Computing systems aren't nearly as complex as living organisms, but security experts say the monoculture problem has proven to be more than theory in the wake of e-mail viruses and hack attacks that took advantage of identically weak Windows code on millions of computers -- many in the hands of less tech-savvy consumers unable to recognize or remove a virus. Expand Windows' domain so it holds our credit card info for us and U2's entire catalog for them, and the much greater risk is obvious.

In the software world, "the existence or nonexistence of a monoculture in a particular environment is usually haphazard," says Greg Hoglund, CTO of Cenzic, a company that makes automated security testing software. "People will buy three different types of intrusion detection systems specifically because they want to be more resilient," he says, "but you can't afford to have three different kinds of Web server environments, with three different kinds of programmers maintaining them."

When it comes to consumer products, planning is even more shortsighted. "People want instant gratification," Hoglund says. "They want [a new feature] so bad that they're willing to buy it and use it without concern for the ramifications. If three years from now that opens me up to an attack, I'm not thinking about it."

Dr Robert Thibadeau, a Carnegie-Mellon professor who lectures on security and privacy, says the real danger is Windows may already be compromised. "Do you remember how we won the Second World War?" he asks. "We cracked their codes and we never let them know. My concern isn't about the stuff we hear about, it's the ones we don't. A really bad guy isn't stupid enough to tell you he's figured out how to get into your computer. You give them a monoculture and you open the door to them."

But Thibadeau says it's important not to confuse a business monopoly with a software monoculture. "It's not bad because there's one big ugly company doing it," he says, pointing out that Unix code shared among vendors has similarly been exploited. The threat is created when a common code base -- in this case, the Windows "kernel," the heart of the operating system -- is shared across a wide range of computers. Even if one is a PDA and one is, say, an airliner. "I can run a completely different interface for everyone," he theorizes, "but if someone gets into the kernel ... "

And the upside? "I can't imagine there's anything good out of one kernel out there," he says, echoing what seems to be the ubiquitous sentiment in his field. Instead, he suggests Microsoft take a lesson from the early days of mainframe operating systems: "There should be five giant strong architectures out there that can emulate each other," he says. "The classic way you do risk management is you limit the amount of damage one person can do because he can't cross boundaries."

It's possible to do that, even within the Windows realm: The free Outlook Express e-mail client, built from an entirely different code base than its pricey big brother Outlook, has proven to be immune to many of the e-mail viruses Outlook users have suffered from for years. But that's the exception; the company's usual means of gaining synergy among its software products is to give them access to one other's data and functions using code hooks only Microsoft can build in. These tie-ins not only lock out other companies forced to use higher-level protocol standards to get, say, your e-mail to talk to your calendar, they've also provided many of the biggest holes exploited by virus and worm programmers. And for what? So your e-mail can show you pretty HTML designs.

Will Microsoft break up its code monoculture in order to make Trustworthy Computing more resilient, providing more separate code bases instead of fewer in order to prevent global hack attacks? Probably not. But there are some things it can do that take advantage of the company's "Windows everywhere" goal to lessen the risks from single-strain software.

First, Microsoft can improve its hugely popular development tools for programmers to prevent them from writing vulnerable code. "Software engineers are not traditional engineers. They're rock stars," Hoglund says, meaning they're less interested in meticulously removing all flaws from a design the way a skycraper architect would feel compelled to do. "But a smart development environment has the capability of being the cleanup crew that picks up the mess behind them," says Hoglund. Right now, Microsoft's development tools for C and Visual Basic are the most-used on the planet, and the company's Java tools are a top contender, despite the ongoing feud over that language between Microsoft and Sun Microsystems. Building into these tools more automated checks for known security holes would help keep programmers at other companies from unwittingly creating unsafe software.

Second, Microsoft can refuse to honor software systems known to be insecure or unreliable -- starting with its own. First on the hit list is Passport, the ubiquitous customer identification system known to Hotmail and MSN Messenger users. In attempting to keep sensitive customer data away from millions of individual companies' Web sites by using a central repository at Microsoft, the company is setting up a single, giant point of failure that makes security experts nervous. One who meets regularly with the company confided that "Passport is a great example of privacy protection by half measure."

Dave Taylor, a coauthor of the game Quake, told me last year that getting certain third-party software programs certified for Windows was a brutal, expensive process. "You wouldn't believe the hoops they make you jump through" to get that logo, he said. Yet not too long ago, a consolidation of Passport domain name servers onto one operational team's network in Redmond -- a classic screwup motivated by internal politics rather than engineering -- resulted in a day-long outage for all Passport users.

By emphasizing Trustworthy Computing, Microsoft hopes to ride the drive for greater security, privacy, and protection of intellectual property as profitably as it rode the initial Internet boom half a decade ago. The company has called the Consumer Broadband and Digital Television Promotion Act currently before Congress "simply wrongheaded," yet people who've read both the bill and Microsoft's DRM patent joke about the similarities between the two documents. As usual, Microsoft and Washington have each seen the future and are wrestling over which of them gets to dictate its terms.

Not that any other red-blooded technology firm wouldn't do the same thing. Apple has long been pushing its Macs as "the hub of your digital lifestyle." But the name of the new initiative points out that Mundie and Microsoft, far more than their competitors, know they've got a tough question to answer before we'll let them fly that plane 10, 30 or 100 years from now:

Can we trust them?

Recent Stories

Ask the pilot
What's behind the recent rise in runway near misses?
Ask the pilot
Dangerous airlines, deadly airports, foggy landings and other hazards of flying: Sorting out facts from fancy.
Ask the pilot
Here's one way to exploit people's fear of flying: Tell them airlines are saving money by skimping on fuel.
Ask the pilot
The bone-bending, ergonomic hell of economy class. Six easy ideas for making flying more comfortable.
Ask the pilot
As hundreds of planes are grounded, the FAA faces an identity crisis. Plus: What does a rash of airline bankruptcies mean for the future?

Daily Newsletter

Get Salon in your mailbox!