Dan Geer's Monoculture Bomb Goes Off

Andy Updegrove writes "Three years ago, celebrated security expert Dan Geer lost his job at @stake when he co-authored a paper on the dangers that the Microsoft 'monoculture' represented for end-users. Last fall, he authored a similar warning in a Perspective piece he wrote for CNETNews.com, applauding the action of Massachusetts in adopting OpenDocument Format, thereby reducing its vulnerability to the same type of risk. Four days ago, Dan's prediction came true, when users of Word (but not those that only trade files created in StarOffice, OpenOffice, or other ODF compliant software) began to be infected with the Backdoor.Ginwui virus - a malicious Trojan program that hitches a ride on bogus Word documents. In short, an object lesson that in IT, as in biology, those that exist in diverse gene pools are at a lower risk, both individually and collectively, from those that subsist in a proprietary monoculture."

Re:Open-source monoculture just as risky

[SerpentMage]

Wow we are old ;) I was thinking of the same thing. What worries me about these types of assertions is that Linux is just as much a mono culture as Windows.

At an OSCON talk, there was this business guy. His assertion was that if Apache were a company then they would be susceptible to monopoly rules like Microsoft should be.