>A rather embarrassing bug has been discovered which allows anyone to break into a Linux machine with ease.
>If you press the backspace key 28 times on a locked-down Linux machine you want to access, a bootloader flaw will allow you to break through password protection and wreck havoc in the system.
Researchers Hector Marco and Ismael Ripoll from the Cybersecurity Group at Universitat Politècnica de València recently discovered the vulnerability within GRUB, the bootloader used by most Linux distros.
http://www.zdnet.com/article/how-to-hack-any-linux-machine-just-using-backspace/
>>54032558
meanwhil, i'm on syslinux
>lincucks
This is old news and has been patched
>being this retarded
>>54032558
Not a Linux problem, as the kernel has nothing to do with the bootloader you use.
>>54032592
>lincucks didn't know about this simple exploit for years
>but I use Linux for muh security
BWAHAHAHAHAHAHA
>>54032558
>Confusing GRUB (some shitty GNU bootloader) with Linux (the kernel)
Didn't even click
>the attacker needs physical access
Like they'll let the neckbeards on /g/ anywhere near a remotely important computer.
>>54032606
>not a Linux problem
>literally every Linux distro uses it
>not a Linux problem
these news are old enough to post on 4chan
Meanwhile on Windows, you used to be able to force Windows to allow you to login to any account by viewing the help file. Or you could just enter Administrator as the username and press enter.
I just tried this on GRUB2 and it didnt work at all, must have been patched, well well, just update your fucking software pajeet
>>54032633
>muh privacy
>muh security
>>54032558
Implying this will work on full disk encryption.
>>54032645
...Why do you have multiple pictures of dirty feet?
>>54032641
It was patched ages ago. This bug was discovered in December and patched within hours in most distros.
>>54032558
Old and never affected FDE.
>>54032558
>Using GRUB lock
xDD
>>54032632
>>>54032606
>>not a Linux problem
>>literally every Linux distro uses it
>>not a Linux problem
AND?
Osx and Windows literally have NO bootloader security, at all.
>LINUX BTFO
Amirite?
>>54032613
Why are winkids like you computer illiterate?
>>54032558
>password protexted GRUB
literally a feature never used. Also old news.
>>54032613
>>>54032592
>>lincucks didn't know about this simple exploit for years
>>but I use Linux for muh security
>BWAHAHAHAHAHAHA
Uhm if people have physical access to your computer then obviously no security is a given.
How exactly is this different from Windows?
Where the login password is overridden SIMPLY by using that one CD?
>>54032691
Linux users were fooling themselves for years while this exploit was live. Linux is literally a placebo.
The backspace thing is retarded.
What is more worrying is chroot.
If you get any Linux machine that isn't fully crypted up all you need to do is boot a live cd, mount the FS's and you can chroot and change the root password without any issues.
Admittedly this has saved me a couple of times but it's also quite worrying because of how simple it is.
Linux is more secure and private than windows.
Prove me wrong
>You shitpost, you loose
>>54032558
>Already closed, requires physical assess attack against a bootloader.
Oh GOD! How Terrible!
>grub lock
wow it's fucking nothing. Your shit is already accessible with physical access
>>54032714
this. We do password resets all the time like this, it's extremely easy.
>>54032712
>>>54032691 (You)
>Linux users were fooling themselves for years while this exploit was live. Linux is literally a placebo.
How?
This isn't a majority security issue. If someone has physical access to your computer there's no security unless you encrypt your hard drives.
>>54032655
>flaky skin feet
He is probably as Stallman fan. You should google it
>>54032632
slackware
lilo
elilo
>>54032558
>requires physical access to the machine
>implying any machine you have physical access to is secure
>>54032558
>requires physical access to the machine
>implying any machine you have physical access to is secure
>>54032558
>December 21, 2015
>>54032742
No, he's obv. the guy fom /k/ who gave himself trench foot because he thought that break in periods were a meme, and took a hike in brand new boots.
>>54032558
>requires physical access to the machine.
>implying any machine you have physical access to is secure
>>54032558
>requires physical access to the machine
>implying any machine you have physical access to is secure.
>>54032776
>>54032764
>>54032753
We had physical access to PS Vita for years and no one managed to get into kernel yet.
>>54032558
> requires physical access to the machine
>implying any machine you have physical access to is secure
a) not a lot of people put a password on their bootloader, so people probably didn't look at this code a lot.
b) security minded people knew that it could be bybassed a lot easier, so I doubt they would use it, or even look at the code.
c) If someone has physical access to the machine, it is damn near impossible to make sure nobody can access it.
