[nycbug-talk] Security & monoculture
Francisco Reyes
lists
Sun Jan 1 20:56:37 EST 2006
George R. writes:
> The issue of diversity and monoculture has been a major security debate
> over the past several years.
Catching up with all my lists in the offdays. :-)
Was there a followup to your post? Don't see any..
> Anyway, more interested in opening the debate. . ..
Although I understand the idea behind why Monoculture can be a problem, by
the same token using multiple Operating systems or different programs (ie
using two types of Firewal, but same OS).. has it's own set of problems.
Although the discussion can go beyond Operating systems.. I will just
discuss that one topic.
I think it all comes down to the people implementing
the system(s). Using a differetn OS, per se won't do much help if the people
implementing it are not well versed in the second OS. Specially if a second
OS is solely introduced for the effect of having more than one OS for
security reasons. It is possible thet the people implementing the
architecture may not be familiar with the second OS and end up compromising
security because their lack of understanding of the second OS.
In an ideal world, where the people installing both operating systems are
familiar with both, or there are two sets of people and each group is
familiar with one OS.. in that scenario I think OS diversity is good.
More information about the talk
mailing list