Found, NSA backdoor into Linux Kernel

Questions about applications and software
Forum rules
Before you post please read how to get help
NSA_Dontspyoneme
Level 2
Level 2
Posts: 56
Joined: Sat Mar 14, 2015 10:44 am

Found, NSA backdoor into Linux Kernel

Post by NSA_Dontspyoneme »

Is 3.16.0-38 affected?

BS or real??? ----- http://www.wired.com/2016/01/hack-brief ... linux-bug/

Hack Brief: Years-Old Linux Bug Exposes Millions of Devices

An Israeli security research firm has come forward with a troubling discovery. A zero-day vulnerability in the Linux kernel has left “tens of millions” of Linux PCs and servers exposed, along with 66 percent of Android phones and tablets. And it’s been there for nearly three years.
The Hack

In a blog post detailing the issue, Perception Point researchers say that problem stems from the Linux keyring facility, essentially a locker where apps can stash authentication and encryption keys, security data, and other sensitive info. The bug, outlined in more depth here but described as “fairly straightforward,” can ultimately allow an attacker to pose as a local user and gain root access to a device.

Who’s Affected?

In addition to the “tens of millions” of Linux PCs and servers running Linux Kernel version 3.8 and higher, because Android shares some code with Linux, the vulnerability affects any Android device running version 4.4 or later. As of January 4, that adds up to 69.4 percent of all Android devices, even more than the researchers estimated. Basically, if you’ve bought or upgraded your Android device within the last two years or so, that device is vulnerable.
User avatar
otacon14112
Level 3
Level 3
Posts: 111
Joined: Sun Apr 21, 2013 11:43 pm

Re: Found, NSA backdoor into Linux Kernel

Post by otacon14112 »

I know the NSA helped create android; it's in the documentation for the android sdk. Android runs on a linux kernel. I don't know anything beyond that. Wouldn't surprise me, but I hope it's false, and if it is true, then I hope Linus Torvalds does something about it. I don't know if Linus still manages the kernel development, but if he does, then I don't know how he wouldn't have known about this.
Otacon: You remember pre-ripped jeans? Manufacturers thought that just because people loved old, broken-in jeans, they would want to buy new jeans that looked old. So they purposefully...
Solid Snake: What do jeans have to do with nature and order?
User avatar
Pjotr
Level 22
Level 22
Posts: 16188
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Found, NSA backdoor into Linux Kernel

Post by Pjotr »

Where does the NSA come in?

Anyway, upgrade your kernel to the latest witin its series and you should be fine.
Tip: 10 things to do after installing Linux Mint 20.1 Ulyssa
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
User avatar
z31fanatic
Level 5
Level 5
Posts: 905
Joined: Sat Feb 14, 2015 5:25 pm
Location: Pennsylvania

Re: Found, NSA backdoor into Linux Kernel

Post by z31fanatic »

You don't mess you with America, we'll always know where you are and what you do. :wink:
NSA_Dontspyoneme
Level 2
Level 2
Posts: 56
Joined: Sat Mar 14, 2015 10:44 am

Re: Found, NSA backdoor into Linux Kernel

Post by NSA_Dontspyoneme »

otacon14112 wrote:I know the NSA helped create android; it's in the documentation for the android sdk. Android runs on a linux kernel. I don't know anything beyond that. Wouldn't surprise me, but I hope it's false, and if it is true, then I hope Linus Torvalds does something about it. I don't know if Linus still manages the kernel development, but if he does, then I don't know how he wouldn't have known about this.

Linus Torvalds was quoted as saying the NSA came knocking at his door and wanted him to backdoor a bug into linux. He didnt say if he did or didnt.
NSA_Dontspyoneme
Level 2
Level 2
Posts: 56
Joined: Sat Mar 14, 2015 10:44 am

Re: Found, NSA backdoor into Linux Kernel

Post by NSA_Dontspyoneme »

Pjotr wrote:Where does the NSA come in?

Anyway, upgrade your kernel to the latest witin its series and you should be fine.
It affects kernel 3.8 and HIGHER, below is safe???
User avatar
Pjotr
Level 22
Level 22
Posts: 16188
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Found, NSA backdoor into Linux Kernel

Post by Pjotr »

NSA_Dontspyoneme wrote:
Pjotr wrote:Where does the NSA come in?

