Some people are talking about a technique called “white listing” as if it were the silver bullet that is going to save the world. It is… in the fantasy worlds. I think I can lay claim to a certain amount of expertise when it comes to white listing. White listing was fundamentally my job at Microsoft for over seven years. My job was to make sure that MS didn’t release or digitally sign any infected code. How did I do that? I used a heck of a lot of………. ok… you guessed it…. antivirus software. Recognizing the shortcomings of signature based detection, I relied upon products, such as NOD32, Norman Virus control, and others to provide heuristics to detect threats that signatures alone cannot protect against. Virtually every Microsoft product went through my labs, and I had to “white list” them before they could be digitally signed or released.
The marketing arm of current white listing companies tout anti-virus as dead and white list as the solution. What they try to hide is that white listing companies would be out of business without antivirus. White listing companies are mega-power users of antivirus software, they can’t get enough of the stuff.
Sunday, November 16, 2008
Is Whitelisting really this lame?
From White Listing - The End of Antivirus?