Paul Erlich, the Stanford biologist and author of many books, including The Population Bomb,is worried about genetic diversity. The problem is that we are far too reliant on hybrid, bio-engineered, designer fruits, grains, and vegetables. Consumers like them because they look better. Farmers like them because these new varieties can be disease or drought or rot resistant, so more product gets to market cheaper. It is what has made America the breadbasket of the world. The problem with this new Eden is that hybrids become so popular they are planted by every farmer, so nearly every field is filled with EXACTLY the same variety of corn or bean or melon. If a plague comes along that specifically attacks that popular variety, it changes into a famine what would have been otherwise just a nasty little infestation. If we had more variety in our fields, Erlich argues, our crops would be safer.

What the heck does this have to do with computers?

Stop thinking hybrid corn and start thinking Microsoft Windows or Office 2000.

All of our computers are planted with the same software. This is not software that is functionally the same, but software that is genetically identical. The data structures and application programming interfaces (APIs) of Windows or Word or Excel or a hundred other Microsoft products are absolutely identical on more than 100 million computers in the U.S. alone. Microsoft's carefully crafted upgrade programs have guaranteed that this is the case. And twice this year, we've seen major data security problems caused by this cloning. Both the Melissa and Explore.zip viruses were specific to Microsoft software, requiring not only Windows, but also Microsoft Word. No problemo, since that's what everyone seems to be running. The folks at Corel or Lotus can feel very smug about this — poor, but smug.

Microsoft's incredible commercial success has created a system that is very fragile — not only because the company has such market dominance, but also because its APIs nearly all have extensive undocumented features. That's why Microsoft software works better on Windows than does similar software from other vendors, because Microsoft knows all the little tricks. But viruses and worms love tricks, too. They prey on undocumented features to do their dirty work.

In one sense, I might be calling here for an end to Microsoft dominance, but that's not correct. Microsoft earned its success and deserves it. I WOULD like to see an end to undocumented features, though. In the open source community, where Linux is king, an undocumented API doesn't qualify as an API, and so it isn't used. Microsoft takes the same approach — that undocumented APIs don't exist and therefore shouldn't be used — except that Microsoft then goes ahead and uses that undocumented API to gain a performance or feature advantage. Those weasels!

This might be better if Microsoft would implement a "call the virus detection application" API to run anytime we activate an .exe file, but they won't do it. Is this needed change obvious only to me?

I am certainly not the first person to notice this similarity between genetic and software diversity, that in both cases we'd be better and safer if there were lots of diverse products and people and crop strains available. Other writers have already covered this material, but I think the problem is becoming especially acute and needs even more publicity.

The danger in our all running the same software is not that we'll all be subject to the same bug, but that we'll all be vulnerable to the same virus or worm. Soon we'll be facing what will be, I'm sure, the most horrible virus season yet when Y2K strikes. It's not that Y2K, itself, will be all that bad (I'm right now shooting a PBS special on the subject and it doesn't look nearly as bad as most canned goods hoarders fear). What's really bad is that the virus writers in Bulgaria or wherever they live have tuned-in to the fact that Americans are freaked about Y2K.

Since lots of people expect problems at the end of the year, I'm sure the virus community will provide us with some. Like the Friday the 13th and Galileo viruses, these will be tied to specific dates. Like Melissa and Explore.zip, they'll be self-replicating and self-distributing and be tied to specific Microsoft APIs.

The worst part of this, of course, is that the Y2K viruses probably exist already and are in our systems, waiting to be activated in January. They could have been there for months already, even years. Notice I said "in January" rather than "at midnight on December 31." The distinction is important, because most people who "test" their PCs for Y2K compliance do so in exactly the manner described to me recently by a high official at Chevron Oil. He set his PC clock to December 31 then let it run for three days. But what if the virus is set to go off on January 5th?

We have neither the patience nor the time to live the year 2000 totally in advance. Anti-virus software needs virus signatures to be effective, and those signatures can't be generated until after the bloodbath begins. As with the press, in the virus world there is no prior restraint.

And all the while, the open source and Macintosh communities are happy in their little worlds that are made more secure not so much because they are better designed, but because they are less popular. If you are a virus designer with a grudge, what would you like to knock out: 10 million Macs or 200 million PCs?

The open source community makes a good argument that embracing their philosophy would make virus or worm storms less likely and harder to do. For his part, I don't think Bill Gates will start listening to these ideas until Windows market share begins to drop, which will probably be around the time Hell freezes over.

But let's not put all the blame on Microsoft. Some of it is just an artifact of success and could plague any very popular or cross-platform system. I keep waiting, for example, to read about the first really widespread Java virus. With the same executable able to run on almost any platform, a Java bug could really wreak havoc. Imagine the impact of a virus that not only runs the same on nearly every PC platform, but also on network computers, set-top boxes, video games, industrial controllers, and even Internet routers.

Uh-oh. Suddenly, diversity doesn't look so good, either. Now THAT's a population bomb. But let's take it a step further. Erlich argues persuasively that there is an important need for evolution in biological systems. Certainly we've seen incredibly fast evolution in our cybernetic systems. But what's to say there isn't a role in this for extinction, that part of the natural way of things is for plagues to come along in various forms and end the dominance of one species in favor of another?

Is this the way the PC revolution will end — killed by a virus and replaced with garage door openers?