{"id":107541,"date":"2021-01-08T11:33:22","date_gmt":"2021-01-08T10:33:22","guid":{"rendered":"https:\/\/blog.jetbrains.com\/?post_type=blog&p=107541"},"modified":"2021-01-08T11:33:22","modified_gmt":"2021-01-08T10:33:22","slug":"solarwinds-hakkinda-yeni-aciklama","status":"publish","type":"blog","link":"https:\/\/blog.jetbrains.com\/tr\/blog\/2021\/01\/08\/solarwinds-hakkinda-yeni-aciklama\/","title":{"rendered":"SolarWinds Hakk\u0131nda Yeni A\u00e7\u0131klama"},"content":{"rendered":"

SolarWinds ihlaline<\/a> ili\u015fkin olarak m\u00fc\u015fterilerimize bir ba\u015fka g\u00fcncel a\u00e7\u0131klama sunmak istiyoruz. Bu noktada d\u00fcn yay\u0131nlad\u0131\u011f\u0131m\u0131z<\/a> mesaj\u0131 yineliyoruz: bu ihlalde hi\u00e7bir rol oynamad\u0131k ve ne ihlale yol a\u00e7m\u0131\u015f olabilecek TeamCity’deki g\u00fcvenlik a\u00e7\u0131klar\u0131na, ne de y\u00fcr\u00fct\u00fclmekte olan herhangi bir soru\u015fturmaya dair bilgimiz var.<\/p>\n

TeamCity nedir ve neden haberlerde ad\u0131 ge\u00e7iyor?
\n<\/strong>TeamCity, bizim S\u00fcrekli Entegrasyon ve Da\u011f\u0131t\u0131m Arac\u0131m\u0131zd\u0131r. Yaz\u0131l\u0131mlar\u0131 geli\u015ftirmek, test etmek ve iste\u011fe ba\u011fl\u0131 olarak da\u011f\u0131t\u0131mlar\u0131n\u0131 yapmak i\u00e7in kullan\u0131l\u0131r. \u015eu anda genel anlamda yaln\u0131zca kullan\u0131c\u0131 taraf\u0131ndan bar\u0131nd\u0131r\u0131lan ba\u011f\u0131ms\u0131z bir uygulama olarak mevcuttur, yani son kullan\u0131c\u0131, her t\u00fcrl\u00fc g\u00fcvenlik ve eri\u015fim ayarlar\u0131 dahil olmak \u00fczere sistemi kurmak, yap\u0131land\u0131rmak ve bak\u0131m\u0131n\u0131 yapmaktan sorumludur.<\/p>\n

Mevcut kamuya a\u00e7\u0131k bilgilere (ne SolarWinds ne de herhangi bir devlet kurumu ihlale dair herhangi bir ayr\u0131nt\u0131yla bize ula\u015fmad\u0131\u011f\u0131ndan bug\u00fcne kadar t\u00fcm bildiklerimiz bunlar) dayanarak, SolarWinds’e yap\u0131lan sald\u0131r\u0131n\u0131n geli\u015ftirme s\u00fcre\u00e7lerini hedef ald\u0131\u011f\u0131 g\u00f6r\u00fcl\u00fcyor (medyan\u0131n tedarik zinciri sald\u0131r\u0131s\u0131 olarak adland\u0131rd\u0131\u011f\u0131 \u015fey). SolarWinds, yaz\u0131l\u0131m geli\u015ftirme i\u015flemi s\u0131ras\u0131nda di\u011fer ara\u00e7lar\u0131n yan\u0131 s\u0131ra TeamCity’yi kullan\u0131yor. Ancak, bu noktada, SolarWinds s\u00f6zc\u00fclerinin a\u00e7\u0131klamalar\u0131nda da belirtildi\u011fi \u00fczere, TeamCity’nin bu hususta herhangi bir rol oynad\u0131\u011f\u0131na dair hi\u00e7bir kan\u0131t yoktur.<\/p>\n

