[Info-vax] Next release of OpenVMS x86

[Dave Froble]

On 7/10/2020 12:42 PM, Arne Vajhøj wrote:
> On 7/10/2020 11:36 AM, Dave Froble wrote:
>> On 7/10/2020 7:51 AM, IanD wrote:
>>> I'm very well aware there is VSI management who are putting their
>>> spin on things, I also don't like the fact that they publicly stated
>>> VMS security as being the best, I think it is foolish. A statement
>>> that they were not relying on VMS's solid track record in regards to
>>> security would have been better in my view
>>
>> Ok, perhaps there could be possible vulnerabilities.  But, if they are
>> not exploited, for whatever reason, then they are not yet an issue.
>>
>> Nothing is perfect.  And note, the claims do not say VMS is
>> impervious, just rather good.  Seems to me some work is happening to
>> make it even better.
>>
>> So their claims don't bother me.  Until there are successful exploits,
>> it is secure.  Perhaps there will never be any successful exploits.
>>
>> Carefully note that any past exploits did not happen on the software
>> VSI is currently distributing.
>>
>> Until it happens, it never happened ....
>
> I don't think that no public known exploits is a good indicator
> for being secure.

Didn't say it was, just said "it hasn't happened".

> A car is not safe/secure because it has not been involved in a fatal
> crash. A car is safe/secure if it has the proper safety/security
> features.
>
> VMS was a leader in security 40 years ago. Today it is behind.
> There are things that need to get fixed.
>
> VSI knows that and will fix them.
>
> But I don't think we should propagate that no stories in the
> press about VMS security breaches is an indication of good
> security.

Not saying it's good security, just saying it is currently "no stories".


-- 
David Froble                       Tel: 724-529-0450
Dave Froble Enterprises, Inc.      E-Mail: davef at tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA  15486