[Info-vax] A possible platform for VMS?

Stephen Hoffman seaohveh at hoffmanlabs.invalid
Sun Mar 1 10:24:21 EST 2015 

On 2015-03-01 11:14:45 +0000, terry+googleblog at tmk.com said:

> On Saturday, February 28, 2015 at 5:53:24 PM UTC-5, 
> johnwa... at yahoo.co.uk wrote:
>> IE might historically have had more holes than a Swiss cheese, but
>> even if you eliminate all the IE-specific holes there are plenty left.
>> I specifically picked the two I mentioned above, from the larger
>> selection in that month's list, because those two didn't require IE
>> as part of the exploit.
> 
> Regarding the IE issue, a good chunk of the problem is due to the 
> historical decision to make IE "part of Windows" (IE code in the OS 
> proper, and OS code in IE). 3rd-party browsers manage to provide 
> (generally) more nimble and more secure implementations in a smaller 
> footprint. Perhaps Microsoft's "new browser" (the code they're working 
> on that will NOT be called IE and jettisons IE compatibility) will have 
> learned from this mistake.

OS X and iOS ship with an integrated and embedable browser framework 
(Safari WebKit), and that works quite well.

With Microsoft Internet Explorer and the other associated web tools, 
Microsoft seems to have tried embrace and extend, and they didn't get 
traction with their bugs and their incompatibilities.

Current MSIE is actually a decent web browser, in terms of performance 
and standards compliance.  They're also doing pretty well to remain 
compliant with the old MSIE rendering, but they're likely going to 
chuck that compatibility sooner or later.

> As someone who advises a number of customers on patching / security on 
> a number of platforms, what is of much more concern in the Microsoft 
> Model is the number of dud patches in the last year or so. I think the 
> record was "the patch to fix the patch to fix the patch that patched 
> the bug".*

All software vendors approach the limit of their ability to manage 
complexity.  Some software vendors will reach or exceed that limit.  
The survivors pull back from the brink, and take steps to upgrade their 
tools and processes and mechanisms; to reduce their complexity and 
purmutation, and to locate and preemptively address the most 
problematic parts of their environment.

> On the other hand, in modern Windows a good number of the patches can 
> be applied without needing a reboot. Video drivers are an excellent 
> example of wholesale driver replacement without needing a reboot. Quite 
> a far cry from the old "Your mouse pointer has moved. Windows must 
> restart to recognize these changes" model.

Had a look at Oracle's KSplice acquisition?


-- 
Pure Personal Opinion | HoffmanLabs LLC

More information about the Info-vax mailing list