Symantec adds "whitelising" to Norton 2009

Symantec has adopted whitelising techniques in an effort to dramatically improve the performance of its upcoming Norton 2009 security suite, according to the company's vice president of consumer engineering, Rowan Trollope. Trollope admitted that poor performance was the main reason Norton Internet Security customers abandoned previous versions of the product. In the next version, he […]

Symantec has adopted whitelising techniques in an effort to dramatically improve the performance of its upcoming Norton 2009 security suite, according to the company's vice president of consumer engineering, Rowan Trollope.

Trollope admitted that poor performance was the main reason Norton Internet Security customers abandoned previous versions of the product. In the next version, he explained, a "whitelisting approach" significantly reduced the amount of time scanning files that are known to be safe.

"It does use whitelisting as an approach, but it really focuses on the performance gains we can get by not having to scan things on the whitelist," he said.

The concept of using whitelisting in security is nothing new. Whitelists, for example, are used by airlines to determine whether a passenger can board. If you have a boarding pass, you're allowed to take a seat but if you don't, you're not. A blacklist, commonly used in signature-based antivirus, works the opposite way by creating a list of unwanted files, such as known malware, to prevent entry.

Full Article