Overblog
Editer l'article Suivre ce blog Administration + Créer mon blog
18 novembre 2010 4 18 /11 /novembre /2010 23:08

At the time AV vendors tend to complain about theiir difficulties to maintain a base of malicious software definition (20 millions in 2009, according to Kaspersky?), some people may remember old ideas of creating a "whitelist" of harmless / well known / trusted applications.

 

I would not start a troll by saying that the whitelist of electronically signed files, not being scanned by AV engines (that not being very well documented... anyway), could lead to problem worse than W32.Stuxnet...

 

However, AV vendors now actively work on whitelisting applications. Recently, for instance, Comodo Sofware got in contact with the Pidgin developers team, and asked them to whitelist their software (which was accepted), even providing FTP if needed.

 

They aim to alert each time an "unknown" software is to be run, so they whitelist "known" softwares.

 

Therefore, AV updates are not only getting more and more important to protect computers against malicious software, but to also avoid blocking harmless software (at least, a warning with context isolation untill the user validates or denies it...).

 

To be known fot the next future... 

 

 

Partager cet article

Repost0

commentaires