[Info-vax] Some Reading on System and Server Security

[Simon Clubley]

On 2018-12-29, IanD <iloveopenvms at gmail.com> wrote:
>
> Interesting that the seL4 microkernel is Australian - never heard of it (not that this means much!). It doesn't surprise me that it's UNSW based though and it looks like the Australian government is involved, since the CSIRO has a hand in things (That's the Australian government science arm)
>

I've mentioned seL4 before as an example of what a modern secure
system looks like and as another example of why it's a _really_
bad idea for VSI to describe VMS as the most secure operating
system on the planet.

> Looks like ARM features heavily with this too. I'm seeing more ARM stuff being pitched - OpenVMS on ARM one day?
>

Sometime, I'm going to have to do some bare metal experiments with
64-bit ARM to better understand how it has been developed over 32-bit ARM.

One thing that immediately comes to mind is that you would probably
need something comparable to the Intel PCID support to support VMS
efficiently.

> For a good eye opener as to how quickly hackers can pull apart systems, watching some of the stuff at DEF CON is certainly an eye opener. It's been a long long time since VMS did well at DEF CON. I think the last time it got a review there significant issues with it's security was revealed.
> I think most people have little idea how advanced some of the hackers are out there at the individual level, yet alone the corporate and State level
>

DEFCON 16. Exploitable bug found on Alpha in the SMG$ library and
also some TCP/IP issues IIRC.

There was a video on Youtube somewhere if you want to watch it.

> OpenVMS has a LOT of work to do on the security side
>

Yes, it does.

Simon.

-- 
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Microsoft: Bringing you 1980s technology to a 21st century world