Whitelisting is blocking everything by default while allowing only authorized entities access. A good example of whitelisting are the doors in your home with locks intended to keep everyone out except the few who have keys.
Blacklisting is allowing everyone in except a few bad guys you want to keep out. A museum is a good example of blacklisting, where you need to allow the public access but want to keep out the one who tried to steal Einstein’s brain.
In the past, the computing community has gotten the whitelisting and blacklisting wrong on several occasions, firewalls is one example. I remember the days when firewall rules were setup as blacklisting, I assume this was a bleed over of the host file we used to use. The host file was and still is a simple text file that the operating system would check before you visited a website. If the website was listed in the host file the operating system would go where the host file point to regardless of where the actual site is. After some time we learned that whitelisting was a better solution for implementing firewall rules.
Knowing when to use blacklisting or whitelisting is based on whether the input or access requires near all possibilities. If everyone needs access or the input needs to be vast then blacklist, otherwise whitelist. A web server needs to be blacklisted to allow people to see the site, and you can do some major blacklisting depending on the situation. For example, a company running a retail website that only delivers in the United States can have added security by blocking all the IP address from China.
The home desktop or laptop is a great example of when to whitelist. Signature based antivirus is a blacklisting approach when whitelisting would be a more effective solution. Unfortunately antivirus software is a much easier to build compared to whitelisting applications. Plus, antivirus has the profitable business trait of keeping you coming back for more by charging you for updates, while whitelisting applications is an almost final solution.
All in all, when it comes to a decision of when to whitelist or blacklist, don’t be sold a bill of goods for a solution that isn't effective. Remember, if the general public needs access blacklist, otherwise whitelist. Whitelisting is usually more difficult to implement and maintain but is much more secure hence, “Security comes with a cost of convenience and or resources.”
______________________________________________________________________
Thanks for reading my post. You can find me at any the links below.
No comments:
Post a Comment