201czorlayan\u201d bir \u00f6zelli\u011fini buldular. Frekans artt\u0131k\u00e7a veriler daha h\u0131zl\u0131 i\u015flenir ve sald\u0131r\u0131 alt\u0131ndaki bilgisayar isteklere daha h\u0131zl\u0131 yan\u0131t verir. Ara\u015ft\u0131rmac\u0131lar yan\u0131t s\u00fcresini \u00f6l\u00e7erek gizli \u015fifreleme anahtar\u0131n\u0131 yeniden olu\u015fturabilmeyi ba\u015fard\u0131. Bu anahtarla teorik olarak sanal bir \u00f6zel a\u011fda hedef sistem taraf\u0131ndan di\u011fer bilgisayarlarla payla\u015f\u0131lan verileri ele ge\u00e7irip \u015fifresini \u00e7\u00f6zebilirler. \u00dcstelik t\u00fcm bunlar\u0131 anahtar\u0131n \u201c\u00e7al\u0131nd\u0131\u011f\u0131\u201d fark edilmeden yapabilirler.<\/p>\n<p>Hertzbleed donan\u0131m sald\u0131r\u0131lar\u0131 fikrini yan kanal denen \u015feylerle geli\u015ftiriyor. Ayn\u0131 zamanda potansiyel kurbana a\u011f \u00fczerinden istek g\u00f6ndererek uzaktan veri \u00e7alma olas\u0131l\u0131\u011f\u0131n\u0131 da teorik olarak m\u00fcmk\u00fcn k\u0131l\u0131yor. Ancak \u015fimdilik bu yaln\u0131zca modern CPU\u2019larda karma\u015f\u0131k g\u00fcvenlik a\u00e7\u0131klar\u0131 ararken ger\u00e7ekle\u015ftirilen tamamen teorik bir egzersizden ibaret. Ne var ki gelecekte bu t\u00fcr sald\u0131r\u0131lar\u0131n \u201cbasitle\u015fmesi\u201d olas\u0131.<\/p>\n<h2>Biraz daha karma\u015f\u0131k bir a\u00e7\u0131klama<\/h2>\n<p><a href=\"https:\/\/encyclopedia.kaspersky.com\/glossary\/side-channel-attack\/\" target=\"_blank\" rel=\"noopener\"><em>Yan kanal sald\u0131r\u0131lar\u0131<\/em><\/a> tek bir \u00e7ipin veya b\u00fct\u00fcn bilgisayar\u0131n faaliyetlerini izleyerek dolayl\u0131 yoldan ger\u00e7ekle\u015ftirilir. Klasik yan kanal sald\u0131r\u0131 y\u00f6ntemi, \u00e7ipin t\u00fcketti\u011fi elektrik ak\u0131m\u0131ndaki de\u011fi\u015fiklikleri g\u00f6zlemlemeyi gerektirir. \u00d6rne\u011fin, \u00e7ip gizli bir anahtar kullanarak veri \u015fifresi \u00e7\u00f6zmekle me\u015fgulse baz\u0131 durumlarda g\u00fc\u00e7 t\u00fcketimindeki de\u011fi\u015fiklikler anahtar\u0131 yeniden olu\u015fturmak i\u00e7in kullan\u0131labilir.<\/p>\n<p>Yan kanallar hem yaz\u0131l\u0131m hem donan\u0131m tabanl\u0131 olabilir. \u00dcnl\u00fc <a href=\"https:\/\/meltdownattack.com\/\" target=\"_blank\" rel=\"noopener nofollow\">Spectre<\/a> \u00e7al\u0131\u015fmas\u0131, hassas bilgileri \u00e7almak i\u00e7in spek\u00fclatif y\u00fcr\u00fctme \u00f6zelliklerini k\u00f6t\u00fcye kullanan, do\u011frudan CPU\u2019nun i\u00e7erisinde yer alan bir yan kanal kullan\u0131r. Dahas\u0131, bazen CPU g\u00fc\u00e7 t\u00fcketimini izlemek i\u00e7in bilgisayara voltmetre takmaya da gerek kalmaz \u00e7\u00fcnk\u00fc \u00e7o\u011funlukla entegre voltmetreleri bulunur. Intel i\u015flemcilerin ortalama g\u00fc\u00e7 t\u00fcketimini izleyen bir sistem kullanarak Hertzbleed\u2019le ili\u015fkili bir sald\u0131r\u0131 geli\u015ftirildi bile.