Hacker News new | past | comments | ask | show | jobs | submit login

By "white-list" I mean to include code-signing, which has been shown not to impede much of anything, honestly.

OS X's half-white-list mode of refusing to run unsigned code unless you invoke it from the right-click menu seems to be incredibly effective.

Between code-signing and sand-boxing, I see virus scanners as failed legacies of the past. They have stopped little, and cost everyone greatly.




https://github.com/google/santa seems like it takes this approach. Gives an enterprise the ability to decide which signed certs it wants to trust and then block everything else unless it gets vetted.


Unfortunately there are literally websites that will sign any file you upload using certificates they stole. It's not a great approach.


Cryptographic solutions aren't Majickal Pixyie Duste. They can however, within a social and adminstrative context, help tremendously in assuring proper results.

An independent authority (or authorities) of trusted (and untrusted) signing certificates.

In a word: reputation.


And presumably those certificates are revoked, or will be revoked soon.

Nothing is 100% accurate in security. But code-signing is still far more protective than virus scanners. Given evading a virus scanner and evading code-signing, one of these is far easier than the other.


> And presumably those certificates are revoked, or will be revoked soon.

The way code signing works means this doesn't matter. So long as the certificate wasn't revoked when the file was signed, the signature will be indefinitely valid.

Ignoring the fact good AVs are difficult to evade because of things like behavior blocking and heuristics, you also won't be able to protect yourself against adware, because they are borderline legal and are almost always signed.


Of course code signing could allow revocation, not sure what you mean by it not being done currently.

Antivirus doesn't stop adware either, does it? If you're going to start disallowing certain software it's going to be far easier to do it based on certificates than it will be on heuristics.


Doing revocation checks on every executable whenever it's launched would introduce non-trivial latency with starting applications and a _lot_ of load on revocation servers. It probably wouldn't be feasible.

And yes, AVs stop adware ("potentially unwanted programs") unless you tell them not to.


Not sure why you'd check revocation servers on every launch... Check when launched the first time, and then the system checks for new revocations periodically; let's say as frequently as AV software checks for definition updates.

As for adware, if AV can stop it, code-signing methods can do it more efficiently and cheaper.




Consider applying for YC's Summer 2025 batch! Applications are open till May 13

Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: