A giant glaring flaw in an otherwise excellent article (The Evolution of Security) by Daniel E. Geer is how he measures success. He might poke fun at trying to reduce the cost of management, but I think his expectations for a defined environment might be a bit unrealistic:

We reproduce our computing tissue asexually by cloning some gold master somewhere, even though a pond full of identical blue-green algae can be thought of as success only when evolution is very young.

A true gold master can be defined, measured and hopefully repeated. Repeating something that is not well defined or measured does not really mean it deserves the title of “gold”. People are all too willing to throw the term around, without a common criteria of what it means.

Maybe it’s a minor point, but it seems odd to me to compare the standard of evolution for products based in a heavily-skewed American consumer market to millions of years of life/death-based natural evolution.

I would say that the American industry is often dominated by who has the best story to sell and who will believe it, while success in the wild raises stakes to another level — true survival. Greer suggested some of this himself, earlier in his article:

We have risks, costs, and benefits from the all-alike alternative, and we have risks, costs, and benefits from the all-different alternative. Where’s the tradeoff? What is cost effective? Is this a new problem never before seen? Is there an answer? The answer is staring us in the face; the answer is in nature.

Unless of course you are a creationist, and then you might say that success is best defined and measured by someone, somewhere, who is elected or ordained to decide fate. The tradeoffs are not always as obvious as we might hope, and the systems are often too complex for us to emulate, which opens the door for people who prefer to give up and adopt a construct of faith.

Do you believe Vista is safe, or will you let nature decide?