A week ago I blogged about a new contest called Race to Zero at Defcon. The goal of the contest is to obfuscate malware enough such that when it is uploaded through a portal and scanned with AV there is a zero-percent detection rate. As expected, the AV community is up in arms about this.
My original intent was to play devil's advocate about this content and talk about the reasons why this contest is not as bad as the AV vendors are saying. However, Dancho Danchev posted something which says it best. Read that. :)
I still have my own opinions on the contest and how easy it is to obfuscate malware enough to bypass signature AV. However, I feel I would probably be beating a dead horse and so am going to forget about the whole thing.
No comments:
Post a Comment