<\/p>\n<p>\u015eimdi <em>CPU frekans\u0131n\u0131n dinamik ayarlar\u0131na<\/em> bir bakal\u0131m. Bu, DVFS, yani dinamik voltaj ve frekans \u00f6l\u00e7eklendirme tekni\u011fiyle m\u00fcmk\u00fcn oluyor. Optimal \u00e7al\u0131\u015fma ko\u015fullar\u0131n\u0131 sa\u011flamak i\u00e7in (d\u00fc\u015f\u00fck y\u00fckte d\u00fc\u015f\u00fck t\u00fcketim, en \u00fcst kapasitede stabil faaliyet) ger\u00e7ekten de frekans\u0131n yan\u0131nda CPU voltaj\u0131 da de\u011fi\u015fiyor. Ara\u015ft\u0131rmac\u0131lar Intel i\u015flemcilerde nas\u0131l \u00e7ok say\u0131da DVFS deneyi y\u00fcr\u00fctt\u00fcklerini ayr\u0131nt\u0131l\u0131 olarak a\u00e7\u0131klam\u0131\u015f (Intel bu teknolojiye Turbo Boost diyor). CPU\u2019ya g\u00f6zard\u0131 edilebilir miktarda y\u00fck y\u00fckleyip (temel aritmetik hesaplamalar) frekans\u0131n nas\u0131l de\u011fi\u015fti\u011fini g\u00f6zlemlemi\u015fler. Birden fazla patern ortaya \u00e7\u0131km\u0131\u015f; m\u00fcmk\u00fcn oldu\u011funca \u00f6zetlemek gerekirse CPU frekans\u0131, bir hesaplama verisi setiyle artarken bir ba\u015fkas\u0131nda artmam\u0131\u015f. Ayr\u0131ca, artan frekans daha h\u0131zl\u0131 hesaplamalara, dolay\u0131s\u0131yla da daha h\u0131zl\u0131 sonuca yol a\u00e7m\u0131\u015f.<\/p>\n<p>T\u00fcm bunlarla ilgili \u00fc\u00e7\u00fcnc\u00fc bir teknoloji terimine bakal\u0131m: <em>Sabit zamanl\u0131 programlama<\/em>. Bu kavram bir programa \u015fifreleme algoritmas\u0131 uygularken \u00f6nem kazan\u0131yor. Girdi olarak verilen belirli bir ifadenin \u015fifreli halde \u00e7\u0131kt\u0131s\u0131n\u0131 veren bir program\u0131m\u0131z oldu\u011funu varsayal\u0131m. Veri girebiliyoruz ama gizli \u015fifreleme anahtar\u0131n\u0131 bilmiyoruz. Bu anahtar\u0131 y\u00fcr\u00fctme s\u00fcresini g\u00f6zlemleyerek belirleme \u00e7al\u0131\u015f\u0131yoruz, \u00e7\u00fcnk\u00fc fonksiyonun y\u00fcr\u00fctme s\u00fcresi girilen veriye ba\u011fl\u0131. Bu durum, girilen say\u0131 dizisi gizli dijital koda yak\u0131n oldu\u011funda biraz daha farkl\u0131 bir tepki vererek \u201cs\u0131cak\/so\u011fuk\u201d ipu\u00e7lar\u0131 veren kilitli bir kasay\u0131 a\u00e7maya \u00e7al\u0131\u015fmaya benzetilebilir.\u00a0 \u015eifreleme algoritmas\u0131 uygulayan programlar\u0131n \u00e7o\u011fu, anahtar\u0131 bu yolla belirlemeye y\u00f6nelik giri\u015fimleri \u00f6nlemek i\u00e7in bir koruma mekanizmas\u0131na sahiptir, sabit zamanl\u0131 programlaman\u0131n prensibi budur.<\/p>\n<p>Hertzbleed \u00e7al\u0131\u015fmas\u0131n\u0131n en \u00f6nemli sonucu, <em>CPU frekans\u0131n\u0131n dinamik ayarlanmas\u0131n\u0131n<\/em> <em>sabit zamanl\u0131 programlama<\/em> prensibini, yani \u015fifrelemede zaman\u0131n de\u011fi\u015fmemesi kural\u0131n\u0131 bozmas\u0131. Yazarlar bundan nas\u0131l faydalan\u0131labilece\u011fini de g\u00f6steriyor. Bunun i\u00e7in ger\u00e7ek zamanl\u0131 veri \u015fifreleme yaz\u0131l\u0131m\u0131na sahip bir sisteme karakter dizisi beslemesi yap\u0131yorlar, ard\u0131ndan program \u015fifreyi \u00e7\u00f6zmeye \u00e7al\u0131\u015f\u0131yor. Girdiler bir sald\u0131rgan\u0131n \u015fifreleme anahtar\u0131n\u0131 yeniden olu\u015fturmas\u0131na izin verecek \u015fekilde se\u00e7iliyor. Dahas\u0131, anahtar <em>bir yan kanal \u00fczerinden<\/em> al\u0131n\u0131yor, yani veri s\u0131z\u0131nt\u0131s\u0131 CPU frekans\u0131ndaki, dolay\u0131s\u0131yla program y\u00fcr\u00fctme ve sald\u0131rgan\u0131n iste\u011fine yan\u0131t verme s\u00fcresindeki bir de\u011fi\u015fiklik sonucu olu\u015fuyor.