Fighting malware with static and dynamic code analysis
Linux offers some sophisticated tools for understanding how malware can slip through the gaps in an unsuspecting application.
The potential danger of malware is a concern for many computer users. Your desktop PC, your smartphone, and even the networked smart gadgets around your home or office are potentially vulnerable to thousands of rootkits, spyware, and Trojans. As anti-malware software developers create new methods to discover and block malware, malware authors create new methods of circumventing these safeguards.
Linux users have long enjoyed the minimal attention they receive from malware authors. Malware does exist for the Linux platform, but it has a difficult time infecting most Linux systems. A major strength of open source software is the speed with which exploit-causing bugs are noticed, diagnosed, and fixed. This rapid response limits the time interval in which malicious software can exploit these vulnerabilities. Unless malware can somehow trick a user with a superuser account into installing it, or the system is not properly configured or updated, it often has difficulty infecting Linux.
Windows users have not been so lucky. More than a billion PCs running various flavors of Windows exist worldwide, and such a large installed base of similar software makes it a very tempting target for malware authors. The large size and complexity of the Windows codebase, as well as delays in the availability of patches for issues, provides ample opportunity for vulnerabilities to be discovered and exploited by malware authors.
Read full article as PDF:
Version 16 of the popular Linux desktop reveals new tools, edge-snapping, and performance improvements.
Symantec says Linux-Darlioz burrows in through PHP.
Dell renews its quest for the ultimate developer machine.
Innovative back door looks like normal SSH traffic.
One of CeBITs most successful forums opens the new year with a new name. The popular Open Source Forum continues in 2014 under the name Special Conference: Open Source. This year, the forum will be bigger and offer a wider range of possibilities for sponsors.
New release offers better graphics drivers and expands filesystem support.
New mail protocol will shut out the NSA and prevent snooping on metadata.
A new web application helps users visualize distributed denial-of-service attacks.
Ubuntu 13.10 takes a step toward convergence, with lots of mobility, but Mir only partly here.
Galileo board is targeted to embedded developers and educational institutions.