During my stay on the SpicyLemon stand on InfoSecurity 2010 in The Netherlands I was asked if we also had a solution that provided whitelisting for the full OS as a security solution, or if this would be something for the future.
I have thought about this kind of security before, but I could never imagine myself using this on my systems as it limits what I want to do. Even if I get the option to "Allow" certain changes to my frozen system, it will kinda beat the whole point of whitelisting since the user is often the problem to begin with.
Maybe this is something for server systems, that do not have a user poking around all the time, but even then, Windows systems will still require updates, so this needs to be allowed on those systems aswell.
I doubt we will see this technology widely used over the next few years as it is too limiting. It might be an addition to the current AV products, and used on servers as an extra layer of security, but it will not replace the current solutions.
Geen opmerkingen:
Een reactie posten