Hitting Backspace 28 Times Grants Access To Data On Most Linux Systems
Want to feel like the ultimate hacker, like those in the 1995 cinema classic Hackers? Quick: find the nearest Linux PC, boot to the GRUB2 bootloader, and hit Backspace 28 - and only 28 - times. Yes, really.
Hector Marco & Ismael Ripoll, who are researchers for the Cybersecurity Group at the Polytechnic University of Valencia, recently discovered a flaw within the GRUB2 bootloader software that gets triggered when the Backspace key is hit a very specific number of times. At 28 presses, a memory error gets triggered that lets someone access the entire PC via GRUB's rescue shell. From there, data could be copied to an external device, or deleted, if the attacker is malicious.
GRUB's main job is handling a string passed to it by the configuration file that tells it where and how an OS could be booted. Similar to Windows' boot loader, multiple OSes could be listed here, including "rescue" versions. GRUB is different in that it's OS agnostic; it can boot Linux along with Windows. Given its robustness, GRUB has become the de facto bootloader for most Linux distributions.
The researchers lambaste GRUB for being designed in such a way that it allows a simple bug like this to exist. "It is irresponsible for grub to lack decades-old exploit mitigations like stack cookies that could have addressed this issue."
Ultimately, this bug's effects will be minor, because physical access to the PC running an affected OS is needed. Still, some distributions, like Red Hat, Ubuntu, and Debian, have already released patches to remedy the issue. It's very likely that your distro of choice has also rolled out an update, so we'd recommend checking and making sure your PC is as secure as possible.