Want to hack a Linux computer? Just hit backspace 28 times

linux hack backspace 28 times
Contrary to what you might have experienced as Aiden Pierce in Watch Dogs, hacking isn’t easy. In fact, trying to log in to someone else’s computer to compromise their files is practically impossible without the right set of tools. Fortunately (or perhaps unfortunately, depending on who you’re asking) security researchers have discovered a bug in several Linux distributions that makes taking over an entire system as easy as striking the backspace key 28 times.

The report comes from security researchers Hector Marco and Ismael Ripoll, at a Polytechnic University Cybersecurity Group in Valencia, Spain. Upon backspacing exactly 28 times, the pair discovered that all authentication systems can be easily overridden. The bug affects every distribution of Linux using Grub2, the bootloader found in “most Linux systems,” the researchers wrote in their published results.

Assuming the system is in fact susceptible to the bug, anyone with the right know-how could access the system’s “Grub rescue shell,” which, with just a few keystrokes, can give them unhindered access to any and all data found on the PC. Of course, with malicious intentions, a person could seamlessly install persistent malware, allowing them to sabotage what’s rightfully yours.

“The number of backspaces hit was the only input controllable by the user to cause different manifestations of the error,” the researchers declared.

Experts agree that this bug is an alarming security oversight for the bootloader developers.

“It is irresponsible for grub to lack decades-old exploit mitigations like stack cookies that could have addressed this issue,” Trail of Bits founder Dan Guido pointed out.

On the bright side, Marco and Ripoll have worked together to come up with a solution for the bug in question. It’s a simple patch compatible with Ubuntu, Red Hat, and Debian distributions. Your best bet would be to install it quickly before letting anyone untrustworthy get ahold of your machine.


MIT science photographer isn’t an artist, but her work could fill galleries

Felice Frankel is an award-winning photographer, but she doesn't consider herself an artist. As a science photographer, she has been helping researchers better communicate their ideas for nearly three decades with eye-catching imagery.

Why limit yourself to one OS? Try one of these great virtual machine apps

Buying a new computer just because you want to utilize another operating system isn't necessary. Just use the best virtual machine applications to emulate one OS inside another, no matter what your platform or budget is.

Worried about your online privacy? We tested the best VPN services

Browsing the web can be less secure than most users would hope. If that concerns you, a virtual private network — aka a VPN — is a decent solution. Check out a few of the best VPN services on the market.

Qualcomm’s dual-screen PC concept looks like two connected Surface Go tablets

In Qualcomm's video teaser, we got a glimpse of the company's vision for how a dual-screen ARM PC should work. The internet reacted to Qualcomm's video, calling the device in question merely a mashup of two Surface Go tablets.

Check out the best Green Monday deals for those last-minute gifts

Black Friday and Cyber Monday have come and gone, but that doesn't mean you've missed your chance of finding a great deal. We're talking about Green Monday, of course, and it falls on December 10.

Hololens 2 could give the Always Connected PC a new, ‘aggressive’ form

Microsoft is said to be leaning on Qualcomm to power its Hololens 2 headset. Instead of Intel CPUs, the next Hololens could use a Snapdragon 850 processor, allowing it to benefit from the always-connected features.

Chrome’s dark mode may cast its shadow over Macs by early 2019

By early 2019 Google may release a version of Chrome for Mac users that offers a Dark Mode feature to match MacOS Mojave's recent darkening.

These laptop bags will keep your notebook secure wherever you go

Choosing the right laptop bag is no easy feat -- after all, no one likes to second-guess themselves. Here are some of the best laptop bags on the market, from backpacks to sleeves, so you can get it right the first time around.
Home Theater

Step aside set-top boxes, the best streaming sticks are tiny and just as powerful

Which streaming stick reigns supreme? We pit the Chromecast and Chromecast Ultra against the Roku Premiere, Roku Streaming Stick+, and the Amazon Fire TV Stick 4K to help you decide which one will be the best fit in your living room.

If you've lost a software key, these handy tools can find it for you

Missing product keys getting you down? We've chosen some of the best software license and product key finders in existence, so you can locate and document your precious keys on your Windows or MacOS machine.

Google+ continues to sink with a second massive data breach. Abandon ship now

Google+ was scheduled to shut its doors in August 2019, but the second security breach in only a few months has caused the company to move its plan forward a few months. It might be a good idea to delete your account sooner than later.

Is your PC slow? Here's how to restore Windows 10 to factory settings

Computers rarely work as well after they accumulate files and misconfigure settings. Thankfully, with this guide, you'll be able to restore your PC to its original state by learning how to factory reset Windows.

The Titan RTX graphics card is nearly here. Here's what you need to know

The Nvidia Titan RTX is arguably the most powerful consumer graphics card ever made, even if it's not really aimed at consumers. It bridges the 2080 Ti and RTX Quadro cards with boat loads of power.

Looking for an Apple MacBook below $900? Woot has you covered

If you're looking for a great deal on an Apple MacBook, then Amazon's Woot may just have what you have been seeking. It has Macbooks available for only $810 with Intel M3 CPUs, 8GB of RAM, and 256GB SSDs.