[funsec] DefCon 'Race to Zero'
ge at linuxbox.org
Mon Apr 28 06:17:53 CDT 2008
On Mon, 28 Apr 2008, Nick FitzGerald wrote:
> Toralv_Dirro at mcafee.com wrote:
>> Now there is a very common misconception if it comes to malware and
>> security. Viruses and Trojans don't try to exploit any vulnerabilities
>> that need to be fixed, they simply take advantage of features offered by
>> the OS (modifying files, creating files, establishing connections to
>> some C&C etc.).
>> AV software is basically looking for all known malware and is trying to
>> detect new (i.e. unknown) malware based on behaviour or similarities to
>> known malware. Anything that can be learned from such a contest has
>> allready been shown back in the early 90s.
>> The contest may provide some interesting insights if it were up against
>> behaviour-based protection and HIPS actively running on a system, but
>> against a bunch of commandline-AV-scanners? C'mon...
> Why ruin a perfectly pointless skiddie piddling match by introducing a
> few pertinent facts?
> You Germans have no sense of humour...
But great beer...
> Nick FitzGerald
> Fun and Misc security discussion for OT posts.
> Note: funsec is a public and open mailing list.
More information about the funsec