[Info-vax] "Shanghai Stock Exchange" and OpenVMS

[JF Mezei]

Bill Gunshannon wrote:

> We wre talking about systems in corporate situations run by supposed
> professionals, not "your momma's PC", remember.  If they don't know
> how to set up a secure system and don't know where to find the info
> they belong on the breadline and not in the corporate datacenter.


I don't want to support Mr Main's "666 patches per week to install", but...

A few years ago, the whole Québec medical IT network went down. It is
all windows based. (pretty scary, isn't it ?). One PC got infected, and
it infected the windows server above it. That one not only infected all
other PCs below it, but also infected the server in the higher tier
until the top tier was infected and distributed it to all other servers
which distributed it to all workstations.

One of the arguments given as explanation is that the IT guys did not
have sufficient budget to hire people in charge of installing patches to
protect against viri.

In the end, what matters isn't what *could* be done to make Windows
secure, but what is actually done in real life. And if in real life,
there are sufficient sites that have insufficient protection, then the
fauna of Windows viri continues to expand.

It is relatively easy for a geek to secure his windows desktop. Not so
easy for a large corporate network with thousands of workstations to
roll out a new patch across its network.