LINUX SUCKS
Images are sometimes not shown due to bandwidth/network limitations. Refreshing the page usually helps.
You are currently reading a thread in /g/ - Technology
You are currently reading a thread in /g/ - Technology
Did you fall for the "Linux is more secure" meme?
No one uses grub except NEETS
>>51959210
grub is not insecure
>>51959210
A.K.A. the /g/ demographic
>GNU gRand Unified Buttloader
nigga what did you expect
everybody worth their weight in beans knows that gnu generally writes awful software and as much of it should be dispensed with as possible
consequently, everybody worth their weight in beans uses lilo on bios systems and rEFInd on uefi
who the fuckk puts a password on GRUB?
pro tip: no one
wow, you hack literally nothing
>>51959194
Linux is so damn secure not even you can access the contents of your hard drives on install
>>51959194
>already patched
>only affected idiots who relied only on a grub password
>complaining about security when the attacker would have had to have had physical contact with the device when there are better things the attacker could do in this time.
>>51959261
>putting a password on grub
>forcing an attacker to just use a bootable USB drive to access your data
>muh security
>>51959194
>falling for the technology reporting meme
>>51959298
>claims it's already patched
>doesn't realise Linux users have been using an insecure system for several years
>doesn't know Linux has several more undeclared backdoors
>still feel secure
/thread
If this is how inaccurately technology is reported on, how can you trust journalists for reporting on other things like world events?
>>51959329
>ignores rest of post
>muh there's more backdoors
Yeah and windows and mac is just a poster child and has no backdoors that are undiscovered...
>>51959313
> not encrypting the hard disk
>>51959329
Everyone is using an insecure system.
Linux just has less people actively exploiting it and more people actively improving it.
>>51959313
my drive is encrypted
>>51959360
>>51959352
>having to encrypt your entire harddrive because your OS is so shit
Its not like most freetard use computers where changing and hard drive only require a screwdriver in worse case scenario.
If you have physical access to the machine then security is a lot harder.
Windows runs everything as root if you are not logged in. Booting from USB and then renaming cmd to utilman and you can do anything you want on a windows machine.
That shit has been known since vista and they still haven't patched that.
It is not a priority
>>51959210
Which alternative do you prefer?
>>51959392
>have same level of access to a unix machine as required for this
>take out hard drive and plug into another machine
>full access to all files
>have same level of access to an OSX machine as required for this
>take out hard drive and plug into another machine
>full access to all files
>have same level of access to a Windows machine as required for this
>take out hard drive and plug into another machine
>full access to all files
>>51959360
>>51959392
And do you by chance type the decryption key on bootup?
>>51959426
>take out hard drive and plug into another machine
GOOD LUCK DOING THAT TO A LAPTOP WITH A SOLDERED IN SSD
>>51959434
The encryption key would come after GRUB when the kernel initializes.
>>51959438
>plug in bootable linux flash drive
>full access to all files
>>51959454
>what's UEFI
Are you living in the 90s freetard?
>>51959454
What I'm hearing here is that compromising grub means shit because the data is still encrypted.
>>51959467
If the data is encrypted, exactly.
>>51959461
A meme.
>>51959484
>A meme
So you don't know what UEFI does or how it protects you so you call it a meme?
Okay, enjoy being an idiot from loonix.
>>51959194
>>51959210
>>51959236
>>51959261
>>51959293
>>51959298
>>51959313
>>51959329
>>51959352
>>51959392
>>51959396
>>51959426
Kid can't understand what is a two-factor authentication and that Grub is the most secure bootloader, or the one that allow you to truly secure your data.
>>51959492
All I know is that I can desolder the chip and replace it with one from a donor board to get around any password you have set to prevent people booting off external devices.
>>51959505
kek, so now you have to effectively steal my device to get access to it.
At that point I can remotely wipe my drive because Apple actually cares about user security and you'd get nothing.
>>51959519
>you can remotely wipe your data while the device isnt on and has no access to the internet
And effectively steal your device? You were talking about a fucking laptop you cunt. Of course I would have stolen it.
I'm not going to bother taking it apart to steal a drive when I can just slip it into a bag and walk away.
>>51959542
Read the rest of the post you third world shitbag.
>>51959194
Linux is secure. I use grub, but don't have passwords there anyway because you can just circumvent it by booting from a USB anyway. Nobody uses it as security which is why nobody caught the flaw before now. But it does not matter if they fix it. Linux is still super secure. You can access files on a Windows machine by booting a Linux distro from a USB. While you won't necessarily get access to anything on Linux even if you get past grub.
>>51959549
The rest of the post is worthless. Like your security.
>>51959557
so you once again are ignorant and have no clue what you're talking about.
that's two strikes already.
>>51959358
>more people actively improving it.
