[Info-vax] "Shanghai Stock Exchange" and OpenVMS

AEF spamsink2001 at yahoo.com
Thu Jan 22 17:05:31 EST 2009 

On Jan 22, 3:31 pm, billg... at cs.uofs.edu (Bill Gunshannon) wrote:
> In article <CKqdnel_5rWYS-XUnZ2dnUVZ_v_in... at giganews.com>,
>         "Richard B. Gilbert" <rgilber... at comcast.net> writes:
>
> > Bill Gunshannon wrote:
> >> In article <0005d0dd$0$2088$c3e8... at news.astraweb.com>,
> >>        JF Mezei <jfmezei.spam... at vaxination.ca> writes:
> >>> Richard B. Gilbert wrote:
>
> >>>> You can safely plug them in and turn them on.  It's when you connect
> >>>> them to a network that you have to worry about "electronic organisms"
> >>>> infecting your Windows systems.
> >>> This week's virus can be transmitted when you plug in an USB key.
>
> >>> Sony managed to infect Windows machines when the user inserted a MUSIC
> >>> CD into the machines (that rootkit thing).
>
> >>> So leaving a Windows box unconnected to a network is not a garantee that
> >>>  it won't be infected.
>
> >> And all of these exploits can be prevented by proper configuration of
> >> Windows.
>
> >> bill
>
> > And how many people know how to "properly configure Windows"???
>
> How many know how to "properly configure VMS"?
>
> > Where is this "proper configuration" documented?  The last time I looked
> > Windows was shipping without any "documentation".
>
> Well, you can get docs from NIST specifically covering security.  And then
> there are the checklists from DISA that are publicly available.  And, being
> as we are talking about supposed professionals in major corporations and
> not your momma's PC,  if they don't already know where to find this stuff
> they certainly should know how to go out and find it.  Even Google finds
> piles of references including the stuff from NIST.
>
> bill
>
> --
> Bill Gunshannon          |  de-moc-ra-cy (di mok' ra see) n.  Three wolves
> billg... at cs.scranton.edu |  and a sheep voting on what's for dinner.
> University of Scranton   |
> Scranton, Pennsylvania   |         #include <std.disclaimer.h>  - Hide quoted text -
>
> - Show quoted text -

Hi Bill,

Well, it sounds like Windows PC's/servers come seriously misconfigured
right out of the box! And it appears to be a rather big deal to
configure them properly. Is this true for other OSes? Is VMS seriously
misconfigured right out of the box?

With VMS you can get security info right out of the manuals that come
with it! No hunting down stuff at NIST and such. OK, they may not have
the exact details for various pre-defined levels of security, but you
can go through the Security Manual and do a lot more than what comes
with Windows servers. And do these NIST documents explain how to
actually do any of this in Windows? (Well, maybe some manuals like
that do come with it -- do tell.)

This reminds me of one of my main gripes about Windows: no
documentation to browse. What I mean by "browse" is not to look for
help on fixing a particular problem you happen to have, but to just
read something like the VMS User's manual and just learn what the OS
can do and how to do it. For example, with Windows' Outlook Advanced
Find, you can put semicolons between search words and it changes the
Boolean logic from AND to OR. How do I know this? I happened to
stumble across it in a document written by someone who has nothing to
do with Microsoft and was writing about some other particular topic
(It might have been "Escape from the Mousetrap. I'll hunt it down
later . . . maybe.) Who knows what other cool features we don't know
about? What secret Microsoft doc even mentions this and if there is
such, why should I have to, and how would I know to, hunt for it? And
where's the secret documentation for all the MS-DOS commands, esp. the
MS-DOS commands I don't even know exist until a Windows Admin tells me
in response to a question I have for which I don't even know that the
answer is to run some secret MS-DOS command (not to mention the fact
that I need to use the MS-DOS command window in the first place!)?

Even OS X has this problem. That's why you need the David Pogue books
(well, at least one of them). I guess home computers just don't come
with docs like VMS (and I'm sure other OSes) has -- stuff you can just
sit down and read and learn all the features about all the commands
(well, mostly).

AEF

More information about the Info-vax mailing list