WEBVTT Kind: captions Language: en 00:00:01.680 --> 00:00:03.669 align:start position:0% covering<00:00:02.080> the<00:00:02.240> week's<00:00:02.560> top<00:00:02.800> tech<00:00:02.960> stores 00:00:03.669 --> 00:00:03.679 align:start position:0% covering the week's top tech stores 00:00:03.679 --> 00:00:06.869 align:start position:0% covering the week's top tech stores with<00:00:03.919> a<00:00:04.160> slight<00:00:04.720> linux<00:00:05.120> bias<00:00:05.920> ubuntu<00:00:06.640> has 00:00:06.869 --> 00:00:06.879 align:start position:0% with a slight linux bias ubuntu has 00:00:06.879 --> 00:00:08.790 align:start position:0% with a slight linux bias ubuntu has fixed<00:00:07.200> a<00:00:07.279> handful<00:00:07.759> of<00:00:07.839> bugs<00:00:08.160> that<00:00:08.400> standard 00:00:08.790 --> 00:00:08.800 align:start position:0% fixed a handful of bugs that standard 00:00:08.800 --> 00:00:11.270 align:start position:0% fixed a handful of bugs that standard users<00:00:09.280> could<00:00:09.519> use<00:00:09.840> to<00:00:10.000> become<00:00:10.400> root 00:00:11.270 --> 00:00:11.280 align:start position:0% users could use to become root 00:00:11.280 --> 00:00:13.589 align:start position:0% users could use to become root ubuntu<00:00:11.840> developers<00:00:12.480> have<00:00:12.799> fixed<00:00:13.120> a<00:00:13.200> series<00:00:13.519> of 00:00:13.589 --> 00:00:13.599 align:start position:0% ubuntu developers have fixed a series of 00:00:13.599 --> 00:00:15.270 align:start position:0% ubuntu developers have fixed a series of vulnerabilities<00:00:14.320> that<00:00:14.480> made<00:00:14.719> it<00:00:14.880> easy<00:00:15.120> for 00:00:15.270 --> 00:00:15.280 align:start position:0% vulnerabilities that made it easy for 00:00:15.280 --> 00:00:17.269 align:start position:0% vulnerabilities that made it easy for standard<00:00:15.679> users<00:00:15.920> to<00:00:16.080> gain<00:00:16.400> coveted 00:00:17.269 --> 00:00:17.279 align:start position:0% standard users to gain coveted 00:00:17.279 --> 00:00:19.750 align:start position:0% standard users to gain coveted root<00:00:17.600> privileges<00:00:18.800> kevin<00:00:19.119> backhouse<00:00:19.680> a 00:00:19.750 --> 00:00:19.760 align:start position:0% root privileges kevin backhouse a 00:00:19.760 --> 00:00:21.670 align:start position:0% root privileges kevin backhouse a researcher<00:00:20.320> at<00:00:20.400> github<00:00:20.880> wrote<00:00:21.119> in<00:00:21.279> a<00:00:21.359> post 00:00:21.670 --> 00:00:21.680 align:start position:0% researcher at github wrote in a post 00:00:21.680 --> 00:00:23.189 align:start position:0% researcher at github wrote in a post published<00:00:22.080> last<00:00:22.400> tuesday 00:00:23.189 --> 00:00:23.199 align:start position:0% published last tuesday 00:00:23.199 --> 00:00:24.870 align:start position:0% published last tuesday with<00:00:23.439> a<00:00:23.519> few<00:00:23.840> simple<00:00:24.160> commands<00:00:24.640> in<00:00:24.720> the 00:00:24.870 --> 00:00:24.880 align:start position:0% with a few simple commands in the 00:00:24.880 --> 00:00:26.870 align:start position:0% with a few simple commands in the terminal<00:00:25.439> and<00:00:25.599> a<00:00:25.680> few<00:00:26.000> mouse<00:00:26.320> clicks 00:00:26.870 --> 00:00:26.880 align:start position:0% terminal and a few mouse clicks 00:00:26.880 --> 00:00:28.470 align:start position:0% terminal and a few mouse clicks a<00:00:27.119> standard<00:00:27.519> user<00:00:27.760> can<00:00:28.000> create<00:00:28.320> an 00:00:28.470 --> 00:00:28.480 align:start position:0% a standard user can create an 00:00:28.480 --> 00:00:31.029 align:start position:0% a standard user can create an administrator<00:00:29.199> account<00:00:29.599> for<00:00:29.840> themselves 