[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y ] [Search | Home]
4Archive logo
>Zero-day vulnerability lets Linux applications...
If images are not shown try to refresh the page. If you like this website, please disable any AdBlock software!

You are currently reading a thread in /g/ - Technology

Thread replies: 205
Thread images: 30
File: 1444767619668.png (58 KB, 256x256) Image search: [iqdb] [SauceNao] [Google]
1444767619668.png
58 KB, 256x256
>Zero-day vulnerability lets Linux applications gain root access
>The Perception Point Research team has identified a 0-day local privilege escalation vulnerability in the Linux kernel. While the vulnerability has existed since 2012

>since 2012
>since 2012
>2012

Holy shit.
>Loonix security

http://www.infoworld.com/article/3024215/linux/zero-day-vulnerability-lets-linux-applications-gain-root-access.html
http://perception-point.io/2016/01/14/analysis-and-exploitation-of-a-linux-kernel-vulnerability-cve-2016-0728/
>>
>>52514724
linux security is just security through obscurity which works really well for most people
>>
>>52514724
http://thehackernews.com/2015/12/hack-linux-grub-password.html
>>
>>52514724
>freetards on suicide watch
>>
>>52514746
Fucking retard.
>>
Linux acknowledges security issues and quickly fixes them.
Apple ignores them and patches months down the road.
Microsoft is somewhere in-between.

>>52514754
>Putting a password on your bootloader

Nigga, if you're entering a password on GRUB, it best be to unlock a LUKS volume otherwise you're already fucked because they have physical access to your machine.
>>
>>52514724
there have been windows vulns that have existed since like 2002 man relax
and stop using that emoji
>>
>>52514724
>2012
I thought opens sores' so great because everyone can look through the code and find bubs like this?!

Turns out neckbeard hobbyists aren't smarter than security experts from MS/apple.
>>
Computer security is a fairy tale for little kids.
The best way to secure data is to have no data that has to be secured.
>>
It was found this week and hasn't been used to anyone's knowledge. The fact that it existed since 2012 doesn't really mean anything. Every OS is like this, the important thing is that the vulnerabilities get patched immediately.

The problem here is that this vulnerability also affects Android, and people are going to be waiting weeks or months to get the patch. Older devices won't get the patch at all, so they'll be walking around with a phone that has a gaping security hole that will never be fixed.
>>
File: 1426038384251.jpg (74 KB, 571x597) Image search: [iqdb] [SauceNao] [Google]
1426038384251.jpg
74 KB, 571x597
>Android and Linux are both vulnerable to a zero-day exploit that
>>
>>52514888
> implying I want to talk to niggers
>>
$ grep CONFIG_KEYS /usr/src/linux/.config
# CONFIG_KEYS is not set


Nice try
>>
>>52514724
>It was found this week and hasn't been used to anyone's knowledge.
Why wasn't it found earlier? I always hear freetards brag about the advantages of open source, but they instantly go into damage control mode once something like this happens.
>>
>>52514975
Because code is complicated and vulnerabilities are not always apparent.

Probably would have never found it if they didn't have the source though.
>>
>>52514724
linux, secure, haha faggots time to hit winblows
>>
>>52514975
Because there aren't any.
Shellshock is 25 years old and they still make up excuses for it.
http://www.geek.com/apps/25-year-old-bash-shellshock-bug-could-be-more-dangerous-than-heartbleed-1605349/
>>
Just don't use a password then.
>>
>>52515042
>it’s hard to say for sure because loads of applications and services interact with Bash
>>
>>52514724
>it's caused by someone using goto
>>
Windows never looked better.

who comfy here?
>>
File: 1318621708152s.jpg (6 KB, 252x252) Image search: [iqdb] [SauceNao] [Google]
1318621708152s.jpg
6 KB, 252x252
>>52515121
I love my win
>>
>>52515121
Fuck the freeniggers
>>
>>52514975
You know the problem and you have everything you need to fix it. That is the advantage of open source.

and you can't deny it by saying that someone else should fix something they built for free and you didn't pay for.
>>
>>52515239
nobody on /g/ has ever fixed a large vulnerability in anything or else they wouldn't be here
>>
>>52515259
Why would people on a consumer electronics forum fix vulnerabilities?
>>
>>52515259
spotting sql/js injection isn't really that hard. on the contrary, this kernel bug is quite interesting.
>>
>>52515018
I love retards like you who hop from software to software because of hearsay, memes and irrelevant issues that barely have any affect on the end user.

