On Tue, 17 Feb 2004 09:52 am, Arjen Lentz wrote: > First let us define where the term "monoculture" comes from, and what it > means... I personally think the use of this terminology for software is > somewhat odd. For reference: > http://dictionary.reference.com/search?q=monoculture <interesting stuff snipped> I have a slightly different view of the problem (and I grew up on a large wheat/sheep farm in WA - no jokes about that, thanks). Monocultures in farming tend to either produce reasonable results, or suffer catastrophic failures. Monoculture isn't necessarily a long term thing though - growing your whole farm in peas one year and wheat the next is still a monoculture. The failures tend to come from explosive growth in pest populations (eg locusts) or from natural disasters (fire, flood, hail). An agricultural polyculture (characterised by mixed trees, various crops in different stages of development, animals, people, small plots - as you see in subsistence living and more modern permaculture environments) tends to have moderating influences for those things, and catastrophic failures are rarer. In regard to jdub's original questions, I think that FOSS deployments in the server arena are tending to "a number of minor variations on a single theme". Those minor variations may not be enough to provide the resilence we need to a truly major failure (case: breakins on a number of our major sites - Debian and Savannah). The desktop variation is greater, but there are still a number of key shared vulnerabilities (eg a buffer overflow on libxml2 or libxslt would be bad for both Gnome and KDE). In terms of total vulnerability, any variation is likely to help though. Brad
Attachment:
pgp00019.pgp
Description: signature