Security News > 2021 > March > Would you let users vouch for unknown software's safety with an upvote? Google does

POLL Google has revealed that its internal anti-malware tools include a "Social voting" scheme that lets staff vouch for code they want to install won't do any damage.

The ad and search giant's rationale is that blocking all unknown software works but may limit productivity, while blocking only known unsafe software requires a lot of vetting.

"The obvious difficulty is that the more freedom you want to allow over the software your workforce can install outside your pre-vetted software, the more unmanageable the policy becomes," wrote Max Saltonstall, a developer advocate at Google Cloud.

"When a user tries to run an unknown binary Santa-running in 'lockdown' mode, allowing only allowed software to run-blocks the binary and Upvote allows the user to vote to allow it, surfacing a VirusTotal analysis so that they can make an informed decision."

"This threshold is the first of two thresholds-a 'local' one and a 'global' one-that Upvote enforces. Voting continues even after the local threshold has been reached and anyone else who wants to run the software will still need to vote to allow it before they can run it. The voting stops only when the higher global threshold is reached, and only then is the software allowed for all users. You set the levels for these thresholds."

Admins can also approve software in advance, so that users can run it without voting.

News URL

https://go.theregister.com/feed/www.theregister.com/2021/03/04/google_malware_upvote/