00:00:31.029 --> 00:00:31.039 align:start position:0% administrator account for themselves 00:00:31.039 --> 00:00:32.790 align:start position:0% administrator account for themselves the<00:00:31.199> first<00:00:31.439> series<00:00:31.760> of<00:00:31.840> commands<00:00:32.320> triggered<00:00:32.719> a 00:00:32.790 --> 00:00:32.800 align:start position:0% the first series of commands triggered a 00:00:32.800 --> 00:00:35.190 align:start position:0% the first series of commands triggered a denial<00:00:33.280> of<00:00:33.520> service<00:00:33.920> bug<00:00:34.239> in<00:00:34.399> daemons<00:00:34.880> used<00:00:35.120> to 00:00:35.190 --> 00:00:35.200 align:start position:0% denial of service bug in daemons used to 00:00:35.200 --> 00:00:37.590 align:start position:0% denial of service bug in daemons used to manage<00:00:35.600> user<00:00:36.000> accounts<00:00:36.480> on<00:00:36.640> the<00:00:36.719> computer 00:00:37.590 --> 00:00:37.600 align:start position:0% manage user accounts on the computer 00:00:37.600 --> 00:00:39.830 align:start position:0% manage user accounts on the computer when<00:00:37.840> done<00:00:38.079> correctly<00:00:38.559> ubuntu<00:00:39.040> would<00:00:39.200> restart 00:00:39.830 --> 00:00:39.840 align:start position:0% when done correctly ubuntu would restart 00:00:39.840 --> 00:00:41.590 align:start position:0% when done correctly ubuntu would restart and<00:00:40.000> open<00:00:40.239> a<00:00:40.320> window<00:00:40.719> that<00:00:40.879> allowed<00:00:41.200> the<00:00:41.280> user 00:00:41.590 --> 00:00:41.600 align:start position:0% and open a window that allowed the user 00:00:41.600 --> 00:00:43.030 align:start position:0% and open a window that allowed the user to<00:00:41.760> create<00:00:42.079> a<00:00:42.160> new<00:00:42.399> account 00:00:43.030 --> 00:00:43.040 align:start position:0% to create a new account 00:00:43.040 --> 00:00:45.350 align:start position:0% to create a new account that<00:00:43.280> had<00:00:43.520> root<00:00:43.760> privileges<00:00:44.879> this<00:00:45.120> is<00:00:45.200> the 00:00:45.350 --> 00:00:45.360 align:start position:0% that had root privileges this is the 00:00:45.360 --> 00:00:46.790 align:start position:0% that had root privileges this is the setup<00:00:45.680> screen<00:00:46.000> that<00:00:46.079> you<00:00:46.160> would<00:00:46.320> normally<00:00:46.640> see 00:00:46.790 --> 00:00:46.800 align:start position:0% setup screen that you would normally see 00:00:46.800 --> 00:00:48.310 align:start position:0% setup screen that you would normally see when<00:00:47.039> you're<00:00:47.200> installing<00:00:47.600> ubuntu<00:00:48.079> for<00:00:48.239> the 00:00:48.310 --> 00:00:48.320 align:start position:0% when you're installing ubuntu for the 00:00:48.320 --> 00:00:49.510 align:start position:0% when you're installing ubuntu for the first<00:00:48.640> time 00:00:49.510 --> 00:00:49.520 align:start position:0% first time 00:00:49.520 --> 00:00:51.270 align:start position:0% first time it<00:00:49.680> means<00:00:49.920> that<00:00:50.079> junior<00:00:50.480> is<00:00:50.640> able<00:00:50.800> to<00:00:50.879> create<00:00:51.199> a 00:00:51.270 --> 00:00:51.280 align:start position:0% it means that junior is able to create a 00:00:51.280 --> 00:00:52.869 align:start position:0% it means that junior is able to create a new<00:00:51.520> user<00:00:51.840> account<00:00:52.160> for<00:00:52.320> himself 00:00:52.869 --> 00:00:52.879 align:start position:0% new user account for himself 00:00:52.879 --> 00:00:54.150 align:start position:0% new user account for himself and<00:00:53.039> this<00:00:53.199> time<00:00:53.440> it's<00:00:53.600> going<00:00:53.760> to<00:00:53.840> be<00:00:54.000> an 00:00:54.150 --> 00:00:54.160 