Re: Questions about draft-abarth-mime-sniff-00

On Mon, 6 Apr 2009, Adam Barth wrote:

>> From a purely biological view, having no diversity leads to increased risk.
>
> Here the situation is reversed.  Diversity leads to increased security risk 
> because mismatches in sniffing create cracks that attackers can exploit.

No, that's the exact same situation as in biology. If there's a single master 
race with no quirks, it will conquer them all. But if that master has a flaw, 
everyone gets hit.

Alas, if the one and only method is found to have a flaw at a future date, 
*all* browsers will have that flaw (assuming all would manage to and want to 
adhere to the same spec). Letting everyone do it there own way of course make 
the risk of them all having the exact same flaw less likely.

-- 

  / daniel.haxx.se

Received on Monday, 6 April 2009 22:03:57 UTC