WebMink
Simon Phipps's personal commentary

Monoculture Fights Back

CNet's ZDNet flavour has started a three-part rebuttal of the 'monoculture' report. Exactly why they would do this is unclear to me, because they weren't the party criticised and the report has plenty of scope for balanced discussion, but they're doing it anyway - backing the overdog, you might say. One sop to impartiality is that the author appears independent ... until you look at his biography and discover he's the author of many interesting articles like "Top 10 reasons why Microsoft is a good citizen", "Why .NET will conquer the world" and "Death to antitrust". Hmmm. That sounds like an objective commentator.

And indeed, reading the article it looks like we are in for a sequence of exercises of wilfully missing the point. He comments on the need for standards in software:

It’s true that a monoculture has certain costs from the standpoint of shared risks which lead to a larger pool within which a computer virus might thrive. On the other hand, there are also real costs to the lack of a standardized computing architecture, which is the flip-side of the monoculture detailed in the report.

Yet when faced with two examples of the way it ought to be done (standards with multiple implementations) in Linux and with the Java environment, he decides to make a different point:

Java programs can still have coding flaws that have security implications. Such a flaw would exist, therefore, on every platform the application is run on. Sun Microsystems certainly hopes to make Java the de facto standard for application development. Yet, no one is suggesting that these ambitions should be curtailed in order to preserve platform diversity.

That's because both Linux and Java operate in uncontrolled, transparent markets with multiple players - diversity is preserved by encouragement, not curtailment. And a bug in one vendor's implementation doesn't affect others implementing the same interfaces - neither Java not Linux is a single entity.

The article has plenty of places like these where a limited world view (and maybe an agenda?) result in poor arguments - the complexity argument neglects the value of open source communities, for example, or the fact that a reduced environment might be fully-functional because the environment it replaces is over-featured. Reading the flame-fest under the article as much as I can bear suggests the author is ready to continue with cute but erroneous analysis:

Lock in isn't unique to Windows. If you have a Solaris app, you can't move it to Windows (and you implied as much when you noted missing enterprise apps in the Windows world).

says the author, to which a reader replies:

You can't move it to Windows because Microsoft doesn't implement the UNIX98 API. The API is fully documented and standardised by the OpenGroup, and nothing is stopping Microsoft from implementing it on top of their NT kernel. I can move from Linux to Solaris to IRIX to AIX to FreeBSD to some other UNIX without a care in the world. Move from Windows to UNIX or UNIX to Windows and expect a World War III on your hands.

Actually it's not necessarily as easy as that, but you get the drift.

Maybe there are no voices in this world independent enough to deliver a reasoned analysis of this subject? Or maybe they were already involved in the report in question (which I gather the CCIA did not commission, they just provided a launch venue). Whatever the answer, this propaganda article is not from one of them.

posted at 1:04 AM (UK) | |