[Info-vax] OpenVMS x64 Atom project

Dave Froble davef at tsoft-inc.com
Thu Jun 3 14:25:55 EDT 2021 

On 6/3/2021 1:04 PM, Bill Gunshannon wrote:
> On 6/3/21 9:39 AM, Dave Froble wrote:
>> On 6/3/2021 8:11 AM, Simon Clubley wrote:
>>> On 2021-06-02, ultr... at gmail.com <ultradwc at gmail.com> wrote:
>>>>
>>>> because then OpenVMS becomes available to the common user (desktop)
>>>> apps
>>>> with the ad pitch being "eliminate ransomware, malware and security
>>>> tools for good"
>>>
>>> Don't go there Bob. Seriously.
>>
>> Why not?  It might work for some people.
>>
>>> VMS is missing the required desktop applications.
>>
>> "Required" might not be easy to specify.  Lots of different
>> "requirements" out there.
>>
>>> VMS is missing security protections common in other operating systems.
>>
>> You mean all those "secure" systems that are constantly being hacked,
>> invaded with ransomware and such.  Are those the "common security
>> protections" you're talking about?
>>
>> Perhaps I'd rather be not as "secure" ...
>
> Either you don;lt understand any of this or you just haven't been paying
> attention.  The places being hit are, in most of the stated cases, not
> using any of the accepted security practices.

I don't remember seeing any details.  So I have no idea of the effort, 
or lack of effort, in securing targeted systems.

Knowing human nature, and laziness, I figure security is not an issue 
for 99% of sites, at least before they get clobbered.

How stupid are people?  Their solution to such problems is to pass laws 
making it illegal.  Useless, and just makes them fat, dumb, and an even 
bigger target.

> Why are critical systems even on the Internet?

Why ask me, I think it's crazy.

>  Why do these people not
> have backups to fall back on?

Most people think "backup" is putting the car in reverse.

> (I worked in the CS Dept. of a University.
> Not what most people would consider in any way critical.
>
> My backup scheme would  have allowed me to resume operations with no
> more than a  4 hour loss of data.  I did that with no additional budet
> and running strictly COTS.)

I have ideas on how to secure from such internet intrusions.

You really cannot, so, any such systems should be isolated.  Take in 
data, vet it, and then have a secure method to move vetted data to 
really secure (not on the internet) systems to do the actual work.

But who can one convince to actually pay for such security?

Even those already hacked will have bean counters who will just argue 
the ransom is just part of doing business, pay it, and move on.  I bet 
most who have been hacked are still as vulnerable as before.

It's not more security that is needed, it's more intelligence, and, 
human intelligence is a myth.

-- 
David Froble                       Tel: 724-529-0450
Dave Froble Enterprises, Inc.      E-Mail: davef at tsoft-inc.com
DFE Ultralights, Inc.
170 Grimplin Road
Vanderbilt, PA  15486

More information about the Info-vax mailing list