"Anti-virus and anti-spyware technologies, which are packaged as ‘blacklist’ solutions, are gradually giving way to what security experts claim is a far more effective IT security technology based on ‘whitelist’ solutions. However, a comprehensive IT security solution would imply that vendors take care of the root cause rather than just specific problems which the lists address, they caution.
Blacklists have always been a significant tool in the security industry’s anti-malware arsenal. A blacklist, for instance, is a list of a particular entity — whether domain names, e-mail addresses or viruses — which are considered dangerous or capable of causing damage. A website, for instance, can be placed on a blacklist because it is known to be fraudulent or because it exploits browser vulnerabilities to spread spyware or other unwanted software from a user’s machine.
Common examples of traditional blacklist solutions are anti-virus and anti-spyware software. Blacklist software works by blocking known threats." – Content courtesy of Whitelisting of software is the way to go