[funsec] Internet security moving toward "white list"
Richard M. Smith
rms at computerbytesman.com
Wed Sep 19 07:02:23 CDT 2007
Internet security is headed toward a major reversal in philosophy, where a
"white list" which allows only benevolent programs to run on a computer will
replace the current "black list" system, which logs and blocks an
ever-growing list of malevolent applications, internet security giant
Symantec Corp. says.
The number of malicious software attacks, including viruses, Trojans, worms
and spam, is rising exponentially, dwarfing the number of new benevolent
programs being developed, making it increasingly difficult for security
firms to keep up.
The solution, according to Symantec's Canadian vice-president and general
manager, Michael Murphy, is to reverse how protection against such attacks
is provided. Under the current system, a security firm discovers a new
threat, adds it to its black-list database and updates its customers'
anti-virus software to combat the problem. A "white list" would instead
compile every known legitimate software program, including applications such
as Microsoft Word and Adobe Acrobat, and add new ones as they are developed.
Every program not on the list would simply not be allowed to be function on
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the funsec