Slashdot Mirror
Microsoft, Monocultures, Security FUD & Other Fun
techiemac writes "Dan Geer, who has been mentioned on Slashdot before due to his warnings about Microsoft's "monoculture" has just been written up by AP for his warnings about the widespread use of Microsoft products and the serious security flaws that are being discovered. This story is quickly becomming big news (Yahoo is currently carrying it on their front page). For those who don't know, Dan Greer was fired from @Stake Inc for his criticism of Microsoft (they are a big client of @Stake Inc). " Somewhat related, there has been interesting reaction pieces on ORA and OSDN to a recent, some say ill-informed article run on DevX.
I hope no FOSS developers look at that source. It could "taint by association" -- which makes me wonder if that wasn't the real reason for the release. MS now realizes the fight is over source code. By releasing (through an agent: Mainsoft) the source they can now claim injury if similar methods appear in FOSS.
The contents of this message have been doubly encrypted by ROT13
... on why the Microsoft monoculture is so important; from the AP article:
True diversity, Charney said, would require thousands of different operating systems, which would make integrating computer systems and networks virtually impossible. Without a Microsoft monoculture, he said, most of the recent progress in information technology could not have happened.
Really? Could someone more familiar with Microsoft and their products kindly give me examples?
Remebr folks the def of monoculture is not being properly use dhere..
:)
Monoculture refers to a system(ie culture) in which you have like micro systems(cells)..in other words the micro and macro systems are integrated together and this is the reason why infections are so effective!
Now in PCs for examepl unix like systems are not in the whoel a monoculture whereas MS windows is..why?
Becasue the infrastruce to produce the micro system in this case the OS is different between MS and Unix like systems and different between Unxi flavours!
If all unix flaours were using the exact saem kenrel architecture, development model, and etc yes than it woudl be amonoculture..
Alot of educated bioligists and computer professionals are getting this def worng..
Lets think a little , shall we?
Of course if youa re readin my blog, (shareMe Technologies), then you already know I liek to think and reason through problems, trends, and etc...
Don't Tread on OpenSource
And not only do they want us to run thier OS, they want to make sure you are integrating thier Office, and collaboration (think .net) programs.
To get the full value of Windows.
I think I got enough "full value" of windows on my users machine affected by Blaster last fall...
True diversity, Charney said, would require thousands of different operating systems, which would make integrating computer systems and networks virtually impossible. Without a Microsoft monoculture, he said, most of the recent progress in information technology could not have happened. ...and that's right when I fell out of my chair laughing. And before my morning Dew, no less!
Ideally a closed-source OS is more secure. Any vulnerabilities have to be discovered after compilation, making it more of a guessing game. With open source all you have to do is read the code. But that's just the ideal. You just have to remember that our "closed source" model is hardly closed source any more, that it is (from what I have heard) crappy code to begin with, and it is poorly patched, often in an untimely manner. Then you consider the "real" open source model we live with, where most all security problems are reported/found/patched within a day or two - if not hours. The author of the above article seems to realize the ideal situation, which is fine - he makes a point. But the "security" of closed source code is really just security through obscurity. Read "The Art of Deception" by Kevin Mitnick for some great historical examples of why that model always has, and always will, fail...
Somebody explain to me how this makes any sense?
"Daniel DuVarney and R. Sekar of the State University of New York-Stony Brook are exploring "benign mutations" that would diversify software, preserving the functional portions of code but shaking up the nonfunctional portions that are often targeted by viruses."
First of all, since when are only nonfunctional portions of software targetted? A buffer overrun can occur in any portion of code. Second, exactly how would you identify nonfunctional versus functional code, and what mutations could you possibly make to it? Make a bad pointer point to even worse memory? I just don't get it. Looks like another $750K wasted on stupid research.
True diversity, Charney said, would require thousands of different operating systems, which would make integrating computer systems and networks virtually impossible. Without a Microsoft monoculture, he said, most of the recent progress in information technology could not have happened
It's hard enough to get Novel - Mac's - PC's - Windows Servers - And SGI computers all playing nicely in a true heterogeneous environment. I couldn't imagine the nightmare if I had another 2-3 other OS's to integrate.
The problem is crappy software.
Would the IT world be a more stable, reliable & secure place if 95% of the world's comptuer ran OpenBSD?
The problem is crappy software, not closed source commercial software.
It is the general crappiness of commercial software (and the lethargic rates of bug fixes) that have led to the popularity of open source.