<\/p>\n<h2>Eksik sonu\u00e7lar<\/h2>\n<p>Hertzbleed ile ilgili \u201cbiraz daha karma\u015f\u0131k a\u00e7\u0131klamam\u0131zda\u201d ara\u015ft\u0131rmac\u0131lar\u0131n sundu\u011fu bilginin yakla\u015f\u0131k %0,05\u2019ini kapsayabildik. \u00c7al\u0131\u015fma bi\u00e7imiyle ilgili say\u0131s\u0131z ba\u015fka n\u00fcans var. \u00d6zellikle belirtmek gerekirse yan\u0131t s\u00fcresindeki veya frekanstaki de\u011fi\u015fiklikler \u00fczerinden s\u0131z\u0131nt\u0131y\u0131 m\u00fcmk\u00fcn k\u0131lmak i\u00e7in gerekli ko\u015fullar\u0131 yaratmak \u00fczere SIKE anahtar kaps\u00fclleme algoritmas\u0131n\u0131n bir \u00f6zelli\u011fini kulland\u0131lar. Bu, yukar\u0131da bahsetti\u011fimiz gibi, sald\u0131r\u0131lan yaz\u0131l\u0131mda \u00f6nemli bilgilerin \u00e7al\u0131nmas\u0131n\u0131 sa\u011flamak i\u00e7in do\u011fru ko\u015fullar\u0131n olu\u015fmas\u0131n\u0131 gerektiren Spectre sald\u0131r\u0131s\u0131na benziyor. A\u00e7\u0131k\u00e7as\u0131 \u00e7al\u0131\u015fman\u0131n sonu\u00e7lar\u0131na bakarak g\u00fcvenlik a\u00e7\u0131\u011f\u0131n\u0131n CPU\u2019da m\u0131 yoksa programda m\u0131 oldu\u011funu tart\u0131\u015fmas\u0131z bi\u00e7imde s\u00f6yleyebilmek m\u00fcmk\u00fcn de\u011fil.<\/p>\n<p>Ayr\u0131ca, uygulaman\u0131n g\u00f6ze batan bir y\u00f6n\u00fcnden de bahsetmemiz gerekiyor: Ara\u015ft\u0131rmac\u0131lar ger\u00e7ek ve pratik (teorik de\u011fil) bir sald\u0131r\u0131 d\u00fczenlemi\u015f olsalar da bunu kontroll\u00fc ko\u015fullar alt\u0131nda ger\u00e7ekle\u015ftirdiler. Girdi ba\u015f\u0131na yan\u0131t s\u00fcresindeki de\u011fi\u015fiklik daima sabitti. Peki ya CPU ayn\u0131 anda yan\u0131t s\u00fcresini etkileyen ve veriyi daha g\u00fcr\u00fclt\u00fcl\u00fc hale getiren ba\u015fka g\u00f6revler de y\u00fcr\u00fct\u00fcyor olsayd\u0131? Son olarak, bu ideal ko\u015fullar alt\u0131nda bile \u015fifreleme anahtar\u0131n\u0131n yeniden olu\u015fturulmas\u0131 (iki farkl\u0131 deneyde) 36 ve 89 saat s\u00fcrd\u00fc! Bu s\u00fcre zarf\u0131nda \u015fifreleme program\u0131na saniyede binlerce istek g\u00f6nderildi; yaz\u0131l\u0131m ve donan\u0131m operasyondaki t\u00fcm gerekli \u00f6zelliklerin s\u0131z\u0131nt\u0131y\u0131 ortaya \u00e7\u0131karmak \u00fczere uyumlanmas\u0131n\u0131 sa\u011flaman\u0131n tek yolu buydu. Bu \u00e7ok uzun bir s\u00fcre.<\/p>\n<p>Bu y\u00fczden \u00e7al\u0131\u015fmaya verilen tepkiler mu\u011flak. Bir yandan, g\u00fcvenlik a\u00e7\u0131klar\u0131na her zamanki gibi tan\u0131mlay\u0131c\u0131lar atand\u0131: Intel i\u00e7in CVE-2022-23823, AMD i\u00e7in ise CVE-2022-24436. Ne de olsa sorun CPU\u2019larda gibi g\u00f6r\u00fcn\u00fcyordu. Ancak <a href=\"https:\/\/community.intel.com\/t5\/Blogs\/Products-and-Solutions\/Security\/Chips-Salsa-Episode-19-June-2022-Security-Advisories-Hertzbleed\/post\/1392094\" target=\"_blank\" rel=\"noopener nofollow\">Intel<\/a> ve <a href=\"https:\/\/www.amd.com\/en\/corporate\/product-security\/bulletin\/amd-sb-1038\" target=\"_blank\" rel=\"noopener