Whitelist Not Blacklist
As you know mailing out spam over the internet is big business. Figuring out way to keep from spam getting email into your inbox has become just as big of business.
For years there has been a growing list of spammers know as Black List. Because spammers change source email addresses and domains several times in one day, there has been a need to find an anwser.
The trick is to develop a way to keep spammers out and not prevent good, wanted email from getting through. In the spirit of reverse thinking more and more companies are going to a Whitelist.
A Whitelist is nothing more than letting though good emails and sending any email not on the whitelist to the spam box. Whitelisting Is the Future when it comes to fighting spam going to your email inbox.
Security for PCs has focused on identifying unwanted and malicious software and blacklisting or blocking it. This is a tough approach, as it is reactive and leaves the initiative with the attackers. Until anti-malware companies identify a threat, their users are often vulnerable to it.
Security pros have always known that there is another approach: whitelisting. This means that you identify all the software that you want to allow to run on the PC and block everything else. This is an even harder way to go, but it has better potential for making systems secure because new malware still can’t get through.
Now some vendors are working to make whitelisting a practical approach. Identifying which software is right to run on hundreds or thousands of PCs with an immense number of potential device drivers is complicated, but there are ways to make it work.
But for consumers and small businesses, those without managed networks and professional IT staffs, things are ironically more difficult. There is less hardware and software to manage, but there is also nobody to make informed decisions about what should and should not run.
Experts agree that the average consumer cannot make an informed decision about what software should and should not run on their PC. It’s possible some day that these decisions could be outsourced to a reputation service, potentially the same companies that today provide anti-malware, and any new programs the user attempts to download and install would have to be approved by the service.
Two problems with this: The system would have to be based on code signatures, and use of code signing is far from universal. Also, there is no way the service could keep up with all the software coming out, including patches of 3rd party products. So it would have to provide a bypass feature, and then we’re back where we started. Users will use the bypass just out of impatience, or they will follow the instructions in the social engineering e-mail to engage the bypass.
A consensus has developed among security experts that blacklisting, the standard anti-virus approach, is unsustainable. The future for enterprises may very well be in whitelisting. It won’t happen for consumers unless they surrender the power to decide what runs on their own PCs. Not likely in my view.
