This story about Shellshock is the most important one of the week. Poking a big hole in the cloak of perceived invulnerability for Linux. And also impacts many accessories beyond the PC itself (e.g., IP cams, routers, etc).–PC Pitstop.
by Fox Van Allen for Techlicious
Security researchers from around the net are sounding the alarm over a recently discovered computer bug named Shellshock (Bash). It’s a massive security hole that’s arguably worse than the Heartbleed bug from earlier this year. Here’s what you need to know about this new threat, and what you need to know to stay protected from the fallout.
What is Shellshock (and Bash)?
Shellshock is a security hole located in a component of the Unix operating system called Bash that handles commands. Few computers these days run Unix itself – it’s an antiquated OS conceived many decades ago. But since Unix is the grandfather of the Linux and Mac OS X operating systems, they too contain the Shellshock Bash vulnerability. Nearly half of the webservers currently in operation run Linux, so that’s a very big problem.
The vulnerability would let hackers run virtually any command on the machine they want. A person could steal your personal and financial data from one of the many, many website servers that currently run a version of Linux. Or they could connect to your connected home network and turn on your Wi-fi home security camera (again, Linux-based) to spy on you. Or they could take over your MacBook. The possibilities are nearly endless, simply because the Shellshock bug can be exploited in so many ways.
This excerpt appears with the permission of Techlicious.