You're totally right, but it'll be hard for a lot of people to not look at it. I say this tongue in cheek, but people will slow to look at a car wreck -- why not the "Windows" source code? Plus these are highly curious people.
I think the better encouragement is not to *keep* the source code. It would be quite difficult for MS to "prove" that any given developer had seen the purloined source, barring the conspiratorial notion that MS is running false-flagged IRC channels and web sites and collecting evidence on who is grabbing it. But not keeping a copy of it (which would be illegal anyway), they remove the easiest proof that they have been tainted by it.
Yet, other breed of potatos were completely unaffected. It wasn't the reliance on potatos that was to blame, it was the reliance of one strain of potatos that was Irelands achilles heel.
And the next year, the Irish planted the same crop. Why? Because that's all they could afford - the English were taxing them to death.
"We returned the General to El Salvador, or maybe Guatemala, it's difficult to tell from 10,000 feet"
I have thought about this whole monoculture thing recently, and here is my take on it...
Microsoft made a conscious decision, a long long time ago, to make sure that everything in its Office applications (starting with Word) would be scriptable with VBA. And that the VBA scripts would have access to the entire underlying OS.
At the time, it made perfect marketing sense: the king of word processors was Word Perfect, and it offered advanced scripting functions. Microsoft had to duplicate this functionalities if it wanted to kick WordPerfect ass and establish Windows and Word as the desktop champions. And it worked -- when was the last time you used WordPerfect on your PC?
The only problem is, of course, that Windows security (3.x was a single user, single task operating system) was absolutely broken from the very beginning. After all, if you are the only user on your machine, you don't need a lot of security, do you? Wrong. You may need a different kind of security, but you still need some sort of framework to protect your resources. Windows never provided any kind of security at all.
Then came the Internet. And, with it, a virus transmission vector of incomparable speed. The rest, as they say is history. Microsoft never bothered to create proper security and, because it completely ignored the Internet before 1995 (remember the Gates memo?), they were caught unprepared by the hordes of yahoos who write VBA viruses. VB is easy to use, viruses are easy to program in VB and, thanks to MS stupid decisions, they were allowed to run wild.
In effect, most users and sysadmins are, today, paying the price of a marketing decision: Microsoft decided to design VBA, all the while ignoring the research that proved that application scripting needed to be severely limited and controlled. Emacs LISP scripts and shell files in the UNIX world were prohibited a loooooong time before VBA was even created.
They kicked a competitor out of the field and, in doing so, created more problems for themselves (and for us!) than they solved...
The right to offend is far more important than the right not to be offended. (Rowan Atkinson)
As easy as it is to point to Microsoft as an example of monoculture, Open Source software is equally at fault here. Take "deflate" encoding as an example: How many different implementations are there? What fraction of deflate-using applications use an implementation other than zlib?
If anything, the ease of code reuse inherent in Open Source software makes monoculture easier to achieve.
Tarsnap: Online backups for the truly paranoid
...that Greer's against monoculture but doesn't explore the effects of what would be needed to overcome that monoculture.
As outlined in the article (assuming anyone reads it), critics of Greer point out that simply adding a new OS into the mix (dare I say Linux?) wouldn't substantially help. You'd have a duoculture instead of a monoculture. How much more difficult would it be for hackers to create a devastating hack? It even extends beyond OS's. Apache has the majority market share for all web servers worldwide. What affect would a devastating Apache exploit have on such a near-monoculture? Nobody wants to say anything about that, though, because Apache represents the side of good and Microsoft is evil.
To truly achieve the technological equivalent of biodiversity, we'd need hundreds or thousands of OS's and differing applications. The complexity of trying to get all that crap to work together would be impossible, especially since convergence of any two app's/OS's would be actively discourages to prevent cross-pollination-type attacks.
It's all well and good to bash Microsoft's monoculture. I'm sure there are many here who'll do nothing but that. However, defining the problem is only the first step; you must present a practical, workable solution. Just saying "Linux will fix it all" simply replaces one monoculture with another. But I bet most people here haven't thought that far ahead.
In the end they will lay their freedom at our feet and say to us, Make us your slaves, but feed us. - Fyodor Dostoyevsky
Without a doubt, online security is a major concern. The idea of monoculturism may be applicable to the computer industry due to the prevalence of MS operating systems. This, of course, assumes everyone has the same version of an MS operating system, with a single, universal exploitable flaw. The fact that not everyone has the exact same operating system nor the exact same component and software configuration tends to undermine the argument of 'monoculture' somewhat more.
