[Info-vax] Problem with Filezilla connecting to OpenVMS

[Stephen Hoffman]

On 2018-12-06 15:19:26 +0000, Dave Froble said:

> Ya know, the real problem here, is dumb ass developers who cannot 
> figure out that perhaps there will be a time when a user just cannot 
> use encryption, and provide for an unencrypted option.  Oh, no, that's 
> way too reasonable.  Can't have that.

FileZilla offers FTP.

I wouldn't expect a security-focused client or server operating system 
to even offer FTP access, though.  Certainly not integrated and not 
easily accessible, if FTP is to be available all.

> Then again, it's their product, and it's worth just about what you are 
> paying for it.  Ain't free software great?  Ain't the developers of 
> free software the smartest people around?

The FileZilla folks are investing in current security.

OpenVMS hasn't been focusing on security.

VSI is working to change that focus, with VSI IP and with other changes 
shipping and additional work pending and planned.

The folks at VSI have far more work awaiting too, and the upgrade 
cycles and the time-to-exploit windows are only going to shorten.

OpenVMS is not good at notifications, with building cases for upgrades, 
and certainly not with the rapid deployment and installation of patches 
and upgrades.

We are no longer in that fondly-remembered run-it-forever world.

In this and in other similar cases, OpenVMS and OpenVMS sites are 
getting dragged forward by other platforms.  That's... inauspicious.

In general, customers should be on HPE V8.4 at the oldest and with 
current patches, and preferably either already running or migrating to 
VSI OpenVMS.  Many are not.

> When you don't have to please the users, you can be as dumb as you want 
> to be ....

There are many potential antecedents for that sentiment.

-- 
Pure Personal Opinion | HoffmanLabs LLC