[Info-vax] WHY IS VSI REQUIRING A HYPERVISOR FOR X86 OPENVMS?
Dave Froble
davef at tsoft-inc.com
Tue Jan 12 20:31:39 EST 2021
On 1/12/2021 8:42 AM, Simon Clubley wrote:
> On 2021-01-11, Stephen Hoffman <seaohveh at hoffmanlabs.invalid> wrote:
>> On 2021-01-11 19:16:05 +0000, Dave Froble said:
>>
>>> Just because you found a flaw, in no way means that there are other flaws.
>>
>> There are other flaws, David.
>>
>
> And until VMS gets the same level of probing as other operating systems,
> we don't know how many are just waiting to be found.
>
> And that's the problem David, we just don't know how good or bad VMS
> is because it's not being held to the same standards as other operating
> systems.
>
> I keep quoting the issues I came up with because it's a really good
> example of that. People used to say that DCL was more secure than
> "that Unix stuff" because they allowed themselves to believe that
> the absence of any probing meant the same thing as DCL being secure.
>
> Then I decided to invest some time in probing DCL and then promptly
> discovered it had been wide open on VAX and Alpha for 33 years.
>
> I am not a professional security researcher and yet I found that.
>
> What happens when the professional security researchers get interested
> in probing VMS ? What other issues are _they_ going to find if I can
> find something like that ?
>
> Simon.
>
Don't know. They may find many. They may not find any. And not
finding any doesn't mean none exist.
But until any are found, one can suspect, but one cannot declare that
such exist. That's just "fake news".
:-)
--
David Froble Tel: 724-529-0450
Dave Froble Enterprises, Inc. E-Mail: davef at tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA 15486
More information about the Info-vax
mailing list