Comments on: Group pitches anti-spyware guidelines
Anti-Spyware Coalition gives final definition of spyware, as it works toward industry standards.
Most Popular
Latest tech news headlines
- The 30 most anticipated games of 2010
December 5, 2009 11:20 AM PST
- Iran Internet access down pre-protests, report says
December 5, 2009 10:58 AM PST
- Best Buy's little Black Friday the 13th
December 5, 2009 10:03 AM PST
- See all headlines
RSS Feeds
Add headlines from CNET News to your homepage or feedreader.
More feeds available in our RSS feed index.
- Markets
Related quotes
mark d.
__________________________________
R.K.
http://www.Remove-All-Spyware.com/
let's hope that IE 7 changes the latter problem. I don't foresee an easy solution to the former problem as long as the "software industry" to which the article refers is strongly supportive of ad servers.
- White List
- by ajbright October 28, 2005 9:18 AM PDT
- What puzzles me is why we still use the model of allowing everything on our computers to run, except that contained in an ever growing list of spyware and viruses. Basically we use a system of black listing bad things.
- Like this Reply to this comment
-
-
- How do you white list it?
- by October 28, 2005 10:49 AM PDT
- The Genie is out of the bottle.
- Like this View reply
Processing -
(6 Comments)Surely it would be easier to design a system that allowed nothing to run, except that which we define as ok.
Even with the best antivirus and antispyware software, it's impossible to keep track of everything out there, with hundreds of new pieces of malware appearing every day. The size of antivirus definitions as well as antispyware definitions must be in the tens of thousands, it's an impossible task to track it all.
Instead we could easily keep track of the few hundred legitimate applications our computers need to use, adding new software to the white list as we install it. In fact antivirus companies could define white list definition files with the most common applications and windows modules being used, updating them quarterly instead of weekly, and leaving us to add our own entries on the odd occasion when we get something new that hasn't been entered.
I think until we adopt this method of controlling the software our computers run, we will never be certain of keeping any computer spyware free.
Imagine the benefits for businesses, which would only need a new white list definition file when they decide to update their users computers with new software - usually a once in three year activity - so as long as the white list was correct when the computer is issued to an employee, except under extraordinary conditions, you'd never need to be concerned about patching a computer again.
Okay so I'm sure someone can knock a dozen holes in this theory, but it ought to be obvious to anyone by now that the current situation is unsustainable.
Eventually, with ever growing malware definition files, we'll end up with systems more crippled by the resources needed to protect our computers than we would if we let the odd virus in. It's obviously not working, if it was then every time a new worm appears we wouldn't be caught short like we currently are.
Anyone interested in messing with others needs to study JAVA, ActiveX, DCOM, JET, yada, yada. They don't even really need to know how to use them, they need to know how to abuse them. I know relatively nothing about JAVA, yet I can crash your browser and sometimes your OS using code that makes no sense to anyone including myself.
Unless a computer which is not on a local network is barred from running any code other than HTML your pissing in the wind. Oh' what a wonderfull world that would be. Hell, this site doesn't work unless you allow potentially harmful code to run. I have to add it to my trusted sites then allow it access through my firewall, all the while trusting people I don't know and have never met.