|Re: [Hangout-NYLXS] GRUB Vulnerability
|Quoting Elfen Magix (elfen_magix-at-yahoo.com):
> When I was the CTO of BizinfoPlus, our servers were at TelX, a fine
> little dat-warehouse on Houston Street at the old Western Union
> telegraph building. Our servers were in a combination locked cabinet
> and when you open it, there was not display or keyboard tray among the
An utterly classic story of a particular genre:
My local sysadmin guild whose Board of Directors I was on for about a
decade and a half, BayLISA, holds every October an open-mic session
called 'Short but Cool & Sysadmin Horror Stpries'. Your anecdote would
be perfect for the latter category.
> The Security flaw is not within GRUB itself, It is with having
> physical access to the machine from LACK OF SECURITY on the Physical
Exactly. The 'flaw' is trivia when seen in proper context.
Back in WinNT 4.0 days, Microsoft Corporation and its captive press
corps kept advising companies that it was safe (and advised) to place
departmental file/print (etc.) servers out in the middle of cublicle
land because the Security Authentication Module (SAM) database resided
on an NTFS filesystem, and therefore nobody could break in using (e.g.)
a boot floppy.
This was a foolish thing to allege because physical access always wins.
E.g., a determined break-in artist could visit cubicle land after hours
or over lunch hour toting a WinNT workstation, temporarily extract the
departmental server hard drive(s), mount that(/those) drives in the
workstation, and have full access to the server filesystems --
end-running trivial obstacles like BIOS passwords and bootloader
passwords (if the latter feature were provided by Microsoft's OS Loader,
which it wasn't).
However, what really got wide public notice was when Linux live CDs
like Ultimate Boot CD started bundling Offline NT Password & Registry
Editor, made possible by betaware (first implementation of several)
reverse-engineering of the NTFS filesystem format by Linux coders, that
was reliable enough to permit mounting that filesystem and blanking out
local system account passwords in the SAM -- which was then used by a
couple of generations of thankful NT admins who'd forgotten or lost the
When Microsoft Corporation was then mocked by people claiming the Linux
community had cracked their security and that the latter was defective,
I and others were very quick to say 'No, not at all. The only thing
defective was the erroneous claim that it's reasonable to think physical
security doesn't matter. It's actually of paramount importance.'
Cheers, « Il n'est si homme de bien, qu'il mette à l'examen
Rick Moen des loi toutes ses actions et pensées, qui ne soit
rick-at-linuxmafia.com pendable dix fois en sa vie. »
McQ! (4x80) -- Michel de Montaigne, Essais
hangout mailing list