Tag Archives: application blocking ISPs Sony Microsoft whitelist blacklist

Application Blocking: Whitelists Worse than Blacklists

Occasionally I’ve argued that it would be good if ISPs blocked badly configured computers. By that I meant blacklisting computers that were especially badly configured, having well-known security holes or actively spewing actual malware.

Even that has problems. Already, ISPs are hair-trigger to block anything that looks like it might be doing a port scan, even though it turns out port scans do not correlate with exploits (see later post). Regular traceroutes to your friends’ locations could get you tossed off. Others will block if your outgoing packet rate goes above some arbitrary minimum. So much for your fast-paced game.

White listing of only acceptable applications would be even worse.

Vendors call them by different names, but all use an agent on the client to verify its configuration. If the agent reports software (or in more advanced versions, hardware) that isn’t on a white list, access is denied.
Will ISPs Quarantine You From the lnternet? Microsoft is against ISPs doing anything that would restrict customers’ right to run insecure software. By Andy Dornan 1 Jan 2006, 12:00 AM ET

I’d like to believe that won’t happen, but given the way some ISPs already run turnkey software that springs bogus traps such as I already mentioned,  I can’t say it won’t.

Continue reading