>oh fuck /g/ says NSA will spy on me if I use Windows!
better use Ubuntu

>oh fuck /g/ says Amazon will spy on me if I use Ubuntu!
better use Tails

>oh fuck /g/ says Tor is compromised!
better use Debian

>oh fuck /g/ says Debian has ancient 2 year old packages!
better use Arch

>oh fuck /g/ says Arch breaks X and deletes my configs!
better use Gentoo

>oh fuck /g/ says a security issue was found in the Linux itself!
better use Windows
>oh fuck /g/ says NSA will spy on me if I use Windows!
>>
>>52515121
According to the first article linked, this newly found bug let's an attacker
>delete files
>view private information
>install unwanted programs

All of which Microsoft can do to you on windows.
>>
So is this a GNU/Linux vulnerability of just a Linux vulnerability?
>>
>>52515331
It's in the kernel, so it's "just" a Linux vulnerability. So desktop Linuxes, Android, and whatever embedded platforms have Linux underneath, if they use the affected versions.
>>
>>52515259
I found a filesystem corruption bug that delayed Haiku Alpha 4.
>>
>>52515331
>le GNU/Linux is not Linux terminology bullshit
Just go away please.
>>
>>52515389
Haiku! <3
>>
File: 157561414.jpg (138 KB, 338x507) Image search: [iqdb] [SauceNao] [Google]
157561414.jpg
138 KB, 338x507
>>52514829
>experts from MS
>>
>>52515460
It's not bullshit.

Imagine if we would call cars by just their brand. So every Volkswagen car (Golf, Polo, Passat et cetera) is just "a Volkswagen". That's incorrect. It's a Volkswagen (brand) Passat (type).

Same reason GNU/Linux is correct when you refer to GNU with Linux. Calling it "Linux" leaves out a very fundamental identifier of the "car" as a whole.
>>
>>52515501
I love this meme. Especially since India's one of the top Linux countries.
>>
>>52514972
$ zgrep CONFIG_KEYS /proc/config.gz 
CONFIG_KEYS_COMPAT=y
CONFIG_KEYS=y

FUG
>>
>>52515541
And if you (if you were the one I was referring to) actually read the article, you could've easily answer your original question by yourself.

>Same reason GNU/Linux is correct when you refer to GNU with Linux.
And yet it still is way to unspecific considering you can replace Linux user land almost as much as you want. Do we call desktop Linux X11/Linux nowadays? No.
>>
File: 1246721179348.jpg (13 KB, 450x323) Image search: [iqdb] [SauceNao] [Google]
1246721179348.jpg
13 KB, 450x323
>>52515582
>all this poorfag third world shit.

Freetards disgust me.
>>
>>52514724
So is linux or gnu and linux.
If it isn't the later I don't know how android devs haven't fixed it
>While the vulnerability has existed since 2012, our team discovered the vulnerability only recently
Oh that's why. Lets just wait for an update then
>>
>>52514724
>Local privilege escalation
>Already patched
>The vulnerability affects versions 3.8 and higher

Try harder
>>
>>52515647
>they aren't indoctrinated good goys of the MS/Apple monopoly

You should envy them
>>
>>52515636
>nowadays
>a
how much I hate this word please use "nowdays"
>>
>>52514746
Could you be any more of an idiot?
>>
>>52515582
>In other words, Europe comes out as the overall most Linux-friendly world region.
>Europe, 1.14%
>South America, 0.88%
>North America, 0.72%
>Oceania, 0.72%
>Africa, 0.45%
>Asia, 0.34%


>Market share meme
Pls
>>
>>52515717
>So is linux or gnu and linux.

