Update: Please read the comments section. Rather than force playing blog pong, I've cross-posted some of the comment thread from Lindstrom's blog.
I believe I've offered up a clear present and future case that invalidates "immutable" law #1. Pete, of course, disagrees...
--
I've commented a couple of times about the confusingly contradictory nature of Lindstrom's Burton's "Five Immutable Laws of Virtualization." I go back every once and a while and try to utilize them as suggested by their author to see what pops out the other end:
When combining the standard risk principles with an understanding of the use cases of virtualization, a set of immutable laws can be derived to assist in securing virtual environments
I'm not sure I really ever got an answer to what those "...standard risk principles" are and as such, there seems to exist a variability based upon interpretation that again makes me scratch my head when staring at the word "immutable."
So I try and overlook the word (as did the author/editor in the title of the Baseline magazine article below -- it was omitted) and I find myself back where I started which sort of makes sense given the somewhat reflexive and corollary nature of these "laws."
This is where I get stuck. I don't know whether to interpret each law as though it can stand on its own or the group as a whole.
Basically, I have a hard time seeing how they enable making more effective risk management decisions any easier. I will admit, it could just be me...
Further, I've noticed the very careful choice of words used in these laws, and interestingly they don't appear to be consistently referenced which would defeat the purpose of calling them "immutable," no?
Take for example the original wording of the five laws from Burton's original minting and compare it against an article appearing in Baseline magazine from the same author(s) -- Lindstrom in this case:
Original Burton Article Example:
Law 1: Attacks against the OS and applications of a physical system have the exact same damage potential against a duplicate virtual system.
Baseline Magazine Article Example:
Law 1. Attacking a virtual combination of operating systems and applications is exactly the same as attacking the physical system it replicates.
This example may seem subtle and unimportant, but I maintain it is not. I suggest that they mean very different things indeed. I mean, if these are "laws," they're not something you get to reword at a whim. I trust I don't have to explain why.
One could have lots of fun with the Constitution if that were the case. ;)
There are additional differences scattered throughout the two articles. See if they appeal differently to you as they did to me.
Now, I'm sure Pete's going to suggest I'm picking nits and that I'm missing the spirit and intent of these "laws," but before he does, I'm going to remind him that I didn't come up with the title, he did. I'm merely stuck on trying to assess whether these are actually "immutable" or "refutable" but I am admittedly still having trouble getting past step #1.
Help a brother out. Explain these to me to where they make sense. Pete tried and it didn't stick. Maybe you can help?
/Hoff