align:start position:0% and this time it's going to be an 00:00:54.160 --> 00:00:58.470 align:start position:0% and this time it's going to be an administrator<00:00:56.840> account 00:00:58.470 --> 00:00:58.480 align:start position:0% administrator account 00:00:58.480 --> 00:01:01.510 align:start position:0% administrator account all<00:00:58.719> done<00:01:00.079> so<00:01:00.239> now<00:01:00.559> he<00:01:00.719> just<00:01:00.960> has<00:01:01.120> to<00:01:01.199> wait<00:01:01.440> a 00:01:01.510 --> 00:01:01.520 align:start position:0% all done so now he just has to wait a 00:01:01.520 --> 00:01:05.030 align:start position:0% all done so now he just has to wait a few<00:01:01.680> more<00:01:01.920> seconds 00:01:05.030 --> 00:01:05.040 align:start position:0% 00:01:05.040 --> 00:01:08.070 align:start position:0% and<00:01:05.199> he's<00:01:05.439> in<00:01:06.880> here<00:01:07.200> he's<00:01:07.439> going<00:01:07.600> to<00:01:07.680> quickly 00:01:08.070 --> 00:01:08.080 align:start position:0% and he's in here he's going to quickly 00:01:08.080 --> 00:01:09.910 align:start position:0% and he's in here he's going to quickly open<00:01:08.320> a<00:01:08.400> terminal<00:01:08.799> again<00:01:09.119> so<00:01:09.280> that<00:01:09.360> he<00:01:09.520> can<00:01:09.680> run 00:01:09.910 --> 00:01:09.920 align:start position:0% open a terminal again so that he can run 00:01:09.920 --> 00:01:12.070 align:start position:0% open a terminal again so that he can run id<00:01:10.320> to<00:01:10.479> show<00:01:10.720> that<00:01:10.880> the<00:01:11.040> new<00:01:11.280> account 00:01:12.070 --> 00:01:12.080 align:start position:0% id to show that the new account 00:01:12.080 --> 00:01:14.469 align:start position:0% id to show that the new account called<00:01:12.400> indiana<00:01:13.360> is<00:01:13.520> an<00:01:13.680> administrator 00:01:14.469 --> 00:01:14.479 align:start position:0% called indiana is an administrator 00:01:14.479 --> 00:01:15.990 align:start position:0% called indiana is an administrator account 00:01:15.990 --> 00:01:16.000 align:start position:0% account 00:01:16.000 --> 00:01:17.830 align:start position:0% account so<00:01:16.159> there<00:01:16.479> you<00:01:16.640> can<00:01:16.799> see<00:01:16.960> that<00:01:17.200> indiana<00:01:17.680> is<00:01:17.759> in 00:01:17.830 --> 00:01:17.840 align:start position:0% so there you can see that indiana is in 00:01:17.840 --> 00:01:19.590 align:start position:0% so there you can see that indiana is in the<00:01:18.000> sudo<00:01:18.400> group<00:01:18.720> which<00:01:18.960> means<00:01:19.119> that<00:01:19.280> he's<00:01:19.520> an 00:01:19.590 --> 00:01:19.600 align:start position:0% the sudo group which means that he's an 00:01:19.600 --> 00:01:20.630 align:start position:0% the sudo group which means that he's an administrator 00:01:20.630 --> 00:01:20.640 align:start position:0% administrator 00:01:20.640 --> 00:01:22.310 align:start position:0% administrator the<00:01:20.799> second<00:01:21.119> bug<00:01:21.520> involved<00:01:21.920> in<00:01:22.000> the<00:01:22.080> hack 00:01:22.310 --> 00:01:22.320 align:start position:0% the second bug involved in the hack 00:01:22.320 --> 00:01:24.789 align:start position:0% the second bug involved in the hack resided<00:01:22.880> in<00:01:22.960> the<00:01:23.119> gnome<00:01:23.439> display<00:01:23.840> manager 00:01:24.789 --> 00:01:24.799 align:start position:0% resided in the gnome display manager 00:01:24.799 --> 00:01:27.030 align:start position:0% resided in the gnome display manager which<00:01:25.040> among<00:01:25.360> other<00:01:25.600> things<00:01:26.080> manages<00:01:26.640> user 00:01:27.030 --> 00:01:27.040 align:start position:0% which among other things manages user 00:01:27.040 --> 00:01:29.350 align:start position:0% which among other things manages user sessions<00:01:27.600> and<00:01:27.840> the<00:01:28.000> login<00:01:28.400> screen 00:01:29.350 --> 00:01:29.360 align:start position:0% sessions and the login screen 00:01:29.360 --> 00:01:31.270 align:start position:0% sessions and the login screen the<00:01:29.520> display<00:01:30.000> manager<00:01:30.479> also<00:01:30.720> triggers<00:01:31.119> the 00:01:31.270 --> 00:01:31.280 align:start position:0% the display manager also triggers the 00:01:31.280 --> 00:01:33.270 align:start position:0% the display manager also triggers the initial<00:01:31.600> setup<00:01:31.920> of<00:01:32.000> the<00:01:32.159> os<00:01:32.560> when<00:01:32.720> it<00:01:32.799> detects 00:01:33.270 --> 00:01:33.280 align:start position:0% initial setup of the os when it detects 00:01:33.280 --> 00:01:35.910 align:start position:0% initial setup of the os when it detects no<00:01:33.600> users<00:01:34.079> currently<00:01:34.560> exist 00:01:35.910 --> 00:01:35.920 align:start position:0% no users currently exist 00:01:35.920 --> 00:01:37.590 align:start position:0% no users currently exist since<00:01:36.159> it<00:01:36.240> verifies<00:01:36.799> whether<00:01:37.119> an<00:01:37.200> account 00:01:37.590 --> 00:01:37.600 align:start position:0% since it verifies whether an account 00:01:37.600 --> 00:01:39.270 align:start position:0% since it verifies whether an account exists<00:01:37.920> or<00:01:38.079> not<00:01:38.240> by<00:01:38.479> asking 00:01:39.270 --> 00:01:39.280 align:start position:0% exists or not by asking 00:01:39.280 --> 00:01:41.350 align:start position:0% exists or not by asking accounts<00:01:39.759> damon<00:01:40.159> if<00:01:40.320> that<00:01:40.560> damon<00:01:40.880> is<00:01:41.040> locked 00:01:41.350 --> 00:01:41.360 align:start position:0% accounts damon if that damon is locked 00:01:41.360 --> 00:01:43.670 align:start position:0% accounts damon if that damon is locked up<00:01:41.680> it<00:01:41.759> will<00:01:41.920> think<00:01:42.159> there<00:01:42.399> are<00:01:42.479> no<00:01:42.720> accounts 00:01:43.670 --> 00:01:43.680 align:start position:0% up it will think there are no accounts 00:01:43.680 --> 00:01:45.510 align:start position:0% up it will think there are no accounts the<00:01:43.840> vulnerabilities<00:01:44.720> could<00:01:44.880> be<00:01:45.040> triggered 00:01:45.510 --> 00:01:45.520 align:start position:0% the vulnerabilities could be triggered 00:01:45.520 --> 00:01:47.350 align:start position:0% the vulnerabilities could be triggered only<00:01:45.759> when<00:01:46.000> someone<00:01:46.320> had<00:01:46.560> access<00:01:46.960> to 00:01:47.350 --> 00:01:47.360 align:start position:0% only when someone had access to 00:01:47.360 --> 00:01:49.590 align:start position:0% only when someone had access to and<00:01:47.520> a<00:01:47.600> valid<00:01:47.920> account<00:01:48.399> on<00:01:48.880> a<00:01:49.040> vulnerable 00:01:49.590 --> 00:01:49.600 align:start position:0% and a valid account on a vulnerable 00:01:49.600 --> 00:01:50.789 align:start position:0% and a valid account on a vulnerable machine 00:01:50.789 --> 00:01:50.799 align:start position:0% machine 00:01:50.799 --> 00:01:52.950 align:start position:0% machine it<00:01:50.960> worked<00:01:51.280> only<00:01:51.520> on<00:01:51.840> desktop<00:01:52.320> versions<00:01:52.799> of 00:01:52.950 --> 00:01:52.960 align:start position:0% it worked only on desktop versions of 00:01:52.960 --> 00:01:54.149 align:start position:0% it worked only on desktop versions of ubuntu 00:01:54.149 --> 00:01:54.159 align:start position:0% ubuntu 00:01:54.159 --> 00:01:57.109 align:start position:0% ubuntu