Posted on 12/16/2015 7:26:22 PM PST by Utilizer
GRUB password protection can be bypassed
According to Canonical'a latest Ubuntu Security Notice, it would appear that there's a zero-day security vulnerability in the GRUB2 (GNU GRand Unified Bootloader) packages, affecting all GNU/Linux distributions running 2.02 Beta.
The security flaw was discovered by developers Ismael Ripoll and Hector Marco in the upstream GRUB2 packages, which did not correctly handled the backspace key when the bootloader was configured to use password-protected authentication, thus allowing a local attacker to bypass GRUB's password protection.
(Excerpt) Read more at news.softpedia.com ...
Who flubbed the GRUB?
Until it’s patched I guess I will just have to trust my chihuahuas.
I dog toys and dog treats start arriving from Amazon, I will know I’ve been hacked. ;-)
Ping!
Software is easy to deal with. People suck.
I realize that there are people who rely on windows only software. Turbo tax comes to mind since a friend uses it religiously. But if you have a business computer you use to do people’s taxes, don’t use it for casual web-browsing. You’re only asking for trouble.
But if I have Linux I can just click on any damned thing I want and nothing bad will ever happen?
Some of the major distros are already patched. :)
I started in the mid-nineties and I’ve been loving it more and more every year. One of the best features is that whenever (rarely) a security flaw is discovered, the coding community immediately begins working tirelessly to fix the problem and issue a patch as quickly as possible.
THE most secure OS out there, by far.
I’ve seen a lot of infected Windows systems. The internet is rife with malware, and a lot of it is being spread by hacked Linux servers. I’m starting to suspect a lot of that happens because the admins got sloppy, and the “It can’t happen to me because I’m running Linux.” attitude has a lot to do with it.
Here’s a drunken rant. I haven’t been able to get any of my machines to share any files whatever. That includes Mint 17.2, 17.3, Ubuntu 14.04, 15.04, 15.10, Lubuntu 14.04, 15.04, Windows 10. Give me the miraculous link that will point me the way or I guess I’m retarded. I would murder samba if I could.
Here’s a direct and nonstandard way, not filled with endless command-line entries:
Download and install a version of Mepis Linux. Put it on all your machines - even dual-boot if you like (I have several machines I do this with).
After you login, right-click on any partition you wish to share and select “properties” “file-sharing”. A small window will pop up asking if you want to run the “filesharing” program. Click yes and select your partition. It will now appear on all computers connected to your local network. Copy and share all you wish. :)
See? No command-lines to memorize and laboriously type out. Right-click and share, right-click again and un-share. Simple.
Oh, and don’t forget to select the Windows Share (Samba) option when you enable filesharing.
Later, as time goes by, you can work on figuring out how to get filesharing working on other OSs’ and what it will take to get them functional. Right now this will allow you to share things immediately.
Good Luck!
Microsoft probably hired hackers to create these attacks
I'll give it a shot. I'm headed over to PIA to see if I can get it running on Mepis.
Mepis is a good distro. A few years back it was my main OS at home - on both my desktop and laptop. I don’t remember why I switched to Ubuntu and now Mint. Could’ve been something as simple as just wanting to try something new...
*smile* You should probably wait until you are sober before you install it, just to ensure you do not forget some simple things -like the username password and the root password, just to name a couple. The default network name is “Mepis” but you might want to rename it something else, like “Home”, “Standard”, etc. -something simple but other-than-default. Domain Name preferably as “Home.dom” (for “Home” network, or whatever it is. Just keep them the same for simpicity’s sake).
It is very, very user friendly, and if you get stuck I am usually here in the evenings and can help if you wish.
It also comes with a few rescue tools in case you accidentally change a setting or two and can’t remember what you did to muck it up. :) Also very stable and I have yet to find a machine that did not run it well.
Mepis 8.0 (and 8.5) run well on the minimum 512k of RAM, and 11.xx runs well on 1G of RAM, plus there are 32b and 64b versions as well.
Current version: http://distro.ibiblio.org/mepis/released/
Older versions: http://mepis.mirrorcatalogs.com/released/
You probably want the v11.xx if your machine is at all newer than a few years ago, but I like the increased speed of the earlier versions on the newer machines instead of the latest.
YMMV.
Cheers!
Oh, and I am running both v8.0 and 11.xx in both 32b and 64b on several machines, so if you get stuck I can probably find one within a short period of time to switch to to help you out with specifics. As long as it is not running a current process, that is. Then it might take a bit longer...
That was My reason: trying something new. However, I just can’t get Mint to easily accept minor configuration changes, such as easily recognizing resized partitions. Plus, I too can not get it to share folders with other machines no matter what I do. I finally resorted to keeping files I wished to share on an external HDD and plugging in the USB cable to the other machine to transfer them.
I played with Mint for a few days last week. I was able to mount directories on it from my server, just making the appropriate additions to /etc/fstab.
But if I’m not misktaken, I had to install NFS-utils from the repos first, as it was not installed by default.
Disclaimer: Opinions posted on Free Republic are those of the individual posters and do not necessarily represent the opinion of Free Republic or its management. All materials posted herein are protected by copyright law and the exemption for fair use of copyrighted works.