| Posted by , under Uncategorized

Self denial

Ostridge mentality

Can’t face the music

Hard to let go

and so on… summarises all that you can say about the Current AV industry!

Hey guys: Wake up and smell the roses! You are fighthing 21st Century war in trenches!!! It does not work!!

Here is the Article  where AV vendors cry foul about a Contest at Defcon  . In this contest contestants will simply create new malware from the old ones by modifying the current ones.

WOW…

No.. There is no WOW.. this is a well known technique well exploited by malware authors over and over and over! What do you think malware authors do, create malware and keep their fingers crossed that AVs don’t catch it, or simply test their creations against well known AVs make sure they don’t even blink at this new malware before they release it to the wild! Its old news. Let me explain: You take an existing malware and re-pack (encrypt) it with an obscure packer (encryptor) now you have an old malware with a new disguise! Yep as simple as that! Now, crying foul, whinging and poo pooing this contest is NOT what the current AV industry should be doing! It is silly to claim this contest will create more malware!! As if malware authors don’t have access to the latest virii making tools!! Cos they all do!

What is silly is the way we still defend ourselves using 25 year old technology!!!! For god sake, imagine going around with 1980’s cell phones today?? How cool would that be? But we are not ashamed to go around with a similarly old technology that we call AV products based on signatures!!

My point is not that AV doesn’t have a role in our security arsenal. It certainly does.

My point is: Signature based AV is not and cannot be your first line of defense, Period!!!

Signature based AVs work based on default allow , this kind of technology can no longer be trusted as your first line of defense as they will let some baddies in! What we need a Default Deny system where malware can’t surprise us!

Thanks

Melih

Talk Back