• 0 Posts
  • 8 Comments
Joined 9 months ago
cake
Cake day: April 3rd, 2024

help-circle



  • A whitelisting application has a list of what it knows it bad AND what it knows in advance to be good.

    How would it know this? Is this defined by a person/people? If so, that wouldn’t have mattered. liblzma was known in advance to be good, then the malicious update was added, and people still presumed that it was good.

    This wasn’t a case of some random package/program wreaking havoc. It was trusted malicious code.

    Also, you’re asking for an antivirus that uploads and uses a sandbox to analyze ALL packages. Good luck with that. (AVs would probably have a hard time detecting malicious build actions, anyways).