However, diversity of computers fosters a much higher learning curve to a machine that is already far more complex than 80% of the people using them understand. I'm a proponent of unity in the field of computers in that the UI of any OS should be the same as EVERY OTHER UI. This promotes a uniform learning curve for everyone so that learning one machine or OS does not restrict a person to that particular product or platform for life.
People want to learn as much as they need to - and not have to constantly relearn it - in order to do the things they want to do with the computer. Imposing 'bio-diversity' on the operating systems of the world will only create sub-monocultures between which comparability issues and cross learning would be difficult for most to handle unless the UI for each system is essentially the same.
I'd REALLY like to see Linux be available to anyone without having to have any knowledge of Unix protocols, have the same driver support and always be able to run ANY program regardless of the original OS requirements without having to constantly tweak everything into compliance. If anyone knows a way of doing this, or if it's already been done and you know how, PLEASE post it here.
The Internet is created on a suite of open protocols that were originally designed for academics & research people to use. Go back 20-odd years and there were no issues of security because only a select few had access to computer networks. Consequently, there was no security built into TCP/IP because there was no need for them.
Now we have a situation whereby if you are a sensible & knowledgeable computer type, whether you use open or closed source software, you can make a pretty good job of securing computers for the Internet - sure, you probably have a reliance on getting the latest patches, putting in a firewall or two but you can do it. No computer is ever fully secure but you can make it enough of a challenge so that the 99.9% of script kiddies give up trying to crack it and the other 0.1% of knoweledgeable crackers probably don't want to waste time with your little box anyway.
Then onto email viruses... Knowledgeable computer users don't suffer from email viruses because they either use email clients that can't execute attachments or they set their machines up so that they know when and when not to run attachments - probably by simply looking at whether or not the sender of the email is to be trusted.
So, in summary, I see this as two core issues, nothing more:
1. Hype and marketing - Microsoft and other software vendors need to step away from the "sales speak" and simply not be allowed to tell Joe Public that PCs are "easy to use" or "secure". It's no different to reminding people to watch their speed and check their tyre treads on a new car, after all... Where are all these "advertising standards" groups that are supposed to ensure adverts convey truth, not lies?
2. User laziness - Joe Public needs to get off his backside and learn how to use the Internet properly and how to secure his PC - again, no different to spending time and money in learning to drive. Far too many people, taken in by the glossy adverts and hype, just sit back and expect software vendors to take away all their responsibility away from them because they themselves simply cannot be bothered.
What really annoys me about this whole issue is that software (and hardware) companies are only going to react to security issues in their products in a way that makes them more money. If the vendor already has his boxed software on the store shelves, he really has no incentive to employ people to work on further security for his products unless his reputation is so bad that he is forced to improve his software at the risk of losing sales - and you only have to look at Microsoft's currently poor reputation and their actual focus on security to see how far down that reputation must go before any action is taken...
However, on the other hand, DRM can be sold as a security-improving product on the back of peoples' fears of Internet viruses while allowing the Microsoft and others to make money licensing DRM.
I wish people like Dan Greer would focus more on the ultimate impact of letting Microsoft "take the blame" only to have Microsoft respond with a technology that will make them more money and cut off our freedoms in the process.
Gentoo Linux - another day, another USE flag.
Nature deals with breakdowns in a complex system with evolution, and a very important part of evolution is the extinction of particular species. It's a sort of backtracking mechanism that corrects an evolutionary mistake. The Internet is an ecology, so if you build a species on it that is vulnerable to a certain pathogen, it can very well undergo extinction. By the way, the species that go extinct tend to have limited genetic diversity. -Atrributed to Bill Joy - Had preserved in my Blog Dan Greer's writings bear the same too.
Senthil
Well, a car wreck is convenient to look at. (You're driving right past it.) ... I would have to look for the source code, which I'm not even going to bother to do.
Besides, if you want to see Microsoft code, use their Visual C++, and get the step into/step over keys backwards. It's easy to accidentally jump inside the cout statement, for example.
And anybody elses code? If you can read assembler, wait for it to GPF. At the college I work at, MSVC++ used to snag any crash and throw it up on the screen as x86 assembler code. (I seem to remember that happening to Netscape 4.x a lot.)
tasks(723) drafts(105) languages(484) examples(29106)
than good. yes, this is not a new idea, but the fact that M$ continues to do it is to me, evidence that they are not serious about security.