maintainers<00:01:54.720> of<00:01:54.799> the<00:01:55.360> open<00:01:55.680> source<00:01:56.000> ubuntu<00:01:56.560> os 00:01:57.109 --> 00:01:57.119 align:start position:0% maintainers of the open source ubuntu os 00:01:57.119 --> 00:01:58.069 align:start position:0% maintainers of the open source ubuntu os patched<00:01:57.439> the<00:01:57.600> bugs 00:01:58.069 --> 00:01:58.079 align:start position:0% patched the bugs 00:01:58.079 --> 00:02:01.270 align:start position:0% patched the bugs last<00:01:58.399> week<00:01:59.439> big<00:01:59.680> thanks<00:01:59.920> to<00:02:00.079> roy<00:02:00.320> w<00:02:00.719> nash<00:02:01.119> and 00:02:01.270 --> 00:02:01.280 align:start position:0% last week big thanks to roy w nash and 00:02:01.280 --> 00:02:02.950 align:start position:0% last week big thanks to roy w nash and our<00:02:01.439> community<00:02:01.920> of<00:02:02.000> viewers<00:02:02.399> for<00:02:02.560> submitting 00:02:02.950 --> 00:02:02.960 align:start position:0% our community of viewers for submitting 00:02:02.960 --> 00:02:04.550 align:start position:0% our community of viewers for submitting stories<00:02:03.360> to<00:02:03.520> us<00:02:03.680> this<00:02:03.840> week 00:02:04.550 --> 00:02:04.560 align:start position:0% stories to us this week 00:02:04.560 --> 00:02:06.469 align:start position:0% stories to us this week thanks<00:02:04.799> for<00:02:04.960> watching<00:02:05.280> the<00:02:05.439> category<00:02:05.920> 5<00:02:06.240> dot 00:02:06.469 --> 00:02:06.479 align:start position:0% thanks for watching the category 5 dot 00:02:06.479 --> 00:02:09.029 align:start position:0% thanks for watching the category 5 dot tv<00:02:06.880> newsroom<00:02:07.759> don't<00:02:08.000> forget<00:02:08.319> to<00:02:08.479> like<00:02:08.879> and 00:02:09.029 --> 00:02:09.039 align:start position:0% tv newsroom don't forget to like and 00:02:09.039 --> 00:02:11.110 align:start position:0% tv newsroom don't forget to like and subscribe<00:02:09.520> for<00:02:09.759> all<00:02:09.840> your<00:02:10.080> tech<00:02:10.319> news<00:02:10.640> with<00:02:10.879> a 00:02:11.110 --> 00:02:11.120 align:start position:0% subscribe for all your tech news with a 00:02:11.120 --> 00:02:12.630 align:start position:0% subscribe for all your tech news with a slight<00:02:11.440> linux<00:02:11.840> bias 00:02:12.630 --> 00:02:12.640 align:start position:0% slight linux bias 00:02:12.640 --> 00:02:14.550 align:start position:0% slight linux bias and<00:02:12.800> if<00:02:12.959> you<00:02:13.120> appreciate<00:02:13.599> what<00:02:13.840> we<00:02:14.000> do<00:02:14.239> become 00:02:14.550 --> 00:02:14.560 align:start position:0% and if you appreciate what we do become 00:02:14.560 --> 00:02:16.869 align:start position:0% and if you appreciate what we do become a<00:02:14.720> patron<00:02:15.200> at<00:02:15.480> patreon.com 00:02:16.869 --> 00:02:16.879 align:start position:0% a patron at patreon.com 00:02:16.879 --> 00:02:19.510 align:start position:0% a patron at patreon.com category<00:02:17.440> five<00:02:18.239> from<00:02:18.480> the<00:02:18.560> category<00:02:19.040> five<00:02:19.280> dot 00:02:19.510 --> 00:02:19.520 align:start position:0% category five from the category five dot 00:02:19.520 --> 00:02:23.010 align:start position:0% category five from the category five dot tv<00:02:20.000> newsroom<00:02:20.560> i'm<00:02:20.800> becca<00:02:21.120> ferguson 00:02:23.010 --> 00:02:23.020 align:start position:0% tv newsroom i'm becca ferguson 00:02:23.020 --> 00:02:48.550 align:start position:0% tv newsroom i'm becca ferguson [Music] 00:02:48.550 --> 00:02:48.560 align:start position:0% 00:02:48.560 --> 00:02:57.030 align:start position:0% [Music] 00:02:57.030 --> 00:02:57.040 align:start position:0% 00:02:57.040 --> 00:02:59.120 align:start position:0% you