Advising administrators to get out of a monoculture environment assumes that they already have the necessary expertise with the new platform or that they can hire what they need. It assumes that the apps they are running now can run on the new platform, which many times isn’t the case. And the biggest assumption of all is that your computing monoculture is expensive to maintain and is getting hacked and exploited all the time. It ignores the fact that many companies I work with haven’t had a worm outbreak or hacker event in more than two years -- and the security is automated with a few clicks of a mouse from a central location.
Of course, security is always a cost-benefit trade-off. A good system administrator does the math: Does the increased cost of supporting multiple platforms offset the cost of the security issues caused by a computing monoculture?
But let’s go further. Assume the entire world did away with its computing monocultures. Everyone is running varying percentages of Windows, Linux, Unix, BSD, OS X, Solaris, AS/400, and the like. Would that stop hackers and malware?
It’s my contention that it wouldn’t cause but a ripple in the grand scheme of things because hackers and malware always go to what is popular. In a non-monoculture world, people would still have to talk, and compute, with other people. This means my application would have to talk to your application.
Let’s face it, the monopoly isn’t Windows, it’s Microsoft Office. Your users might let you replace Windows XP with Ubuntu Linux, but only as long as their e-mails and file attachments are readily exchanged with everybody else they need to communicate with. If they can't read their file attachments for a day, you’re probably out of a job.
In a non-monoculture computer world, the apps would become even more cross-platform and ubiquitous. It’s already happening. XML is the data interface savior of the world. Adobe PDFs are soon to be replaced by OpenDocument-formatted files. With OpenDocument, no matter what platform you make your document on, it can be read by any other platform that supports it -- and OpenDocument is royalty-free. Adobe’s PDF format is beautiful, but you can’t create PDFs for free.
Cross-platform threats aren’t new by any measure. Even in recent years, during the heydays of macro viruses, there were many cross-platform threats that could infect DOS, Windows, and Apple computers simultaneously. Last month a demonstration virus called Lindose showed that a single malware program could infect Windows and Linux executables at the same time.
And if you think patching Windows is hard, try keeping up with several OSes. I sometimes curse out loud because of all the mailing lists I have to track and all the tools I have to use to make sure my systems are patched. I’m pretty sure that, as the number of platforms increases, the amount of consistent, thorough patching decreases.
So after all the hard work, effort, money, and maybe somebody’s blood, switching from a computer monoculture to something else wouldn’t stop hackers and malware. It might slow them down a bit for a while, but it wouldn’t stop them for long.
A noncomputer monoculture isn’t necessarily a bad thing; I say pick the right tool and platform for the job. Learning new platforms and expanding your knowledge is a good thing. But let’s make sure we state the benefits of a non-monoculture correctly. For some environments, it might work. For many others, it would be a lot of additional expense and effort to end up with the same problem -- or worse.