[Info-vax] OpenVMS versus Windows/GE Telemetry Control Systems.
David Froble
davef at tsoft-inc.com
Tue Jan 15 22:08:09 EST 2013
Stephen Hoffman wrote:
> On 2013-01-16 02:15:39 +0000, David Froble said:
>
>> I seem to recall that the USB ports on Alphas were not functional
>> under VMS. If that's correct, then another security notch for VMS ...
>>
>> :-)
>
> AFAIK, the AlphaServer GS1280 familty were the only Alpha systems with
> formal USB support.
> (You can <http://labs.hoffmanlabs.com/node/1410> enable USB on a few
> other Alpha boxes, too.)
> The OpenVMS Itanium boxes all have USB support.
> Most other boxes do have USB support, and can be potential staging areas.
> The vulnerability with various widgets can be an auto-run, but it's
> feasible to get folks to run "games" and other such, too.
>
>
Well, if you're not going to go along with my light hearted approach,
then all I'll say on the matter is that people are suppose to know what
they are doing, or they should not be doing it.
I'm sure there are lots of ways to 'vet' a USB memory stick before using
it in a secure environment. I'm sure there are many other methods of
insuring maleware doesn't reach vital systems.
I'm also sure that no matter what you do on the human front, there are
enough dickweeds out there that sooner or later one of them is going to
do something stupid. (It's what they do ..)
To me, one of the few things that I can think of is computer systems
that know how to vet anything fed to them, and do so. Variations on
that theme might be the "sandbox" approach you seem to favor, software
that can be set up to accept only certain things and rejects anything
else, and such. No autorun stuff that can get at the OS. Just specific
applications for accepting valid data.
More information about the Info-vax
mailing list