>Any machine with Linux Kernel 3.8
>Linux Kernel 3.8
>Linux Kernel
>Kernel

Question answered?

>>52515756
what?
>>
>>52515647
I'm pretty sure is because government involvement.
Hell, if North korea shared statistics you'll see right there with cuba.
>>
>>52515718
>Already patched
>Pats said that the Linux team has been notified, and patches should be available and pushed out soon to devices with automatic updates.

Reading comprehension or freetard bubble?
>>
>>52514724
Shit now I got to change OS again.
>>
>>52515315
>only two of those are right
>its the first and the last
>there are plenty of people out there who will believe the rest
I know being retarded about computers is a global tradition at this point, but come on
>>
>>52515582
north korea is like 99%
>>
Daily Microsoft shill thread
>>
>>52515121
hurensohn
>>
>>52515889
Seriously, claiming that a thread or poster is a "shill" should be a bannable offense.
>>
This is already patched in Debian.
>>
>>52514746
open sores is the exact opposite of security through obscurity.
>>
Finding these are good since they can eventually be fixed. You're fucked not knowing anything that is going on with Windows or OSX.
>>
>>52514724
If they know it has existed since 2012 why are they hyping over it now? they can't be the only ones to discover it could they? or did they TRULY only discover it JUST NOW?
>>
>>52515986

it's already been fixed.
>>
>>52515986
install gentoo
>>
>>52514798
>quickly fixes them
>3 years
keep lying to yourself, freetard
>>
File: 1452915472020.jpg (262 KB, 1110x870) Image search: [iqdb] [SauceNao] [Google]
1452915472020.jpg
262 KB, 1110x870
>>52514724
>Both android and linux is vulnarable
>Quoting linux only
Fucking Microsoft shills, how much do they pay you?
>>
>>52515914
10 Rupees have been deposited to your designated paid shill account.
>>
>>52515647

>they're not paying therefore they're disgusting

capitalist brainwashed fag, u wish u were indy but you're more like that azn little bitch boy
>>
>>52516069
android is linux
>>
>>52516245
This thread doesn't seem to acknowledge that. Also while posting the market share memes wintards easily forget this
>>
Question
Can this be patched on Android without updating the entire OS to a new version?
Surely this affects some Kitkat phones and newer based on 3.8
>>
>>52516245
adroid is not linux
http://jeffhoogland.blogspot.com/2011/07/six-signs-android-really-isnt-linux.html
http://www.howtogeek.com/189036/android-is-based-on-linux-but-what-does-that-mean/
>>
Being able to update the kernel in a breeze feels good.
>>
>>52515828
Patch is out for Debian / *buntu systems my dear
>>
>>52514746
This is such a low quality bait, it doesn't deserve a bait.png
>>
>>52516385
Android is Linux
>>
>>52515541
Not really, since everything has GNU in it anyway

It's redundant to say Gnu/Linux, much like it would be redundant to say X11/Linux or anything else
>>
>>52516586
Check out my Firefox/XFCE/Compton/X11/GNU/Linux setup
>>
>>52516614
Nice!
>>
>>52516556
Linux fork
>>
>>52516697
Still Linux

(Some cunt mentioned a car analogy up there)

Even if you take a car, let's say a Ford Focus and you replace the bumpers and the interior and the engine, it's still a ford focus
>>
>>52516695
That's nothing compared to my 4chan X/4chan.org/Firefox/Numix/GNOME Shell 3.18/Mutter/GDM/X11/GNU/Linux/Intel i5/ASUS setup
>>
>>52516725
No if you end up with an airplane or in other words a BSD like system.

