PC Advisor investigates the dangers of blocking all unknown applications.

Community-based security

Symantec says it's looking at one possible solution, which is to bring in its community, where it checks to see if other Norton users have a given program installed. The company reasons that if, say, a hundred thousand people are running a particular app, with no reports to Symantec that it's a threat, then it's likely safe.

Nachenberg says the company is experimenting with this kind of reputation-based system to add to its products over the next few years.

And then there's the big question: who maintains the list? If every antivirus company maintains its own, as Symantec says it wants to, small developers would have to submit their cool new downloads to at least five different organisations – and gain approval from all of them. But an alternative to that prospect is a central list available to everyone, maintained by the government or a neutral, open organisation.

"I think a centralised whitelist would be beneficial to everyone," says Kevin Beaver, an independent security consultant with Principle Logic who has written a number of books on computer safety.

"The problem is," he adds, "politics will likely get in the way of anything productive, especially when the big antimalware players want to maintain control. I think we'll see something like [a centralised whitelist] within the next few years, but this can't be pulled together overnight."

NEXT PAGE: Free downloads > >

  1. Are whitelists friend or foe? Keeping tabs on malware
  2. Are whitelists friend or foe? Community-based security
  3. Are whitelists friend or foe? Free downloads
  4. Are whitelists friend or foe? Dedicated whitelisting services

Visit Security Advisor for the latest internet threat news, FREE net threat email newsletters, and internet security product reviews