cnet news
White lists will be on every desktop within the next five years, according to Patrick Morley, CEO of Massachusetts-based Bit9. Morley was in town to address the Dow Jones VentureWire Technology Showcase in Redwood City, Calif., on Tuesday.
The basic idea behind “white listing” is to define a set of software, a set of vendors, and allow only those trusted applications or files from those vendors to run on your machine. If a file or application is not approved, it will not run. This is the opposite of how we’ve blocked malware from our machines in the past.
Patrick Morley, CEO of Bit9 Of the more than 1 million viruses detected by antivirus vendors last year, more than two-thirds were new. Loading 1 million antivirus signatures (or even a percentage of that if generic signatures are used) is a pretty serious undertaking. The idea with white listing is to identify the applications and files we know to be good, which, in theory, should be considerably less than a million.
Sounds like a good idea to me.
Hey, excellent idea! With the following exception, I don’t want to buy it from Microsoft or find it arbitrarily incorporated into my OS limiting my freedom to choose the software I want to trust or limiting the ability to program. This is a fine example of common sense problem solving. For me it’s the best thing to happen to computer security in years, HOWEVER, there is the potential for abuse and considering MS’s history of monopolistic ambition it makes me nervous.
It’s an old idea that sounds good at first, but has no chance of being practical.
1) Every white listed item will be hacked the day it’s released. Just look at at history.
2) Read post #1 starting with “the following exception”.
Everyone will have their own exceptions – which is the nature of people – and that’s a good thing.
3) We’ll probably have to pay someone for the priviledge of having our choices limited. I don’t want to be restricted by anyone, thank you – even if it was free of charge.
This version of the white list concept will disappear as fast as all the others, and good riddance.
The security industry has been there & done that.
In certain corp environments you can do it, sort of. Home users? Forget it.
Hasn’t Microsoft already done this with the warning system in Vista?
Every security aware web surfer uses firefox with noscript which uses whitelisting.
Or over security aware web surfers browse within a virtual machine.
A nice concept but it won’t work for the average user unless it incorporates a warning system which is basically what Vista users already have.
I agree with you guys, good in theory but just not practical for the average home user.
Switch to Linux.
Absolutely. If someone can find a way of making money off of people who refuse to read a manual, by all means, more power to them.
So all the bad guys have to do is learn to pass themselves off as somebody you trust?
Only go to web sites you trust.
Only open email you trust.
Only run software you trust.
Most of the people that got nailed thought they were already doing that.
Of course that means only got to web sites you know.
Never take email from someone without calling them first.
And of course never get any new software.
Yeah that ought to sell.
CEO of white list software peddling technology firm declares everyone will be using white list software in no time at all- duh.. that’s not a biased source!!
Yes, corp environments have been white listing for a long time- but consider that every security update to windows changes the hash signature of every updated file- usually lots of DLL and other executable file types. Want to manage that white list?
FOSS OSs have been doing this for years, haven’t they?!
Just stop buying M$ OS for machines that don’t NEED it.
If it’s only for documents, email and Internet – just use a GNU/Linux system with only the official software sources active.
(There may need to be a couple of exceptions, Adobe Flash player for instance. But the repo can just have an official script which installs from Adobe.)
White listing is a dream come true for Microsoft.
Imagine if Microsoft had rigged Windows so it could only run Microsoft-approved software (kind of like the iPhone app store). In the middle of their anti-trust trial. They’d be crucified. They’d have been broken up into dozens of pieces.
Now with white lists they can do it. And they can claim they’re only doing it to protect the users from the big, bad viruses.
Every software software developer will have to pay a “nominal” fee to register their software and get it approved.
If your browser is white listed it still won’t stop HTML injection.
Where I work, we already do whitelisting. Initially it was a pain in the @ss. After you get all applications into the whitelist it’s smooth sailing.
2 Disadvantages though, anytime we have an third party update/patch to push out, perform the hash function on the application, include this new hash into the approved application and you are good to go. Also, anytime a client wants a new application, we go through our testing phase on our test environment and then approve and verify hash and include in the whitelist.
My favoirte Tabloid Headline:
“AIDS Scare cause of DROP IN VAMPIRE ATTACKS !!!”
