I just read an interesting story on the cbc technology section about a white list approach to computer security.

Who is going to maintain this “white list”? Is there already a consortium of application vendors that have agreed on this “white list”?

If this gains traction there are some interesting technology and business issues that need to be solved. Overall, interesting times ahead for security software industry.