Enjoy living in dreamland
>>51959561
If you think your laptop would ever get access to the Internet under your login credentials after getting stolen then you're the ignorant one here.
>>51959582
You once again have shown you have no clue how other technologies work.
Enjoy being a literal retard.
>>51959210
grub comes with most linux distros, though
>>51959589
Technology isn't magic mate.
>>51959586
Wadya ?
>>51959594
You're right, and you clearly have little knowledge of its workings outside of your meme spewing as demonstrated multiple times now.
Maybe you should go read up on these things before trying to argue them, idiot. The fact that you think it logs in with your login credentials to wipe just shows you have no clue what you're even talking about.
>>51959606
It literally does not matter what remote attempts you try to use to wipe the drive once I have cut off Internet access. End of story.
Just stop fighting it and accept your data has been stolen.
>>51959631
>I'm an idiot and think wifi is the only way computers access the internet
Once again, lord idiot over here has no clue what he's talking about.
>>51959645
>you cant block cellular access!
Good lord.
We are also narrowing down the potential devices greatly.
The most insecure systems are people.
/thread
>>51959194
bait or not, if you have physical access to the system it's fucking game over anyway dumbshits
>buttfuck NT systems with tools like ophcrack
>own a Mac, UNIX, or GNU/Linux system with single-user mode
at least it isn't as bad as pieces of shit like Windows 95/98 where there was literally a "cancel" button on the fucking login prompt anymore
>>51959645
You do realize that like all of tech, Apple products use radio waves to talk with things?
This means that a Faraday cage is all one needs to stop your kill switch. And one can build a faraday cage from one roll of aluminum foil.
>>51959210
NEET weeaboo ricer here
I dont use grub
>>51959593
Then remove it.
>>51959434
That happens in the initrd, so yes.
Did you fall for the "grub authentication is the only one authentication system on linux" meme ?
>>51959645
>kill switch internet
>no internet
Great. If I stole your laptop and took it to my house, there is no way you're remotely wiping your drive, d00d.
>>51959571
Usually, the people hacking systems like windows and OSX are using Linux to do it. They know how to exploit Linux, but they go after normies instead of their own kind.
>>51959914
>steal windows computer
>stopped at login prompt
>install grub to MBR
>chainload windows bootloader
>set grub password
>press backspace 28 times
You have now bypassed the Windows login screen.
>>51959935
No. You bypassed the grub auth system and it will take you to the windows login screen. Fucking retard
>>51959935
This post is a joke right? Please tell me it is.
>Chainload windows bootloader
When you chainload from grub, grub loads the secondary bootloader you're chainloading. So for example
boot > grub > BOOTMGR > windows
IF you were to encrypt the windows bootloader (bootmgr) and then install grub to the MBR, yes, backspace 28 times would bypass the bootmgr password, HOWEVER, you would still be greeted at the username/password screen.
>>51959920
He can encrypt it with LUKS +AES256
>>51959973
>This post is a joke right?
Yes, anon. Congratulations.
>>51959991
Meant for >>51959981.
>>51959645
>He thinks internet is some kind of magic, able to penetrate anything, everywhere
You wouldn't be so cocky once I've gained access to Big Ben.
>>51960013
>>51959973
>>51959981
Is neo-/g/ really this autistic?
>>51960090
>made a dumb fucking post
>got called out, realised
>DUDE I WAS KIDDING BRO
lol
>>51960097
>a huge resounding "yes"
Thanks, lad. Got it.
>>51959723
>Linux single user mode
1) you can require the root password to enter single user mode, and
2) If you are using FDE you don't have to worry about credentials being extracted from the disk
Not that your point about having physical access means it's game over isn't valid, but most people don't have the hardware or capability to defeat that kind of precautions (e.g. access to a compromised pci card for DMA attacks).
If you're up against a nation-state equivalent level adversary, you're probably fucked to begin with. But FDE is pretty effective against most attack vectors, especially if coupled with other precautions e.g. preemptive shutdown if the ethernet link goes down, or (if you have a suitable sensor, like most laptops these days) detect tilt or motion using a gyroscope/accelerometer sensor that might indicate the device is being moved.
>>51959194
LILO godrace mastertier reportang
Sorry that you fell for the GRUB meme, cockface.
>>51959502
Why would you even need to secure a bootloader? Also you'd need to have physical access to the computer to exploit the thing.
>>51959438
If a soldering iron isn't within your skillset, you probably shouldn't be doing this to be honest, family. Shaking my head.
https://sites.google.com/site/zerodayresearch/BadWinmail.pdf
>>51959194
99% of the american population can't even navigate my file system
breddy gud seguridy
>>51960534
Hans Reiser pls gb2 jail
>>51959864
But most normies (that happen to install/get a computer that uses a Linux distro) won't do that.
