>A vulnerability in Cryptsetup, concretely in the scripts that unlock the system partition when the partition is ciphered using LUKS (Linux Unified Key Setup). The disclosure of this vulnerability was presented as part of our talk "Abusing LUKS to Hack the System" in the DeepSec 2016 security conference, Vienna.
>This vulnerability allows to obtain a root initramfs shell on affected systems. The vulnerability is very reliable because it doesn't depend on specific systems or configurations. Attackers can copy, modify or destroy the hard disc as well as set up the network to exflitrate data. This vulnerability is specially serious in environments like libraries, ATMs, airport machines, labs, etc, where the whole boot process is protect (password in BIOS and GRUB) and we only have a keyboard or/and a mouse.
>Note that in cloud environments it is also possible to remotely exploit this vulnerability without having "physical access."
>Am I vulnerable ?
>If you use Debian or Ubuntu/ (probably many derived distributions are also vulnerable, but we have not tested), and you have encrypted the system partition, then your systems is vulnerable.
>Note that in cloud environments it is also possible to remotely exploit this vulnerability without having "physical access." To clarify (since they have not) - you can remotely exploit this vulnerability if you have KVM access.
Daniel Brooks
that only applies to people that are retarded enough to not put grub on a seperate disk as their /boot and getting a root shell without being able to decrypt the drive is pretty much useless unless you want to be an asshole and delete everything
Nolan Edwards
ATMs, libraries and airport machines NEVER use disk encryption
Nolan Allen
> >This vulnerability allows to obtain a root initramfs shell on affected systems I doubt it can be called a vulnerability. 1) You have to have an unencrypted /boot with keys to load an encrypted partition 2) While you can encrypt /boot w/GRUB configs, Linux kernel and initramfs still must be decrypted before booting further, in that case keys might be stored inside an initramfs image. You can't avoid that, you'll need to start somewhere.
Sebastian Reed
Minor security risk they can get into a root shell but since your partition is encrypted they can't have access to it but they can extract it and bruteforce it(and if you are not an idiot and use a strong password they can't get into it).Oh and they need physical access to the machine. And it's a Debian specific patch so it only effects Debian
Noah Garcia
>open source >vulnerability disclosed >vulnerability fixed >patches immediately available
>proprietary software >pester vendor about the issue >threated to publicly disclose it within a 2 week deadline >vendor doesnt respond within 2 weeks >publicly disclose vulnerability >popular newspaper covers vulnerability to raise awareness >get shit on on by internet retards that think you didn't responsibly disclose the vulnerability >vendor finally pushes out update after x months
Jackson Hughes
So what, you can get a root shell, and? You can't access the data. Anyway, >debian Not even once.
Samuel Green
The only security risk is that somebody modifies the boot partition to gain root access when the owner logs into the compromised machine. Maybe they should also encrypt the boot partition.
Lucas Gray
>todays news on Sup Forums >major code execution vulnerability on servers >to execute the attack the owner of the machine must have logged in to the machine but forgot to log out while not using it >if the attacker can gain physical access to the machine then they can do almost anything they want >a root exploit is also possible if the owner used sudo recently
man linux security is such a joke
Jack Wright
>And it's a Debian specific patch so it only effects Debian
If you actually paid attention to the article you would know Fedora is affected also. Most likely many others are also.
Jason Butler
No if you paid attention and read other articles it doesn't effect fedora you illiterate faggot >The researcher asserts it affects Fedora. That is not true. The Fedora doesn't ship the problematic patch. You'll get a debug shell if your boot fails *and* you didn't setup a bootloader password. But in case you didn't secure your bootloader, there's an easier way to get a shell really...
>No if you paid attention and read other articles it doesn't effect fedora you illiterate faggot
LOL. So I'm the "Illiterate faggot" for actually reading the OP's linked post and not *your* article which you probably looked for *after* the fact? Fuck off you fucking dense nigger. Talk about trying to save face. You obviously were fucking illiterate yourself and just had to get some "second opinion".
From OP's article for (You), you fucking degenerate:
>Update: We have found that systems that use Dracut instead of initramfs are also vulnerables (tested on Fedora 24 x86_64).
>Further note: In Dracut, failure to open an encrypted root device will force an initramfs shell no matter what cryptsetup does, but that is dracut's behavior on not finding root and can't be changed by changing cryptsetup
Get fucked.
Asher Price
No manual entry for 'linux security is such a joke'
Julian Morgan
>being this mad kek >You obviously were fucking illiterate yourself and just had to get some "second opinion". Yea i take everything with a grain of salt and i had to look for more answers you dimwit Never said anything about NOT getting a shell you are going to get a shell(from the quote i posted) there are other ways to get into a shell than this one btw ex: booting into root shell by changing grubs parameters to 1 (forgot exactly what else you have to change but yea) Enjoy your (You) pal :^)
Jason Reyes
tl;dr
You're wrong and were proven such, even from your own link. kek. Just proving again, you should actually pay attention.
Now fuck off. You ain't worth my time.
Alexander Cruz
Top kek. Linux has no games and has shit security. Looks like windows 7 master race wins again.