.v
Last week a client of mine wanted me to do some work on his computer and to remove M$ IM on WinXP. You try it, it will tell you that WinXP depends on some functionality of IM. What? The OS needs this crummy application you can get for free somewhere? If that is really true, then no wonder their system is so freaking vulnerable to all kinds of things.
just about anyone who write large software knows that u have make it modular design and if possible striving independent modules as possible to reduce risk and propagation of faults. consider this, even after the trial, M$ still continues to bind unrelated OS functionality with applications. Apps and OS services are completely different.
while M$ tries to give you a big bloated piece of software with OS and THEIR apps tightly integrated. look at what the people doing micro-kernels are doing. they are trying to make the kernel as simple as possible (hence easier to debug, understand, etc.). Then, the OS services are just apps (again, very independent form each other--though they may use the services provided by the other). but their is no need for that particular app, just any app providing that service.
Luckily, the climate is changing, but it is ever so slowly...
Veni, Vidi, Velcro!
I have to disagree, Apple dropped certain technologies when they were replaced by superior ones, and were thus 'not that useful any more.'
PC manufacturers dropped certain technologies when they were finally perceived not to be useful any more.
Apple can act as the gentle motivational herder, because they have complete control over their flock, as long as they make sure they replace the things they phase out with generally superior technologies, and they have (floppy > email, legacy ports > USB).
PC manufacturers have no choice, as there is less unity and it is human nature to be wary of new things, and to want to stick to what is tried and tested. In this scenario where it is impossible to move the flock forward as a whole (as the direction of the industry is dictated by many) it must first be shown and proven that the newer technology is superior.
So I would hardly call this scenario a 'blunder' on Apple's behalf! Quite the opposite in fact - I'm sure it was of great benefit to both Apple and their users to make a swift concerted step forward.
This sig has been deprecated.
"But Geer says the company should disentangle its tightly integrated products, such as Microsoft Word and Outlook."
The best way they can disentangle their products is to force Microsoft to publish their protocols, so others can build competitive products that can integrate cleanly.
Perhaps their software should be declared an "essential service", much like teachers and hospital workers here in Canada. When teachers/medical workers strike for too long, the government steps in and says "get back to work, you're essential to our functioning as a culture".
The bottom line is Bill Gates and his minions are liars and can't be trusted. They comply to every defeat dealt to them with their middle finger raised, and then go right back to abusing their position in the marketplace. The only rules Billy plays by are his own, and the only reasonable way to deal with him is to be unreasonable in demanding he comply.
Ruby on Rails Screencast
"The hoopla around him losing his job gave the story some extra frisson," said Internet security expert Bruce Schneier, a co-author of Geer's.
frisson
n : an almost pleasurable sensation of fright; "a frisson of
surprise shot through him" syn: shiver, chill, quiver,
shudder, thrill, tingle
Overall, this is one of the best written articles I've read in quite some time. The author lets the intelligence of his sources shine clearly. And it's always nice to learn a new word.
Not true, because all the versions of Windows were made by one company, and none of those versions of were made concurrently to compete against another version of Windows...sure, one could argue that anything new is still competing with Windows 98 on the desktop, but that's not the point.
I do agree that we need different, non-Unix OS's to be available, but your comparison isn't valid.
Chris
Maybe Microsoft is trying to do to ReactOS what SCO is trying to do to Linux?
No one else had the balls to say "screw dumb serial ports, USB is better".
because only complete morons say that.
Serial ports have their place and will be here for a really long time. I dare you to config a cisco router or switch with your USB port. or dare you to configure any of the middle to high end home automation equipment out there with your USB port.
USB is excellent for low-performance high bitrate data transfers.. firewire beat's it to hell for performance needs (ever wonder why you can't get high end DV cameras with USB?) and RS232/RS485 serial is better than anything that USB or firewire can do for low speed high reliability.
apple did NOT force the adoption of USB... the explosion of cheap usb products by the release of cheap usb interface chipsets.
Do not look at laser with remaining good eye.
Nah, you missed on the biology comparison.
When M$ finally dies the well-deserved and overdue death, we can still have a lot of diversity without them.
