[Info-vax] DCL vulnerability write up on The Register

[IanD]

Oh dear...

This isn't going to win any OpenVMS friends or win over people who were fence sitting wondering if they should stay with the platform or move on

Fair enough that an exploit was found, harsh that it's being exposed at a time when OpenVMS is trying to make a comeback

The Register I don't overly care for, they tend up gravitate towards sensational type reporting - I just looked at how they titled this and they are behaving exactly how I remember them

ZDNET however I find tend to do a little bit more background work. Looking at their write out is far more professional

I am swinging more towards the opinion that this public style announcement isn't going to achieve much other than loose OpenVMS sales or make people move off the platform faster

I don't see it boosting OpenVMS security reporting procedures or streamlining anything on the security side for that matter

Most OpenVMS shops with Vax's probably stopped caring many years ago, so I doubt they are going to react

Alpha are probably fence sitters who have plans to move or most likely port away. All this may do is speed up their plans to move away. This I think might have been VSI's largest target group, being that Alpha makes the majority of the installed base

Itanium, looks like they don't really have to do much other than accept a process could crash. There's some fluffy reference in the article to the exploit being bigger but who knows

Now if VSI had their x86 port done, they could have given people a clear path forward but the timing of this leaves the largest group, Alpha, clearly in the target sights with the biggest looser being VSI/OpenVMS - hard to justify IMO as a strategy to get people back onto the platform

The exploit was there for what, 30 years? 
Could not the security exploit release have have waited for another 6-8 months more (1.6% of the time it existed for!) until VSI rolled out x86 and given people a positive pathway forward?