Carson Evans
...
Josiah Nelson
This isn't even an issue, honestly.
It's no different from hitting 'e' in grub and typing 'single' into the kernel options. If you have physical access, root is practically guaranteed. That's why these people have cryptsetup in the first place.
Ethan Davis
>using gentoo >kernel made especially for my computer, no initramfs/initrd needed and created
ooga booga
Jordan Gutierrez
Is this even an issue if you don't use grub?
Gabriel Wilson
This is what i'm saying but other retards just don't understand
Caleb Gomez
It's definitely not serious, Linux is still safe, the only thing an attacker can do is destroy the system and delete all the files (as long as the system is encrypted, otherwise it's open season lol!)! Year of the Linux desktop guys!
Grayson Young
Malicious software can be installed in /boot you fucking idiots. This can also be access remotely on servers hosting linux images under certain circumstances.
Not to mention laptops that regularly get left unattended in work scenarios. FFS.
Sup Forums Literally full of idiots.
Sebastian Ortiz
if you have physical access than you already can physically remove the drive and get the same access, or physically destroy it.
whats the big fucking deal
Gavin Peterson
>Malicious software can be installed in /boot you fucking idiots.
No shit Sherlock.
>Not to mention laptops that regularly get left unattended in work scenarios. FFS.
Again, no shit Sherlock.
>Sup Forums Literally full of idiots.
You're currently in the lead, dumbfuck.
Jack Watson
DELETE THIS REEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEEE
Blake Lopez
Get a load of this faggot. What a retarded cunt, he clearly does not know jackshit.
Anthony White
Linux doesn't have malicious software, you turd burgling windows shill.
Samuel Ross
Sheeeeeet, you are just a bit less retarded than the faggot you quoted.
Henry Sanchez
y-you too
Nathan Williams
Wow, Jesus Christ.
Nathaniel White
>almost 2017 >not offloading disk encryption to a RAID card linuxfags btfo
Angel Sanchez
>vendor finally pushes out update after x months Isn't that a little optimistic?
Easton Diaz
>trusting an OS created by literal neets in their basements lol
Easton Flores
It affects CentOS as well
Grayson Lewis
Even with grub password
Ayden Gomez
fugg
Easton Evans
The Apple MacBook Pro with Retina Display doesn't have this problem.
Jason Robinson
I don't really give a fuck desu. I encrypt my shit because I don't want someone who'd steal my laptop to look at my files. A root shell won't help them decrypt my files.
Nicholas Diaz
kek
Jeremiah Butler
So it requires: >An encrypted partition with a manually-entered password >Physical access to the machine i.e. for 99% of people it's fucking nothing
Jace Turner
Fucking hell
Everyone who's serious uses a removable disk with a key file. It would make sense for the serious options to be better worked out than the plebeian idiocy
Henry Martin
They don't connect to the Internet as well.
John Powell
>Everyone who's serious uses a removable disk with a key file. Nah. It's just about threat models. If you're afraid the state is gonna come for you, try to load your laptop with malware and get you to use your laptop in order to get your passwords then yeah, you should consider using a removable disk and keeping it on yourself at all times.
If the only thing you're worried about is that people are going to take a look at your files if they steal/if you lose your laptop then just using a long password is fine.
Dylan Adams
except now that ugly ass script kiddie who goes around picking up thinkpads can wipe your disk as a "prank"
ps its me
Lincoln James
Don't care, I make daily backups at home and remote backups on a server I own twice a week. I won't lose shit.
Plus I don't know anybody who'd think it's fun to wipe other's drives.
Wyatt Peterson
DELET
Christian Perry
Question: Isn't it already the case that anybody who picks up your thinkpad (=physical access) can wipe it anyway? Most people do not have a BIOS password set, so hit F2 during boot, change the boot order so it boots from USB first, insert any usb stick with linux liveCD*, mount the disks and rm -rf /mnt/* Am I missing something?
* which are not stopped by secureboot btw
John Taylor
If they have physical access, nothing is stopping them from just stealing your drive. Or smashing your computer with a hammer.
Grayson Ross
DEBIANFAGS BTFO ARCH STILL REIGNS AS BEST DISTRO OF ALL TIME
Aiden Jenkins
It has single user mode which works with or without encryption
Isaac Wood
The Windows 10 Operating System does not have this problem.
Jackson Hill
Use linux they said. It's more secure they said.
Carter Phillips
>not having self destructive SSD to fry all your chips when the po po comes after your crabby patties
Christopher Edwards
>vendor finally pushes out update after x months It's more like: Vendor CLAIMS that he finally pushed out an update after X months. The best you can do when using a proprietary operating system is to ASSUME that anything actually got patched.
Liam Russell
>he fell for the "gentoo is a meme" meme Install Gentoo. Also what are the details exactly? I doubt you can magically decrypt a partition (a requirement to make use of the root initramfs) without knowing the key, so is it only for unsecured keyfiles? By this logic, you can just set init=/bin/bash in the grub kernel command line arguments and you're good to go.
