GNUtards BTFO
Images are sometimes not shown due to bandwidth/network limitations. Refreshing the page usually helps.
You are currently reading a thread in /g/ - Technology
You are currently reading a thread in /g/ - Technology
> https://hmarco.org/bugs/CVE-2015-8370-Grub2-authentication-bypass.html
> To quickly check if your system is vulnerable, when the Grub ask you the username, press the Backspace 28 times. If your machine reboots or you get a rescue shell then your Grub is affected.
> There are two functions which suffer the same integer underflow fault. The grub_username_get() and grub_password_get() located in grub-core/normal/auth.c and lib/crypto.c respectively. Both functions are equal except for a call to printf() in the grub_username_get(). The PoC described here is based only on exploiting the grub_username_get() to obtain a Grub rescue shell.
This is why nobody takes GNU serious...
works for me
>>51917246
If you use GRUB, you're a fucking faggot. Besides, if someone already has physical acsess to your PC it's game over anyway.
>>51917246
you obviously don't know what you're talking about.
it's a feature almost nobody uses - that's why it was only discovered now. on 99.99% of desktop installations, this will not work.
even if you find a system where it works, it doesn't compromise the whole system. not even close.
oh yeah, the attacker also needs physical access to the device in question.
aand it's already patched.
>>51917246
Nobody uses Grub in this manner. Kill yourself.
someone could also point a gun to your head and make you give the password if they have local access
>>51917246
if someone has physical access to your computer, a grub vuln is the least thing you should care about
>>51917246
>20 years, not even 2%
>YFW Google, Apple, Microsoft, Oracle, and everyone and their grandcat uses GNU
>>51917324
>it's a feature almost nobody uses - that's why it was only discovered now.
Security by obscurity?
I thought that was anathema to you FOSS guys.
Many eyes force bugs to the surface and all that. Doesn't work when nobody's looking, eh?
This is just hilarious
>>51917324
stfu faggot
>linux
>secure
HAHAHAHA
>>51917639
Dumb animeposter
Reminder
>>51917856
win c u c k with backdoored OS btfo
>>51917271
>If you use GRUB, you're a fucking faggot.
What do you use?
In two minds on this.
Firstly yeah, the people saying how secure GNU/Linux is compared to Windows have had a bad two years of it as it turned out practically everything didn't really work right.
However, the patches are incredibly fast to get released, this is a physical access vulnerability so you know, someone got into your hypervisor cluster or got into your server room, you're already fucked.
>>51918533
>HAHAHA
>Taking your opinion seriously
>>51918608
I've been living under a rock, what's this?
>>51918710
It's from a series of facts
>>51917246
>btfo
I knew it was bait
>needs physical access
i never allow anyone to access my computer
>patches released by redhat
op has proved to me how bad his reading skills are
>hundreds of distros
>2%
>fags still imply its a decent os
faggots.
>>51918608
>>51918752
>>51918784
This is ancient FUD microsoft tried spreading about linux years ago.
>>51917639
mfw end users like the fags here
>>51918832
It's still true to this day
>>51917246
If you have physical access to a machine just plug a usb stick with your own bootloader on it and you can bypass anything.
>>51918832
Actually implying cobbled together decentralized programmers of widely varying skill are better than Microsoft.
that's like saying the government ISIS formed that's amateurish at best is better than Denmarks.
>>51918864
you're not even trying, are you, Pajheet?
>>51918936
>>51918965
$2.50 has been deposited into your account
>>51918624
probably syslinux or efistub
>>51917738
>Security by obscurity?
that's not what security by obscurity means at all.
>>51918608
>mfw Linux is actually faster than windows in the x86-64 versions
anyone who knows proper programming is aware of that, but I don't think that anyone here knows what calling conventions are
>>51919077
I think I have an understanding of the conventions but can you give an actual example or just a hypothetical explanation? Genuinely interested in learning all I can since I switched to linux
>>51917246
Actually I've never thought I'd live to see the day Capcom will announce they're planning to release their new game on Linux, but here we are.
source: http://www.capcom-unity.com/street_fighter/blog/2015/12/17/announcing-steam-os-support-for-sfv
>>51919132
Linux uses far more registers for passing arguments to functions. Windows uses 4 and Linux 14. Calling a function that uses more than 4 arguments on Windows, it causes to use the stack, which it far slower.
>>51919274
This. BSD system calls are similar to Windows (at least, in the sense of how you pass in arguments) by default, though BSD is capable of doing both for 32 bit x86.
>>51917246
that picture is a meme
GNU/Linux target audience never was desktop
It dominates server, and embedded markets though
>using grub
found you'are problem
>>51917856
>can't argue
