Some (Linux) Bugs Have All the Fun


Bugs happen.

Every minute of every hour of every day, software bugs are hard at work, biting computer users in the proverbial posterior. Many of them go unnoticed (the bugs, not the posteriors). More still rise to the illustrious level of "bugs that are minor annoyances".

Yet sometimes, when the stars align just so, a bug manifests itself in a truly glorious way. And when I say "glorious", I mean "utterly destructive and soul-obliterating". Nowhere are these bugs more insidious than when they are within the operating systems (and key components) themselves.

Case in point: an October 2018 bug in an update for Windows 10 caused entire user folders to be deleted. Documents? Gone. Pictures? Like they never existed at all. This was a singular OS update that vaporized files from low-Earth orbit.

After that bug impacted roughly 1,500 Windows 10 users—before it even hit widespread distribution—Microsoft pulled the update entirely.

Then, after the engineering team in Redmond thoroughly tested and fixed this gnarly bug, they did the only obvious thing: re-release the system update—with another file-destroying issue. This time it was in their un-zip functionality. More files lost to the sands of time.

Seriously. That actually happened.

Things aren't necessarily that much better over in Apple land, either.

A little more than a year ago—at the end of November 2017—a bug occurred in Mac OS X (yeah, I know they've renamed it "macOS", but I'm stubborn and I'll call it what I want) that allowed anyone to gain root access to any Macintosh (running the latest version of the OS) by following these extremely complex steps:

  1. Turn on a Macintosh.
  2. Type root as the user name and leave the password blank.
  3. Press Enter.

I know. I know. That'll be hard to remember, right?

To Apple's credit, the company did manage to release a system update rather quickly, thus minimizing the potential damage. But, just the same, I'd say that one calls for a "yikes"—possibly even an "oh, dear".

As satisfying as it is to make fun of Microsoft and Apple—and, boy howdy, is it ever—we in the Linux (and general Free and Open-Source Software world) are not immune from highly embarrassing, crazy destructive bugs and security vulnerabilities.

What follows are two that I find rather interesting. One is a remote exploit that had serious ramifications. The other is a local security bug that, well, I find amusing.

Note: there are lots of bugs—more than likely can be cataloged—in every system on the planet. These are just the two that I picked.

For the first one, let's travel back to the year 2014—September 24th, to be precise. Taylor Swift and Meghan Trainor were dominating the radio. The Guardians of the Galaxy were busy doing their galaxy-guarding thing.

And ShellShock was unveiled to the world: a "privilege escalation" bug (or rather, a series of related bugs) in Bash that allowed commands to be executed...that should not be accessible to that shell instance. Obviously, that's a bad thing.

Although technically not Linux-specific (it impacted multiple systems that utilize the Bash shell), Linux was (due to its popularity in internet-facing servers) the system that got the bulk of the attention.

By the next day, September 25, 2014, attacks already were occurring that took advantage of ShellShock, including botnets targeted at critical web infrastructure and the United States Department of Defense.

Thanks to the hard work of the Bash maintainers, along with those working on various Linux distributions, the bug was patched, and the patch was released within two to three days for all the major Linux systems. Apple, who also was impacted by ShellShock, managed to release fixes a few days later.

Although these sorts of issues are never fun—and don't make anyone look good—at least we can take comfort in the fact that we (in the Linux world) patched our systems before Apple did. Gotta take pleasure in the little things in life.

This next bug ranks in as my favorite Linux bug of all time. (Yes, I have a favorite bug. And, yes, I agree, that's odd.) It goes a little something like this.

Picture yourself in December 2015, sitting in front of your lovely computer, running any of a variety of major distributions.

You turn that lovely machine on and get to the Grub (Grub2, to be precise) menu. Hit backspace. Then hit backspace again. In fact, hit backspace 26 more times (28 in total), and boom—you're entered into a rescue shell.

What can you do in said rescue shell? Well, as it turns out, just about anything you can dream up, including, but not limited to, loading a custom Linux kernel (providing the opportunity to rootkit the main system), deleting all manner of data and even deleting Grub itself.

But, don't worry, this impacted only any version of Grub between 2009 and 2015—so, you know, six years worth of Linux distributions (including desktops, servers, mobile devices and embedded systems). Or, as I like to call it, "Just about every important, and not-so-important, computer on Earth." No biggie.

Once again, the maintainers of the major Linux distributions were right on the case—most with fixes pushed out to their repositories within days (if not hours) of the exploit being released to the public.

If you are somewhat new to the wonderful world of Linux and, thus, didn't get to live through those fun moments in time, never fear. If I've learned anything about software, it's this: There'll always be more bugs. And, going on odds, the ones next year will be more destructive than the last crop.

Let's just hope they're at least as entertaining as hitting backspace 28 times.