In the raging forum battles over which operating system is best, you’ll usually find spats over Apple OSX and Microsoft Windows. But inevitably you’ll get a passionate few in support Linux. While there are many reasons why a Linux based OS is a great alternative to the mainstream options, it appears that security may not be its strongest hand at the moment. In fact, if you know how to hit the delete key, you’ll stumble upon one of the most shocking hacks uncovered in the OS.
A pair of researchers at the Cybersecurity Group at the Polytechnic University of Valencia in Spain have discovered that the Grub2 loader , which is part of many distributions created after 2009, has a rather simple exploit. In this blog post, the researchers explain how the exploit will give you access to a Linux based machine’s data with the ability to also install malware and viruses. All you need to do is hit the delete key 28 times at the lock screen.
Luckily, the exploit can only be performed locally meaning that you have to be physically at the machine you intend to exploit in order to action the 28 simple key presses.
One of the strengths of the Linux community is their ability to share information and perform updates to the OS very quickly. Major distributions like Debian, RedHat and Ubuntu have already created patches for the exploit. But with so many older machines out in the wild finding a second life as a Linux box, the threat will remain until every machine is patched.