Sid Stamm <s...@mozilla.com> wrote: > On 06/09/2012 12:42 AM, da...@illsley.org wrote: >> Sid Stamm <sst...@mozilla.com> wrote: >>> * List Size: roughly 300 domains and 100 app signers in whitelist (small) >>> * Average Chrome users download about 2 binaries per day. >>> * ~ 8% of files downloaded by users are executables (and subject to this >>> new system) >>> * ~ 65% of those executables are whitelist hits and cause no prompt or >>> ping to Google (with URL of binary) >>> * Roughly 5.2% of a user's downloads result in a URL being sent to >>> Google's servers. >> >> The obvious first question is that if the list is so small, why not >> download updates to it daily and do the check locally? > > As far as I know, and someone from Google should confirm this, the list > is updated daily and checked locally, but there are still some whitelist > misses (5.2% of downloads).
Sorry if I'm asking silly questions... but to clarify... 1. What is a 'whitelist miss'? When the user is given today's behaviour? 2. What can cause a whitelist miss that is correctable by an on-line service? Is it just freshness? Is there essentially 6% daily churn in the list? Cheers, David _______________________________________________ dev-security mailing list dev-security@lists.mozilla.org https://lists.mozilla.org/listinfo/dev-security
