Linux Vulnerability Lets Anyone Log in by Tapping Backspace 28 Times

A newly discovered vulnerability makes it incredibly easy to break into a large pool of Linux-based computers. A security hole found in Grub2, a widely-used bootloader in many Linux distributions including Ubuntu and Red Hat, allows a user to login to a computer by pressing the backspace key 28 times. VariousLinux distributions have released a patch for the vulnerability.

Hector Marco and Ismael Ripoll, two security researchers from the Cyber-security Group at the Polytechnic University of Valencia (UPV), have found that it is possible to bypass any kind of authentication on a Linux system by hitting the backspace key 28 times. Once users log in, they can take complete control of the computer. The researchers said Grub2 is the "bootloader used by most Linux systems including some embedded systems. This results in an incalculable number of affected devices," the researchers wrote in a blog post.

As per the researchers, the vulnerability can be exploited to obtain something called a "Grub rescue shell" which can, in turn, allow a user to load a customised kernel, and run arbitrary programs. The attacker could also destroy any data including the Grub itself.

The security hole stems from a simple integer underflow fault that was introduced to Grub2 in late 2009. Linux users can assess whether their computer is vulnerable by entering the backspace 28 times. Ubuntu, Red Hat, and Debian all have released patches to fix the vulnerability, though if your choice of Linux is still not covered, Marco and Ripoll have made available an emergency patch.

Virtual reality set to transform filmmaking

Chris Milk stepped onto a TED Conference stage and took the audience on an awe-inducing trip into the future of movies. While much of the early attention on virtual reality has focused on use of the immersive technology in video games, Milk and his US startup Vrse are using it to transform storytelling and filmgoing. "We have just started to scratch the surface of the true power of virtual reality," Milk said. "It's not a video game peripheral. It connects humans to other humans in a profound way... I think virtual reality has the potential to actually change the world." He had everyone in the Vancouver audience at TED , which ended Friday, hold Google Cardboard viewers to their eyes for what was billed as the world's collective virtual reality experience. Google Cardboard gear is literally that -- cardboard

10 Smartphones with Features that You Won't Find in Any Other Phone

Here’s a list of phones which are first-of-their-kind. From feature phones to smartphones, flat screen to curved, fragile to shatterproof, mobile phones have evolved over the years. Although many industry analysts would like to call the current level of innovation reaching a stagnation point, there still are some manufacturers which have been able to surprise consumers by truly packing something different in their smartphones. We have compiled a list of phones which offer first-of-its-kind features, and they are not merely concepts. 1. Motorola X force - Shatterproof display Display today is the most vulnerable yet the most neglected element in modern smartphones. But Motorola finally paid heed to the fragile screen with the launch of the the Motorola X Force – the world’s first smartphone with a shatterproof display. The phone uses the Moto ShatterShield display technology, which is said to be an integrated system consisting of five layers designed from material...

10 years of Twitter: Key milestones in the micro-blogging site's decade-long history

Over its 10-year history, Twitter has marked numerous world events and created its own unique moments. Here are a few key milestones in Twitter history: just setting up my twttr — Jack (@jack) March 21, 2006 March 2006: Twitter co-founder Jack Dorsey (@jack) sent the first tweet, an automated message saying "just setting up my twttr." That same day, he sent the first live tweet, "inviting coworkers." Arrested — James Buck (@jamesbuck) April 10, 2008 April 2008: US university student James Buck (@jamesbuck) got off a one-word tweet "Arrested" after being taken into custody by Egyptian authorities at an anti-government protest in that country. In what is seen as an early demonstration of the power of Twitter to rally people to a cause, the resulting outcry prompted authorities to quickly restore his liberty. He proclaimed his release in a tweet reading "Free." http://twitpic.com/135xa - There's a plane in the Hudson. I'm ...

IntellectBeat

Search This Blog