Let's see:
Linux (dozens of distros)
*BSD (several variants)
MacOS
Solaris and other *nixes
Plan9 and other obscurities
I'm not so sure anymore if I can count properly, but that sounds a lot more diverse to me than:
windos (some variants)
uh, whatever those freaks nobody cares about use
Assorted stuff I do sometimes: Lemuria.org
Monoculture (or, the problems associated with it) are not a new concept. When I was studying at U of Mi in 1992-93 (or thereabouts) we discussed the internet worm in my system administration class. The instructor pointed out that U of M was only moderately affected because of the variety of Unix systems comprising the network. The lesson was that a diverse network makes one less succeptible to attack affecting a single platform.
Monoculture or Diversity?
The AP ran a story this weekend, captured by Yahoo, talking about Dan Geer and his thoeries of how the Microsoft Monoculture endangers computer security. I have concerns.
Although I know this won't fend off the zealots who just need to speak their mind, else their puny little heads explode off of their shoulders, atrophied from lack of lifting their hands any higher than a keyboard, I offer this caveat: What I'm about to present is merely philosophical rambling, curious wonder, nothing more than an innocent what if. It is, in no way, intended to offer an argument, solution, opposition, or anything else that would offend (other than those puny headed, shoulderless freaks).
Just the facts, Mam
I found it intriguing that, as the AP article mentioned:
Why hasn't Mr. Cooper, the media, and suposed security experts who promote U/Linux as a safe alternative, acknowledge that U/Linux also have their share of security advisories? Take a look at Secunia and their product listing. Doesn't anyone care that Solaris 9 had more advisories (42) in 2003 than Windows 2000 Server (36)? Doesn't it scare anyone that, while Windows XP Home edition had 32 advisories, Red Hat 9 had more than twice as many with 72? Debian 3 had 186!
Doesn't Open Source claim to have a better development model by throwing more eyeballs at the source code, thereby eliminating - or minimizing - security flaws earlier?
Missing the forest for the trees
Take a look at this, also from the AP article:
Are these people frickin bonkers? We're barely capable of securing the simplest SMTP and FTP services. Software is already beyond our comprehension. What makes us so arrogant as to assume we can write software that makes other software more secure - without breaking it, without opening unforseen security breaches? We are decades away from being that intelligent.
Of course, on the plus side of this approach, as software gets more complicated, it will be too obfuscated for the Puny Heads to understand and, therefore, will be a great deterrent for attacks! (Yeah, sarcasm)
Miopic Intelligence
Dan Geer likes to compare the information world to that of biology, equating computer viruses with biological viruses. I have one problem with this way of thinking. Biological viruses simply exist, have always existed and will always exist. They don't have an agenda. They don't have malicious intent. They aren't scheduled or targeted. They are nature. It's the way the system works. The global ecosystem is s
Simple, they could borrow a trick from SCO and say "It would be impossible for the FOSS developer to do X unless they had seen the M$ code."
And how well has that worked for SCO so far? It'd be easier for MS to do what's often been claimed about the SCO code -- deliberate insertion to claim copyright violation.
What you claim *may* be true for code like WINE or Samba, which has to work very closely with Windows, but I'd imagine those developers long ago got careful about what code they inserted and what they exposed themselves too. It'd be harder for something like Sendmail or another application which which is written to follow a public spec or standard.
Now, that didn't happen in this case, as the story was already on the front page before Slashdot linked it. But it could happen, no?
A stupid window user could be a fenced in stupid linux user. Under Linux you NEED to supply the root password to do anything remotely dangerous to the system. Proper configuration of the system and the GUI could lead to the user only being able to get to and run those applications they need.
.. no more headaches. No more 'oops I've resized my desktop when I was trying to change my background' or 'I don't know what I did I was in the control panel trying to uninstall this game ...' No, they open their linux menu and get the 4 choices of the 4 programs they need to get their job done. Oh this user doesn't need web access to complete their tasks ... they don't get web browser access and look at productivity soar!
I'm speaking from an IT perspective, if I could switch all the people I support from windows to linux
Linux can be made to be idiot proof and beyond.
Linux can be dumbed down so a 2 year old can use it. I know, I have a 2 year old living with me, after I log him in he can use the mouse and click on the 4 different icons on the desktop (the only 4 accessible things to him) to hear the 4 seseme street characters sing.
Windows is dumbed down to the kindergarten level. Even if you're an IT wizard using XP, you're using an interface written for a 5 year old.
