[Info-vax] Free Pascal for VMS ?

[Arne Vajhøj]

On 5/23/2018 10:40 AM, seasoned_geek wrote:
> *nix, and in particular Linux, grew without the slightest input from
> an architect as to its design. Much of the code was/is hacked out by
> 12 year old boys who wrote something because they thought it would be
> kewl.

Ken Thompson and Dennis Ritchie was around 30 when they designed Unix.

Richard Stallman was 30 when he started GNU.

Linus Torvalds was 22 when he started Linux.

No 12 year olds.

> The TCP/IP library and to some extend the sockets library grew like
> mold. No planning and no thought what-so-ever to security in an OS
> developed in complete anarchy.

Socket library is the de facto TCP/IP library.

> The bulk of today's security breaches/mass identity thefts are a
> direct result of said growth of mold. __ANY__ application can open a
> port and communicate to the outside world. There is virtually no
> control and even if you manage to find all of the configuration
> scripts for package-a, unless you look at the code you cannot be
> certain that is all the ports it uses.

Except for those 99% of servers that have a firewall controlling
what can connect to what.

> Ubuntu did try to address this, after the fact. In 2012 they shipped
> the Ubuntu Firewall (also called Uncomplicated Firewall - which is a
> completely inappropriate name) quietly, and enabled. Nothing worked.
> The entire "community"  on the forum tried to come up with a
> functional list of what should be allowed by default and they simply
> couldn't do it.

Uncomplicated Firewall is a GUI admin tool for iptables that
are successfully used on lots of Linux servers and Linux
desktop PC's.

> In a scant few years, platforms which do not totally abandon the *nix
> sockets and IP libraries will become "non-strategic" in Gartner
> speak. The financial and criminal penalties are being raised world
> wide even now. The GDPR is just the beginning.
> 
> https://en.wikipedia.org/wiki/General_Data_Protection_Regulation
> 
> Carrying with it fines of up to 20 million Euro. Other countries will
> be following suit in just a few years, if for no other reason than to
> stand in line to get a check after the EU prosecutes some
> corporation.

GDPR penalties can go way above 20 million Euro.

> Once the first 20 million euro penalty is handed out, __EVERY__
> business system will be looking for an OS with a TCP/IP Software
> appliance. You can't bolt it on later or morph a firewall into it.
> Every OS which doesn't have it will simply be a *nix because it uses
> the unmanageable unarchitected *nix shit.

GDPR will not have very little impact on comm protocols used.

GDPR is a data privacy regulation not a data security regulation.

GDPR requires only very basic security: data encrypted at rest,
data encrypted during transport, access requiring password
and some logging.

GDPR is all about the persons rights with the company
owning/processing the persons data.

The right to be informed about what data is there.

The right to have data deleted when they are no longer needed.

The most relevant in GDPR regarding data security is the right
to be informed within 72 hours of detection of a data breach.

> From what I've read both IBM and Unisys have went down the TCP/IP
> Software Appliance road. A central point all programs must connect
> with to communicate on the network. This point built into the OS in
> such a way that no application can open their own little IP socket.
> Not something blocked with a priv which can be gotten around, that
> capability physically removed.

I thunk you are describing a firewall.

:-)

Arne