David Mandl on Thu, 25 Sep 2003 08:21:35 +0200 (CEST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

<nettime> CyberINsecurity: The Cost of Monopoly


http://www.ccianet.org/papers/cyberinsecurity.pdf

CyberINsecurity: The Cost of Monopoly
How the Dominance of Microsoft's Products Poses a Risk to Security

[From the introduction:]

Computing is crucial to the infrastructure of advanced countries. 
Yet, as fast as the world's computing infrastructure is growing, 
security vulnerabilities within it are growing faster still. The 
security situation is deteriorating, and that deterioration compounds 
when nearly all computers in the hands of end users rely on a single 
operating system subject to the same vulnerabilities the world over.

Most of the world's computers run Microsoft's operating systems, thus 
most of the world's computers are vulnerable to the same viruses and 
worms at the same time. The only way to stop this is to avoid 
monoculture in computer operating systems, and for reasons just as 
reasonable and obvious as avoiding monoculture in farming. Microsoft 
exacerbates this problem via a wide range of practices that lock 
users to its platform. The impact on security of this lock-in is real 
and endangers society.

Because Microsoft's near-monopoly status itself magnifies security 
risk, it is essential that society become less dependent on a single 
operating system from a single vendor if our critical infrastructure 
is not to be disrupted in a single blow. The goal must be to break 
the monoculture. Efforts by Microsoft to improve security will fail 
if their side effect is to increase user-level lock-in. Microsoft 
must not be allowed to impose new restrictions on its customers - 
imposed in the way only a monopoly can do - and then claim that such 
exercise of monopoly power is somehow a solution to the security 
problems inherent in its products. The prevalence of security flaw in 
Microsoft's products is an effect of monopoly power; it must not be 
allowed to become a reinforcer.

Governments must set an example with their own internal policies and 
with the regulations they impose on industries critical to their 
societies. They must confront the security effects of monopoly and 
acknowledge that competition policy is entangled with security policy 
from this point forward.

[snip]

-- 
Dave Mandl
[email protected]
[email protected]
http://www.wfmu.org/~davem

#  distributed via <nettime>: no commercial use without permission
#  <nettime> is a moderated mailing list for net criticism,
#  collaborative text filtering and cultural politics of the nets
#  more info: [email protected] and "info nettime-l" in the msg body
#  archive: http://www.nettime.org contact: [email protected]