[Info-vax] Future comparison of optimized VSI x86 compilers vs Linux compilers

Mon Aug 3 01:33:02 EDT 2020

On 2020-07-31, Camiel Vanderhoeven <iamcamiel at gmail.com> wrote:
> Op zaterdag 1 augustus 2020 00:05:56 UTC+2 schreef Stephen Hoffman:
>> On 2020-07-31 20:53:43 +0000, Camiel Vanderhoeven said:
>> 
>> > Op vrijdag 31 juli 2020 19:37:18 UTC+2 schreef Simon Clubley:
>> >> 
>> >> From a security point of view, RMS code is effectively kernel mode code 
>> >> anyway at the moment as you can get from executive mode to kernel mode 
>> >> without any additional privileges required.
>> > 
>> > I'd wish you'd stop spreading this nonsense. Pardon my French. the 
>> > Exec/Kernel mode line was never intended as a security/privilege 
>> > related line, its a mechanism that helps stability by protecting kernel 
>> > mode data/code from bugs in exec mode, it's not meant to protect 
>> > against malicous code executing in exec mode.
>> 
>> Nonsense?  The statement from Simon is correct, and then you (Camiel) 
>> then directly agreed with Simon's statement.
>
> I believe that an argument can be accurate, but that making it can still be nonsense. Proper electrical grounding can help prevent fires, yet I see very few people constantly harping on the fact that it doesn't prevent arsonists from torching the place. Perhaps nonsense is the wrong word here, I'll happily accept a better alternative.
>

How about "inconvenient truth" instead ?

>> As you state, the rings are to isolate accidental corruptions and not 
>> to rebuff malicious activity.
>
> Yes, if only people could just accept that and move on.
>

It's one hell of a lot of additional complexity for relatively little gain.

Those additional modes could have been used to do _real_ isolation.

>> Do any of the VSI folks here have an opinion about the "the most secure 
>> operating system on the planet" marketing, while we're on the subject?
>
> I recognize marketing speak when I see it. I don't think any real customers are that easily swayed.
>

You really, really don't get it do you Camiel ?

Your bosses are painting one hell of a target on the backs of the
VMS community with those comments and general attitude.

When security researchers see that, they are going to go "Oh, really???"
and treat it as a challenge. If you don't believe me, look at the
comments made by the researchers in the DEFCON 16 video. And that was
back in the days when HP was marketing VMS in a normal way.

Now imagine what's going to happen when they see the VSI marketing.

Based on what happened during the DCL issue, the community isn't
ready for that. When I worked out what the big secret about supervisor
mode was and how getting into supervisor mode could be used to
compromise the system, I got massive pushback that I couldn't release 
the information yet because people had not patched their systems yet.

That for a patch which had been available for a full month at that time.

I ended up waiting 3 months before releasing the information so that
people could patch their systems. Those researchers your bosses are
currently provoking are unlikely to wait for that amount of time.

While we are talkng about VMS security, your bosses currently see no
need to have a security reporting mechanism on their website, even
though they have been told about the lack of a secure reporting
mechanism multiple times.

I don't suppose you could get them to fix that could you ? Or would
that clash with the delusion that "VMS is the most secure operating
system on the planet" and hence doesn't need such a thing ?

In summary, I say things that some people around here don't like to
hear, but they are things that need to be said. Perhaps you might
start thinking about _why_ I say those things.

Simon.

-- 
Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP
Walking destinations on a map are further away than they appear.