Homepage
Forum
Drivers
HMM
MTM
Feed
Major Linux security hole gapes open
-
RealBlackStuff
- Admin
- Posts: 17485
- Joined: Mon Sep 18, 2006 5:17 am
- Location: Mt. Cobb, PA USA
- Contact:
Re: Major Linux security hole gapes open
That unencrypted /boot partition rears its ugly head again.
Last year you just had to hit backspace exactly 28 times and it would drop you to a shell.
Sometimes I wonder if these backdoors to /boot are intentional.
Last year you just had to hit backspace exactly 28 times and it would drop you to a shell.
Sometimes I wonder if these backdoors to /boot are intentional.
.: Lenovo X250 - 16GB, 500GB SSD, Model M SSK (Dec. 1997), Dell P2416D, OpenBSD Current :.
Re: Major Linux security hole gapes open
You've got to remember the number of people writing the code is dwarfed by the number of people looking for vulnerabilities.jdk wrote:Sometimes I wonder if these backdoors to /boot are intentional.
E7440
-
evening_hunger
- Sophomore Member
- Posts: 189
- Joined: Thu Nov 26, 2015 2:55 pm
- Location: Rouen, France
Re: Major Linux security hole gapes open
I might be wrong but I think if you have entire filesystem encrypted, having acces to /boot (even root acces) doesn't give you any way to get to files. Not even root can decrypt without the key/password, which is not hashed anywhere.
x220/i7-2620M/8GB/256gb.ssd/ips/debian (main driver)
x230/i5/8GB/500gb.hdd+256gb.m2ssd/tn/debian+win7 (better half)
x230/i5/8GB/500gb.hdd+256gb.m2ssd/tn/debian+win7 (better half)
Re: Major Linux security hole gapes open
Yeah, true FDE has been possible for at least 2 years with grub2, but none of the installers have been updated to make it easy to set up.evening_hunger wrote:I might be wrong but I think if you have entire filesystem encrypted, having acces to /boot (even root acces) doesn't give you any way to get to files. Not even root can decrypt without the key/password, which is not hashed anywhere.
With OpenBSD, it's literally one bioctl command prior to installation.
.: Lenovo X250 - 16GB, 500GB SSD, Model M SSK (Dec. 1997), Dell P2416D, OpenBSD Current :.
-
evening_hunger
- Sophomore Member
- Posts: 189
- Joined: Thu Nov 26, 2015 2:55 pm
- Location: Rouen, France
Re: Major Linux security hole gapes open
I consider myself relatively dumb, but was able to do this when installing my Debian 2 years ago. So not that tragic after all:)
x220/i7-2620M/8GB/256gb.ssd/ips/debian (main driver)
x230/i5/8GB/500gb.hdd+256gb.m2ssd/tn/debian+win7 (better half)
x230/i5/8GB/500gb.hdd+256gb.m2ssd/tn/debian+win7 (better half)
-
jaspen-meyer
- Senior Member
- Posts: 630
- Joined: Wed May 19, 2010 11:21 pm
- Location: Pardubice, Czech Republic
- Contact:
Re: Major Linux security hole gapes open
It's much easier to hide the treasure chest than than to find it.ZaZ wrote:You've got to remember the number of people writing the code is dwarfed by the number of people looking for vulnerabilities.jdk wrote:Sometimes I wonder if these backdoors to /boot are intentional.
T420 Ivy Bridge i7 3612QM, x24 xiphmont led, x60s libreboot, led, T400 libreboot, (in progress testing Q9100)
-
- Similar Topics
- Replies
- Views
- Last post
-
-
For Sale: Several 'New Open Box' X230 ThinkPads
by pctech » Wed Feb 08, 2017 5:39 pm » in Marketplace - Forum Members only - 8 Replies
- 907 Views
-
Last post by Johan
Sun Feb 12, 2017 3:53 pm
-
-
-
(Company + Individuals): Strategies to Mitigate Cyber Security Incidents
by RealBlackStuff » Tue Feb 07, 2017 9:40 am » in ** HOW TOs & FAQs ** - 1 Replies
- 743 Views
-
Last post by Digitalhorizons
Tue Feb 07, 2017 1:39 pm
-
-
-
Remote security exploit in all 2008+ Intel platforms
by Puppy » Mon May 01, 2017 6:51 pm » in GENERAL ThinkPad News/Comments & Questions - 15 Replies
- 638 Views
-
Last post by TPFanatic
Mon Jun 05, 2017 11:02 am
-
-
-
A31 no post - 4 4 beep codes point to Security Chip?
by TPFanatic » Wed May 10, 2017 7:38 pm » in ThinkPad R, A, G and Z Series - 5 Replies
- 495 Views
-
Last post by kfzhu1229
Fri May 12, 2017 1:27 am
-
Who is online
Users browsing this forum: No registered users and 1 guest