Re: Questions about draft-abarth-mime-sniff-00

Daniel Stenberg wrote:
> On Mon, 6 Apr 2009, Adam Barth wrote:
>> Here the situation is reversed.  Diversity leads to increased security
>> risk because mismatches in sniffing create cracks that attackers can
>> exploit.
> 
> No, that's the exact same situation as in biology. If there's a single
> master race with no quirks, it will conquer them all. But if that master
> has a flaw, everyone gets hit.

Ah, the dangers of taking an analogy too far...

In biology we usually talk about whether a species survives or not.  
The analogy fails because in browser security, having an exploitable 
hole in one browser is unacceptable.  The goal isn't to throw a range 
of genetic diversity against a potential extinction event and hope that 
a few individuals make it alive out the other side; the goal is to 
provide a secure browsing experience for *all* users.

-Michaeljohn

Received on Monday, 6 April 2009 23:01:29 UTC