nofollow\">AMD<\/a>, etkilenen sistemler i\u00e7in (Intel\u2019de 8. ila 11. nesil CPU\u2019lar) herhangi bir g\u00fcncelleme yay\u0131nlama planlar\u0131 olmad\u0131\u011f\u0131n\u0131 a\u00e7\u0131klad\u0131. Asl\u0131na bak\u0131l\u0131rsa SIKE algoritmas\u0131ndaki de\u011fi\u015fiklik, g\u00f6sterilen bu sald\u0131r\u0131y\u0131 imkans\u0131z hale getiriyor. \u015eifreleme sistemlerindeki unsurlardan biri olarak SIKE\u2019yi kullanan Microsoft ve Cloudfare kendi yaz\u0131l\u0131mlar\u0131n\u0131 g\u00fcncelleri.<\/p>\n<p>Yine de \u00e7al\u0131\u015fman\u0131n \u00f6nemi b\u00fcy\u00fck. 2018\u2019deki Spectre gibi, bu yeni s\u0131n\u0131f sald\u0131r\u0131larla yine kar\u015f\u0131la\u015faca\u011f\u0131z. CPU frekans\u0131n\u0131n dinamik ayar\u0131 \u00fczerinden veri s\u0131z\u0131nt\u0131s\u0131n\u0131n bir \u00f6rne\u011fi g\u00f6sterilebiliyorsa di\u011fer \u00f6rnekler de arkadan gelecektir. Ayr\u0131ca \u00e7al\u0131\u015fma kriptograflar i\u00e7in de \u00f6nemli. \u201cKuantum sonras\u0131 kriptografi \u00e7\u00f6z\u00fcm\u00fc\u201d unvan\u0131na aday olan SIKE olduk\u00e7a yeni bir algoritma. Yan kanal sald\u0131r\u0131lar\u0131na kar\u015f\u0131 sa\u011flaml\u0131\u011f\u0131 analiz edildi ve olduk\u00e7a dayan\u0131kl\u0131 oldu\u011fu g\u00f6r\u00fcld\u00fc. Ancak Hertzbleed \u00e7al\u0131\u015fmas\u0131 yeni opsiyonlar\u0131n ortaya \u00e7\u0131kt\u0131\u011f\u0131n\u0131 g\u00f6steriyor.<\/p>\n<p>Sonu\u00e7ta bu t\u00fcr \u00e7al\u0131\u015fmalarda genellikle oldu\u011fu gibi bu sald\u0131r\u0131 \u201cke\u015ffedilmi\u015f\u201d olsa da ger\u00e7ek hayatta eksiksiz ve ba\u015far\u0131l\u0131 bir \u015fekilde uygulanam\u0131yor. Hacklenmeye kar\u015f\u0131 hassas olan CPU ve program geli\u015ftiriciler bu \u00e7al\u0131\u015fmadan kendilerine g\u00f6re sonu\u00e7lar \u00e7\u0131kar\u0131p ger\u00e7ekte herhangi bir \u015fey \u00e7almak m\u00fcmk\u00fcn hale gelmeden \u00f6nce gerekli de\u011fi\u015fiklikleri yapacaklar. Ancak bu veya ba\u015fka ara\u015ft\u0131rmac\u0131lar\u0131n bir sonraki sefer sald\u0131rganlar\u0131n \u015fifrelenmi\u015f a\u011f trafi\u011fine s\u0131zmas\u0131na ya da anonim kalarak \u015fifreyi k\u0131rmas\u0131na olanak veren ba\u015fka bir \u015fey bulmalar\u0131 olas\u0131l\u0131klar dahilinde. Bu \u00e7al\u0131\u015fmada g\u00f6sterilenlerin o boyutta nas\u0131l olabilece\u011fini hayal etmek m\u00fcmk\u00fcn. Fakat b\u00f6yle bir \u015fey hen\u00fcz kan\u0131tlanmad\u0131 ve Hertzbleed \u00e7al\u0131\u015fmas\u0131 da bunun kolay bir i\u015f olmad\u0131\u011f\u0131n\u0131 g\u00f6steriyor (basit bir dille anlatmakta bu kadar zorlanmam\u0131zdan anla\u015f\u0131l\u0131yor). Spectre s\u0131n\u0131f\u0131 g\u00fcvenlik a\u00e7\u0131klar\u0131 i\u00e7in d\u00f6rt y\u0131ldan uzun s\u00fcredir <a href=\"https:\/\/www.kaspersky.com.tr\/blog\/spectre-meltdown-in-practice\/10485\/\" target=\"_blank\" rel=\"noopener\">b\u00f6yle bir ke\u015fif ortaya konmad\u0131<\/a>. Burada da i\u015fler b\u00fcy\u00fck olas\u0131l\u0131kla ayn\u0131 olacak. Birka\u00e7 y\u0131l sonra ilk raporu biraz daha geli\u015ftiren ve netle\u015ftiren ba\u015fka bir rapor \u00e7\u0131kacak. Bu da gayet olumlu bir \u00e7\u0131kar\u0131m. Ne de olsa bilgi g\u00fcvenli\u011fi alan\u0131nda yeterince sorunumuz var!