Android could turn into that.
>>
>>52516758
Pawsome!
>>
>>52516725
It's actually more like

Slightly modified Ford Focus (Linux part of Android) with a whole other car glued to the top (Java part of Android)
>>
>>52514724
Well I told you guys, that guy Torvalds is an amateur. You didn't listen.
You think one hobbyist dev can make a better kernel than a company. So gullible.
>>
File: 1452832737483.jpg (158 KB, 720x480) Image search: [iqdb] [SauceNao] [Google]
1452832737483.jpg
158 KB, 720x480
>>52514724
>>Loonix security
>What is SELinux
>>
>>52516970
You mean NSALinux? :^)
>>
>>52517005
And? Have you even studied SELinux before shitposting with a meme emoji?
>>
>>52517049
This is all the studying I needed to do
>>
>>52517064
Then stop your shitpost
>>
>>52517078
>The United States National Security Agency (NSA), the original primary developer of SELinux
Nah
>>
File: 1452977288133.png (3 KB, 80x80) Image search: [iqdb] [SauceNao] [Google]
1452977288133.png
3 KB, 80x80
>>52517091
>Knowledge boundary of a typical winbabby
>>
>>52515150
YOBA ETO TI?
>>
File: 1430530780724.jpg (29 KB, 465x455) Image search: [iqdb] [SauceNao] [Google]
1430530780724.jpg
29 KB, 465x455
>open sores in damage control mode
>>
>>52517127
>Lincuck damage controlling the fact that Linux is also compromised by the NSA
toppest kek, as they say
>>
>>52516913
http://foxglovesecurity.com/2016/01/16/hot-potato/

All windows versions privilege escalation bug.
>>
>>52517159
Nigger don't talk about things you don't understand, you are embarrassing yourself
>>
>>52517186
no u
>>
>>52517151
I don't get it, how is it 3 years? Yes, this bug affects kernel 3.18 and higher, which is from a long time ago but exploiting this bug or this vulnerability is discovered recent days, not to mention SELinux users are free from this issue.
Critical vulnerability like this could not be even discovered if it was closed source. And good luck finding out if it is patched in the updates of a closed non-free softwares.
>>
>>52517219
Meant for >>52514724
>>
>>52515121
This! Why bothering with some lame exploit when you can enter from the backdoor with a nice red carpet.
>>
>Windows has remote vulnerabilities discovered every DAY
>Linux has critical vulnerabilities that existed for YEARS unpatched
>tfw using OSX and ZERO exploits
Feels fucking great family.
>>
>>52517181
>requires physical access to the machine
Nah
>>
File: OS-chart.jpg (66 KB, 813x420) Image search: [iqdb] [SauceNao] [Google]
OS-chart.jpg
66 KB, 813x420
>>52517276
:^)
>>
File: 1452801801290.jpg (30 KB, 720x438) Image search: [iqdb] [SauceNao] [Google]
1452801801290.jpg
30 KB, 720x438
>>52517159
KEK
> Microsoft selling it's own vulnerabilities to the NSA
> Literally OS ridden with spywares
> Adwares in updates and start menu
> Thinking SELinux is not audited
>>52517276
>OSX and ZERO exploits
KEK
E
K
>>
>>52517298
Pls no, this chart triggers me everytime I see it.
>>
>>52515792
oh look, another cve that doesn't affect debian wheezy at all
>>
>>52517298
>yfw UNIX philosophy itself is the problem
>>
File: 1452134124768.jpg (18 KB, 360x270) Image search: [iqdb] [SauceNao] [Google]
1452134124768.jpg
18 KB, 360x270
>>52514724
I tried to warn you........
>>
>>52517298
>number of vulnerabilities found by some random security firm
>chart probably invented by someone in /g/
>people keep posting it and presenting it as fact
>>
>>52517298
>>52514724
To be honest windows' biggest vulnerability is it's dumb users
>Crack and patch softwares
>Patched OS activator
>Thirdparty Registry editor
>Built in ad-clickbaits
And to think these wintards are making threads about security hahahahahahaha
Simply ebin
>>
>local privilege escalation
Fairly minor then.
>>
File: dmg_ctrl.jpg (149 KB, 650x650) Image search: [iqdb] [SauceNao] [Google]
dmg_ctrl.jpg
149 KB, 650x650
>>52517359
DAMAGE CONTROL
A
M
A
G
E