It is a funny exploit though.
>>54032558
>requires physical access to the machine
> implying any machine you have physical access to is secure
>>54032714
Most Underrated Post
we should be talking about chroot because it really should be impossible to achieve it. For example is it possible to secure just the relevant chroot files do that is impossible to use liveCD to change (without encrypting entire disk)???
>>54032558
> requires physical access to the machine
> implying any machine you have physical access to is secure
>>54032632
Not every distro uses GRUB you fucking moron.
You don't even need to use GRUB on the distros that come with it by default.
Educate yourself before spouting idiotic bullshit.
>>54032558
>Already closed, requires physical assess attack against a bootloader.
Oh GOD! How Terrible!
>>54032712
>Linux users were fooling themselves for years while this exploit was live.
I have literally never set a GRUB password in my life.
>>54032743
>2016
>using lilo
>>54032558
>requires physical access to the machine
>implying any machine you have physical access to is secure.
>>54032558 (OP)
>Already closed, requires physical assess attack against a bootloader.
Oh GOD! How Terrible!
>>54032558
>requires physical access to the machine
>implying any machine you have physical access to is secure
>>54032865
>>54032840
>>54032818
>>54032803
We had physical access to PS Vita for years and no one managed to get into kernel yet.
>one more thread cucked
CUCCKED AGAIN, MICROCUCCK
>>54032714
But it's just as easy in Windows. Just load another system that deletes the SAM databases.
>>54032791
>>54032869
Someone will get there eventually.
>>54032775
that was fucking hilarious
>>54032920
But a lock that takes 5 years to break is more secure than a lock that breaks instantly.
You do not measure the security of something in terms of breakable or unbreakable ever - there's more to it.
>>54032944
Only if it consistently takes that amount of time.
This bug was in GRUB for more than 10 years before being discovered. Does that mean that if an exploit for the Vita was found tomorrow then GRUB would be twice as secure as the Vita?
No, of course not. At this point we just don't know what it is that will crack the Vita open.
>>54032645
I never said that. I don't even use Linux.
>>54032995
Don't bring grub into this. I'm responding to posts claiming that notion of security is not applicable when physical access is involved.
LinuxVirtual EthernetBugDelivers CorruptTCP/IP Data.
http://m.slashdot.org/story/307597
>>54032995
>>54032869
isn't there a web kit exploit for ps vita?
what are you taking about anons
>>54032815
>>54032714
Well yeah, OS-level security is just OS-level security. If you replace the OS, there's nothing to enforce the security. That's why full disk encryption exists, so you can enforce your password-protection with actual cryptography. If you're worried about things like that, you _should_ encrypt your hard drives.
You don't even need chroot to change the root password if you have access to an unencrypted hard drive and you control the OS, and even if you couldn't change the root password, there are countless ways to exploit it. You could replace the su or login binaries with something that logs the user's root password, or you could just replace any setuid binary with one that does whatever you want as root. Other operating systems are similarly exploitable without full disk encryption. Basically, if there's any risk of someone malicious having physical access to your computer you should use it. All other security (including the GRUB password) is worthless in the face of that.
>>54033075
It gets you into usermode, which is not very useful. You need kernel mode to do anything significant.
>>54033084
>do anything significant.
>With a PS Vita
kek
>>54032714
>chroot
Do you think this is impossible without chroot? open passwd/shadow in text editor, erase password, you're done.
Meanwhile on Windows.
You people do realize this was a backdoor on the bootloader, most of people even don't password protect their bootloader. Its like using rescue boot on Windows bootloader, where you can access a cli too, or using EFI shell or single user boot on Mac/OS X....
>>54033125
WINCUCCKS BLOWN THE FUCK OUT
>>54033125
>literally a 15 year old version of Windows
>compared to a 4 month old version of Linux
>THE GAME
YOU LOST
>>54033125
>>54033149
>>54033227
This is also not a bootloader, see
>>54033139
>>54032558
Doesn't matter. When you have physical access to a machine you can fubar it no matter what.
>>54033227
grub is not linux tho
>>54033227
it's just as bad tho
>>54033257
but yeah
anyone got a link to an old enough version of linux to try this on?
>>54033014
Security isn't applicable when physical access is involved. Everything is broken eventually.
It's just a question of whether you know now how to do it or will know later.
