HideTechdirt is off for the long weekend! We'll be back with our regular posts tomorrow.
HideTechdirt is off for the long weekend! We'll be back with our regular posts tomorrow.

Security Experts Hope To Write Eulogy For Blacklists

from the black-death dept

Blacklists have always been a significant tool in the security industry's anti-malware arsenal. For years, the basic anti-virus model was simply to maintain a list of known viruses (and their permutations) and match any potential virus against that list. As malware started to proliferate and vary wildly, security firms have augmented this approach with other techniques, though the basic blacklist still remains. Blacklists are also used to protect against spam and identify websites that may be hostile. But just as the model has come to be inadequate in the traditional anti-virus space, so too is it seen as deficient for other purposes. Among the complaints about blacklists include the fact they're easy to accidentally fall into, while easily gamed by those looking to get off them. Essentially, blacklists are a blunt weapon unsuitable for the complexity of good security systems. Just ask the customers of Verizon, who at times have had all of their foreign email blocked, because the company's overly aggressive anti-spam software. Interestingly, one major user of blacklists is Google, which uses them to warn users about potentially malicious sites that they may encounter through searches. Seeing as the company is ramping up its security business, it will be worth watching whether it continues to push blacklists, or if it seeks out more sophisticated mechanisms for discerning what's legitimate online.

Filed Under: blacklists, security, spam


Reader Comments

Subscribe: RSS

View by: Time | Thread


  1. identicon
    James W., 10 Jul 2007 @ 3:24pm

    Nothing new being said

    For the last 4 years, I've had to deal with blacklists of various sizes and scopes and a number of them are slowly becoming havens for false positives. This is becoming increasingly more true -- and visible -- in the realm of spam blacklists.

    I've written about this for a few months now, especially about those boneheads at Verizon, and I've been watching this territory slip further into the hands of spammers and admins are losing out because of laziness and blacklists based around unethical purposes.

Add Your Comment

Have a Techdirt Account? Sign in now. Want one? Register here



Subscribe to the Techdirt Daily newsletter




Comment Options:

  • Use markdown. Use plain text.
  • Remember name/email/url (set a cookie)

Follow Techdirt
Techdirt Gear
Shop Now: I Invented Email
Advertisement
Report this ad  |  Hide Techdirt ads
Essential Reading
Techdirt Deals
Report this ad  |  Hide Techdirt ads
Techdirt Insider Chat
Advertisement
Report this ad  |  Hide Techdirt ads
Recent Stories
Advertisement
Report this ad  |  Hide Techdirt ads

Close

Email This

This feature is only available to registered users. Register or sign in to use it.