Want to read Slashdot from your mobile device? Point it at m.slashdot.org and keep reading!


Forgot your password?

Slashdot videos: Now with more Slashdot!

  • View

  • Discuss

  • Share

We've improved Slashdot's video section; now you can view our video interviews, product close-ups and site visits with all the usual Slashdot options to comment, share, etc. No more walled garden! It's a work in progress -- we hope you'll check it out (Learn more about the recent updates).


+ - Openwall Linux 3.0: no SUIDs, anti log spoofing-> 2

Submitted by solardiz
solardiz (817136) writes "Openwall GNU/*/Linux (or Owl for short) version 3.0 is out, marking 10 years of the project. Owl is a small security-enhanced Linux distro for servers, appliances, and virtual appliances. Two curious properties of Owl 3.0: no SUID programs in default install (yet the system is usable, including password changing) and logging of who sends messages to syslog (thus, a user can't have a log message appear to come, say, from the kernel or sshd). No other distro has these. Other highlights of Owl 3.0: single live+install+source CD, i686 or x86_64, integrated OpenVZ (host and/or guest), "make iso" & "make vztemplate" in included build environment, ext4 by default, xz in tar/rpm/less, "anti-Debian" key blacklisting in OpenSSH. A full install is under 400 MB, and it can rebuild itself from source."
Link to Original Source

+ - Study Details AV Failures

Submitted by Anonymous Coward
An anonymous reader writes "Controversy arose between security researchers and antivirus vendors on the ethics of a study detailing the antivirus evasion capabilities of common malware packers. The research under discussion, the PolyPack project from the University of Michigan, was scheduled to be presented this week at the USENIX Workshop on Offensive Technologies (WOOT). Does the AV emperor have any clothes?"

+ - SPAM: No more need for an antivirus software?

Submitted by
Roland Piquepaille
Roland Piquepaille writes "According to computer scientists at the University of Michigan (UM), installing an antivirus software on your personal computer might soon become useless. The research team has used a new approach, called CloudAV, which moves antivirus functionality into the 'network cloud' and off personal computers. This next-generation antivirus system 'virtualizes and parallelizes detection functionality with multiple antivirus engines, significantly increasing overall protection,' according to the team leader. Even if the results look promising, it should be noted that this is just an academics project for the moment. But read more for additional references and figures describing the architecture and the usage of CloudAV."

User hostile.