\n

Bir SolarWinds s\u00f6zc\u00fcs\u00fc, “Bir\u00e7ok \u015firket gibi SolarWinds de yaz\u0131l\u0131m geli\u015ftirmeye yard\u0131mc\u0131 olmak i\u00e7in TeamCity isimli bir JetBrains \u00fcr\u00fcn\u00fc kullan\u0131yor. Hala devam etmekte olan soru\u015fturmam\u0131z\u0131n bir par\u00e7as\u0131 olarak t\u00fcm \u015firket i\u00e7i ve \u015firket d\u0131\u015f\u0131 ara\u00e7lar\u0131m\u0131z\u0131 inceliyoruz” diye belirtti. “\u015eirket, TeamCity \u00fcr\u00fcn\u00fcn\u00fcn g\u00fcvenlik a\u00e7\u0131\u011f\u0131 olay\u0131na kar\u0131\u015ft\u0131\u011f\u0131na dair herhangi bir kan\u0131ta rastlamam\u0131\u015ft\u0131r” diye de vurgulad\u0131.<\/p>\n<\/blockquote>\n

<\/p>\n

The Wall Street Journal<\/a>‘da ayr\u0131nt\u0131lara ula\u015fabilirsiniz.<\/p>\n

TeamCity’nin, SolarWinds taraf\u0131ndan yaz\u0131l\u0131m geli\u015ftirme s\u00fcrecinde kullan\u0131lan ara\u00e7lardan biri olmas\u0131n\u0131n, haberlerde yer almas\u0131na neden oldu\u011funu d\u00fc\u015f\u00fcn\u00fcyoruz.<\/p>\n

JetBrains veya TeamCity’nin g\u00fcvenlikleri tehlikeye mi d\u00fc\u015ft\u00fc?<\/strong>
\n\u015eimdiye kadar TeamCity veya JetBrains’de b\u00f6yle bir duruma neden olabilecek g\u00fcvenlik sorunlar\u0131 hi\u00e7bir \u015fekilde olmam\u0131\u015ft\u0131r. \u00dcstelik, yaln\u0131zca yaz\u0131l\u0131m\u0131m\u0131z i\u00e7in d\u00fczenli olarak planlanm\u0131\u015f denetimler yapmakla kalm\u0131yor, ayn\u0131 zamanda \u015fimdi TeamCity i\u00e7in ayr\u0131 bir ba\u011f\u0131ms\u0131z g\u00fcvenlik denetimi haz\u0131rl\u0131yoruz. \u00dcr\u00fcnde s\u00f6z konusu ihlale yol a\u00e7m\u0131\u015f olabilecek herhangi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 bulursak, bu konuda tamamen \u015feffaf olaca\u011f\u0131z ve m\u00fc\u015fterilerimizi G\u00fcvenlik ve Gizlilik politikalar\u0131m\u0131z<\/a> kapsam\u0131nda bilgilendirece\u011fiz.<\/p>\n

Ayr\u0131ca belirtmemiz gerekir ki biz SolarWinds Orion veya s\u00f6z konusu \u015firkete ait ba\u015fka bir yaz\u0131l\u0131m\u0131 kullanm\u0131yoruz.<\/p>\n

Bu durum IDE’lerinizi veya di\u011fer ara\u00e7lar\u0131 etkiliyor mu?<\/strong>
\nIDE’lerimiz ba\u011f\u0131ms\u0131z ara\u00e7lard\u0131r ve onlar\u0131 geli\u015ftirmek i\u00e7in kendi TeamCity kurulumumuzu kullanmam\u0131z d\u0131\u015f\u0131nda aralar\u0131nda hi\u00e7bir ili\u015fki yoktur. Sunucular\u0131m\u0131zdan herhangi birinin veya ba\u011f\u0131ms\u0131z ara\u00e7lar\u0131m\u0131z\u0131n kurcaland\u0131\u011f\u0131n\u0131 g\u00f6steren hi\u00e7bir kan\u0131t\u0131m\u0131z yok ve TeamCity’de yapt\u0131\u011f\u0131m\u0131z gibi, ara\u00e7lar\u0131m\u0131z ve sistemlerimiz \u00fczerinde d\u00fczenli g\u00fcvenlik denetimleri y\u00fcr\u00fct\u00fcyoruz.<\/p>\n

