Race to Zero? How About Bad Idea…
I’ve been busy and haven’t been in a blogging mood over the last couple of days but I thought I’d point out a couple of great posts by David Harley and Randy Abrams at ESET’s Threat Center blog.
They’re both about the Race to Zero contest being held during the Defcon 16 conference.
What is the Race to Zero contest? The contest organizers describe it as:
The event involves contestants being given a sample set of viruses and malcode to modify and upload through the contest portal. The portal passes the modified samples through a number of antivirus engines and determines if the sample is a known threat. The first team or individual to pass their sample past all antivirus engines undetected wins that round. Each round increases in complexity as the contest progresses.
David and Randy do a great job of laying why the Race to Zero is a bad idea… Anti-virus developers are receiving samples of thousands of new viruses and other malicious programs every month we don’t need contests that encourage the creation of new viruses.
Anti-virus software is not 100 percent effective and is often grossly oversold… It’s a risk mitigation tool that when used in combination with Sex Hex practices can reduce your chances of having your system compromised by malware.
Update: Eugene Kaspersky, one of the most respected people in the anti-virus industry weighs in on the Race to Zero here. Suffices to say he’s vehemently opposed to it.
Comments
One Comment on Race to Zero? How About Bad Idea…
-
Veretax on
Sat, 12th Jul 2008 6:30 pm
As a Computer Engineer, they had us essentially design a RAM virus to prove we understood assembly for a particular processor. So this doesn’t really surprise me in the least. Being a computer professional though, I’m not sure how BAD of an idea it is. Listen, with the way things work now we need proactive checking for ways to do this so that the AV vendors can patch those problems ASAP. With so many critical systems computerized, waiting for a Virus to reach epidemic levels to fix is not the answer in my opinion. Granted, I don’t think this should be highly publicized or covered either, and there is a certain ethical dilemma in doing just this, but it is an issue that really isn’t clearly black and white is what I am saying.
Everyone is welcome to share their views all I ask is that you observe a few basic rules the when posting:
- Be respectful - Name-calling, personal insults and “flaming” won’t be tolerated.
- Keep it clean - Comments that in my opinion are, (a) off-topic; (b) libelous, defamatory, abusive, harassing, threatening, profane, pornographic, offensive, false, misleading, racist, homophibic or which otherwise violates or encourages others to violate any law, including intellectual property laws will be deleted.
- Don’t Spam. If you do your comments will be deleted.
- Please don’t assume that I agree with or endorse any particular comment just because I let it stand. I believe in a civil discussion of the issues even though I may not agree with opinions expressed. As long as a commenter observes the rules I’ll let his or her comments stand.
If you'd like a pic to show with your comment, get a gravatar.