Threatcast is way off my preferred featureset but I guess it would pose an alternative security layer to the official comodo safelist db.
Guessing a normat usage pattern behaviour Threatcast should handle the time-frame between a new app is released and it gets analyzed by Comodo.
A community driven safelist is still used in many other product and there are very good derivatives where the community ruleset are evaluated by specialized personnel and certified for security.
A common implementation would be an anonymized submission where only the aggregated data is stored. This way privacy issues are nearly non-existant but the flexibility will be minimal.
If the results are going to be grouped by reliability then at least an installation id has to be stored. This provide much more meaningful results but it has strong privacy implications.
There was another alternative I’ve never seen around. Maybe there are some logical flaws I wasn’t able to see, or it will be simply difficult to implement or the chance it will be widely supported are low.
Speaking of this Secunia already released a software that checks if the existing apps are exploitable (Secunia Personal Software Inspector).
IMHO as we move forward we’ll definitely see these many different approaches to merge in an holistic framework
As such sercurity requre a transversal approach where now we see many different individual approaches I wonder what ind the end will be.
Will it be one company to carry such humongous task by itself or will it a cooperative framework solution will be developed where many companies are going to strive for end-user security?
If the latter will be what company will develop the basis for such foundation?