*DrugCheese rants*
Hmmm... it's hard to say this here, but I think Windows is the product of some of the world's greatest programmers. They just had their hands tied because of management who extoll features over stability and security. Furthermore Redmonds Exec's suffer from the "I want mine to be special" way of implementing and using standards.
Windows does what it was designed to do very well: be an operating system for the masses. Its headaches are caused by managerial nearsitedness and monopolistic practices. Disclaimer: IANA microsoft employee, or even a windows programmer, I run linux and develop cross-Unix (HP,SUN,Linux) software, but still I feel somebody has to give Microsoft developers some credit.
Why, o why must the sky fall when I've learned to fly?
"The problem is the monopoly, the symptom is the software."
That problem is over-inflated here on Slashdot. Microsoft has proven time and time again that they cannot simply make a monopoly out of everything it touches. (XBOX, PocketPC, UltimateTV, etc...) Worse, their popular products have deficiencies that the OSS Community has addressed. Their biggest enemy isn't Microsoft, it's lack of awareness. Follow IBM's lead: Get some commercials on TV. Start a "Advertise Linux" fund. Get the PHBs out there who sign expense checks to understand that it's not just some hobbyist project that couldn't possibly be taken seriously like Microsoft's business products.
Don't be so quick to dismiss what I'm saying. Microsoft is creating opportunities left and right for you guys (blaster, MyDoom, etc), and you're doing a terrible job of taking advantage of them.
"Derp de derp."
When I set up a windows system for a user, I remove the links to IE and OE, replacing them with Firefox and Thunderbird. I don't tell them to use linux if they don't have the expertise to use it, I simply attempt to make their systems as secure as possible.
Quite often they ask if I have problems like they've experienced (spyware/malware toasting their computer), and I tell them no, but then I use Linux and it's not prone to these problems. Several have asked for a linux install, so I gave them a dual boot option to test it out.
Too bad the first user that signs in is an admin by default in XP Professional. Quite a few programs I've run across won't work unless you're signed in as an administrator.
Giving yourself root permissions (at least on OpenBSD) still requires you to use sudo or su to execute a command using those permissions.
*shrug*
My username does not make me Apathetic. It's irony, get it?
The rationale behind avoiding monoculture is that not all members have the same weaknesses, so an attack will not destroy the entire population. While this is a valid point for biological populations, there are some issues with it as apply to computer security. We are not dealing with "members" getting "killed" -- we are dealing with "computers" being "compromised".
The first issue is that many elements of the whole in some computer systems have the same degree of access. Perhaps half of the workstations at a company run Linux and half Windows. If all of them have roughly the same tasks (as opposed to devoting Windows to web browsing and Linux to email reading), then a compromise of *any* of them allows a compromise of all the important data. Many security systems are weakest-link -- if one element can be compromised, the whole system falls. In this case, all having a polyculture does is expose more weaknesses, reducing the security of the system as a whole.
The second element is somewhat similar -- most computer networks have some degree of trust relationship between members. It may be something explicit, like having IP-based rsh auth (though that's a bit of an old problem) or allowing access to various intranet Web pages to any internal computers. It may be just allowing a compromised computer to sniff a network that other computers pass traffic over. In this case, a compromise of one member of the network provides an attack vector against the other members of the network. Again, a polyculture exposes more weaknesses, weakening the security of the system as a whole.
Third, there are security management issues. Most medium or large computer networks have someone or some group with some degree of responsibliity for computer security. That group usually has finite resources and budget. Much of their effort can generally be replicated across similar members -- for example, securing a plaintext authentication in Windows means a fix that just has to be replicated across all members in the network. If their time and money must be spread across multiple types of members, they are less able to spend resources on any one group, and each type of member may be less well managed.
Fourth, most networks do not follow a "Russian doll" approach, where a potential cracker must compromise first one computer, then another computer, then another computer to get in to the network proper from the outside. In such a scenerio, making each of the dolls different does improve security, since a cracker must compromise all, rather than just one, system. It's pretty common to just have a NATted network with all hosts inside at roughly the same level of internal access, however.
Overall, I *do* think that it's a good idea to move away from "Microsoft only" on computer networks. Competition tends to improve products, and Microsoft has a poor security track record (and doesn't focus on security very well). However, if an CIO has the sole goal of improving security, and has the choice of rolling out Linux or rolling out Kerberos on existing Windows boxes, I'd have to say that rolling out Kerberos is probably going to do more for security.
May we never see th