The question of “White Lists” seems to be a non-starter …
When you think about it, the Mac had this ages ago, when it was closed architecture. And only approved programmers software flew on it. But PCs have been an open book from the beginning. Trading quality and security, in for the vast smorgasbord of 3rd party software and walware. Relying on the blacklisting strategy to find the bad wares, before they did too much damage. But that has simply gotten too ass backward. Time to start white listing what few hundred software can run, rather than black listing a million plus walware that can’t. It just makes better sense, to check a smaller list. Because it takes less time to process.
That a while list could possibly be abused to extort money from smaller software vendors, is probably pretty remote. I think a license of some sort should be purchased, so any commercialized software can be vetted for PCs. And Open Source software would have its own class of licensing, or white list. Anything else, would be blocked unless permitted by the user, with appropriate dire warnings.
While we don’t have an OS white list yet. I’ve set my firewall to block anything new, from running without asking me first. This includes all Microsoft patches. I don’t mind being bothered once and a while. It’s probably less of a bother, than Vista’s protection.
White listing is fatally flawed.
It almost sounds like a Microsoft solution to stop open source.
Here is why:
How does an application get white listed? Do you have to pay money? Who decides, is it Microsoft?
If so, this is nothing more than what Sony and Microsoft do maintain gatekeeper status with the PSP and the XBox or what Apple does with the iPhone.
Once you’re not connected to the internet, you’re LOTS safer. That’s why I stopped –NO CONNECTION–
What ever happened to thin clients? I thought that was going to save us all from virus etc (at least in a corporate environment)….
This might become useful to computer users. I doubt users want to maintain this list of trusted sources, but 3rd parties could help there a bit with providing convenient trust chains.
The problem however is, noting can be trusted before it is signed by someone. Let’s hope that some one is not just Microsoft, but still you need to spend money to be trustworthy. Good by opensource, good by shareware.
But the most important problem, this is not about what you trust. That is just what they want to sell you.
What they want is how any individual app can trust any other app. A media player coul just tell you your system is untrusted because you have untrusted apps running. Apps will tell you what other apps you can use the same time!
Maybe they will only request you to close your favourite chat program while you play a game or movie.
Or they will just tell you that they will not run while you have other unknown/untrusted apps installed!
Trusted computing is not really to let you decide whom you trust.
It is for software (copy protection mainly), which can check how much it can trust your (!) computer!
It’s not that the tool of trusted computing is useless for users. But it is just far to dangerous to give this tool to your software vendor.
They will abuse this power, trust me!
A good idea in theory, it can only work in very limited areas. Home computers and their uses are constantly evolving, with new apps and upgraded hardware all the time. YouTube is the “thing” today. Tomorrow it might be Google Video. The next day it might be XYZ Interactive Involved Home and Away Video, which might last all of two days before it becomes a dud.
Because every user is different, even using the same machine, this can only work in closed environments, such as an office, where admin rights are controlled.
what a d1ck head CEO and a bunch fake posts encouraging this BS
Next five years? Seems like it should be sooner.
This makes even more sense as more of our apps reside on the ‘Net. Maybe the only app we’ll be running is a browser with plug-ins.
I think many readers are confusing programs with websites. This item wasn’t about white listing websites. That doesn’t work for 99% of users. It only works for PCs in Banks and such, that need to be restricted to what sites they access. No, this article was about white listing the software (apps) that are allowed to run on users’ PCs. A white list that would probably be optional, not mandatory and absolute. And would have user choices, of levels of protection. So even if it were enacted, in the future. There would be some way to allow some running software that wasn’t on the list, with the user’s specific permission. What the software white list’s primary purpose is, to prevent malware from secretly operating in the background, that has been secretly loaded to the PC from the Web or other sources.
But let’s be real about this. There aren’t going to be a million open source programs, waiting to be on the white list. The few dozen that are created each year shouldn’t have much of problem getting vetted. It’s those million plus viruses and worms that need to be stopped. And I suspect that anyone who is against this, could be a virus-worm-bot master, themselves. Naturally, they’d hate the white listing idea. So if Microsoft doesn’t offer this soon, I’d hope that at least the Linux guys would. And that Apple’s Mac OS would, too.