2

Blocklist threshold setting to avoid false positives

Just got an idea... To avoid false positives even further a way could be to let the user have a setting under "Privacy" to select how many blocklists a domain must be included in before it's blocked.

  • If the setting is "1" everything works like today and the domain is blocked immediately.
  • If the setting is "2" (or higher) the domain have to be present in two (or more) different blocklists before it's blocked.

Say a single list blocks "onedrive.live.com" by mistake (has happened) the domain won't be blocked for users that have selected 2 (or higher). This way you can also go a bit more aggresive in selecting blocklists since it has to be confirmed by another list.

Got the idea from a firewall-solution I saw using about 30 threat intelligence feeds and you select how many sources an IP-address had to be present in before blockling to avoid false positives.

Reply Oldest first
  • Oldest first
  • Newest first
  • Active threads
  • Popular
Like2 Follow
  • 2 Likes
  • 1 mth agoLast active
  • 30Views
  • 2 Following