Sign in to follow this  
spywar

Whitelisting

Recommended Posts

Hi,

 

AFAIK, Mamutu uses a whitelist to prevent alert on safe files which is great. Looking at the changelogs, I can see that whitelist is updated many times per week at least. I just would like to know if when you whitelist an unsigned software, then this same software gets updated..Does it become "unknown" ?

 

I ask this because this is what's happening with Comodo, they whitelist unsigned soft with SHA1 value, once app is updated, it becomes unknown again and again .. Of course adding a vendor to TVL is better for Comodo than whitelisting an app that will become unknown few days/week later. 

 

Thanks to everyone to reply...

Share this post


Link to post
Share on other sites

Got response : They whitelist by using SHA1 value, it's the more secure way. No problem, I have never got any alerts on safe apps.

Share this post


Link to post
Share on other sites

When a new version of an application is released, then it won't have the same SHA1 hash, and thus would not be recognized as safe. As people allow or block the updated file, that will be reflected on our Cloud system for Mamutu, and once a large enough number of people have selected to either block or allow it, then an automatic decision will be made (unless you tweak to settings in Mamutu to prevent that).

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.