hmm of course they will benefit from the incoming feedback, still I don't like the sound of that decleration, It is impossible that their product can detect every possible malicious- pattern, because there can't be a perfect heuristic engine. Else the struggle of constant updates the "monsters" of the field suh as Kaspersky and Symantec are into would be pointless and stupid. Obviously they know that.. Unless of course they don't care to block exclusively only files bearing virus patterns
I believe a more symbolic reward such as the $500 that D. J. Bernstein offers for finding a qmail vulnerability would seem more sincear (they still remain to his pocket btw :}), but we'll see what happens with avecho
I agree that there is no engine that can pick up every signature out there.. I give it a week before some cracks it. But I guess thats the new way of beta testing.. I just don't think that much good can come out of dangling a prize of that sort in front of hackers IMHO
The rules of the competition are *too* vague.. I'm writing up a virus right now, going to XOR it a couple of times then run some lame home made encryption algorithm over it, UUEncode it, and send it as ASCII text......
Now how in gods name are they going to catch that ?
What if I give you the whole file as hex for eg
3F 99 4A DD etc etc, and give you a link to a program that puts it back together....
This is random..
Personally, I feel they've budgeted 10,000 pounds as an advertising budget..... and their marketting folks smoke some very good stuff.