Premium Content

Access "Schneier-Ranum Face-Off on whitelisting and blacklisting"

Published: 18 Oct 2012

Point: Marcus Ranum In 2007, I wrote an article on execution control in which I explained why antivirus was a dead-end idea, and predicted an eventual switchover from blacklisting to whitelisting. I couldn't have been more wrong so I periodically catch myself wondering if I'm one of a small percentage of the people who "get it," and if the entire security world has its collective head where the sun doesn't shine. Obviously, malware is a big problem and there's not going to be a silver bullet solution to it, but the industry's response to system integrity continues to be ineffective, expensive and a wasteful of time and energy. To briefly recap: blacklisting is the oldest algorithm in computer security. Know what's bad, develop a pattern-matching system to detect it, and ring a bell when you detect the pattern. You can earn extra credit for detecting the bad thing just before it happens, and preventing it from happening. In a nutshell, that's what's behind many antivirus, intrusion prevention/detection systems, and spam filters. The whitelisting approach is ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Secure file transfer: Send large files fast, but keep your system safe
    secure_file_transfer.png
    E-Handbook

    FTP gets big files to colleagues and clients fast, but as the headlines remind us, the threat of electronic break-ins is real. This guide to secure ...

  • Is your mobile security strategy combating the wrong enemy?
    ism_0414.png
    E-Zine

    As tablets and smartphones become more integrated into business environments, CISOs are scrambling to put effective countermeasures in place. But too...

  • What's the best focus for MDM strategy now?
    best_focus_for_MDM.png
    E-Handbook

    This Technical Guide examines the necessary elements of, and how to implement, a sound mobile device management strategy. Devices will be lost...