Announcement

Collapse
No announcement yet.

AVG Ventures Into Linux Malware Protection

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • #16
    Originally posted by RealNC View Post
    ClamAV seems to have one of the worst detection rates ever in an anti-virus app.
    http://blog.untangle.com/?p=96

    We learn something new every day. :3

    ~ C.

    Comment


    • #17
      Bah, it doesn't work. PulseAudio still gets kept on the system.

      Comment


      • #18
        Originally posted by MostAwesomeDude View Post
        http://blog.untangle.com/?p=96

        We learn something new every day. :3

        ~ C.
        That test is REALLY old (Aug 2007). AV's have come a long way in 2 years as has the malware and spyware. If you want a constant up to date list (unfortunately no clamAV) check out av comparatives.

        http://www.av-comparatives.org/

        Comment


        • #19
          Originally posted by Xeno View Post
          The guys that write viruses target most common software and 'tho Linux is not so popular Firefox and Thunderbird are. Do you really think it is not possible to hijack the browser and make it run some extra code at application launch?
          There was a beautiful java-script crack that worked on FireFox 2 that would give someone access to all of the users files demoed at Black Hat last year. With Firefox 3 not only do we get shitty performance because of its design we get the possibility of SQL injection exploits on top of the inherent insecurity of java-script.

          It is not that it can't be done, its that it is only a matter of time before someone does it. Look at the recent Mac OS X botnet for reference where many people said it couldn't be done.

          It has also been shown that the pgp signed packages from distributions could be circumvented with dns cache poisoning and various other means. Remember it was not so long ago Red Hat and Fedora repositories were cracked.

          If it can be locked, it can be unlocked by a determined individual and probably for a profit on their part.

          Comment


          • #20
            It has also been shown that the pgp signed packages from distributions could be circumvented with dns cache poisoning and various other means. Remember it was not so long ago Red Hat and Fedora repositories were cracked.
            To "circumvent" GPG signatures, you would need to have a copy of the private keys in order to sign the packages.
            .. Either that or invent some way to quickly factor LARGE numbers.
            I still think it takes somewhere in the region of the billions of years mark with most of the computing power of the world.

            Comment


            • #21
              Originally posted by paul_one View Post
              To "circumvent" GPG signatures, you would need to have a copy of the private keys in order to sign the packages.
              .. Either that or invent some way to quickly factor LARGE numbers.
              I still think it takes somewhere in the region of the billions of years mark with most of the computing power of the world.
              Not really, the easiest route is to keep packages already pgp signed with known vulnerabilities locked at the version numbers with the vulnerabilities in your hypothetical hijacked repository, completely "trustworthy" and with very little effort.

              I also take it you haven't considered creating a cluster of nvidia tesla cards to crunch numbers or do anything that is processor intensive. Billions of years? They used to say that about WPA and WPA2 keys and look at how quickly they can be cracked with just a GeForce 8800.

              Comment


              • #22
                They used to say that about WPA and WPA2 keys and look at how quickly they can be cracked with just a GeForce 8800.
                Are you referring to the brute-force solution that's just faster on a gpu? With a good password it's still not broken.

                Comment


                • #23
                  Originally posted by yogi_berra View Post
                  I also take it you haven't considered creating a cluster of nvidia tesla cards to crunch numbers or do anything that is processor intensive. Billions of years? They used to say that about WPA and WPA2 keys and look at how quickly they can be cracked with just a GeForce 8800.
                  I should note that the current vulnerabilities in WEP are due to correlation between the encrypted packets and the key, and that only the flavors of WPA with the same key init as WEP share those statistical weaknesses. I should also note that only very short keys can be brute-forced within a reasonable amount of time.

                  WEP still can't be brute-forced very fast. It requires that statistical analysis in order to pare down the keyspace to something small enough to quickly search. WPA with CCMP is still too big to do a full-on brute-force attack. (And no wonder, either; it's based on AES.)

                  tl;dr: You won't be brute-forcing my WPA2 key anytime soon.

                  Comment


                  • #24
                    Originally posted by MostAwesomeDude View Post
                    WEP still can't be brute-forced very fast. It requires that statistical analysis in order to pare down the keyspace to something small enough to quickly search. WPA with CCMP is still too big to do a full-on brute-force attack. (And no wonder, either; it's based on AES.)
                    Actually it can be done quickly under the right network conditions, its dependent on the number of packets being intercepted, but you already knew that.

                    The point is that encryption alone isn't the security panacea that people make it out to be. But it works wonders on the psychosomatic level for the people that want to believe that they are secure. Much like deadbolts and doorchains on their front doors.

                    Comment


                    • #25
                      Originally posted by yogi_berra View Post
                      The point is that encryption alone isn't the security panacea that people make it out to be. But it works wonders on the psychosomatic level for the people that want to believe that they are secure. Much like deadbolts and doorchains on their front doors.
                      Agreed, although I'm not going to decrypt my hard drive any time soon.

                      http://xkcd.com/538/

                      And that's all I have to say about that. :3

                      Comment

                      Working...
                      X