Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos

Information Security News: Re: Security vendors slam Defcon virus contest

Re: Security vendors slam Defcon virus contest

From: InfoSec News <alerts_at_infosecnews.org>
Date: Fri, 2 May 2008 03:10:16 -0500 (CDT)

Forwarded from: Paul Ferguson <fergdawg (at) netzero.net>
Cc: jericho (at) attrition.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- -- security curmudgeon <jericho (at) attrition.org> wrote:

>>http://www.infoworld.com/article/08/04/28/Security-vendors-slam-Defcon-vi
>>rus-contest_1.html

>I think Roger Thompson firmly states what many professionals have been
saying for a long time; Anti-Virus as it exists today is an entirely
reactionary protection mechanism. If AV vendors are really getting
30,000 new virus/malware samples each day, and they haven't figured out
how to write signatures that better recognize them, then it really
drives the point home that they are simply feeding their business model.
>

I'm pretty sure he also said "It's a dumb idea."

I second that.

Look it: No one argues that AV software is some sort of
magical defense -- in fact, everyone pretty much agrees that
is not. That is why security companies are developing other
methodologies of protection (e.g. domain, IP, and URL reputation,
etc., among others), so this whole "Race to Zero" actually proves
an already proven point.

Modifying existing malware is creating new malware. There can
be no mistaking it for what it is -- pointless, yet entertaining.

The "security business model" is not being fed by security
companies (much to Schneier's chagrin), but it is being fed by
necessity. Criminals are exploiting the entire food chain.

- - ferg

-----BEGIN PGP SIGNATURE-----
Version: PGP Desktop 9.6.3 (Build 3017)

wj8DBQFIGAs4q1pz9mNUZTMRAhG+AJ9mUtR9wt1o+0wq+MGIUThwumFRhACg63GA
u8pIiQzZOz9eiuvSDOkCfuk=
=UIJi
-----END PGP SIGNATURE----- 

--
"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 fergdawg(at)netzero.net
 ferg's tech blog: http://fergdawg.blogspot.com/
_______________________________________________      
Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting. http://www.blackhat.com
Received on May 02 2008
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]