RSS Alerts

Share

More services

Related Links

Related Stories

  • McAfee acquires Solidcore for whitelisting technology
    McAfee will acquire Solidcore Systems, a whitelisting specialist, in a US$33m deal which will allow McAfee to integrate Solidcore's technology into its blacklisting malware detection and prevention products, as well as to bolster its high-end corporate IT security offerings.
  • RSA: Lumension and Microsoft ink whitelisting deal
    Endpoint security company Lumension teamed up with Microsoft at the RSA show to launch a software whitelisting service. The move, which sees the companies sharing information about legitimate software applications, lends increasing credence to the idea that blacklisting malicious software by signature is becoming less tenable as the number of malware variants increases.
  • US standards drive Canadian information security
    An absence of legislation and the presence of the laissez-faire attitude has resulted in Canada being rather lax when it comes to information security compliance. Robin Arnfield looks at how US standards are driving the Canadian information security marketplace
  • Spotlight on Cloud Computing: Keeping Tabs on Your Data’s Address
    Location, location, location. It’s a slogan that has deep meaning for the real estate market, but it also maintains significant relevance to the regulatory and compliance risks associated with cloud computing in the era of globalization. Stephen Pritchard investigates
  • From the Eye of the Storm: 2011 Information Security Predictions
    Last January, Infosecurity magazine published prognostications by the (ISC)² Advisory Board of the Americas (ABA) regarding the information security field in 2010. Unlike many who have attempted to envision the future, the ABA has gone back and reviewed the accuracy of its predictions and provided a letter grade for each. The ABA will then offer new predictions for 2011.

Top 5 Stories

News

Software and application evaluator WhatApp nears public release

28 January 2010

This spring, a project under development to help assess the security and privacy of software applications will go public. WhatApp, an online resource where experts and the public alike can rate applications based on how well-behaved they are, will help consumers to exercise their privacy rights, said its project manager.

The WhatApp service is being proposed as a Consumer Reports-style resource for software. Developed by the Center for Internet and Society at Stanford, it will cover downloadable desktop software, in addition to software for mobile phones, and online applications for social services such as Facebook and Friendster.

"It focuses specifically on privacy, security, and openness," said Ryan Calo, project manager for the service. "Experts will be able to rate and review applications, so that individuals can get greater information about things before they download them, and make comparisons."

WhatApp will be based around 'application detail pages' that provide a mixture of news stories, Wiki entries, and other, user-contributed notes. It uses a mixture of manual ratings and written reviews. There will also be an automated news feed that grabs related news on a software application from Google News. It alerts users to any stories that relate to the privacy and security of that application.

"In addition to this, there are developer's notes, which is where the developer gets to brag about anything good that they've done with the application related to security and privacy," Calo added.

The service will include a quantitative rating badge using three measures – privacy, security, and openess – with a rating from 1 to 5. The ratings are based on questionnaires submitted to experts. "We won't vet experts tremendously heavily, because we think that ultimately, users will help to identify them, and experts will also have to prove their expertise." Mirroring other user-generated content sites such as Wikipedia, the project is relying on community policing to get rid of trolls, dilettantes and other outliers.

The project is similar to StopBadware.org, a project recently spun off from the Harvard Berkman Center for Internet and Society, but it tackles a slightly different base of products. StopBadware targets software that is explicitly badly behaved, whereas WhatApp will be more subtle.

"We're trying to tackle that mid market between combating outright malware, and the market for ordinary likeability and useability of products. We think there's a market in between for privacy and security," concluded Calo.

This article is featured in:
Application Security • Internet and Network Security

 

Comment on this article

You must be registered and logged in to leave a comment about this article.

Terms & Conditions |Privacy |Website Design|Reed Exhibitions. All rights reserved. Copyright © 2012