Symantec is seeking to add another layer of protection
to their security profile, with the introduction of a software “reputation” system. The new system would be able to rate different programs based upon their reputation, using techniques that can supposedly identify whether a program is malicious or safe.
The idea is to use a system of cataloging, which looks at the profile of programs on the computers of Symantec's customers, categorizing the “reputation” of the machines and then deciding whether a program on any particular computer is risky or not. That way, the more people that use a program, the more likely it is to be designated as “safe.” Symantec plans on classifying their user base, from very safe to dangerous, and using that information to help them create profiles of different programs.
There are obvious flaws to point out in such a system. Many people use programs that are relatively rare, and often people that have machines with constant virus or spyware infections will use very popular programs. Overall, though, Symantec believes that computers they identify as “unsafe” are more likely to have “unsafe” programs on them.
This is definitely an interesting idea. There are many ways it could go horribly wrong, so I look forward to seeing how Symantec plans on implementing it and how successful they are.