this post was submitted on 05 Feb 2024
58 points (79.6% liked)
Linux
48053 readers
738 users here now
From Wikipedia, the free encyclopedia
Linux is a family of open source Unix-like operating systems based on the Linux kernel, an operating system kernel first released on September 17, 1991 by Linus Torvalds. Linux is typically packaged in a Linux distribution (or distro for short).
Distributions include the Linux kernel and supporting system software and libraries, many of which are provided by the GNU Project. Many Linux distributions use the word "Linux" in their name, but the Free Software Foundation uses the name GNU/Linux to emphasize the importance of GNU software, causing some controversy.
Rules
- Posts must be relevant to operating systems running the Linux kernel. GNU/Linux or otherwise.
- No misinformation
- No NSFW content
- No hate speech, bigotry, etc
Related Communities
Community icon by Alpár-Etele Méder, licensed under CC BY 3.0
founded 5 years ago
MODERATORS
you are viewing a single comment's thread
view the rest of the comments
view the rest of the comments
I was more looking for a functional reason, not just a "cos I said so" from the employer.
I thought maybe some of you work in cybersec had a real answer or a cve/attack vector etc.
One doesn't need to work in cybersec to know that the vast majority of attacks work because the targeted users have personal dum-dum moments.
You might need to, to know the windows partition has bitlocker (if the cybersec is worth their salt) of which is opened at windows login with a password.
So again, how is this accessed by the Linux partition?
Really just wanting to know how you see this happening... Presumably info being leaked from the work partition...
Here's a scenario for you. His laptop running his linux os gets hacked. Said hacker discovers another drive with windows or an encrypted partition. Now he could sit there and try and de-encrypt it, or if he has the time and inclination just completely overwrite it with whatever he wanted. OP finishes what he is doing and reboots back into what he expects to be his work provided Windows OS, and sees some error message, or maybe nothing at all. In the background the hackers OS which is now running just leads him on while it's doing what it needs to do, like scanning the network it might be connected to. Or prompting him for a id/pw.
Regardless, the linux os will have access to the drive the Windows os is loaded onto. Now what happens to it may or may not be relevant, but it will be a writeable drive, therefore it will be suspect to manipulation.
I'll come along with your scenario just for fun.
the decrypt part. Yes granted! But heavy workload
the overwrite stuff. Yes could be dd'd but this is like an nvme drive frying itself by itself. Not uncommon, eg a user spills coffee on the machine.
writeable. AFAIK with bitlocker they are hashed and salted and therefore would be corrupted if you opened again with manipulated data.
the phishing os, yes a possibility, but would need to be very spear fishing orientated to get the same profile photo, username etc, and then it would still be empty.
if you connect to wired company network, totally compromised. I am 100% remote so this one skipped me, but yes this one is completely cooked.
Thanks for saying an actual scenario also, most were like hurr dürr, don't do it.
No problem. This part right here might be enough to cause concern. Lets say it isn't a hacker, but just someone dicking around with his linux os, and manages to accidentally write to the bitlocker drive. I don't know enough about bitlocker, but writing random data to an encrypted file is a great way to corrupt it. So if nothing else he could possibly corrupt his work os. And then hope that they buy the old "I don't know how it broke."
When I was making this all up in my head, I was thinking that if I was a hacker and wanted to just mess with people, I wouldn't need to write a huge os, just overwrite his os with something like a DBAN iso. Something small, but again any tampering with the drive would likely invalidate the bitlocked os. So even just a dd if=/dev/zero of=/dev/{os drive} and that's all she wrote.
It's all true, but the deleting of data is so common from the simple coffee on laptop trick that you'd think if your work was that important you've already got it setup with Dropbox/one drive on My Documents for the non-eng types and git for the rest.
Can't lose too much.
I was more worried the data would get out, not corrupted.
Excuse my lack of cybersex knowledge, but if you plug in an infected appendage to a hub, then can't that hub become infected as well and pass along the STI to any other appendage plugged in?
Far as I remember, wearing a condom isn't a guaranteed protection against infections.
If OP, freed from the confines of the corporate security suite, happens to get infected with a firmware or boot partition malware...
And by the way kids, lets just say he causes a breach in some way, shape, or fashion, this could go from him just trying to get to the internet on his work provided laptop to him facing jail time. Depending on the nature of his work and the data they have, it could be a law that ends up broken and he could face the consequences. None of that is worth it when he could literally buy a new laptop for cheap. I bet it's less than the hourly rate for the lawyer he might need.
I get what you're asking, but this seems akin to stealing an ATM and then when the bank calls the cops you ask "but how would I even get inside? This is thick steel, there's no way to get the money out of there without using my debit card anyway so idk what the big deal is."
Like you're not entirely wrong, but for one thing the bank has every reason to suspect you might try to break in anyway. But more importantly, stealing it is a crime in and of itself. So the "because the employer said so" angle is absolutely valid here and more than enough reason to not do this because trying to load a separate OS that will give you root privileges to the device is shady af and will 100% violate whatever contract OP had to sign before they were given that laptop unless their IT dept is completely incompetent.