posts of the week

• hype-free: Race to Zero
  this one really stuck in my head... ostensibly it's about race to zero but in the process cdman rightly places the blame for the growing anti-av revolt squarely on the av vendors themselves for letting their marketroids run amok...
• Viruslist.com - Analyst's Diary - More thoughts on drawing the line
  an interesting look at the asymmetry between obfuscation and deobfuscation as it pertains to the race to zero contest...
• Security Myths - McAfee Avert Labs Blog
  if i had found more time i would have written this post (or one very much like it) myself... seriously, it was on my list of things to do, and now i don't have to do it...
• PDF, Let Me Count the Ways… « Didier Stevens
  at first i thought PDF canonicalization would be better suited for heuristics but then i realized seeing through this kind of obfuscation can be as beneficial for known-malware scanning as seeing through packer-based obfuscation or really anything that's 'added on' to the base malware...
• Emergent Chaos: Quantum Uncertainty
  so much for the superiority of quantum computers - or so it would seem for now...
• Microsoft botnet-hunting tool helps bust hackers - Network World
  interesting to hear details of how botnet busts go down, and obviously microsoft is in an excellent position to help this happen if they've got intelligence gathering tools on hundreds of millions of enterprise and end user machines...