[Linux-aus] Open Source Monoculture

[Brad Hards]

On Tue, 17 Feb 2004 09:52 am, Arjen Lentz wrote:
> First let us define where the term "monoculture" comes from, and what it
> means... I personally think the use of this terminology for software is
> somewhat odd. For reference:
> http://dictionary.reference.com/search?q=monoculture
<interesting stuff snipped>
I have a slightly different view of the problem (and I grew up on a large 
wheat/sheep farm in WA - no jokes about that, thanks). Monocultures in 
farming tend to either produce reasonable results, or suffer catastrophic 
failures. Monoculture isn't necessarily a long term thing though - growing 
your whole farm in peas one year and wheat the next is still a monoculture.

The failures tend to come from explosive growth in pest populations (eg 
locusts) or from natural disasters (fire, flood, hail). An agricultural 
polyculture (characterised by mixed trees, various crops in different stages 
of development, animals, people, small plots - as you see in subsistence 
living and more modern permaculture environments) tends to have moderating 
influences for those things, and catastrophic failures are rarer.

In regard to jdub's original questions, I think that FOSS deployments in the 
server arena are tending to "a number of minor variations on a single theme". 
Those minor variations may not be enough to provide the resilence we need to 
a truly major failure (case: breakins on a number of our major sites - Debian 
and Savannah). The desktop variation is greater, but there are still a number 
of key shared vulnerabilities (eg a buffer overflow on libxml2 or libxslt 
would be bad for both Gnome and KDE). In terms of total vulnerability, any 
variation is likely to help though.

Brad
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: signature
Url : http://lists.linux.org.au/pipermail/linux-aus/attachments/20040217/670e11c4/attachment-0001.pgp