Re: DefCon 'Race to Zero'

[Nick FitzGerald <nick () virus-l demon co uk>]

Toralv_Dirro () mcafee com wrote:

> Now there is a very common misconception if it comes to malware and
> security. Viruses and Trojans don't try to exploit any vulnerabilities
> that need to be fixed, they simply take advantage of features offered by
> the OS (modifying files, creating files, establishing connections to
> some C&C etc.).
>
> AV software is basically looking for all known malware and is trying to
> detect new (i.e. unknown) malware based on behaviour or similarities to
> known malware. Anything that can be learned from such a contest has
> allready been shown back in the early 90s.
>
> The contest may provide some interesting insights if it were up against
> behaviour-based protection and HIPS actively running on a system, but
> against a bunch of commandline-AV-scanners? C'mon...

Why ruin a perfectly pointless skiddie piddling match by introducing a 
few pertinent facts?

You Germans have no sense of humour...


Regards,

Nick FitzGerald

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.