[Info-vax] VMS Software Partners with Stark Gaming to Create Revolutionary Online Gaming and eSport Server Infrastructure

[Craig A. Berry]

On 8/6/15 12:59 PM, RobertsonEricW wrote:

> As was briefly alluded to upthread, OpenVMS on X64 is going to
> significantly increase the use of the existing body of Run-Time Library
> analysis (for statically revealing possible points of attack) and
> malware generation toolkits that are already in use for other platforms
> running on Intel X64. Currently (and historically) most such tools do
> not target OpenVMS Platforms. So, comparatively speaking, OpenVMS has
> not had the same level of scrutiny and exposure that such tools have
> allowed for other OS's. What strategic approach is VSI planning to take
> in order to mitigate the risk posed by the extra level of scrutiny and
> exposure of running OpenVMS on the ubiquitous x64 platform which the
> equally ubiquitous availability of these toolkits enables?

I'm not sure I completely get the question, Eric. If the port to x86_64
means there are more tools available to black hats, won't those same
tools be available to white hats? For example, with the port of LLVM,
maybe AddressSanitizer will become available:

<http://clang.llvm.org/docs/AddressSanitizer.html>

While there's plenty to think about here, Hoff is right about
lower-hanging fruit in the near term. For example, wouldn't it be great
if VMS users could get security patches to Apache/BIND/SSL/SSH/NTP, etc.
the same day everybody else in the world gets them? I.e., before the
exploits are rampant all over the Internet.