BinaryJono - Slashdot User

+ - Openwall Linux 3.0: no SUIDs, anti log spoofing-> 2

Submitted by solardiz on Friday December 17, 2010 @02:00AM

solardiz writes "Openwall GNU/*/Linux (or Owl for short) version 3.0 is out, marking 10 years of the project. Owl is a small security-enhanced Linux distro for servers, appliances, and virtual appliances. Two curious properties of Owl 3.0: no SUID programs in default install (yet the system is usable, including password changing) and logging of who sends messages to syslog (thus, a user can't have a log message appear to come, say, from the kernel or sshd). No other distro has these. Other highlights of Owl 3.0: single live+install+source CD, i686 or x86_64, integrated OpenVZ (host and/or guest), "make iso" & "make vztemplate" in included build environment, ext4 by default, xz in tar/rpm/less, "anti-Debian" key blacklisting in OpenSSH. A full install is under 400 MB, and it can rebuild itself from source."
Link to Original Source

+ - Study Details AV Failures 0

Submitted by Anonymous Coward on Wednesday August 12, 2009 @02:01PM

An anonymous reader writes "Controversy arose between security researchers and antivirus vendors on the ethics of a study detailing the antivirus evasion capabilities of common malware packers. The research under discussion, the PolyPack project from the University of Michigan, was scheduled to be presented this week at the USENIX Workshop on Offensive Technologies (WOOT). Does the AV emperor have any clothes?"

+ - SPAM: No more need for an antivirus software? 0

Submitted by

Roland Piquepaille

on Tuesday August 12, 2008 @12:02PM

Roland Piquepaille writes "According to computer scientists at the University of Michigan (UM), installing an antivirus software on your personal computer might soon become useless. The research team has used a new approach, called CloudAV, which moves antivirus functionality into the 'network cloud' and off personal computers. This next-generation antivirus system 'virtualizes and parallelizes detection functionality with multiple antivirus engines, significantly increasing overall protection,' according to the team leader. Even if the results look promising, it should be noted that this is just an academics project for the moment. But read more for additional references and figures describing the architecture and the usage of CloudAV."