Anyway, upgrade your kernel to the latest witin its series and you should be fine.
It affects kernel 3.8 and HIGHER, below is safe???
See: http://www.cyberciti.biz/faq/linux-cve- ... ility-fix/

So for the 3.13 kernel series, the 3.13.0-76 already contains the fix. The other kernel series (3.16, 3.19 and 4.2) probably also contain it in their latest versions. The response of the devs to things like this, is usually very fast. 8)
Tip: 10 things to do after installing Linux Mint 20.1 Ulyssa
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
User avatar
Moem
Level 20
Level 20
Posts: 12306
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Found, NSA backdoor into Linux Kernel

Post by Moem »

NSA_Dontspyoneme wrote:Linus Torvalds was quoted as saying the NSA came knocking at his door and wanted him to backdoor a bug into linux. He didnt say if he did or didnt.
Interesting, do you have a source for that?
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
User avatar
Pjotr
Level 22
Level 22
Posts: 16188
Joined: Mon Mar 07, 2011 10:18 am
Location: The Netherlands (Holland)
Contact:

Re: Found, NSA backdoor into Linux Kernel

Post by Pjotr »

M0em wrote:
NSA_Dontspyoneme wrote:Linus Torvalds was quoted as saying the NSA came knocking at his door and wanted him to backdoor a bug into linux. He didnt say if he did or didnt.
Interesting, do you have a source for that?
https://www.youtube.com/watch?v=7gRsgkdfYJ8

Note that it's rather difficult to keep such a thing hidden in open source software....
Tip: 10 things to do after installing Linux Mint 20.1 Ulyssa
Keep your Linux Mint healthy: Avoid these 10 fatal mistakes
Twitter: twitter.com/easylinuxtips
All in all, horse sense simply makes sense.
Cosmo.
Level 23
Level 23
Posts: 17817
Joined: Sat Dec 06, 2014 7:34 am

Re: Found, NSA backdoor into Linux Kernel

Post by Cosmo. »

For those who prefer to read instead of watching videos: http://falkvinge.net/2013/11/17/nsa-ask ... -gnulinux/

Other sources say, that this is a misunderstanding and he was never been asked: http://mashable.com/2013/09/19/linus-to ... oor-linux/
User avatar
Moem
Level 20
Level 20
Posts: 12306
Joined: Tue Nov 17, 2015 9:14 am
Location: The Netherlands
Contact:

Re: Found, NSA backdoor into Linux Kernel

Post by Moem »

Thank you so much Cosmo. I do prefer to read rather than to watch videos and I can't be the only one.
Image

If your issue is solved, kindly indicate that by editing the first post in the topic, and adding [SOLVED] to the title. Thanks!
Hoser Rob
Level 16
Level 16
Posts: 6933
Joined: Sat Dec 15, 2012 8:57 am

Re: Found, NSA backdoor into Linux Kernel

Post by Hoser Rob »

Pjotr wrote:Where does the NSA come in?

Anyway, upgrade your kernel to the latest witin its series and you should be fine.
Agree 100% with that.

Though I don't 100% agree that things like this can't be hidden in open source software. Some of those encryption algorithms use very advanced math ... number theory et al. That stuff is so complex that bugs can hide for years. One recent one was 22 years old. It may be open source but hardly anyone can understand it.
Habitual
Level 13
Level 13
Posts: 4861
Joined: Sun Nov 21, 2010 8:31 pm
Location: 0.0.0.0

Re: Found, NSA backdoor into Linux Kernel

Post by Habitual »

NSA_Dontspyoneme wrote:Is 3.16.0-38 affected?

BS or real??? ----- http://www.wired.com/2016/01/hack-brief ... linux-bug/
...
Who’s Affected?

In addition to the “tens of millions” of Linux PCs and servers running Linux Kernel version 3.8 and higher, because Android shares some code with Linux, the vulnerability affects any Android device running version 4.4 or later. As of January 4, that adds up to 69.4 percent of all Android devices, even more than the researchers estimated. Basically, if you’ve bought or upgraded your Android device within the last two years or so, that device is vulnerable.
I don't know what BS you're quoting, but I see this
Who’s Affected?

As far as Perception Point can tell, nobody so far.
at http://www.wired.com/2016/01/hack-brief ... linux-bug/
Date of Publication: 01.20.16. 01.20.16
Time of Publication: 10:16 am. 10:16 am
NSA_Dontspyoneme
Level 2
Level 2
Posts: 56
Joined: Sat Mar 14, 2015 10:44 am

Re: Found, NSA backdoor into Linux Kernel

Post by NSA_Dontspyoneme »

Right.....

