And that is what I mean with a Wall or Breakthrough future...
It may be that heuristics grinds to a halt, unable to keep up, so providing only a temporary reprieve.
It may also be that heuristics will have a breakthrough (potentially when all OSes are virtualized and the heuristics is being run from outside it, straight from the bare metal) so that all present forms of malware will die out.
What if heuristics is sometime able to pull info on the latest weaknesses in our software and hardware and then add all those exploits to its blacklist? What if heuristics will sometime be able to detect, say, a buffer overflow or remote code execution as it happens and kill the apps involved (automatically filing a report with relevant parties in the process)?
What if heuristics will someday be able to communicate through the cloud to the software manufacturers about its concerns? Developers will hear "There is a concern that PART X of your application is executed in an unsafe way, please consider changing it".
All sorts of things can be created.
The problem with whitelists is that unless they include hashes and checksums (which they could, even automatically updating them [but that opens a new weakness]), it's not so hard to guess what applications an organization relies on (even if one can't just ask an employee - which one usually can).
So there's no chance of whitelisting providing a breakthrough, and the possibility of whitelisting hitting a wall is just as huge as that of heuristics (conceptually).
