RE: Internet security moving toward "white list"

["Larry Seltzer" <Larry () larryseltzer com>]

> > Internet security is headed toward a major reversal in philosophy,
where a "white list" which allows only benevolent programs to run on a
computer...
 
Hardly a new idea of course. I've been hearing this for many years from
many vendors. It's an OK idea for a business network where IT can
reasonably say "you can't run anything on your computer that we don't
give you to run." And where the administration can show the security
software what the valid programs are for proper identification, perhaps
with IT even code-signing them.
 
But for home computers this just won't work. They'll never have an
adequate list and people will insist on installing what's in front of
them. 
 
And how are they going to identify programs for consumers? They could
use code signatures, but even at the high end developers bitch and moan
about that. If they use some sort of checksum then they need to monitor
every valid build of every program.
 
I'll believe this when I see it.
 
Larry Seltzer
eWEEK.com Security Center Editor
http://security.eweek.com/ <blocked::http://security.eweek.com/> 
http://blogs.eweek.com/cheap_hack/
<http://blog.eweek.com/blogs/larry_seltzer/>
<http://blog.ziffdavis.com/seltzer> 
Contributing Editor, PC Magazine
larry.seltzer () ziffdavisenterprise com

_______________________________________________
Fun and Misc security discussion for OT posts.
https://linuxbox.org/cgi-bin/mailman/listinfo/funsec
Note: funsec is a public and open mailing list.