| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
From: eballen1 at qwest.net (Bruce Ediger) Subject: Re: Funny article On Wed, 12 Nov 2003, martin f krafft wrote: > i guess the main argument against this joke is that an operating > system with 10 different web servers, 10 different mail servers, 10 > different ftp servers, 20 different window managers, 10 different > browsers, 20 different mail clients, and so on, and so on, will have > how many more bugs than a monolithic approach with 1 web server, > 1 mail server, 1 ftp server, etc... Doesn't this argument constitute the "monoculture" argument in reverse? I suppose that once you've hauled out every gun, big and small, to deny the validity of the anti-monoculture argument, then you've got to argue the reverse of it. We'll have to see how it plays in Peoria, but in the real world, it's false. The "Slapper" worm didn't spread much not only because of the number of web servers, but because of the variety of versions, and the variety of compilations out there. I doubt that 10 different mail clients will perform a whole-internet denial of service, like Sobig.f did. The resistance that linux, unix and the BSDs have to viruses and worms etc probably derives at least in part from the variety, the spread of versions in use, the fragmented hardware base, and local customizaions. When will you guys learn that "resistance to epidemics" is a property of a population, not a property of the individual computer. Sure, any individual Slackware box might get infected or cracked, but all the SuSE boxes will have immunity. Or all the Pine users might send out the next Anna Kournikova chainmail, but the Evolution users won't.
Powered by blists - more mailing lists