Whoops! Gain root in Ubuntu recovery mode
In the Live-CD/USB install of the popular Ubuntu and its derivatives, the installer easily automates the encryption of home folders - a good feature for security, especially on a laptop. Should your laptop ever get stolen, the thieves won't be able to pull the hard drive out of your computer and be able to grab your personal information off of it. At least, in theory.
Ubuntu and its derivatives by default do not give the root user a password, instead relying on the sudo command to perform tasks as an administrator. There are obvious benefits to this (a quick Google will give you a list), however this leaves open a massive loophole which effectively undermines any hard drive encryption. Without an explicit root password, a simple reboot of the computer into recovery mode will automatically boot into single user mode - as root.
HDD encryption only works to keep people who cannot log into your system from viewing your files. As soon as someone is able to boot the system and log in, the file system is mounted and the encrypted data becomes readable. As with many people, I have my browser save passwords to my email/blog/social media sites. These passwords are saved in each user's home folder, but in plain text. Should someone gain root privileges, they would be able to pull passwords for these sites and steal your online identity. Bad stuff, that!
I was luckily able to catch this loophole before I had my previous laptop stolen. My data was secured by explicitly adding a root password. Whenever anyone tries to reboot into recovery mode, they won't be able to get far before they are prompted to enter the root password - stopping would-be data thieves.
It is shocking that for a system touted for its laptop compatibility there is such a blaringly obvious security flaw. Hopefully Canonical takes step to inform users when installing, or lock down recovery mode more be default. In the meantime, if you have an Ubuntu laptop/mobile computer with an encrypted drive, you can remedy this security hole by entering the following command into terminal:
# become root user
sudo su
# now create a root password
passwd
And there you have it! Your mobile computer should now properly protect your sensitive information.
Ubuntu and its derivatives by default do not give the root user a password, instead relying on the sudo command to perform tasks as an administrator. There are obvious benefits to this (a quick Google will give you a list), however this leaves open a massive loophole which effectively undermines any hard drive encryption. Without an explicit root password, a simple reboot of the computer into recovery mode will automatically boot into single user mode - as root.
HDD encryption only works to keep people who cannot log into your system from viewing your files. As soon as someone is able to boot the system and log in, the file system is mounted and the encrypted data becomes readable. As with many people, I have my browser save passwords to my email/blog/social media sites. These passwords are saved in each user's home folder, but in plain text. Should someone gain root privileges, they would be able to pull passwords for these sites and steal your online identity. Bad stuff, that!
I was luckily able to catch this loophole before I had my previous laptop stolen. My data was secured by explicitly adding a root password. Whenever anyone tries to reboot into recovery mode, they won't be able to get far before they are prompted to enter the root password - stopping would-be data thieves.
It is shocking that for a system touted for its laptop compatibility there is such a blaringly obvious security flaw. Hopefully Canonical takes step to inform users when installing, or lock down recovery mode more be default. In the meantime, if you have an Ubuntu laptop/mobile computer with an encrypted drive, you can remedy this security hole by entering the following command into terminal:
# become root user
sudo su
# now create a root password
passwd
And there you have it! Your mobile computer should now properly protect your sensitive information.
Comments
Post a Comment