Close
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
Read Down
Sign in
Close
Welcome!Log into your account
Forgot your password?
Read Down
Password recovery
Recover your password
Close
Search
Logo
Logo
  • Latest News
  • Big Data and Analytics
  • Cloud
  • Networking
  • Cybersecurity
  • Applications
  • IT Management
  • Storage
  • Sponsored
  • Mobile
  • Small Business
  • Development
  • Database
  • Servers
  • Android
  • Apple
  • Innovation
  • Blogs
  • PC Hardware
  • Reviews
  • Search Engines
  • Virtualization
More
    Home Cybersecurity
    • Cybersecurity
    • Servers

    The Linux Desktop Monoculture: This Is Better Security?

    By
    Larry Seltzer
    -
    January 16, 2004
    Share
    Facebook
    Twitter
    Linkedin

      The sources of our computer security problems these days are diverse. But theres general agreement (even I agree to some extent) that one of the major sources is the overwhelming market share of the Windows platform and the single target it creates for attackers as well as legitimate software developers. This is the famous “monoculture” argument.

      To a degree, this argument holds that even if we all agreed that Windows is well-designed and robustly secure, attackers would still have an advantage because of the ubiquity of the platform. Furthermore, security attacks are almost always platform-specific, and if youre looking to write a successful attack youd want (like any developer) the widest possible market, so you have a reason to choose Windows. The theoretical argument is strong, as is the empirical evidence, that a monoculture facilitates overall insecurity.

      Now Linus Torvalds himself says that 2004 will be the year that Linux breaks into the desktop. Could this be the beginning of the unraveling of the monoculture? I have a slightly different perspective on this issue.

      First I should mention that while I agree with Linus that the elements of a credible and successful Linux desktop are stronger than they have been in the past, Ill be very surprised if there is any really serious growth. The market for Linux desktops could double or triple and it would still be puny. Linux couldnt have a more enthusiastic free-spending evangelist than IBM these days; they do certify a fair number of their systems (almost all ThinkPads) for Linux, but try to buy a notebook or desktop from them with Linux preloaded. When major PC companies start to offer Linux PCs, then Ill believe it has arrived.

      One thing those companies are going to insist on is a consistent platform. When you buy a computer from Dell, its Dell that assumes the main support burden. If we imagine a Dell Linux PC anytime soon, Im fairly certain that Dell will make decisions for us in that PC, such as one specific distribution, one specific window environment (e.g., just KDE, no GNOME or any of the alternatives), and so on. Making their support burden manageable means limiting the number of items they are obligated to support.

      Next page: A big step forward?

      Page Two

      Now, as a Linux advocate, I might still view this as a big step forward. This is the view taken by Bruce Perens with his UserLinux initiative. Perens has taken a lot of guff from KDE snobs over his decision to use GNOME. Debates like KDE vs. GNOME arent as common or vicious as they used to be, but theyre still a big part of Linux culture and administrative issues. Imagine having to deal with training or support for Linux and having multiple distributions, KDE and GNOME to deal with. Likewise, when dealing with your friends, relatives, school, whatever. If Linux on the desktop is going to go big time it has to mean one consistent thing.

      So the ironic result could be that for Linux to be successful on the desktop, it needs to develop a monoculture all its own. Popularity of Linux on the desktop will also mean popularity of Mozilla, OpenOffice and a few other things that will become more popular targets for attackers as their prominence grows. Randomly broadcast e-mails with social engineering attacks on this Linux desktop platform will stand a better chance of success; imagine the genuine-looking e-mail from [email protected] with a “security patch” attached to it and instructions for installation.

      Linux on the desktop has a catch-22: Either it consolidates around a more consistent platform that can be thought of as “Linux” in the same way as Windows (or major versions of Windows), or the PC industry will have plenty of reasons to resist it. Not a happy set of facts.

      Security Center Editor Larry Seltzer has worked in and written about the computer industry since 1983. Be sure to check out at http://security.eweek.com for the latest security news, views and analysis.

      More from Larry Seltzer

      Larry Seltzer
      Larry Seltzer has been writing software for and English about computers ever since—,much to his own amazement—,he graduated from the University of Pennsylvania in 1983.He was one of the authors of NPL and NPL-R, fourth-generation languages for microcomputers by the now-defunct DeskTop Software Corporation. (Larry is sad to find absolutely no hits on any of these +products on Google.) His work at Desktop Software included programming the UCSD p-System, a virtual machine-based operating system with portable binaries that pre-dated Java by more than 10 years.For several years, he wrote corporate software for Mathematica Policy Research (they're still in business!) and Chase Econometrics (not so lucky) before being forcibly thrown into the consulting market. He bummed around the Philadelphia consulting and contract-programming scenes for a year or two before taking a job at NSTL (National Software Testing Labs) developing product tests and managing contract testing for the computer industry, governments and publication.In 1991 Larry moved to Massachusetts to become Technical Director of PC Week Labs (now eWeek Labs). He moved within Ziff Davis to New York in 1994 to run testing at Windows Sources. In 1995, he became Technical Director for Internet product testing at PC Magazine and stayed there till 1998.Since then, he has been writing for numerous other publications, including Fortune Small Business, Windows 2000 Magazine (now Windows and .NET Magazine), ZDNet and Sam Whitmore's Media Survey.

      MOST POPULAR ARTICLES

      Cybersecurity

      Visa’s Michael Jabbara on Cybersecurity and Digital...

      James Maguire - May 17, 2022 0
      I spoke with Michael Jabbara, VP and Global Head of Fraud Services at Visa, about the cybersecurity technology used to ensure the safe transfer...
      Read more
      Android

      Samsung Galaxy XCover Pro: Durability for Tough...

      Chris Preimesberger - December 5, 2020 0
      Have you ever dropped your phone, winced and felt the pain as it hit the sidewalk? Either the screen splintered like a windshield being...
      Read more
      Cloud

      Yotascale CEO Asim Razzaq on Controlling Multicloud...

      James Maguire - May 5, 2022 0
      Asim Razzaq, CEO of Yotascale, provides guidance on understanding—and containing—the complex cost structure of multicloud computing. Among the topics we covered:  As you survey the...
      Read more
      Big Data and Analytics

      GoodData CEO Roman Stanek on Business Intelligence...

      James Maguire - May 4, 2022 0
      I spoke with Roman Stanek, CEO of GoodData, about business intelligence, data as a service, and the frustration that many executives have with data...
      Read more
      IT Management

      Intuit’s Nhung Ho on AI for the...

      James Maguire - May 13, 2022 0
      I spoke with Nhung Ho, Vice President of AI at Intuit, about adoption of AI in the small and medium-sized business market, and how...
      Read more
      Logo

      eWeek has the latest technology news and analysis, buying guides, and product reviews for IT professionals and technology buyers. The site’s focus is on innovative solutions and covering in-depth technical content. eWeek stays on the cutting edge of technology news and IT trends through interviews and expert analysis. Gain insight from top innovators and thought leaders in the fields of IT, business, enterprise software, startups, and more.

      Facebook
      Linkedin
      RSS
      Twitter
      Youtube

      Advertisers

      Advertise with TechnologyAdvice on eWeek and our other IT-focused platforms.

      Advertise with Us

      Menu

      • About eWeek
      • Subscribe to our Newsletter
      • Latest News

      Our Brands

      • Privacy Policy
      • Terms
      • About
      • Contact
      • Advertise
      • Sitemap
      • California – Do Not Sell My Information

      Property of TechnologyAdvice.
      © 2021 TechnologyAdvice. All Rights Reserved

      Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.

      ×