Well, it was only matter of time, before everyone started pulling in the right direction of whitelisting. I welcome Symantec making the right noises about this and I do hope they will continue on this premise and protect their users with technologies that work, using whitelists.
“The bad guys are moving quickly and the good guys are moving quickly and the innovators are moving quickly. If the judges are taking months to judge things, then that’s not fair to anybody,” says Bill Munson, vice-president of the Information Technology Association of Canada. “That’s not in the industry’s or society’s interest.”
so how COMODO (and other security company) can handle this issue?
Whitelisting is a joke. Its only a split second to modify an infectious/malicious binary and butcher up the registry to mimic a whitelisted program. … What? You said a checksum? Sure, which one MD5? Collisions… SHA1? Collisions… In fact, thrown on a hypervisor backdoor, remodify settings and whitelisting is obsolete.
In the final release of CPF3, will the user be able to interact with the whitelist in any way?
ie will we be able to “overwrite” our preferences over the whitelist?
Will there be any way for a user to review the whitelist, to see which processes are included?
for eg, suppose M$_process.exe is whitelisted, will I have the ability to block / restrict it if I wish to?
Coz I have to say, that would be my major concern about whitelisting, that someone else determines what processes are allowed to run on my pc, and that I cannot over-ride that decision. (except by uninstalling that product)
but the conception I’m making of whitelisting is that executable files can only modify the system after the file have been verified by a matching checksum (e.g. SHA-256), so how in the world can an executable file damage the system in such a whitelisting environment?
Wow! A reverence for Mr. Melih!
If I would be COMODO Ceo, I would be MAAADD, REALLY MAD!
Because now that Norton, Kaspersky and others are changing to whitelisting… then that means now its a real competition to sell COMODOs products.
But hey! who cares. COMODO CIS it has been always free. So there is nothing to loose.
In fact, only more happy customers. Norton will sell whitelists and COMODO give them for free (and even more mature whitelistings). This confirms again that COMODO protection its really protection itself. And also the good person Mr. Melih is.
You rock with your COMODO company! ;D
Any knowledge if symantec or karspersky added the whitelisting in their recent version?