[guardian-dev] Whats better than antivirus? Whitelisting!
Jacob Appelbaum
jacob at appelbaum.net
Wed Apr 17 13:57:12 EDT 2013
Cooper Quintin:
> Apparently McAfee is releasing some kernel level app whitelisting thing
> for Android devices. Has anyone heard anything about this yet? It
> seems like a really, really good idea, I only wish that McAfee weren't
> the ones doing it. What are the potential problems with something like
> this, other than placing one's trust in McAfee? Has anyone used it yet?
> Any thoughts on how difficult it would be to make an open source
> version of this?
>
Hi Cooper,
I think such a technique is generally interesting - we already have such
a list in theory - it is every binary with the executable bit set, right? :)
I'd love to see the implementation as I was just thinking about how to
write such a hook in user/kernel space to stop phising, redirect
specific downloads to a secure download (eg: bazaar, thandy, bittorrent)
and so on...
Do you have a link?
As a side note: I find it really fascinating that racist and sexist
language is adopted by the security community all of the time.
All the best,
Jacob
More information about the Guardian-dev
mailing list