C
O
N
T
R
O
L
>>
>>52517295
same thing as the OP issue, local privilege escalation
>>
>>52517362
>>Thirdparty Registry editor
Most linux programs are third party tho :^)
>>
>>52517416
Yeah, they are not closed source. It there is a backdoor it is easy to find out :^)
>>
>>52517416
It's not third party if it's in my distro's official repos. :^)
>>
>>52517467
I didn't realize that the Linux kernel has built in repositories :^)

Or are you talking about third party repositories?
>>
>>52517416
>Most linux programs are third party
Only true for people who doesn't know how to look for native packages
These people will look for
>Sublime kek instead of kate/geany
>VMware instead of QEMU/KVM
>Adobe reader instead of Evince/Zathura
>Chrome instead of Chromium etc
>>
File: 1276703731993.jpg (71 KB, 1304x934) Image search: [iqdb] [SauceNao] [Google]
1276703731993.jpg
71 KB, 1304x934
>>52515582
>call them freeniggers
>freetards are actually niggers

You can't make this shit up.
>>
>>52517563
I didn't know Kate, Chromium, Evince, etc were built into the Linux kernel and/or made by the Linux Foundation
>>
>>52517577
I said local repository, don't make shit counter arguments like schoolkids
>>
>>52517575
>>Europe, 1.14%
>>South America, 0.88%
>>North America, 0.72%
>>Oceania, 0.72%
>>Africa, 0.45%
>>Asia, 0.34%
>>
>>52517590
First party Linux programs are made by the first party, as in, made by the Linux Foundation
>>
>>52517602
>implying Yurop isn't full of sandpeople nowadays.
>>
>local privilege escalation

It's fucking nothing. If there's someone who has physical access to your machine and they want to do "bad things", you're fucked either way. This has already been patched on Debian and *buntu, Arch is sure to have a patch out very, very soon.

>>52517159
>SELinux
Porbably one of the most audited pieces of software out there. Do you seriously believe that the fucking ICBC, the Chinese central government (remember how great they get along with the US?) bank with 100 million customers and 8 million corporate accounts, that has Linux serving as the main backbone for their IT infrastructure, hasn't audited the ever loving shit out of SELinux themselves? Do you really think every government in the world isn't checking for NSA backdoors when they were involved in making it? Do you think they'd be quiet about it?
>>
File: dsc_0984.jpg (23 KB, 425x282) Image search: [iqdb] [SauceNao] [Google]
dsc_0984.jpg
23 KB, 425x282
open source = open to attack

it's just that simple
>>
Check your privilege, shitlords
>>
>>52517637
Also, open to fix,
Not like incompetent devs hiding behind closed-source garbage see >>52517298
>>
>>52517658
critical bug unfixed for 25 years
see >>52515042
>>
File: 1453026636928.png (22 KB, 639x715) Image search: [iqdb] [SauceNao] [Google]
1453026636928.png
22 KB, 639x715
>>52514724
LINUX BTFO AMIRITE?

ANYONE HERE WITH KMSAUTO? DAZLOADER DIDN'T WORK
>>
File: 1370970174677.jpg (104 KB, 850x637) Image search: [iqdb] [SauceNao] [Google]
1370970174677.jpg
104 KB, 850x637
>>52514724
>Local

What is command +R in osx reboot and type reset password in terminal

What is booting from other OS and editing windows

Whilst Linux kernel req a lengthily exploit
>>
>>52517707
>What is booting from other OS and editing windows

>Whilst Linux kernel req a lengthily exploit

or you know
>What is booting from other OS and editing Linux
>>
>>52517703
EBIN XDDDDD
>>
>>52517678
Nice fix Apple came up with,
https://apple.stackexchange.com/questions/146849/how-do-i-recompile-bash-to-avoid-shellshock-the-remote-exploit-cve-2014-6271-an
>>
>>52515582
And of course Stallman has praised commie Cuba for being almost 7% Freetards.

