Blacklisting vs Whitelisting

Posted July 22, 2016 by David Redekop to Blacklist Whitelist


In the context of web resources to allow or block, the traditional approach has been to block the bad. That’s blacklisting. It is the ideology of allow everything, block some.

Whitelisting, on the other hand is the opposite ideology: block everything, allow some.

This infographic is not controversial in nature, but there are legitimate reasons why whitelisting has not gained traction. However, let’s examine a few real-life examples where the trend towards whitelisting is succeeding.

iOS AppStore
While criticism over a curated AppStore has never stopped, the end result is undeniably a safer mobile app ecosystem for the normal user.

Microsoft AppLocker
From Microsoft directly:

“AppLocker contains new capabilities and extensions that allow you to create rules to allow or deny applications from running based on unique identities of files and to specify which users or groups can run those applications.”

Essentially, this is an accepted and recommended solution that whitelists executable applications in business versions of Windows, and many systems administrators literally use this approach insted of anti-virus protection, with great success!

It is only logical that DNS-based whitelisting for Internet-based resources would also be filtered using a whitelist method. It has not been widely deployed in the past due to the onboarding effort. This is where DNSthingy helps with the whitelist ecosystem including DNSthingy Whitelist Assistant Google Chrome Extension, real-time logging visibility, Whitelist Subscriptions (for sites with dependencies such as YouTube, Google, Facebook, etc.), learning mode for businesses who deploy in passive mode for 60-90 days in order to gain an organic whitelist suitable for their own enterprise.

So if you’ve wanted to give whitelisting a try, now there’s a simple and free way to try it out!