[Info-vax] VMS and the Internet of Things (IoT)
Chris
xxx.syseng.yyy at gfsys.co.uk
Tue Sep 13 14:37:05 EDT 2016
On 09/12/16 23:16, Stephen Hoffman wrote:
>
> That's if you're stack smashing, and that code is still entirely
> dependent on the operating system that's running in the box.
To be honest, neither of us have the knowledge base to comment on this,
but you only have to look at some the sophistication of some of
the exploit code (yes, it is X86 assembler) to come to the
conclusion that some serious effort and cash is being put into it.
Not bedroom hackers, but well funded organisations and state
level actors worldwide. You have to
assume that all systems can be broken, given enough resources, but using
a non X86 architecture immediately removes the majority of injected
code related exploits.
Have a look at cert.org, or google X86 security exploits for more info.
VMS may be more robust on X86, security by obscurity etc. It won't use
the same memory layout, system functions, kernel or driver code, but
it's still a pretty wide interface for the bad guys. I guess for
them it's a trade off between potential reward against effort.
Make it difficult enough and they will hopefully move on to the
next target.
<snipped>
>
> Porting OpenVMS to Power is one of the worst ideas around. Great
> processor, certainly. It'll be expensive to buy and rarely encountered
> outside of specific sites and with everything that tended to make Alpha
> a business problem and a competitive disadvantage, and for the
> foreseeable future.
<snipped>
If you are aiming VMS at the bazar, X86 is a good choice, but VMS
was aimed at the high end, the sort of market that Power systems
traditionally address. VMS was quite successful on Alpha and it's
long term demise had nothing to do the architecture, but rather lack of
investment in supporting software and infrastructure development.
Compaq were not too bad to start with, but it was subject to the NIH
factor at HP, who were clearly not interested in the product at all.
>
> Here's what Power is right now:
> https://www.youtube.com/watch?v=SSUXXzN26zg It's (in the most polite
> terms) a distraction. It's flailing, thrashing, indecision, added costs,
> product fragmentation, increased costs... And it's a whole lot more
> work, and more expensive boxes, and all for... well... how much specific
> end-user benefit past what x86-64 provides?
>
As I said, inherent levels of security, just by not being capable of
executing X86 code. There's also the kudos, real or imaginary, coming
from using IBM product, which is still seen as high end quality and
attention to detail.
As for windows 10, i'm surprised that you even mention it :-).
Chris
More information about the Info-vax
mailing list