P.S. India is 20 in the top 20. But still after Finland, Spain and Italy.
>>
>>52515582
desktop market share is irrelevant in the current year and especially to linux
>>
>>52517703
this is the best imagd ive seen on chin for a long time
>>
>yfw it's exactly the same situation on both sides
>a bunch of faggots are being paid to go through the code
Let's not pretend that randomgithubfag#4252 has actually ever bothered fixing any serious bugs in either kernel.
The "everyone can look at the code" doesn't apply in kernels or drivers.
>>
>>52516837
>>52516725
>>52516697
>>52516818
Linux is ford focus internals (engine, drive train, tranmission, frame, wheels, etc).
Android is the Outside (Body, interior seats, steering wheel, pedals)

Android boots up via same method a linux, BUT as soon as init.d scripts finish running the system is handed off to the zygote process which handles the dalvik/java VM.

Android has so much vulnerability and google is taking the same fucking path as microshit/crapple.
>>
>>52518052
>desktop market share is irrelevant
>that's why freetards on /g/ shill for Linux 24/7.
OK, buddy.
>>
>>52514724
Wow, a piece of software has a vulnerability, who would have thunk????????????????
>>
>someone today finds a new way of exploiting something
>claims the exploit has existed for many years
>it didn't exist till someone discovered a method of - get this - exploiting it
>someone cries and whines about it being vulnerable
>not understanding a fucking thing
>stupid fucking people will be the death of us all
>>
>>52518052
>desktop market share is irrelevant
I hope you enjoy your driver support, commercial software and gaymes.
>>
>>52517724
hahaha

>try to read my LVM ext4 with windows

top kek faggot
>>
Impossible. Everyone knows that all free software is audited 50 times a day. That's the whole point of being open source.
>>
>>52518264
Well the problem with it being around since 2012 is that old android devices running linux from since then that won't be updated will forever be vulnerable.
>>
>>52518114
>The "everyone can look at the code" doesn't apply in kernels or drivers.
It does, it doesn't mean anyone can get their fix pushed
>>
>>52517512
>the Linux kernel has built in repositories
What the hell are you talking about?
>>
>>52518424
He's just being stupid, thinking that "anyone" implies even retards like himself can edit/fix a kernel.
>>
>>52516062
>What is a Zero-day vulnerability
Illiterate winbabby faggot
>>
>>52518288
why not another Linux-based OS?
>>
>>52518443
No, it clearly applies to the people already contributing and getting paid to do so.
>>
Daily reminder: Good shit not free. Free shit not good.
>>
>>52518538
werks on my machine :^)
>>
>>52518114
Yes it does. Kernels or drivers aren't really more complex than other programs. Most drivers tend to be fairly simple even. All they do is implement a protocol specified by the hardware vendor and the corresponding kernel API. The real problem is that most hardware vendors don't publish their specifications (best example: NVIDIA), so people have to reverse engineer and guess.
I mean, just look at the thousands of kernel forks and mods made by those faggots on XDA etc. Surely they aren't all geniuses and wizards.
>>
>>52518567
>having your data harvested daily for 3 years
>'works'
:'3
>>
>>52515315
Does anyone even run Tails as a daily OS? I've literally never heard of anyone who does.
>>
>Haha linux has a vulnerability. Time to go back to Windows with it's swiss cheese put-there-on-purpose NSA backdoor security.

LMAO
>>
>>52518622
>having your data harvested daily for 3 years
Nigga what
>>
>>52518622

Nigger, Do you even know how may softwares have had vulnerabilities for years in and out?
>>
File: image.jpg (29 KB, 565x334) Image search: [iqdb] [SauceNao] [Google]
image.jpg
29 KB, 565x334
>>52514724
>>
>>52515315
>no systemd
>>
>>52518626
some people use kali linux for daily OS so ...
>>
File: 1431790091726.jpg (1 MB, 2272x1704) Image search: [iqdb] [SauceNao] [Google]
1431790091726.jpg
1 MB, 2272x1704
Sure your desktop/server Linux will get patched pretty quick, probably before there are any actual exploits in the wild.. but

>The cherry on top is that about 66% of Android devices are also exposed.

