Dragan on Security

Voting Technologies are becoming hot topic at present time. There is lot of talks, news, blog posts and other kinds of publicity everywhere around. It seems that this area is interesting for business, politics and… certainly for making money. But also it is interesting for scientists. IEEE Security & Privacy Magazine published interesting article in its September/October 2006 issue (Vol. 4, No. 5). Abstract of article says:

The authors’ propose manual voting systems that have significant security advantages over existing systems, yet retain the simplicity and familiarity that has led to widespread acceptance. The authors also discuss ways to improve efficiency without endangering this public trust.

You can read this article here. Note: subscription is needed to read this article.

Couple of software vendors released security tools for new Micrososft operating system Vista.

ESET Software today released NOD32 2.7 of its antivirus software, expanding its capabilities in malware and adding support for Windows Vista. The new release, posted to the ESET home page on Tuesday, has broadened its coverage to include unwanted and nuisance software, but not necessarily dangerous programs, like adware, code for keystroke loggers, and the most dangerous of malware, rookits. The Vista support covers both the 32-bit and 64-bit versions. Despite Microsoft’s touting of Vista’s security, ESET said it’s only a matter of time before malware shows its ugly face on Vista.

“Out of the box, Vista’s going to be more secure than Windows XP or anything else Microsoft has released,” said Randy Abrams, director of technical education at ESET. “But like any OS out of the box, users can do a tremendous amount of damage if they want to.”

Entire categories of malware will be shut down on Vista, since it uses kernel-level hooking and the PatchGuard kernel protection in Vista that has Symantec and McAfee crying that it will lock their software out. “So right off the bat you have a much smaller pool of malicious software that can run on Vista,” said Abrams.

NOD32 has offered rootkit detection before it gets into a computer, but hasn’t really had the technology in place to effectively deal one once it is in the computer’s system. With version 2.7, ESET has added the technology to automatically remove a rootkit that has already taken hold of a system.

For reasons of clarity, not to mention legal coverage, ESET defines its newest area of coverage as “unwanted applications.” This covers things like keystroke loggers and ad popup software, or applications that install themselves and don’t uninstall easily.

Despite adding on new functionality, NOD32 retains the same small memory footprint that has distinguished the product. The price remains the same, at $39 for a single user license and a one-year subscription which provides the user with daily virus definition updates.

ESET isn’t the first vendor to jump on board the Vista security bandwagon, despite repeated assurances from Microsoft of its safety and security. GRISOFT, developer of the free AVG security software, has announced its AVG Anti-Virus 7.5 software is available on the Microsoft Windows Security Center for Windows Vista.

AVG Anti-Virus has received its share of kudos from reviewers and its price is hard to beat (free). It detects things like viruses, Trojans, adware, dialers, keyloggers and worms, but like NOD32, doesn’t have spyware detection.

Sources: internetnews.com, Eset and Grisoft web sites.

I’ve just learned about ReviewMe (http://www.reviewme.com). Friend just wrote post on his blog (here). I’ve decided to follow his way and check this interesting approach. ReviewMe is trying to make meeting point between blogers and advertisers. As far as I know, there is nothing similar in community yet. This will help people to find interesting stuff, software, news, products, services and whatever else in more meaningful way. During registration process, I had to choose category, but couldn’t find Security. So, my suggestion to authors is to add that category. I will carefully follow ReviewMe and hope it will achieve its goals. This is really interesting:

Problem: People ignore ads. In much the same way that banner blindness set in, many publishers have noticed their contextual ad click through rates and earnings drop over time.

Our solution: Because our reviews are not formatted to look like ads, publishers are able to deliver more attention and value than through advertising via any other marketing channel.

I totally agree with this. Majority of people don’t click any ads. Much more: banners and adds are so borring. Also, it will be very interesting to follow this site and quality of reviews on it. Will blogers be honest and frank or will they write positive reviews in order to earn money? Hopefully, majority will be honest and object. But we will see soon.

My particular area of interest is security and I’m going to set some kind of alerts or whatever on related keywords.

Also, site states:

Content Guidelines:
You must disclose that the post is a paid post in some way. Here are some ideas: “Sponsored Post:”, “The following is a paid review:” “Advertisement:”

So, I might be paid for this (funny, isn’t it :)). If that happen, it will be first time in my blogging history. Unbelievable. :) I have to say that payment is not so important; it is more important will this idea really work. My bet is: Yes, it will.

Good luck to ReviewMe!

Update: ReviewMe reviewed my post and I got e-mail which says: “Your review of ReviewMe posted on Dragan’s Blog on Security has been approved!“. It seems possible to earn $20 by blogging. :)

ACM, the Association for Computing Machinery’s Special Interest Group on Security, Audit and Control (SIGSAC) has awarded its top honors to Dr. Michael Schroeder of Microsoft Research and Dr. Eugene Spafford of Purdue University for their contributions to advancing and understanding the use of computer security technologies. Schroeder was presented with the SIGSAC Outstanding Innovation Award for his research, which has been implemented in industry practices and continues to shape the direction of security. Spafford was given the SIGSAC Outstanding Contributions Award for his role in influencing national cyberseccurity policy, education, and research.

Read full news here.