Consider antivirus software, if you will. Some smaller vendors already struggle under the need to support a wide range of Windows platforms. Imagine the impact when support must now be extended to an even broader array of operating systems and applications designed to run on them. Even giants such as Symantec and McAfee might find this to be a stretch of resources, considering that development is only one aspect of the impact. When one considers the support personnel, quality assurance, and product management teams necessary to facilitate these additional platforms, the suggestion seems almost flippant in its disregard for these issues. Add to this the need to centrally manage a diverse range of operating systems and applications, the ramifications to the support IT personnel for those enterprises, and the costs associated with this, and the idea turns from flippant to frighteningly blind.
In fact, let's just flesh this out a bit, shall we? Now I'm not a statistician or mathematician, and certainly don't want to spend six pages trying to tie unrelated issues into Sarnoff's Law, Metcalfe's Law, or Moore's Law, but there are a few brief points to consider. Chief among these is who's going to foot the bill. Enterprise budgets are fairly predictable. Generally speaking, whatever was spent on antivirus the year before is unlikely to see a very large increase in the coming year. Thus antivirus vendors - who, remember, are now tasked with creating, managing, and supporting software on a far greater arrary of platforms - can expect to receive no additional monies for their efforts.
Next, let's take a look at end user support, already a difficult proposition for most vendors and a source of consternation amongst their users. Imagine if instead of supporting their product on a fixed number of Windows operating systems that are well-known, well-established and fairly predictable, these vendors are suddenly tasked with supporting inexperienced end users on a range of operating systems that may not be as familiar, as established, nor as predictable. Will we find ourselves then in a position where the curse is not the virus, the worm, the Trojan, but rather the fact that each man (or woman) finds themselves alone in their quest for information, support, and guidance?
Further, can we even make the dangerous assumption that somehow this diversification is going to result in far fewer instances of malware? Neither Linux nor Macintosh, examples used by the authors, are immune to viruses, worms or Trojans. Nor can it be said that only Microsoft is victim to security vulnerabilities and exploits. Is their proposal instead setting us up for a future in which the threats continue and the management of those threats increases exponentially due to the then large and complex implementations of applications and operating systems? Isn't the lion's share of today's malware problem largely a result of user inexperience and systems they find too complex to manage properly already? If this is the case, and it's been widely suggested even in this same report that it is, then how will increasing the complexity be of benefit?