Wonder how long before those devices get patches? (assuming they ever do)

Yes, I realize that you personally, Jimmy G. Austimo, will be flashing to the latest CM or whatever you want once it's available but the average user's device will probably be waiting weeks or months for a patch if it even gets one.

Google should have just said fuck the OEMs and carriers from the beginning and avoided this fragmentation clusterfuck that is Android now.
Make every device essentially a Nexus device, don't let them shit everything up with bloat and then abandon devices that are perfectly capable of running recent versions of the stock OS.

Oh well, techies will always use nexus devices and/or custom roms and don't care, but the average normie could get royally screwed when a vuln like this gets into the wild and still isn't patched months later due to OEM & carrier laziness
>>
File: inori_hurray.png (72 KB, 256x256) Image search: [iqdb] [SauceNao] [Google]
inori_hurray.png
72 KB, 256x256
>>52520714
>mfw android botslaves are the only brand of phone that gets fucked in the ass by carrier updates
>>
>>52514724
>While if Windows finds a vulnerability like this they can fix it silently with Windows Update.
>>
The exploit does not seem to work on my machine.

$ ./cve_2016_0728 a
uid=1000, euid=1000
Increfing...


Been like that for few hours.
>>
>>52514972
>debian
$ grep CONFIG_KEYS /boot/config-4.1.0-2-amd64 
CONFIG_KEYS_COMPAT=y
CONFIG_KEYS=y

shit
>>
>>52515582
Damn, the Cubans know even software ethics better than a lot of the world.
>>
>>52516458
Manjaro as well and probably a multitude of others.
>>
Meanwhile on Windows land:
http://foxglovesecurity.com/2016/01/16/hot-potato/
>Privilege Escalation on Windows 7,8,10, Server 2008, Server 2012 … and a new network attack
>Server 2008
>2008

Also it's meaningless to cherry pick individual security issues.
>>
>save thousands of dollars on things that I can pirate
>can spend that money any way I want
>colleagues complain about the prices being too high.

Gold. Pure gold
>>
Is this the daily thread about the grub passwd vulnerability that no one uses?
>>
>>52514724
You can't view Windows source code, so how do you know if there's a Security flaw that has been present since 3.1?
>>
>>52524232
You don't, which gives dumb winbabbies a false sense of security
>>
>>52523784
Damn son, Manjaro devs are qucik
>>
>>52520714
How do you know my name? What the fuck!
>>
>>52518288
I never said the other OS had to be windows, cunt
>>
>>52523717
>ubantoo nome

grep CONFIG_KEYS /boot/config-4.1.0-2-amd64


do I win?
>>
>>52524775
fuck
output
grep: /boot/config-4.1.0-2-amd64: No such file or directory
>>
>>52514724
Not to defend Linux or open sauce, but all phones - even with 5.1.1 - run kernels like 3.10, or older.
Same with LTS/enterprise systems.

> inb4 XDA kernels
> inb4 basement dweller's Arch Linux

Who the fuck wants to hack a neckbeard autistic cunt?
>>
>>52514724
ITT: winfags who think their opinion matters :D
>>
>PSSH ITS ALREADY BEEN FIXED
>all that butthurt in this thread

No shit it's been patched. What fucking OS wouldn't patch it immediately after hearing about such a massive fuck up?

Just goes to show linux most likely has shitloads of vulnerabilities that WILL be found once it gains popularity.

Now I'm DEFINITELY staying on Windows.
Fuck linux.
>>
>>52522231
Literally nothing to worry about
>>
>>52515042
>25 years

Please try to defend this, freetards.
>>
>>52514724
Kek, that only affects prehistoric computers running a >3.8 kernel, aka nobody.

