The approaching new year brings with it an opportunity to reevaluate problems and make resolutions, including careful examination of long-used hardware and software applications and end monocultures that bring with them a number of security dangers.
"The presence of legacy systems surrounded by monoculture is like a fire," said Dan Geer, chief scientist at Waltham, Mass.-based Verdasys Inc. and a longstanding critic of monoculture computing systems. "To have a fire you need a match, to have a bad fire you need a match and a can of gasoline. Microsoft, for example, is the warehouse full of timber with no sprinkler system.
"There are lit matches everywhere trying to start fires," added Geer.
One of those threats is the speed at which viruses and worms -- designed to target the more popular OSes -- now spread. "We've seen the recent spread rate of viruses increase to the point where vulnerable systems may be reached in a matter of minutes," Geer said.
To reduce the threat, experts recommend looking at a variety of less mainstream products because they present attractive targets for attackers.
"The key really is to investigate the opportunity to switch applications, etc., on an ongoing basis and to base judgments on opportunity," Gene Spafford, director of Purdue University's laboratory known as CERIAS, said in a recent interview. "Acting on outdated information or inappropriate parameters -- like availability of games -- doesn't matter to an enterprise.
"You'll have the same problems times 100 in 10 years if you continue to allow a particular vendor to dominate a hardware or software market segment," added Spafford.
There are ways to deal with the issue, but all come with their share of growing pains in terms of expense, training and inconvenience.
"There are lots of ways to protect ourselves, which we elect not to employ, on the whole. One would be to switch to another platform -- there are plenty of viable ones out there," Pete Lindstrom, research director for Malvern, Pa.-based Spire Security, said in an e-mail interview.
When looking at a monoculture and the encroaching issues of downstream liability, enterprises may not have much of a leg to stand on if their systems are used to damage others.
"Running a monoculture is a prima facie example of an Internet health issue," Geer concluded.
Dig Deeper on Oracle server hardware decisions
In the 1970s, Martin Hellman and Whitfield Diffie wrote the recipe for one of today's most widely used security algorithms in a paper called "New Directions in Cryptography. The paper mapped out the Diffie-Hellman key exchange, a major advancement in Public Key Infrastructure (PKI) technology that allows for secure online transactions and is used in such popular protocols as the Secure Sockets Layer (SSL) and Secure Shell (SSH). In 2000, they received the prestigious Marconi Foundation award for their contributions.
With the world increasingly dependent on the Internet for commerce and a financially-motivated underground of malcode writers working overtime to exploit its weaknesses, there's been plenty of debate over how cryptography must evolve to meet new threats. In this two-part feature, Diffie and Hellman discuss the threats that concern them most and where they think the technology they helped advance is headed.
Part 2: Diffie, now chief security officer, vice president and a fellow at Sun Microsystems, explains why Windows' spread into critical infrastructure is dangerous and how use of elliptical curve cryptography will grow with the proliferation of smaller, integrated mobile devices.