Dan Geer lost his job, but gained his audience. The very idea that got the computer security expert fired has sparked serious debate in information technology. The idea, borrowed from biology, is that Microsoft Corp. has nurtured a software "monoculture" that threatens global computer security. Geer and others believe Microsoft"s software is so dangerously pervasive that a virus capable of exploiting even a single flaw in its operating systems could wreak havoc. Just this past week, Microsoft warned customers about security problems that independent experts called among the most serious yet disclosed. Network administrators could only hope users would download the latest patch.
After he argued in a paper published last fall that the monoculture amplifies online threats, Geer was fired by security firm (at)stake Inc., which has had Microsoft as a major client. Geer insists there"s been a silver lining to his dismissal. Once it got discussed on Slashdot.org and other online forums, the debate about Microsoft"s ubiquity gained in prominence. "No matter where I look I seem to be stumbling over the phrase `monoculture" or some analog of it," Geer, 53, said in a recent interview in his Cambridge home. In biology, species with little genetic variation — or "monocultures" — are the most vulnerable to catastrophic epidemics. Species that share a single fatal flaw could be wiped out by a virus that can exploit that flaw. Genetic diversity increases the chances that at least some of the species will survive every attack.