GNU/Linux has a massive flaw in Grub, its ubiquitous bootloader. Just by hitting a few keys, you can completely pwn a Linux box—including many embedded devices.
The “Grand Unified Bootloader” had a weird vulnerability added in 2009. Was CVE-2015-8370 introduced into GRUB2 by a government agency, such as the NSA?
If you think this has a happy ending, you haven’t been paying attention. In IT Blogwatch, bloggers pay attention. <!– Not to mention: XXXXXXXXXXXX… –>
Your humble blogwatcher curated these bloggy bits for your entertainment.
To read this article in full or to leave a comment, please click here
Source: COMPUTER WORLD