Agreed, many techie's systems change on a daily basis, whitelisting may be an issue at that point. But the average casual user is checking email, facebook etc it's perfect for that type of user. Whitelisting is definitely a challenge to implement but I would far rather work towards a smooth whitelisting solution than working with any other security model, there's just too many ways around them/flaws. Also, we really try to stray away from being the decision maker when it comes to "trusted" software. I wouldn't trust a vendor that decides to be the whitelisting czar. If and when they start making mistakes whitelisting apps, it would defeat the benefits of whitelisting in the first place. Just my opinion.