Monoculture
-
Monoculture
When I worked at JD Edwards, we preached standardization. With a strong centralized IT group, we were able to enforce standards and maintain a high degree of conformity throughout the company, which led to easy patches being deployed. Of course when a vulnerability was exploited, which in the late 90s and early part of this century, was way too often, it spread rapidly throughout the company. Fortunately we had a great response team and could quickly get things fixed.
Later when Oracle took over Peoplesoft and JD Edwards, they managed IT in a much different way. They were very decentralized, almost chaotic, in how the various servers, desktops, and security permissions were managed. As a result it was not terribly easy to patch for any one group although individuals could apply patches as needed. However attacks did not spread quickly due to this heterogenous environment.
So which is better? I'm still not sure. Both have their pluses and minuses and both seem to work well. However, a number of security experts, including Dan Geer, still blame the Microsoft monoculture for security issues on the Internet. As Windows moves into more spaces, cell phones, embedded devices, etc., the possibility of a single worm or virus disabling a large part of the world remains possible.
I know why we don't use more heterogenous systems and it's pointed out by Bruce Schneier in the article. It's cheaper to use a monoculture.
I'm not sure if it's better to have a diverse set of systems. Maybe we could have a diverse set of Windows systems, with different configurations for different purposes. Maybe we should have more firewalls and routers to better manage the potential attack vectors and quickly seal off infected areas.
Or maybe Microsoft should adopt more of the best practices for security, even at the risk of breaking older software.
Steve Jones
BTW, anyone recognize the image above?
-
I thought it was that commercial. I remember seeing it on TV, didn't think much of it at the time...
Anyways, notice how nature seems to prefer the scattershot diversity? I think it's because it handles the unexpected much better, even though it is more expensive in the normal mode of things.
It all goes to what you want to optimize for, like everything else in life.
-
It's all about money. If the system thinks that monoculture is cheaper in the lifetime of the people (i.e. how long they are responsible for their immediate situation) that run the monoculture it will stay a monoculture. Until there is some catastrophic event that calls into question the monoculture (and a little multi-million dollar lost productivity virus will not be this event since it is only a blip and not a cessation of productivity) it will continue because it is deemed as more efficient and economical.
-
I saw a movie that explain the reason of this commercial campaign in a few weeks ago at University as part of Information Techonology Strategy discipline.
-
It seems to me that we are blaming Microsoft for being successful. A bit like some folks that blame the western cultures for the terrorists extremists.
And they may have a point... If we all lived in a society that was governed by religious leaders with extreme views, then perhaps the world would still be made up of tribes instead of world powers. Governments that did evolve could feel really good about killing it's rivals because it would be God's will, and if some or our own citizens didn't agree we could just kill off that part of our culture.
I think I like the way this thread is going... Just kill anyone that doesn't agree with me and the best man wins. That way instead of living in the USA where people with what I consider to be totally ridiculous views on important issues could just be eliminated instead of debating with them. Life would be so much easier...
However, extreme approaches to disagreements, don't always produce productivity and peace for those left in society. Anyone remember the USSR and their tactics for taking over a country? Kill everyone that disagrees with you and make sure anyone that comes along later with a different viewpoint is quickly eliminated. That was done for the good of the state, not done for the will of God, but the results were about the same.
Look at Iran today... Where will it be tomorrow? I've met at least one citizen of that country and he was not happy with what he was seeing. I'm no expert, but he had a few good points. Today, I see Iran thumbing it's nose at the world on serious issues. Maybe it will turn out OK for them... Maybe not...
Bottom line, we are all better off if we can learn to disagree, and still be tolerant of each others views at the end of the day. I'm still married for that very reason... She still tolerates me
And finally... I sort of disagree with the idea that we would be more secure if Microsoft did not have such a high percentage of the market. If it was a real world security fix, don't you think there would be a few shining examples of corporations that had not suffered from various hackers because they chose a different desktop and server operating system. Come on... If you exist out there... Brag about how you did this or that with a different operating system and no one can get to you
Bet we don't hear from you... -
>Just kill anyone that doesn't agree with me and the best man wins.
Welcome to Islam.
-
That was uncalled for, insulting, and part of the problem. Antonio, you need to educate yourself on the issue. You are no better than anyone else. You can't fight ignorance with MORE ignorance...
-
This is the same thing we see in biological populations. Homogeneous genetics increases the population's vulnerability to a single attack, but heterogeneous populations suffer from disagreements between individuals. It doesn't surprise me that the same thing applies in the computing world. I think a little variation is a good thing, and it's essential in backup systems. If yer backup is vulnerable to the same attacks as the main system, it's not much of a backup.
-
Easy on the religion. AFAIK, all religions are peaceful, it's some of the leaders that mess things up.
-
So is windowism a religion, or only the *nix fundies? <cower> sorry, I couldn't resist...
Personally I can't decide on the monoculture. on one hand, it's nice that everything plays nice... on the other... well, it's a pain that you're locked into such limited choices... MS: Bloated, but easy to use... *NIX: Lean, but a very steep learning curve... of course... personally... I think everything should be run on OS/400... but... I'm not sure the rest of the world is ready to go back to a green screen
-
Laugh, actually, I never had to deal with a system configured for a green background with black letters... although, I have seen it done. The up side, now I'm the AS400 sys admin, so no one else could dictate that type of stuff
but... given the lack of responses, I think we've failed to start a war
Viewing 11 posts - 1 through 10 (of 10 total)
You must be logged in to reply to this topic. Login to reply