[ISN] Security vendors slam Defcon virus contest

[InfoSec News]

Forwarded from: Paul Ferguson <fergdawg (at) netzero.net>
Cc: jericho (at) attrition.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- security curmudgeon <jericho (at) attrition.org> wrote:

>>http://www.infoworld.com/article/08/04/28/Security-vendors-slam-Defcon-vi
>>rus-contest_1.html  

>I think Roger Thompson firmly states what many professionals have been 
saying for a long time; Anti-Virus as it exists today is an entirely 
reactionary protection mechanism. If AV vendors are really getting 
30,000 new virus/malware samples each day, and they haven't figured out 
how to write signatures that better recognize them, then it really 
drives the point home that they are simply feeding their business model.
>

I'm pretty sure he also said "It's a dumb idea."

I second that.

Look it: No one argues that AV software is some sort of
magical defense -- in fact, everyone pretty much agrees that
is not. That is why security companies are developing other
methodologies of protection (e.g. domain, IP, and URL reputation,
etc., among others), so this whole "Race to Zero" actually proves
an already proven point.

Modifying existing malware is creating new malware. There can
be no mistaking it for what it is -- pointless, yet entertaining.

The "security business model" is not being fed by security
companies (much to Schneier's chagrin), but it is being fed by
necessity. Criminals are exploiting the entire food chain.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFIGAs4q1pz9mNUZTMRAhG+AJ9mUtR9wt1o+0wq+MGIUThwumFRhACg63GA
u8pIiQzZOz9eiuvSDOkCfuk=
=UIJi
-----END PGP SIGNATURE-----



--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/