Sneak Into Linux Systems After Hitting Backspace 28 Times

[RichCor]

This is popping up on all the news wires.

Kick'em when they're up, kick'em when they're down, as the song goes.

Exploit Lets You Sneak Into Linux Systems After Hitting Backspace 28 Times

PCMagAsia | BY DAVID MURPHY DEC. 20, 2015, 7:23 A.M.

Though most of you likely don't run Linux—specifically, one using the Grub2 bootloader—you'll surely appreciate the unintended humor of a brand-new exploit that was recently found for said bootloader. The exploit is being quickly patched by various major Linux distros, including Ubuntu, Red Hat, and Debian, and it also requires physical access to an unpatched machine to work, so it's not the worst potential vulnerability, just one of the sillier ones.

We'll let Hector Marco and Ismael Ripoll explain, via their December 14 security report:

"To quickly check if your system is vulnerable, when the Grub ask you the username, press the Backspace 28 times. If your machine reboots or you get a rescue shell then your Grub is affected," they write.

This reminds me of the xbox live password issue where 5-year-old Kristoffer bypassed login prompts by hitting space bar several times.

[Morakot]

What else would one run if not GRUB2? Gummiboot?

The article seems to be written by someone without a glue. It misses the entire point that the bug relates to the password-protected feature of the bootloader, a trivial measure in case of physical access...

[Morakot]

In the spirit of this thread the following tongue-in-check code is offered that will insult intruders and unsuspecting users.

sudo visudo

Find the line which begins with “Defaults.” Append to it “insults,” after a comma. For example, like that:

Defaults env_reset,insults

And that’s all! Now, at every missed password, the system will find a new way to “encourage” the intruder. But beware, because in most cases, you will be the one to get the insults more than any intruder.

https://www.maketecheasier.com/linux-humor-5-reasons-not-to-take-linux-too-seriously/