My oldest readers will remember when I had the audacity to dissect antivirus software for security flaws. From 1997 to 2000 I could gain root on millions of corporate servers and desktop PCs that relied on McAfee, Symantec, Trend Micro, and other antivirus programs. I eventually named it the “ADVEIS” rootkit, short for “antivirus dependent vulnerabilities in email infrastructure security.” I gave a lecture about my findings and then—

—well, no one really cared that I proved antivirus programs reek of security flaws. Not even the hackers. (That surprised me: I expected a dozen copycats to pop up.) But I didn’t care much either, so I shelved it and went on to the next great experiment.

Which brings me to today. This year’s “DEFCON” convention will hold a “Race to Zero” contest. Players will get a batch of viruses to hack on until someone can get a variant past all the antivirus products installed for the contest.

Reporters played up the DEFCON announcement; the antivirus vendors sneered. But to them I say “so what?” If you want to watch someone beat a dead horse, go right ahead, but it’s not news. This DEFCON contest does nothing that we haven’t seen already. Lesser-known hacker shindigs have held the same contests over the years.

DEFCON would impress me if they held a contest to acquire root via the antivirus software. But (sigh) I’m the only one around here who seems interested in thinking outside the box…

No Comments

No comments yet.

RSS feed for comments on this post. TrackBack URI

Leave a comment

You must be logged in to post a comment.