Re: [ISN] Security vendors slam Defcon virus contest

From: InfoSec News (alerts@private)
Date: Fri May 02 2008 - 01:10:16 PDT

Forwarded from: Paul Ferguson <fergdawg (at)>
Cc: jericho (at)

Hash: SHA1

- -- security curmudgeon <jericho (at)> wrote:


>I think Roger Thompson firmly states what many professionals have been 
saying for a long time; Anti-Virus as it exists today is an entirely 
reactionary protection mechanism. If AV vendors are really getting 
30,000 new virus/malware samples each day, and they haven't figured out 
how to write signatures that better recognize them, then it really 
drives the point home that they are simply feeding their business model.

I'm pretty sure he also said "It's a dumb idea."

I second that.

Look it: No one argues that AV software is some sort of
magical defense -- in fact, everyone pretty much agrees that
is not. That is why security companies are developing other
methodologies of protection (e.g. domain, IP, and URL reputation,
etc., among others), so this whole "Race to Zero" actually proves
an already proven point.

Modifying existing malware is creating new malware. There can
be no mistaking it for what it is -- pointless, yet entertaining.

The "security business model" is not being fed by security
companies (much to Schneier's chagrin), but it is being fed by
necessity. Criminals are exploiting the entire food chain.

- - ferg

Version: PGP Desktop 9.6.3 (Build 3017)


"Fergie", a.k.a. Paul Ferguson
 Engineering Architecture for the Internet
 ferg's tech blog:

Attend Black Hat USA, August 2-7 in Las Vegas, 
the world's premier technical event for ICT security experts.
Featuring 40 hands-on training courses and 80 Briefings 
presentations with lots of new content and new tools.
Network with 4,000 delegates from 50 nations.  
Visit product displays by 30 top sponsors in 
a relaxed setting.

This archive was generated by hypermail 2.1.3 : Fri May 02 2008 - 01:31:54 PDT