Why monocultures are bad
An interesting article by Scott Granneman in SecurityFocus talks about, among other things, why monocultures are as bad in the computer security world as they are in “real life.”  A monoculture is “the cultivation or growth of a single crop or organism” according to Merriam-Webster.  In the real world, monocultures are subject to devastation by a particular disease, pest or event.  For instance, the Irish potato famine of the 1840s was due mainly to the crop’s susceptibility to a particular mold.  Other crops have suffered similar fates.  
Monocultures can also apply to higher-level organisms.  For instance certain virus- or bacterium-caused diseases can be fought by looking at the class of, for instance, people, who are, for whatever reason, resistant to the disease.  These people, not part of the affected monoculture, can be used to shed light on the aspect of their make-up that provides the resistance. This aspect (often a particular genetic mutation) can then be studied and used as the basis for fighting the disease within the monoculture.
And monocultures can apply to computing environments. A networked environment, of, hey, let’s say all Windows XP computers could be “wiped out” (somewhat literally) by a particular computer virus or hacker attack.  But add some diversity (the opposite of monocultural-ness) and there’s a good chance that there will still be some computers available after the attack has subsided (for instance, and in particular, Macs).
A monoculture of all Mac OS X machines is also vulnerable, although of course less so because there are fewer Mac “diseases.”  But having a Linux machine or two mixed in with otherwise all-Mac networks might not be a bad idea.  It’s hard to argue that mixing in a Windows machine for this reason is a good idea however, because, in this case, the machine would serve as by far the weakest link in the security chain, so its risks would probably outweigh any diversity benefits (see the section “Windows Computers” in the book, chapter 15).  Sort of like introducing a mole to add diversity against potato blight!
Wednesday, March 29, 2006