User to root exploit is no big deal. What could go wrong.

Here is the security teams detailed look into it. Not good!

http://perception-point.io/2016/01/14/a ... 2016-0728/


"In this write-up, we’ll discuss the technical details of the vulnerability as well as the techniques used to achieve kernel code execution using the vulnerability. Ultimately, the PoC provided successfully escalates privileges from a local user to root."

http://perception-point.io/wp-content/u ... xample.png










Habitual wrote:
NSA_Dontspyoneme wrote:Is 3.16.0-38 affected?

BS or real??? ----- http://www.wired.com/2016/01/hack-brief ... linux-bug/
...
Who’s Affected?

In addition to the “tens of millions” of Linux PCs and servers running Linux Kernel version 3.8 and higher, because Android shares some code with Linux, the vulnerability affects any Android device running version 4.4 or later. As of January 4, that adds up to 69.4 percent of all Android devices, even more than the researchers estimated. Basically, if you’ve bought or upgraded your Android device within the last two years or so, that device is vulnerable.
I don't know what BS you're quoting, but I see this
Who’s Affected?

As far as Perception Point can tell, nobody so far.
at http://www.wired.com/2016/01/hack-brief ... linux-bug/
Date of Publication: 01.20.16. 01.20.16
Time of Publication: 10:16 am. 10:16 am
User avatar
GreyGeek
Level 4
Level 4
Posts: 232
Joined: Thu Jan 14, 2016 11:01 pm
Location: Lincoln, NE

Re: Found, NSA backdoor into Linux Kernel

Post by GreyGeek »

NSA_Dontspyoneme wrote:Right.....

User to root exploit is no big deal. What could go wrong.

Here is the security teams detailed look into it. Not good!

"... Ultimately, the PoC provided successfully escalates privileges from a local user to root"
Notice that it is a "local user" exploit, not one that is remotely accessible. If a bad guy already has access to your home account then you have worse problems than this exploit!
User avatar
d00med
Level 4
Level 4
Posts: 373
Joined: Fri Nov 26, 2010 9:55 am

Re: Found, NSA backdoor into Linux Kernel

Post by d00med »

The article has nothing to do with the NSA. OP is a troll spreading FUD. His account was made today just to post this misinformation.

Pjotr wrote:
M0em wrote:
NSA_Dontspyoneme wrote:Linus Torvalds was quoted as saying the NSA came knocking at his door and wanted him to backdoor a bug into linux. He didnt say if he did or didnt.
Interesting, do you have a source for that?
https://www.youtube.com/watch?v=7gRsgkdfYJ8

Note that it's rather difficult to keep such a thing hidden in open source software....
You think that's a source? He was clearly joking.
Habitual
Level 13
Level 13
Posts: 4861
Joined: Sun Nov 21, 2010 8:31 pm
Location: 0.0.0.0

Re: Found, NSA backdoor into Linux Kernel

Post by Habitual »

altair4
Level 20
Level 20
Posts: 10309
Joined: Tue Feb 03, 2009 10:27 am

Re: Found, NSA backdoor into Linux Kernel

Post by altair4 »

Between the NSA, human DNA manipulation from space aliens, and systemd what's a fella to do?
Please add a [SOLVED] at the end of your original subject header if your question has been answered and solved.
Habitual
Level 13
Level 13
Posts: 4861
Joined: Sun Nov 21, 2010 8:31 pm
Location: 0.0.0.0

Re: Found, NSA backdoor into Linux Kernel

Post by Habitual »

altair4 wrote:Between the NSA, human DNA manipulation from space aliens, and systemd what's a fella to do?
Muldur and Scully are on the case.
gunvolt
Level 1
Level 1
Posts: 26
Joined: Mon Jan 04, 2016 11:38 pm

Re: Found, NSA backdoor into Linux Kernel

Post by gunvolt »

This is not a backdoor, it is a long-standing bug. It is totally impractical to exploit, taking hours on high-end hardware.
"If you use Windows or a Mac, you probably haven't looked hard enough for a good Linux distro"
-Me, right now
I'm weird. Meet me at quitter.se/gunvolt. Linux Mint, Midori browser, GNUSocial(AKA quitter) social network.
Post Reply

Return to “Software & Applications”