I received a link that led me to Program Killer via a listserv I subscribe to. I'd like to say I'm very intruged with Program Killer. It looks very good.
After reading some material about Program Killer I was wondering wouldn't it be conceptually easier to go the reverse route.
Instead of having a black list of programs that are blocked. Wouldn't it be simpler to have a white list of programs that are allowed?
Off hand I can think of 100+ things to block. Not to mention that with spyware/malware/virus's and that sort of stuff it's hard to keep a black list constantly up to date.
Whereas going in reverse there's a list of maybe 40 or so things to allow and that is it.
A thought anyway.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
Well, with the way I rigged program killer to operate (find a blacklisted item in the tasklist, and terminate it), on the whitelist, you'd also need to include all the background Windows services, like svchost or lsass, anti-virus services. etc. Even though some of those are impervious to a TerminateProcess() call, it's better to be safe than sorry.
In truth though, Program Killer's been superseded by far better maintained products, such as Faronic's "Anti-Executable", which employs a whitelist-based approach, and I'll imagine, excludes services somehow. If it's a whitelist solution you're looking for, I'd check them out.
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
I received a link that led me to Program Killer via a listserv I subscribe to. I'd like to say I'm very intruged with Program Killer. It looks very good.
After reading some material about Program Killer I was wondering wouldn't it be conceptually easier to go the reverse route.
Instead of having a black list of programs that are blocked. Wouldn't it be simpler to have a white list of programs that are allowed?
Off hand I can think of 100+ things to block. Not to mention that with spyware/malware/virus's and that sort of stuff it's hard to keep a black list constantly up to date.
Whereas going in reverse there's a list of maybe 40 or so things to allow and that is it.
A thought anyway.
Well, with the way I rigged program killer to operate (find a blacklisted item in the tasklist, and terminate it), on the whitelist, you'd also need to include all the background Windows services, like svchost or lsass, anti-virus services. etc. Even though some of those are impervious to a TerminateProcess() call, it's better to be safe than sorry.
In truth though, Program Killer's been superseded by far better maintained products, such as Faronic's "Anti-Executable", which employs a whitelist-based approach, and I'll imagine, excludes services somehow. If it's a whitelist solution you're looking for, I'd check them out.