A New Way of Monitoring Malware

?

?

Editor's Note: The following commentary was found on TechDirt. We would like to add that we know of two more proactive approaches to detecting spyware that are currently being developed in the lab, but because we are under nondisclosure agreements, we can't write about them on the site. Suffice it to say, there are some very promising technologies on the horizon.

For years we've been discussing how traditional methods used by antivirus and antispyware products are often too reactive. The firms wait for someone to complain or send in an example of a problem. This often leads to calls for behavioral based solutions that look for certain behaviors that are likely to come from malicious files -- though that certainly risks lots of false positives if legitimate systems use similar behavior (already this can be seen with some firewall products, which constantly pop up warnings -- almost all of which users ignore, because so many are false positives). However, it appears that one firm is trying to take a different form of proactive approach. alarm:clock writes about SiteAdvisor that appears to try to proactively visit lots of sites and download all sorts of products while while putting together a large database of what those sites and products do, so that anyone can check to get a sense of how safe a site or software download really is. It's an interesting approach if they can really cover enough sites and downloads, while still getting people to actually look at their info (and, of course, not getting the data wrong).

Source: TechDirt