[Info-vax] VMS and the Internet of Things (IoT)
Chris
xxx.syseng.yyy at gfsys.co.uk
Mon Sep 12 17:15:55 EDT 2016
On 09/12/16 20:30, Stephen Hoffman wrote:
> On 2016-09-12 18:13:26 +0000, Chris said:
>
>> Why is that ?. Ignoring other factors, any non X86 architecture is
>> inherently more secure that X86, in term of binary virus and malware
>> susceptibility. Most of the world's malware depends on X86
>> architecture to run at all...
>
> More than a little of the recent malware depends on Word macros, and —
> barring holes in the iLO firmware or Intel AME firmware — all of the
> malware is specific to a particular software package or operating
> system, and not to the underlying hardware. Bare hardware doesn't and
> can't run malware. But then I've chased around more than a little
> malware that was wonderfully overloading OpenVMS servers, due to bugs in
> the OpenVMS NTP server being used for reflection attacks.
>
I guess we must agree to differ there. From what I understand, the
object of the exercise is to get a binary executable into a region
of memory where it can be run. Doesn't matter if the attack
surface is a word or spreadsheet macro, email client, or browser
exploit, the result is the same. Of course the "bare metal" machine
runs code, it's what it's designed to do :-).
It's one of the primary reasons why I continued to run an aged
Alpha box as the main lab server for years. Now Solaris, but also
investigating FreeBSD, non X86 version of course.
Overall, I think Power would have been a better machine to port VMS
to, in terms of the sort of markets that both address, but I guess
it would be unacceptable for all kinds of reasons...
Chris
More information about the Info-vax
mailing list