EICAR 2010: RAINY DAYS IN PARIS

Eddy Willems

G Data Software and EICAR, Belgium

The 19th EICAR conference took place last month in the heart of the beautiful city of Paris at the école Supérieure d’Informatique, Electronique, Automatique (ESIEA). The second International Alternative Workshop on Aggressive Computing and Security (iAWACS’10) was held immediately before the conference at the same venue, and EICAR delegates were also able to attend this event. iAWACS’10 included workshops on smart cards and crash courses on securing PLC networks, but the most noteworthy item on the agenda was the anti-virus evaluation challenge ‘PWN2KILL’, the aim of which was to attempt to bypass anti-virus software and evaluate its effectiveness in practical terms. A technical summary is available on the iAWACS website. [David Harley shares his views on the challenge on p.2 – Ed.]

GETTING STARTED

After an official EICAR members meeting and welcome party on the Sunday evening, the real meat of the conference began on Monday morning with an opening address from the chairman of EICAR, Rainer Fahs, continuing with a keynote from Christophe Devine – better known as the father of ‘Aircrack’ – about problems related to AV testing. He described a series of tests and rated their usefulness. Devine believes that, in most cases, careful inspection reveals no real winners, and several tests are not even relevant to the real world. He proposed an initiative called AVerify, an open-source anti-virus test suite which would facilitate the creation of reproducible, more reliable tests. AVerify would be inspired by the EICAR test file, maintained independently of EICAR but following the same code of conduct.

(continue reading…)

I will attend EICAR 2010 in Paris from 7th May to 15th May. Wish I could lucky enough to meet some guys who are also interested in ARK and have tried SysReveal.