A pair of security researchers from the
Get linux you said. Linux is hurr durr secure you said.
University of Valencia have uncovered a bizarre bug in several distributions of Linux that could allow anyone to bypass any kind of authentication during boot-up just by pressing backspace key 28 times.
http://thehackernews.com/2015/12/hack-linux-grub-password.html?utm_source=THNPS&utm_medium=sidebarPS&utm_campaign=PS
So a bug was found and subsequently patched. Problem solved.
How many threads do we need to have on something that has already been patched and honestly is a non-issue anyway?
>>51937753
>Just hit the backspace key 28 times at the Grub username prompt during power-up. This will open a "Grub rescue shell" under Grub2 versions 1.98 to version 2.02.
>Grub2
>linux
You're a fucking retard, OP.
Are these FUD linux security posts sponsored by Microsoft? We keep seeing the same post about a security but thats no relevant to any one.
>it's open source! That means security flaws can't persist because there's just so many eyes on it!
>6 years
>"backspace out"
>>51937893
>make an ignorant post
>people make you look like an idiot
>strawman to all shit
Yeah that's how these threads go
>>51937893
Nice strawman. Our actual argument is that we are always permitted to improve the software at any time we choose. This means as soon a problem is made known, we will fix that problem ASAP.
This only matters if your boot loader uses authentication. This bug makes no difference on most desktops.
>needs hardware access
>matters
At that point you can just remove the HDD and do anything you want.
>"Linux is secure" meme
>>51938074
You must be a Microsoft employee.
>>51938044
Breddy much. I don't know many people who use Grub2 for authentication. Disk encryption is better.
>>51938074
Linux is nowhere close to Windows in exploit numbers. Enjoy your viruses
>>51938106
I don't know many people who use GRUB when you can just make an EFI stub kernel. Boot loaders are completely useless and unnecessary.
what a fucking surprise
grub is so bloated this was bound to happen
>>51938108
Windows bootloader has no authentication whatsoever. Which is no big deal, because it's a dumb place to put it. See >>51938106. Nobody is affected by this bug by default. You have to opt in and there's no good reason to do so.
>replace grub with syslinux for shits and giggles years ago
>too lazy to change it back
>>51938136
I use GRUB. It's simple. But I don't use it for authentication like a tard. I literally don't know a single person who has.
And besides, you gotta have physical access to even do this shit in the first place.
>>51937753
>guise there's a hax in Linucks!
>posts bootloader exploit
>>51938095
>Y-y-y-y-you shill!
Kid, I'd love to get payed to shitpost but we both know that's just a meme
>A bug found in some versions of GRUB that no one was probably going to exploit anyway has now been patched and taken care of
Wow yeah linux is so insecure, here goy sign up for this free installment of windows 10, now with start menu advertisements and bundled updates
Fuck off
>not having an BIOS password
