"R. A. Hettinga" wrote: > > <http://channels.netscape.com/ns/news/story.jsp?id=200309241951000228064&dt=20030924195100&w=RTR&coview=> > > Reliance on Microsoft called risk to U.S. security
> But the security experts said the issue of computer security > had more to do with the ubiquity of Microsoft's software than > any flaws in the software. > "I wouldn't put all of the blame on Microsoft," Schneier said, > "the problem is the monoculture." On the face of it, this is being too kind and not striking at the core of Microsoft's insecure OS. For example, viruses are almost totally a Microsoft game, simply because most other systems aren't that vulnerable. But, it is also possible to secure M$ OSs, so maybe there is some merit to not putting "all the blame on Microsoft." Either way, it can be tested. There is one market where M$ has not dominated, and that is the server platform. I haven't looked for a while, but last I looked, the #1,2,3 players were Linux, Microsoft, FreeBSD, and only a percentage point or two separated them. (I'm unsure of the relative orders. And this relates to testable web server platforms, rather than all servers.) So, in the market for server platform OSs, is there any view as to which are more secure, and whether that insecurity can be traced to the OS? Or external factors such as a culture of laziness in installing patches, or derivative vulnerability from being part of the monoculture? (I raise this as a research question, not expecting any answers!) iang --------------------------------------------------------------------- The Cryptography Mailing List Unsubscribe by sending "unsubscribe cryptography" to [EMAIL PROTECTED]