Race To Zero is an event that pits hacker-types against an array of AV products. Unofficially hosted at DEFCON this year, it has already sparked the ire of the AV community. This makes sense as we all know that there is little they can do to stop researchers from writing malware that will be undetectable (until their next update). From their perspective, it is a waste of time. And that is somewhat true. Especially their time.

This type of event, along with the Consumer Reports test of 2006, runs the risk of wasting the AV community’s time. Which if we all recall, had no negative impact on society (or even AV vendors). Even still, I acknowledge it is a pain in the ass for them. A combination of bad press, plus a bunch of really crappy malware samples that have to documented, analyzed, detected and removed even though they will most likely never, ever impact a person outside of a lab environment.

The idea that the AV company’s are getting free research is pretty ludicrous. All that happens is that they will have to analyze as many of these modified viruses to figure out how to detect them. It is just another day at the office.

Which gets to the heart of the matter:

This contest isn’t a contest. This contest is a protest. It is a protest against the fact that there is simply not enough innovation in the anti-malware space. The problem is getting worse and all of the solutions appear to come from the same tunnel-vision line of thought. The vendors that do this have successful businesses that run just fine. New malware will get fixed with the same old solution.

The take-away isn’t going to be research that will help the AV industry to see emerging techniques. It will be that there has has to be another way. Events like this should inspire someone fresh to come in and build a better mousetrap, and build the next MFE or SYMC.