Using 14.04 fresh-updated Ubuntu for home PC. I guess I got backdoor and Im trying to find out how its possible.
I do not downloaded side apps. Using Ubuntu for browsing most all of the time.
So I have 2 version:
1) Compromised updated from Canonical (I know it sounds little paranoid but its possible?) 2) Im get backdoor after personal attack by substite my download queries on apps (from Muon Software Center or Updates) to stucked apps with backdoor on server/provider side or vpn-server side (im using vpn server from time to time).
I know its paranoid and Im not pro system guy, but I really want to know this. So my questions:

Is it possible?
What other ways I can got backdoor?


Please don't ask me why I think my system was compromised, lets think theoretically.



Also do I need to look out variant of bugged browser? Im asking because of root password...

It is OK to raise theoretical questions about the security of your distribution. Unfortunately your questions are not well organized. Shall I try and then let you clarify?

1. You wonder if Canonical has some sort of built in way to spy on a Ubuntu system.
2. You wonder if general web engagement by your computer can cause it to be compromised, and these concepts include: general browsing, performing updates, as well as applications using the web for status or reports to somewhere.
3. You generally wonder if the first two are possible and also what other possibilities exist.
4. Your final query is confusing and raises the topic of a bugged browser. Not understanding whether that means bugged as in surveillance, or bugged as in software bug.

For (1) Canonical has some built in ways to get reporting of what you do with Ubuntu, the impressions they foment are that this all has to do with the improvement of the product as a whole. You can determine what level of concern you have with that versus not. And these are the known things, you can find information about this on the web using general web searches. If there are things more well hidden, I'm sure it's possible and not beyond the scruples of companies, but in general when things become big, like Windows if they "hide" this stuff and then it comes out later that they did this, it's pretty bad PR. That all being said, and without looking it all up, I'd wonder how much it would matter versus not for something which is free. The only real way to deal with this concern is to not use it, right?

For (2) if you use Google, you probably already know that they use the cookies and all other stuff involved to determine your web browsing/searching trends and provide ads to your customized per your actions. Whether or not they have other intentions or share that information, .... well that's all couched in the legalese which you can read and I never do. There are threads about what web search facilities people use and in those threads many of them also discuss the privacy issues related to the various search engines; of which I think bing and google get some of the worst criticisms.

For (3) there are a whole variety of things which could expose your system. Some things to try are from another computer, see if you can "see" your Ubuntu system on the network, see if you can ssh to it using root with no password, see if you can ftp to it as anonymous, try some stuff like that. Read some of the network security for Unix books to learn ways invaders would crack into a system and see just how exposed versus not the distribution is. Read The Cuckoo's Egg and other similar books, definitely read other ones because the concepts in The Cuckoo's Egg are very old, like serial terminal/modem old, but still interesting. And almost ALL of the network stuff is still around today, ftp, tftp, telnet, ping, and etc.

For (4) sorry you'll have to clarify. If you're really paranoid about a "bugged browser" there's little ... "DON'T CLICK THERE!!!!" Sorry you were about to allow a dangerous script by clicking OK and that's just a bad idea .... I mean "FORGET about what I said!" "There's NO SUCH THING as a bugged browser!" "Statistical IMPOSSIBILITY!"

If someone at canonical behaves malicious, yes.

Ubuntu digitally sign their packages - like all large distributions do (I sure hope all do). The installer checks the signature with a public key which got on your computer while you installed ubuntu (Or checksums are checked, and a file containing the checksums is itself signed, and the signature is checked). An attacker who wants to sneak modified packages onto your system would have to sign their modified packages, which they cannot do without ubuntu's private key. So as long as

1) Your install medium was clean

2) Ubuntu keeps their private package signing keys private

3) You do not tamper with your apt-get in a way which makes it forget the signature check

4) Noone finds a fundamental way to break the applied public-private-key signing technic

You should be reasonably safe.

I found this: https://help.ubuntu.com/community/SecureApt

Be it any distro/version old or latest it has security bugs. See past security alerts from news site and you would ask such questions a little less.

Well we can minimize loss or chance of intrusion by keeping system updated and following good security practices.

A old but still relevant article for Linux OS's: Security Howto. Get it from tldp.

Found a big security hole in Ubuntu yesterday. Poking around in GRUB I went to Advanced options for Ubuntu and booted into recovery mode. From there, you can have root access and do whatever you wish from the command line!

You might also want to give this a read:
https://www.gnu.org/philosophy/ubuntu-spyware.html

This is not a "security hole" but rather a "recovery mode" allowing the system administrator to recover a broken system. In other words, it is a documented/intentional feature, not a bug you just discovered.

It is a security hole if:

1) Letting people have physical access to your system

2) Let them access BIOS

3) Not setting a BIOS boot password

4) Allowing a boot loader to boot arbitrary programs.

Edited: Read security-howto

These first three have nothing to do with GRUB's rescue mode, and are security basics.
Care to give an example here, of how you'd load an 'arbitrary' program via GRUB?
So reading a security how-to is a security hole?

the BEST way is this
" PEBKAC "

As the same thread played out similarly elsewhere I assert the OP is not willing to supply useful information, participate or solve a (perceived) problem. Thread closed.