<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Son zamanlar\u0131n en karma\u015f\u0131k ama bir o kadar da anla\u015f\u0131lmas\u0131 kolay bilgi g\u00fcvenli\u011fi ara\u015ft\u0131rmalar\u0131ndan biri<\/p>\n","protected":false},"author":665,"featured_media":10884,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_acf_changed":false,"footnotes":""},"categories":[1726,1194,1727],"tags":[2567,790,1505],"class_list":{"0":"post-10883","1":"post","2":"type-post","3":"status-publish","4":"format-standard","5":"has-post-thumbnail","7":"category-enterprise","8":"category-business","9":"category-smb","10":"tag-cpular","11":"tag-guvenlik-aciklari","12":"tag-spectre"},"hreflang":[{"hreflang":"tr","url":"https:\/\/www.kaspersky.com.tr\/blog\/hertzbleed-attack\/10883\/"},{"hreflang":"en-in","url":"https:\/\/www.kaspersky.co.in\/blog\/hertzbleed-attack\/24346\/"},{"hreflang":"en-ae","url":"https:\/\/me-en.kaspersky.com\/blog\/hertzbleed-attack\/19812\/"},{"hreflang":"en-us","url":"https:\/\/usa.kaspersky.com\/blog\/hertzbleed-attack\/26719\/"},{"hreflang":"es-mx","url":"https:\/\/latam.kaspersky.com\/blog\/hertzbleed-attack\/25052\/"},{"hreflang":"es","url":"https:\/\/www.kaspersky.es\/blog\/hertzbleed-attack\/27390\/"},{"hreflang":"ru","url":"https:\/\/www.kaspersky.ru\/blog\/hertzbleed-attack\/33493\/"},{"hreflang":"x-default","url":"https:\/\/www.kaspersky.com\/blog\/hertzbleed-attack\/44824\/"},{"hreflang":"fr","url":"https:\/\/www.kaspersky.fr\/blog\/hertzbleed-attack\/19160\/"},{"hreflang":"pt-br","url":"https:\/\/www.kaspersky.com.br\/blog\/hertzbleed-attack\/19724\/"},{"hreflang":"de","url":"https:\/\/www.kaspersky.de\/blog\/hertzbleed-attack\/29043\/"},{"hreflang":"ru-kz","url":"https:\/\/blog.kaspersky.kz\/hertzbleed-attack\/25222\/"},{"hreflang":"en-au","url":"https:\/\/www.kaspersky.com.au\/blog\/hertzbleed-attack\/30710\/"},{"hreflang":"en-za","url":"https:\/\/www.kaspersky.co.za\/blog\/hertzbleed-attack\/30458\/"}],"acf":[],"banners":"","maintag":{"url":"https:\/\/www.kaspersky.com.tr\/blog\/tag\/guvenlik-aciklari\/","name":"g\u00fcvenlik a\u00e7\u0131klar\u0131"},"_links":{"self":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10883","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/users\/665"}],"replies":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/comments?post=10883"}],"version-history":[{"count":1,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10883\/revisions"}],"predecessor-version":[{"id":10886,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/posts\/10883\/revisions\/10886"}],"wp:featuredmedia":[{"embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media\/10884"}],"wp:attachment":[{"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/media?parent=10883"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/categories?post=10883"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.kaspersky.com.tr\/blog\/wp-json\/wp\/v2\/tags?post=10883"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}