Theme

Welcome · log in · join

Forums → Software and Operating Systems →

Security → Re: Decline of AV - Rise of Whitelisting

uniqs
1

« [Humour] Keyboard-User Interface • Is msmvps.com down? »

This is a sub-selection from Decline of AV - Rise of Whitelisting

mysec Premium Member join:2005-11-29	mysec to Mele20 Premium Member 2007-Jun-29 2:17 am to Mele20 Re: Decline of AV - Rise of Whitelisting said by Mele20: Whitelisting is only for businesses. It is totally impractical for consumers. As one who has used "Whitelisting" for many years in a home environment, I can only conclude that your comment is made in complete ignorance, probably based on common misperceptions due to the way this term is applied today. I put "Whitelisting" in quotes because recent discussions have shown that this term no longer has any real meaning. Like HIPS it should be discarded. Specifically, the use of White Lists is a security technique, as is the use of Black Lists. Unfortunately, in recent times, IT marketing has usurped the idea of White Lists in creating various products that work on this principle, and have applied it system-wide in a corporate environment. This has opened White List strategies to much criticism. Those who have used this principle successfully aren't bothered by all of this hoopla of course, yet misinformed statements such as yours do require a clarification. regards, -rich ______________________________________________________ Just because someone else's shoes are too tight, why should my feet hurt?
	· actions · 2007-Jun-29 2:17 am ·
shamrin join:2001-01-08 Lexington, KY	shamrin Member 2007-Jun-30 2:18 pm said by mysec: said by Mele20: Whitelisting is only for businesses. It is totally impractical for consumers. Those who have used this principle successfully aren't bothered by all of this hoopla of course, yet misinformed statements such as yours do require a clarification. The only thing you've "clarified" here is that in your opinion the OP is wrong for saying that whitelisting isn't a consumer solution. Please do clarify how whitelising will work for a consumer downloading running 100s of random apps he finds both legally and otherwise around the net.
	· actions · 2007-Jun-30 2:18 pm ·

mysec Premium Member join:2005-11-29	mysec Premium Member 2007-Jul-1 1:05 am said by shamrin: The only thing you've "clarified" here is that in your opinion the OP is wrong for saying that whitelisting isn't a consumer solution. The idea of a "White List" is nothing new. It’s one of the first concepts of security I was taught, although that specific term wasn’t used. Simply stated, it refers to setting up certain sets of actions within your security policy that are permitted, and prohibiting anything else from being allowed, or running. As such, it is a tactical tool, or concept, that is applied at various points in the security strategy. Many people probably use a White List tactic without realizing it. For example, if you filter your emails to permit only those in your address book, you have created a White List. By default all others are blocked, deleted, or whatever. In recent times, this is referred to as "Default-Deny": all denied except those on the permit (White) List. In your browser settings, if you have a Trusted Zone or similar, you designate certain sites which can run scripts, etc. This is a White List. If you manage cookies to permit the storing of persistent cookies on designated sites, this is a White List. If your firewall monitors outbound connections, you have created a list of those applications which can connect out, and all others are denied by default. If you use a Custom Address List, the same thing is in effect: you have created White Lists. This tactic can be applied to executables, where you create a White List of all the executables on your computer, and all others are denied execution by default. The above examples are a few which employ the tactic of a White List as part of an overall security strategy for consumers. said by shamrin: Please do clarify how whitelising will work for a consumer downloading running 100s of random apps he finds both legally and otherwise around the net. Recently companies such as SecureWave and Hurwitz are working with approaches that would seem to envelop the system into one grand White List. Terms such as "software authentication," "Trusted Platform Module" are current buzzwords, indicating some grand scheme to whitelist all software. This is what the current term, "WhiteListing" calls to mind as it has been used in recent articles, and is certainly open to serious debate. In my opinion, it would be an insurmountable task, and probably unworkable in the long run. It’s too bad that the term White List has been hijacked and dumped into this idea of "WhiteListing," for it muddies the waters and confuses the issue when people refer to White List tactics as used in their security strategy. I indicated in the previous post that this term, like HIPS, should be discarded, since it conjurs up many scenarios. Or, at least, one should clarify and be specific as to what is meant when it is used. So, if the OP wishes to qualify that she means by "WhiteListing" to refer to the use of the term indicating software authentication, et al, then I would not object to the statement. But to leave the comment as is, that WhiteListing "… is totally impractical for consumers" is inaccurate, or at least, misleading, since the tactic of WhiteListing has been effectively used in home environments for many years. regards, -rich ______________________________________________ "Talking About Security Can Lead To Anxiety, Panic, And Dread... Or Cool Assessments, Common Sense And Practical Planning..." --Bruce Schneier
	· actions · 2007-Jul-1 1:05 am ·

Forums → Software and Operating Systems → Security	« [Humour] Keyboard-User Interface • Is msmvps.com down? »
This is a sub-selection from Decline of AV - Rise of Whitelisting