That is false, and not how whitelisting works. Imagine it like this, Antivirus is a list of things you can't do and Whitelisting is a list of things you can do.
-
This Tweet is unavailable.
-
This Tweet is unavailable.
-
This Tweet is unavailable.
-
This Tweet is unavailable.
-
-
Replying to @da_667 @infosecspy and
I think you're confused about whitelisting. I think you're doing this: Step 1. Find a "built-in" that lets you do what you want. Step 2. ??? Step 3. Arbitrary code execution.
1 reply 0 retweets 1 like -
Replying to @da_667 @infosecspy and
I'm seriously asking you to explain, you're saying I'm dancing around it and I'm genuinely trying to respond. I don't understand the attack you're saying invalidates whitelisting. Any attack involving "OS built-ins", requires unauthorized access first, right?
2 replies 0 retweets 0 likes
I get that you want auditing, but whitelisting can (and does) do that too without all the baggage.
8:31 AM - 15 Nov 2018
0 replies
0 retweets
0 likes
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.