How Good Is The Whitelist.....?

Tony Cole

Tony Cole

Level 27
Thread author
Verified
May 11, 2014
1,639
Comodo would have us believe that their whitelist is the best, but other security software i.e., Kaspersky also use whitelist technologies. So, which is better (if any) and why?

I would go with Kaspersky as they have a huge KSN community, plus the money/resources to analysis software within minutes, or even seconds.
 
  • Like
Reactions: Terry Ganzi
S

Striker

Level 7
Verified
Mar 27, 2013
327
@Huracan


Hardened Mode: Aggressive
This mode behaves a bit differently. It actually relies on analysis on a very small scale and mostly relies on a huge whitelist database located in avast! Cloud. If file is located within the cloud and flagged as safe, it will allow to run it. If it's not found or marked as bad, it will block it. So, at least based on my experience, Aggressive Mode is actually much more secure and also a lot less intrusive. Only time that it will cause problems is with some very rare old software or very very new software that isn't used by thousands of users. Usually some very specialized programs used by only few users.
Moderate mode often feels a bit too paranoid (despite its name) because it often blocks safe programs just because they exhibit local suspicious file characteristics that are basically ignored by the Aggressive mode.


Seems that they have a own whitelist in the cloud
 
  • Like
Reactions: Ink
Littlebits

Littlebits

Retired Staff
May 3, 2011
3,893
Whitelists can be very helpful to determine if a file is safe or malicious but no matter how large the whitelists are they can not include every single trusted file. We all should know that malicious files are released into the wild every minute but about 100 times the amount are safe files (new products, updated versions, etc.).

Another thing to consider, most whitelists include many ad-sponsor products, toolbars, scam products, many other products by shady vendors, etc. Think of it this way, security software vendors must advertise their products to in order to sale them or get a large user base, do you really think they want to detect their advertising partners?

Whitelists should never solely be trusted, just because a file is found to be safe or malicious doesn't mean that it really is.
Most open-source products without digital certificates are usually flagged as false positives at the same time you can get the Ask Toolbar which gets the green light from most security software vendors.

Enjoy!! :D
 
  • Like
Reactions: King Alpha, Malware1 and Terry Ganzi
You must log in or register to reply here.

Similar threads

JoeN
    • Like
New Update AdBlocker Ultimate MV3 Chrome extension
Replies
28
Views
4,351
Web Extensions
JoeN
JoeN
vitao
    • Like
    • Applause
Kaspersky Antivirus Free + Comodo Firewall Test Against 100 New Malwares (10/2024)
Replies
5
Views
1,002
Comodo
vitao
vitao
R
Serious Discussion How was my "5G on-the-go hotspot" network device hacked?
Replies
18
Views
954
General Security Discussions
Victor M
Victor M

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top