Author Topic: Which files (executables) are started into the AutoSandbox  (Read 10951 times)

0 Members and 1 Guest are viewing this topic.

doktornotor

  • Guest
Re: Which files (executables) are started into the AutoSandbox
« Reply #30 on: March 03, 2011, 09:10:09 PM »
whitelist will avoid lots of FPs when updating heuristic (even with having it in highest level) and will avoid Auto-Sandbox alerts for harmless files and many other example, I don't know what will be 'inconveniences' by having a small database of common clean files...

Small? You'll get never-ending requests to get something whitelisted. You have to keep up with program updates. The are tons of Windows applications out there. In the end, you end up with huge database that slows this down horribly. You can go the other way round as well and whitelist the files based on their digital signatures. Most likely that will become useless in the same way the Comodo whitelist failed and actually became a vulnerability in CIS itself instead, after getting vendors of various questionable or straight out malicious software whitelisted.

Offline Lisandro

  • Avast team
  • Certainly Bot
  • *
  • Posts: 67274
Re: Which files (executables) are started into the AutoSandbox
« Reply #31 on: March 04, 2011, 02:36:30 AM »
I don't know what will be 'inconveniences' by having a small database of common clean files...
If it is a really withelist, it won't be small.
If it is small, why would we have one.
Vlk's thoughts: http://forum.avast.com/index.php?topic=64382.msg546016#msg546016
The best things in life are free.