Diversity in Software
A recent blog posting by a vendor of security software came out against a Microsoft product that could be distributed to all Windows users. The edited blog said in part: Monocultures are a hacker’s paradise. If pushing [Microsoft’s product to all users] is very successful it will end up creating a monoculture of hundreds of millions of users having the same anti-virus product. Right now hackers have to worry about bypassing multiple anti-virus products and protection layers every time they release a new piece of malware. By having to bypass only one product makes the attacker’s life so much easier. This alone will allow attackers to push more new malware that bypasses it exclusively and infect many more users with every new variant … potentially discovering vulnerabilities that could cause infections in tens of millions of PCs with a single attack. Monoculture in Operating Systems is in and by itself bad. Monoculture in security is a very bad thing. Do you agree? Does diversity extend to software products? Is it bad to have a single software product that the majority of users install? Will having a dozen anti-malware software products slow down attackers if most of these have only a small portion of the total market share? Would an attacker simply not write his attack program for that small percentage of users? Write a one-page paper about the pros and cons of this approach.
We need at least 10 more requests to produce the solution.
0 / 10 have requested this problem solution
The more requests, the faster the answer.