Ellen Messmer's article in PCWorld discusses how analysts are have been saying that signature-based checking, which is the principle of our personal anti-virus software, can no longer keep up with the new flood of viruses. That users should
adopt newer approaches, such as whitelisting or behavior-blocking, that only allows authorized applications to run. Whitelisting products are currently available from SecureWave, Bit9, Savant, AppSense and CA. The article continues on to say antivirus labs get more samples than
they can handle on a daily basis, and that they basically single out the "big fish," trying to stop the more severe viruses. At the same time, others believe antivirus is worthwhile and not going anywhere. While antivirus programs have been compared to a "shield with holes in it," it certainly wouldn't hurt for the user to be able to decide 'which bullets are allowed to be shot at the shield.' I think the real future is going to be a balance of both. I've already noticed my personal antivirus program prompting me to grant unknown programs access to run an operation on my computer. While I usually know why a program would need to execute, I don't know all the programs out there, so I will certainly not be uninstalling my signature-based checking software.
Cited:
Messmer, E. (2007). Is Desktop Antivirus Dead? PCWorld. Retrieved from http://www.pcworld.com/article/130455/is_desktop_antivirus_dead.html
No comments:
Post a Comment