Delist this security idea: Symantec ponders switch from blacklisting to whitelisting

摘要

Everybody loves lists. Magazines love lists, TV shows love lists and Web sites really like lists. But possibly no one loves lists more than security vendors. When you break down core elements of security products it often comes down to big lists: known viruses and spy ware, vulnerabilities, access controls, and programs we want to run and those we don't want to run. This obsession with lists most recently surfaced in reports from Symantec. In interviews related to the lat est release of the Syrnantec Internet Security Threat Report, company Officials said that because of grow ing security threats and the increased sophistication of the bad guys, it may be time to move from the classic blacklist security approach to a whitelist approach. This means that instead of deter mining which programs run ning on someone's computer might be bad guys, future secufity tools would instead only let known "good" pro grams run and block out all other programs.