There's clearly something broken in the economics of information security. This Defcon event isn't serious research into new attack vectors, it's a demonstration of how trivial it is to bypass signature-based products. An open and honest dialogue between security vendors and greyhat reserachers is good thing and should be encouraged -- open research benefits both sides, whereas the blackhats working in the shadows keeps security vendors playing catch-up.
Race to Zero Makes Headlines from DEFCON Announcements!:
The Race-to-Zero anti-virus challenge was announce scarcely a week ago, and already the controversy surrounding it has bubbled all the way up to Wired. The contest's basic premise is that competitors will be given sample virus code and rewarded for modifying that code in such a way that it defeats common AV products.
AV vendors have made their discomfort with the idea clear, with various spokesmen for the industry voicing concern about the creation of new threats to existing AV products. Contest organizers have countered that the contest is categorically not about creating new virii, rather it is about demonstrating the speed with which currently blocked virii can be modified to defeat current virus-blocking software.
Leave a comment