So grub is for normies and replacing it is for NEETs
>>51960534
so you weigh 1% of the total weight of all Americans?
>>51959194
Who the fuck uses just a GRUB password?
>needs physical access to the computer
CHNTPW for Windows
And lets not forget the osx exploit where you could boot into single user mode, delete the first-boot file and make a new administrator account.
OH NO U HAXED MY GRUB
>>51960566
Normies won't secure their bootloader, so this entire backdoor doesn't apply. Check and m8.
If an attacker has physical access to a computer, it's already over. There's nothing that can stop them at that point.
I'd just like to interject for moment. What you're referring to as Linux, is in fact, GNU/Linux, or as I've recently taken to calling it, GNU plus Linux.
>>51959864
Why remove it? It works great, is easy to configure and have no real problems.
>>51959194
Do you faggots do highly illegal shit or something? Why the fuck do you need to secure your obscure operating system?
>>51959973
Yes, but if you passed it on Linux it would also put you in the normal login screen. People still pretend like it matters if there is a grub password or not. It is not necessary and nobody does it unless they just want more logins. Grub is there to load different OSs
>>51961075
Because people are worried about the 28 space issue.
>>51959392
It doesn't matter what OS it is. If you have physical access to the machine and there is no encryption, all bets are off. You literally just boot from a USB or hook up the drive to another machine and you have access to whatever is there.
>>51959194
No I dont give a shit about securty, just the fact that I dont need 50 processes in the background I dont even know what they are doing, thats why I dont pick linux, but arch, the ultimate linux for advanced users who dont fell for: Here u retard we setted up everything for you to join our botnet
>>51959652
but you would give up long before you cracked 256 bit encryption with a passphrase so long, and so unique that only one person in the world has statistically ever though of this exact string of characters
>>51961115
Why would they worry about that? You can bypass the bootloader entirely with a Linux distro on USB. It's not intended to be impossible to penetrate. A password is only meant to be a mild annoyance. Passing it won't gain anyone access to anything useful.
Only works if you have physical access to the machine, and then only if the drive isn't encrypted. That is, it's a way around logging in. Guess what? If someone has physical access to your machine and your drive isn't encrypted, you're fucked anyway.
i actually discovered this about 7 years ago but never told anybody about it. i thought it was a feature.
stupid me. i could have gotten a bug bounty
>>51961175
This
>>51959194
>grub password
So it's nothing?
I don't bother with bootloader level passwords, because the OS is sufficient.
Even then, the fact that it was found proves that Free Software is more safe. Just imagine how much similar shit goes un-noticed on Windows or OS X, because the source can't be analysed. And the patch will be free for everyone, not just those who want to buy the latest version.
>>51961181
Bug bounty with who?
>>51961175
this. If there's physical access to the computer, all bets are off.
>>51959194
It has been patched aeons ago, besides anything remotely securing your data comes from encryption, dm-luks.
Meanwhile other operating systems, Windows & MacOS, have multiple backdoors, vulnerabilities, known and unknown.
Linux-user at least knows about the issues and gets issues patched. Transparency, you won't ever get that from Windows and friends.
>>51961175
>>51961469
>>51961204
wait, if someone is physically using my machine they can access my unencrypted drive?!
>>51959392
>he thinks which OS you use has anything to do with whether encryption is necessary to protect your data
this is one of the dumbest posts I've seen all day
>>51964317
As easy as booting into a live Ubuntu
Look, you fucking idiots, just report this shit as paid Microsoft FUD and shilling, hide it, and move on. Replying to Microsoft's shit is just making them stronger.
REPORT ALL PAID MICROSOFT SHILLING
DO NOT REPLY TO PAID MICROSOFT SHILLING
IGNORE ALL PAID MICROSOFT SHILLING
REPORT ALL PAID MICROSOFT SHILLING VIA EMAIL TO 4CHAN ADMINS
>>51959505
What if the drive is encrypted with filevault?
CHECKMATE
>>51964317
yes, theyy just need to boot into something else. the password on your windows does not matter.
>>51964585
Alright, reported
>>51964918
>>51961149
Then we go way, way back in the conversation to
>>having to encrypt your entire harddrive because your OS is so shit
>>51959194
I don't get it, who is it benefiting spreading FUD about Linux? Microsoft?
Aren't all linux boot loaders insecure, like you can go into recovery mode and mount the drives as write then change the root password then login as root?
>>51959194
https://rbt.asia/g/?task=search2&search_subject=LINUX%20SUCKS
Do not fall for the MS shill.
>>51964975
>1366x728
lol wut
>>51961018
This. Security truth right here. The only protection you have when an adversary has physical access is full disk encryption. Regardless of OS
