I wonder why some people is so much shocked by what Cisco's Chief Security Officer John Stewart publicly stated two days ago:
If patching and antivirus is where I spend my money, and I'm still getting infected and I still have to clean up computers and I still need to reload them and still have to recover the user's data and I still have to reinstall it, the entire cost equation of that is a waste.
It's completely wasted money.
I'm sick of blacklisted stuff. I've got to go for whitelisted stuff — I know what that is because I put it there.
Needless to say, antivirus vendors are violently shaking their heads, and Cisco is not exactly super-partes, since it partially competes on the same enterprise security budgets. Also, I wouldn't go so far as saying that you shouldn't be patching your buggy software, or that a free antivirus scanner can't help preventing your mum from getting caught by opening that apparently innocuous PDF attachment, or that the new Firefox 3 anti-malware features are not be greeted as godsend...
But this pretty logical if not just obvious concept is not new at all, even if kept in the dark as a dirty secret -- maybe because you can't build a long-term subcription-based business model around it?
And you can't tell I'm a last-minute convert :)
May 27th, 2008 at 12:19 am
It is an idea as old as the hills, Microsoft even allows you to do it in group or local policy.
Maybe we could start a subscription service to our whitelist, then create a tray icon to do the updates, and just put it in to local policy, then charge 10% less than the cheaper av and call it preventative av...
Also the CAPTCHA you have is almost to hard to use, and requires allowing a load of sites in NoScript.
May 28th, 2008 at 6:18 pm
[...] day: since he likes to feature generous portions of source code extracted from infected sites, a signature-based engine like AVG have no choice but going [...]
July 6th, 2008 at 7:50 pm
[...] like expecting anti-virus vendors to push technologies and approaches making our information systems really safer, or Microsoft to promote open (web) [...]