>>54032714
> what is luks
> what is full disk encryption
> what is disabled usb boot
> what is disabled boot order change
if someone has physical access to your system who the fuck cares about chroot
being a sysadmin for 15 years now, I've never set up a grub pw
who the fuck does
>>54033340
>being a sysadmin for 15 years now, I've never set up a grub pw
same
>superficial security that literally nobody uses turns out to be superficial
WOW
>windows and mac os bootloaders don't support passwords
>grub does but it has a bug
>this makes linux insecure (???)
>>54032775
>>54032921
Was there a cap?
>>54032558
>been patched
>not linux
>grub is not the only bootloader
on top of this it requires physical access to a computer. are you some sort of idiot
slowpoke.jpg
>>54032640
not on any nt kernal version, only for the old dos based windows
>>54033227
>literally a 15 year old version of Windows
>compared to a 4 month old version of Linux
Sounds about right.
Because it takes 15 years for Windows to patch what Linux patches in 4 months.
>>54033453
REKT
>>54033284
>It's just a question of whether you know now how to do it or will know later.
And it's a question related to security of the system.
>>54033084
thanks that's clearer for me now
>>54033093
you are insignificunt
>>54032558
this is literally old news
>>54033076
New Most Underrated Post!
well said anon and explained in English too
>WE USE LINUX!
>WE'RE FREE FROM THE BOTNET!
http://www.pcworld.com/article/2987580/security/a-linux-botnet-is-launching-crippling-ddos-attacks-at-more-than-150gbps.html
>lincucks
>>54032558
>tfw wintards don't know this was patched a long time ago
>tfw wandows has these kinds of bugs all the time
>>54033745
http://arstechnica.com/security/2016/04/researchers-help-shut-down-spam-botnet-that-enslaved-4000-linux-machines/
>4000 linux machines
So basically half the Linux userbase is part of the botnet.
Grub locking? Sounds almost as bad as taking a medication that has "LOL" in the name.
I've never used it, I've never even heard of it.
Troll again when you can do something like this remotely.
>>54033745
from the article:
>Attackers install it on Linux systems, including embedded devices such as WiFi routers and network-attached storage devices, by guessing SSH (Secure Shell) login credentials using brute-force attacks.
Linux does not prevent PEBCAK errors.
Though after dealing with consumer routers I'm mildly surprised that they had to resort to SSH rather than the more common telnet.
>>54033813
>linux
>secure
>Implying 99.99999% of security flaws aren't PEBCAK errors
IT'S OKAY IF LINUX DOES IT.
>>54033813
windows doesn't come with a telnet client available by default anymore, so there's no convenience advantage to using it
>>54032775
>tfw have athlete's foot
I checked the patch. It's a typical integer underflow bug.
>using signed integers to store a length
>no range checks
>no validation at all
Typical "old-school" Unix programmer habits. Nothing is checked or validated, everything is always assumed to succeed. The input (and user) is 100% trusted and if something goes wrong, it's not the programmer's fault, the user should have ensured they pass in valid data. Sigh.
I'm sure that somewhere out there, there is a programmer who, after hearing about this bug, says "well don't press backspace too many times then, this is clearly a user error, case closed" and does nothing.
There are ways and methods to avoid bugs like this (and you could still use C if you want), but these people who learned to program in the 60's and 70's will not use them, because "they just slow me down" or something. Then they go and introduce yet another buffer overflow in yet another critical widespread program.
I'm still blaming the K&R book for training C programmers to ignore error checking. That book should be banned for all but museum exhibitions only.
>>54033768
desktop users are not the same as server users. I work in a DC with over 5000 machines. At least 95% of them are running Linux, usually CentOS
>tfw you can use linux to easily gain access someones windows account
Poettering.
>>54032632
How long is your bootloader password? How long is typical bootloader password on your family or friends pc?
Ah. 0. Just as I thought.
>>54033139
/thread
>>54032558
>this shit bait
>again
fuck off
no one uses grub passwords
>>54033828
I disagree with you. No operating system should be blamed for user errors. Besides, pretty much all of current operating systems are reasonably secure and can be made to be very secure given the right configuration.
So nowdays most attacks focus on the weakest link - the user. Or Adobe Flash Player, this piece of crap has more holes than a sieve.
However, many /g/ users don't understand OS security and battle using clickbait article titles or by posting strawman arguments attempting to make the other side look bad. Most likely in all caps. Such people should be ignored, don't you think? Or at least they should join politics as Trump supporters - that's one of the few places where such behaviour is not only not condemned but encouraged.
>>54032558
oh no! they accesed my account without su password, what am i going to do?
>>54033828
>It's okay when x does it
Take your meme here
>>>>>/v/
