Redefining Anti-Virus Software
June 13th, 2008
A quick and interesting article over at blog.washingtonpost.com discusses the new emerging trend in anti-virus software technology.
It’s program whitelisting. The concept itself is of course not a new one. Have one big list with signature of benign ALLOWED programs, and any program not in the list is a suspect and will not be allowed to run.
Even intuitively it’s clear that the security of whitelist-based solution is stronger and it doesn’t even matter how many new malwares are born everyday.
There are tradeoffs of course - The list of acceptable software is substantially larger than the list of malware and has a big overhead to maintain. It might damage the user experience by blocking a previously unknown non-malicious program.
But as computing gets stronger and better, and with concepts like cloud computing and self-learning whitelists, there are some that claim that that’s the direction the technology should be going.