JetBrains ara\u00e7lar\u0131n\u0131 kullan\u0131rken g\u00fcvende miyim?<\/strong>
\nFBI taraf\u0131ndan yap\u0131lan soru\u015fturmalara at\u0131fta bulunanlar ve SolarWinds’in kendi a\u00e7\u0131klamalar\u0131 dahil olmak \u00fczere \u015fimdiye kadar yay\u0131nlanan yaz\u0131lar\u0131n hi\u00e7biri, TeamCity’nin geli\u015ftirme s\u00fcrecine yetkisiz eri\u015fime izin verebilecek herhangi bir g\u00fcvenlik a\u00e7\u0131\u011f\u0131 veya arka kap\u0131ya sahip oldu\u011funa dair herhangi bir kan\u0131t g\u00f6stermedi.<\/p>\n

Bu nedenle, ara\u00e7lar\u0131m\u0131zdan herhangi birinin tehlikede olabilece\u011fini d\u00fc\u015f\u00fcnd\u00fcrecek hi\u00e7bir bilgiye veya kan\u0131ta sahip de\u011filiz ve dolay\u0131s\u0131yla ara\u00e7lar\u0131m\u0131z\u0131 kullanmaya devam etme konusunda herhangi bir risk alt\u0131nda oldu\u011funuza inanm\u0131yoruz.<\/p>\n

SolarWinds ile ilgili soru\u015fturman\u0131n m\u00fcmk\u00fcn olan en k\u0131sa s\u00fcrede sonu\u00e7land\u0131r\u0131lmas\u0131n\u0131 ve ara\u00e7lar\u0131m\u0131z ve \u015firketimiz hakk\u0131ndaki yanl\u0131\u015f beyanlar\u0131 ortadan kald\u0131rmas\u0131n\u0131 umuyoruz. Devlet kurumlar\u0131yla ve g\u00fcvenlik ara\u015ft\u0131rmac\u0131lar\u0131yla tam i\u015fbirli\u011fi yapaca\u011f\u0131m\u0131z\u0131 tekrarlamak isteriz.<\/p>\n

20 y\u0131l\u0131 a\u015fk\u0131n s\u00fcredir, m\u00fc\u015fterilerimize kar\u015f\u0131 \u015feffaf, d\u00fcr\u00fcst ve samimi olmak temel dayanaklar\u0131m\u0131zdan biri olmu\u015ftur ve hi\u00e7bir \u015fey bizi itibar\u0131m\u0131za zarar veren ve m\u00fc\u015fterilerimizde \u015f\u00fcphe uyand\u0131ran as\u0131ls\u0131z iddialar g\u00f6rmekten daha fazla \u00fczemez.<\/p>\n

Deste\u011finiz i\u00e7in \u00e7ok minnettar\u0131z ve sizi geli\u015fmelerden haberdar etmeye devam edece\u011fiz.<\/p>\n

Te\u015fekk\u00fcrler.<\/p>\n

Maxim Shafirov
\n\u0130cra Kurulu Ba\u015fkan\u0131<\/p>\n","protected":false},"author":902,"featured_media":0,"comment_status":"closed","ping_status":"closed","template":"","categories":[],"tags":[],"cross-post-tag":[],"acf":[],"_links":{"self":[{"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/blog\/107541"}],"collection":[{"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/blog"}],"about":[{"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/types\/blog"}],"author":[{"embeddable":true,"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/users\/902"}],"replies":[{"embeddable":true,"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/comments?post=107541"}],"version-history":[{"count":2,"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/blog\/107541\/revisions"}],"predecessor-version":[{"id":107543,"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/blog\/107541\/revisions\/107543"}],"wp:attachment":[{"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/media?parent=107541"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/categories?post=107541"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/tags?post=107541"},{"taxonomy":"cross-post-tag","embeddable":true,"href":"https:\/\/blog.jetbrains.com\/tr\/wp-json\/wp\/v2\/cross-post-tag?post=107541"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}