Rather than integrate this with the existing discussion on @Stake's decision (http://www.antionline.com/showthread...hreadid=248965) I thought might be worthwhile to discuss some of the points brought up by the PDF paper CyberInSecurity.

The points that are brought up as the problem are:


- Our society's infrastructure can no longer function without computers and networks.

- The sum of the world's networked computers is a rapidly increasing force multiplier.

- A monoculture of networked computers is a convenient and susceptible reservoir of platforms from which to launch attacks; these attacks can and do cascade.

- This susceptibility cannot be mitigated without addressing the issue of that monoculture

- Risk diversification is a primary defense against aggregated risk when that risk cannot otherwise be addressed; monocultures create aggregated risk like nothing else

- The growth in risk is chiefly amongst unsophisticated users and is accelerating.

- Uncorrected market failures can create and perpetuate societal threat; the existence of societal threat may indicate the need for corrective intervention
I have to admit to agreeing to a lot of this (as I use it as part of my arguments about why MS still has flaws -- mainly the furtherence of "ignorant" users). But MS isn't the only bad guy on that front. Recently Linux distributors, namely RH and SUSE, have also been perpetuating this with their "more friendly" versions.

On the other side of this is the ultimate ROI, aka costs. It certainly costs more to diversify in that you'll need more specialized admins for specific products and it tends to cost more than if it's integrated with existing products.

I'm curious as to what others think. (try not to make this into a Linux/Unix vs MS debate -- that's just old).