Is having everything be so easy a good thing?
 

The other day my grandma forgot the password to her lubuntu account (a wonder she didn't forget where the power button was) and called me and asked me to find it. In under 3 minutes I got the password reset without any prior Knowalge of the accounts, setup a new administrator account found the other username and reset te password. Is it really good to have this kind of stuff be easy?

yes. you are trusted to get physical access to that location and the equipment there, so what's the problem? There are further methods you could take to secure it, but if you could plain steal the machine outright, does it matter? You couldn't have done that remotely as easy, and to have gained local access without permission you would have had to presumably break various property laws, and others.

This is an everyday, real-world admin task (as I type this, someone, somewhere, has just forgotten their password), so why would you intentionally make it more difficult? :)

While it is not a difficult task to reset a password the entire Ubuntu family makes it even easier by taking you straight to a root prompt if you boot to recovery mode.

Under Debian, the base for Ubuntu, you need to use the root password to get the root prompt. This makes a lot more sense.

Why on earth, in this day of portable devices, would you make this process easier?

Obviously I think it is stupidly easy to change the user password under Ubuntu. Filed a bug on it and got plenty of abuse on the UFs.

Bug will not be fixed. This is a feature not a bug. Piss pour feature.

It is a false sense of security because GRUB can be edited in Debian (or any other distro really) to recovery mode with no password. (For that matter, you can boot with a live CD/USB and get the data that way.) Ubuntu just removes the mental hurdle of assuming their users will remember the GRUB code, so they put the recovery mode option right there in the menu.

If you are talking about a public enterprise or kiosk type of deal, then I think the assumption is that the deployment admin will choose the appropriate security measures for physical access/BIOS password/GRUB password/user accounts/root password vs. sudo, making the decisions that work best for the situation.

For a portable device, the only solution that makes sense is encryption. Obfuscating GRUB features is not a solution for leaving unencrypted data lying around in a public place!

Yes grub can be editted to take you to recovery. This is not the point.

The point is that Ubuntu does not reqire a password to change the password. Distros with a root password require the use of that password to change the user password.

Ubuntu just assumes the user is an idiot and has nothing of value on the box. Therefore why bother with even the most simple security arrangements.

Personally I think that all Ubuntu users should log in as root, with auto login just to make things easier for everyone.

I think the point here is that you don't properly understand the ubuntu security model. Your advice does not make sense. Obviously the last line is a joke, but it's not a logical reduction of the security that Ubuntu provides.

My take on it is that on a home computer the reason for a seperate root account and the subsequent need to sudo and enter a password is to prevent an automated install of malware. I agree that this isn't much like the old user/root relationship which was probably expected for unix and Linux but, then, multi user computers are rare enough nowadays that they are not really the norm.
As for Ubuntu being worse, I thought that you used to be able start most distros in single user and reset the root password anyhow? I also agree that unless you encrypt your hard drive any passwords asked for on a portable device are largely irrelevant as far as security goes.

Root is not a bad person! Personally I think loging In as root is OK as long as you look at where you are and have a script replacement for rm that conferms the removal. But that's not the point.
I just saw a hole, and if grub can be edited to do that on any distro, linux is a disaster waiting to happen, the reason there are no hacks? We have too little market share. If Linux is to catch on this will need to be fixed, but again not the point.
With this, is there a way to install a dedicated bootloder (Like Window's) to skip grub all together?

I think I understand quite well that after several years of folks complaining about the recovery mode menu which gave just such a pass to anyone booting to it that Debian finally dropped it.

This was a good thing.

Ubuntu hung on to it but would not maintain it separately from the base they get from upstream. So they decided to simply remove the need for a root password, something they have never used and have no desire to do so now. So now you don't have the simple for noobs menu and you have no more security.

The menu system could quite rightly be called a security hole from upstream. This implimentation of what has now come from upstream can only be laid directly at the feet of Canonical and Ubuntu.

Grub is not the problem.

The problem is that Ubuntu uses grub on a system that is supposed to have a root password. When you boot to recovery on Debian you do not get met with a root prompt.

You get met with the option of giving the root password or returning to normal login as a user.

There are ways to get into any system. Ubuntu just chooses to make it very very simple.

Take it up with them. I already have so know what you face. Good luck with that. And have fun with the folks that think that because there are other ways in one more hole is a good idea.

I know GRUB is not the problem. Look a it like this: Recovery Mode Is A Stinky Manhole, I use a dedicated boot loader, ba bam I just put a cover on the manhole, the stink is still there but now it takes more effort to get there.
Do the BSDs/Solariss/Darwins have a similar problem?

Sorry mate, but you seriously do not understand these security models. Everything you are complaining about is BY DESIGN and does NOT constitute bad security. Every security model CAN be undermined and make it redundant, it's about how it's implemented and used, and grubs default (non) security model is just fine for most scenarios. How many enterprise data centres running government systems are out there with grub passwords or other additional boot security? just about zero I'd say. The cabinet locks, the 4 layer security barriers, the video cameras and biometric security systems make these super specific measure redundant. You have to take a holistic approach to security, not just indivually cherry pick sub components to criticize out of context.

I Don't Care How Many Lazers And Knives Are Surrounding The Hole, Its Still There And Haveing One More Layer OF Defence Is A Good Thing, I Have A Me-only Computer And Don't Realy Care But I Just Want To Know In Case I Am Ever In A Super Sucure Envrioment.