Slashdot Mirror


Malware Modification Contest Has Antivirus Vendors Upset

SkiifGeek writes "Race to Zero, a sideline competition being set up at this year's DefCon, already has some Antivirus vendors steaming over the objectives of the contest. They are upset because it is essentially a polymorphism exercise. Entrants are given a set of malware samples which they must then modify to pass through a battery of antivirus scanners without detection while still carrying a viable payload. Even if competitors ignore the published vulnerabilities and weaknesses affecting antivirus vendors, the competition should turn up some interesting results. It may provide technical insight and concepts for further research as similar competitions have done in the past."

2 of 167 comments (clear)

  1. Re:Why should this upset them? by Zero__Kelvin · · Score: 4, Interesting

    "The antivirus vendors are in business to make money. Every one of these issues they have to deal with equates to lost money."
    Exactly right, if you don't count that you have it backwards. Lets start with the edge case 0. If there are Zero viruses, there is no need for the AV software. In fact, within reason the more viruses out there, the more money they make! If viruses are not even a blip on the radar when I do my security landscape evaluation, then the AV companies make no money because I would not purchase their product. If there are many viruses, then an AV company can sit back and wait for others (security folks, e.g.) to justify the purchase of my product. I don't even need a sales force. True, it cost me more to have in house peons gather virus signatures and add them to my database, or add algorithms to my AV tools, but since I don't have to pay nearly as much for a sales force more viruses equals greater profits.

    --
    Guns don't kill people; Physics kills people! - John Lithgow as Dick Solomon on Third Rock From The Sun
  2. Re:Why should this upset them? by somersault · · Score: 4, Interesting

    I wonder how long before they start lobbying for it to be illegal to even write something that could be used as malware..

    --
    which is totally what she said