Apparently, there’s a simple way to hack a Linux distro. Just hit backspace 28 times in a row and you’re in. This applies to systems that use Grub2 boatloader, which applies to pretty much all Linux distros. On bootup, you can bypass the lock screen by hitting backspace 28 times in a row, and it will send you to the grub rescue shell. Researchers say there is a bug that creates a memory error leak, which in turn opens up a rescue shell. You’ll need physical access to the keyboard to take advantage of this bug. Ubuntu, Redhat and Debian have already release patches, so you’re out of luck.
Security experts are bracing for the impact of Heartbleed. It’s going to be painful for both companies and users alike. No one knows for sure how much data was compromised. The list of potential sites affected is long and distinguished. Any site using OpenSSL is vulnerable. Some security experts are saying to wait before changing passwords until security admins have patched their servers. You don’t want to change passwords twice. Like it or not, we may be forced to change passwords sooner than we think.
Since switching back to Ubuntu 10.04.3 LTS, I had one annoying issue with the Bluefish editor. When I double click on a PHP document, the Bluefish editor should automatically display the file. Instead, Bluefish launches a blank document.
Opening a file inside Bluefish, once it has launched, however, is not a problem. Blaming everything on Bluefish is unfair. The bug may be due to Nautilus. See discussion here. I call it a workaround because it fixes the issue, but it also creates another one. It disables opening up project files when launched.
If you don’t use project files, then by all means, use this workaround. This fix involves editing the command line options for Bluefish. Go to System > Preferences > Main Menu. You will find two Bluefish icons under Programming and Other.
Edit the command line option for the Bluefish icon under Other. Change it from bluefish -n -p %f to bluefish %F. See snapshot below. The two Bluefish icons should now have the same command line options, which is, bluefish %F.
I can now open files in Bluefish by double clicking a PHP file from within Nautilus. It’s no longer a blank document. Once again, this is workaround. It will disable opening up project files. I don’t use it, which is fine by me.
Just when you thought it was safe to back into social media, there could be one as terrible as Facebook. Today, a software bug allowed Facebook users to view their friends private chat sessions. Very nice. How juicy. The same bug also allowed users to see their friends pending friends requests.
Well, this one is not so bad and juicy as reading other people’s chat messages. Nevertheless, it’s a security hole that was open for a limited time before Facebook turned off its instant messaging service. I predict it won’t be the last time. As Facebook grows in users and complexity, there’s great potential for a slip up like today.
If you’re worried about privacy, don’t place anything online that can get you in trouble.