PRO+ Premium Content/Information Security magazine

Thank you for joining!

Access your Pro+ Content below.

January/February 2011

Schneier-Ranum Face-Off on whitelisting and blacklisting

This article is part of the Information Security magazine issue of January/February 2011

Point: Marcus Ranum In 2007, I wrote an article on execution control in which I explained why antivirus was a dead-end idea, and predicted an eventual switchover from blacklisting to whitelisting. I couldn't have been more wrong so I periodically catch myself wondering if I'm one of a small percentage of the people who "get it," and if the entire security world has its collective head where the sun doesn't shine. Obviously, malware is a big problem and there's not going to be a silver bullet solution to it, but the industry's response to system integrity continues to be ineffective, expensive and a wasteful of time and energy. To briefly recap: blacklisting is the oldest algorithm in computer security. Know what's bad, develop a pattern-matching system to detect it, and ring a bell when you detect the pattern. You can earn extra credit for detecting the bad thing just before it happens, and preventing it from happening. In a nutshell, that's what's behind many antivirus, intrusion prevention/detection systems, and spam filters. ...

Access this PRO+ Content for Free!

By submitting your personal information, you agree that TechTarget and its partners may contact you regarding relevant content, products and special offers.

You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

Features in this issue

Information security roles growing in influence

Information security managers are getting more of a say in enterprise cloud initiatives and mobile device projects.
Enforcing endpoint security
by Lisa Phifer
Enforcing endpoint security requires careful planning and deployment.
The state of critical infrastructure security

Stuxnet put the spotlight on critical infrastructure protection but will efforts to improve SCADA security come too late?

Columns in this issue

Schneier-Ranum Face-Off on whitelisting and blacklisting

Security experts Bruce Schneier and Marcus Ranum debate whether network security should be based on whitelisting or blacklisting.
The penetration tester is alive and well

Automation hasn't killed the penetration tester – yet.
Old information security challenges persist
by Dave Shackleford
A look back at articles from the past shows that the same information security problems persist today.

View Information Security magazine Archives

SearchCloudSecurity

Access your Pro+ Content below.

Schneier-Ranum Face-Off on whitelisting and blacklisting

Access this PRO+ Content for Free!

Features in this issue

Information security roles growing in influence

Enforcing endpoint security

The state of critical infrastructure security

Columns in this issue

Schneier-Ranum Face-Off on whitelisting and blacklisting

The penetration tester is alive and well

Old information security challenges persist

CyberArk warns of 'shadow admins' in cloud environments

How enterprises should handle GDPR compliance in the cloud

Compromised cloud credentials still plaguing enterprises

Router security options advised following U.S. hacker alert

Analyst balks at blockchain distributed ledger in networking

Network-as-a-service market blossoms as demands grow

Workplace 'mindfulness' as coping mechanism for AI disruption

RSA 2018: Juniper CEO stresses training, automation in cybersecurity

Will the next act in the ongoing evolution of IT be its last?

Spectre and Meltdown vulnerabilities show haste makes waste

Workflow automation software improves LA court productivity

How to create a custom Windows 10 image for deployment

IaaS and PaaS blurred lines increase lock-in risks

Single pane of glass for multi-cloud management still elusive

Microsoft takes holistic approach to IoT security concerns

Executive interview: Werner Knoblich, Red Hat

Capita’s £500m loss raises more questions for outsourcing

Nearly half of UK manufacturers hit by cyber attacks