Hitting a key over and over again actually works for once. Two security researchers in Spain recently uncovered a strange bug that will let you into most Linux machines just by hitting the backspace key 28 times. Here’s how to fix it and keep your data protected.
The researchers, Hector Marco and Ismael Ripoll from the Cybersecurity Group at Polytechnic University of Valencia, found that it’s possible to bypass all security of a locked-down Linux machine by exploiting a bug in the Grub2 bootloader. Essentially, hitting backspace 28 times when the machine asks for your username accesses the “Grub rescue shell,” and once there, you can access the computer’s data or install malware. Fortunately, Marco and Ripoll have made an emergency patch to fix the Grub2 vulnerability. Ubuntu, Red Hat, and Debian have all issued patches to fix it as well.
Linux is often thought of as a super secure operating system, but this is a good reminder to take physical security just as seriously as network security (if not more). Take extra care when your machine is around people you don’t know, especially if your system has sensitive data on it.
Back to 28: Grub2 Authentication 0-Day| Hector Marco & Ismael Ripoll via Motherboard
Comments
4 responses to “You Can Break Into A Linux System By Pressing Backspace 28 Times. Here’s How To Fix It”
Just curious as to what the reactions would be if this bug had been discovered in Windows…
Anybody who knows anything about security knows that once an intruder gets access to the hardware, it’s pretty much game over. That’s also true, to a lesser extent, of the virtual console of virtual machines.
For example, with this particular bug, all you would need is a boot CD to rewrite the MBR to something which drops you directly into single user mode. A relatively small change will permit this to be done without the need to supply a password.
Admittedly this is harder than just hitting backspace twenty eight times. but that’s only a matter of degree – and frankly, it’s not very much harder.
The bug does need to be fixed, but anybody in a position to be compromised by this is already in serious trouble.
If you are working at a company where the list of staff with physical access to the servers is not carefully managed or the server room is open, your company needs to look into those policies ASAP. Hardware access is EVERYTHING.
@sebg: people would be worried if this was discovered on Windows, but without access to source code or an alternate boot loader they would be stuck with the hole until Microsoft released a patch (which would probably happen quickly, to give them credit, although in the past there have been security holes that MS took years to patch.)
However, neither Linux nor Windows admins should have reason to panic, unless access to their hardware was open, in which case they already had reason to panic.
I’d upvote you if they weren’t broken.
Didn’t work on my Ubuntu 14.04.
But yeah as already mentioned, if you’re in front of a PC, laptop, server or whatever, it isn’t difficult to get in.
All the nuffys saying this is no better cos you have direct access to hardware are idiots. Yes I agree using a live cd etc. is better. But there are so many applications where you only have access the the monitor and keyboard. Or in public places like in a kiosk. Or even some network consoles I’ve seen. Or aeroplane entertainment systems