Premium Content

Access "Schneier-Ranum Face-Off on whitelisting and blacklisting"

Published: 18 Oct 2012

Point: Marcus Ranum In 2007, I wrote an article on execution control in which I explained why antivirus was a dead-end idea, and predicted an eventual switchover from blacklisting to whitelisting. I couldn't have been more wrong so I periodically catch myself wondering if I'm one of a small percentage of the people who "get it," and if the entire security world has its collective head where the sun doesn't shine. Obviously, malware is a big problem and there's not going to be a silver bullet solution to it, but the industry's response to system integrity continues to be ineffective, expensive and a wasteful of time and energy. To briefly recap: blacklisting is the oldest algorithm in computer security. Know what's bad, develop a pattern-matching system to detect it, and ring a bell when you detect the pattern. You can earn extra credit for detecting the bad thing just before it happens, and preventing it from happening. In a nutshell, that's what's behind many antivirus, intrusion prevention/detection systems, and spam filters. The whitelisting approach is ... Access >>>

Access TechTarget
Premium Content for Free.

By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

What's Inside

Features

More Premium Content Accessible For Free

  • Next-generation firewalls play by new rules
    ism_cover_0913.png
    E-Zine

    Firewalls started their journey to the next generation at about the same time as the Star Trek TV series. While the products have advanced with ...

  • Developing your endpoint security management transition plan
    endpoint_security_management_cover_0913.png
    E-Handbook

    This TechGuide will help you develop your endpoint security management transition plan. Articles focus on overcoming the challenges of Web-based ...

  • Unlock new pathways to network security architecture
    ISM_august_2013.png
    E-Zine

    Network security architecture is showing its age at many organizations. With new technology, different data types, and use of multi-generations of ...