If you manage to get the exploit to run (30 minutes), it'll just fail because every system under the sun will have SMEP/SMAP.
>>
File: 1441755770930.jpg (14 KB, 301x301) Image search: [iqdb] [SauceNao] [Google]
1441755770930.jpg
14 KB, 301x301
>>52525685
>including tens of millions of Linux PCs and servers
>aka nobody
>tens of millions
>nobody
>>
>>52525685
>Any machine with Linux Kernel 3.8 or higher is vulnerable

Reading comprehension, freetard defense force.
>>
How come this has existed since 2012 even though 3.8 is only out since 2013?
>>
>>52525705
>>52525708
Topkek, I have two laptops running 4.3 and 3.16, plus servers ranging from prehistoric to state of the art, none of them are affected.

Linux is secure by default, even when they find a vuln and make you run the exploit manually, it doesn't work.
>>
>opens sores security
>>
>>52525705
Who the hell uses >3.8?!

Just let me know, which major LTS distro/server distro uses that kernel.

> tens of millions
Yepp, pulling numbers out of the ass is a great journalist perk. Just like the jews when it comes to the Hall of Cost. Muh 33333 gazillion.
>>
>>52527394
Heave you even read the fucking article?

On wait, you're Indian and English is not your first language.
>>
>>52514724
>"B-but if open-source software is so good why don't people fix security bugs in it all the time, Windows needs a patch every day!"
>A vulnerability is patched
>"Hey look they just patched a vulnerability! They're so insecure XD"
>>
>>52529814
>Windows needs a patch every day!
What are you smoking?
>>
>>52529874
I'm smoking font rendering in kernel space
>>
File: 98685-1.jpg (215 KB, 1440x900) Image search: [iqdb] [SauceNao] [Google]
98685-1.jpg
215 KB, 1440x900
Are you talking about Linux font rendering?
>>
>>52529814
windows might need a patch every day, but it only gets patched every other tuesday
>>
How is it the fault of Linux if Android users don't get the update? Blame Google for allowing retard manufacturers/carriers to stop supporting a device a year after it comes out. Fuck you, Lenovo and AT&T.

Past Android, the only people who will be insecure are those who refuse to update. This is, again, not the fault of Linux. Nobody holds Microsoft responsible for Windows XP users being insecure.

If you think Windows and OS X don't have vulnerabilities like this from time to time, you're frankly a fucking retard.
>>
>>52514724
How did Linus not catch this.
>>
>>52529814
windows has 100x the userbase though
>>
Please refrain from posting flamewar-inducing threads on /g/.

They're not funny, they're an edgy grab for replies that floods the board with shit.

Do you like talking about technology? If so, then do so civilly. It isn't that hard to start a thread asking a question like "What are the pros/cons of NVidia vs. AMD?" or "What are the pros/cons of Apple devices vs. other computer manufacturers?"

Your thread is just cluttering /g/ with filth, and should probably be pruned/deleted.
>>
>>52530197
Sorry m8 but you aren't going to get civil, interesting discussion on this site
>>
>>52514972
grub doesn't support grep. For grep to work, you have to install some shit.
>>
>>52518014
Yes, but 1% of all of indias pop is over 100% of all those shit countries combined.
>>
Serves you right for using a rooted operating system. Atleast Ubuntu doesn't use root.
Thread replies: 205
Thread images: 30
Thread DB ID: 447756



[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

[Boards: 3 / a / aco / adv / an / asp / b / biz / c / cgl / ck / cm / co / d / diy / e / fa / fit / g / gd / gif / h / hc / his / hm / hr / i / ic / int / jp / k / lgbt / lit / m / mlp / mu / n / news / o / out / p / po / pol / qa / qst / r / r9k / s / s4s / sci / soc / sp / t / tg / toy / trash / trv / tv / u / v / vg / vip /vp / vr / w / wg / wsg / wsr / x / y] [Search | Home]

All trademarks and copyrights on this page are owned by their respective parties. Images uploaded are the responsibility of the Poster. Comments are owned by the Poster.
This is a 4chan archive - all of the shown content originated from that site. This means that 4Archive shows their content, archived. If you need information for a Poster - contact them.
If a post contains personal/copyrighted/illegal content, then use the post's [Report] link! If a post is not removed within 24h contact me at [email protected] with the post's information.