[Info-vax] Security, support and VMS, was: Re: A new VMS?

[abrsvc]

On Monday, 3 May 2021 at 12:28:34 UTC-4, Simon Clubley wrote:
> On 2021-05-03, David Turner <dtu... at islandco.com> wrote: 
> > Well I was talking more about simple support. Not patching etc 
> > There are a lot of customers out there happy and content with their 
> > current status. 
> > They just need a hand held when something goes wrong 
> > I would say that goes for the majority of users out there. 
> > 
> 
> Huh ??? The majority of VMS users don't care about keeping their 
> systems up to date and fully patched ??? 
> 
> I am having a hard time believing that... 
> 
> This isn't 20 years ago and anyone who acts like it is will find 
> this out sooner or later. 
> 
> The thing about security is that you simply don't know if the 
> next security issue that will affect you is just around the corner. 
> 
> Please tell me David is very wrong about this and that most VMS sites 
> do consider themselves to be just as vulnerable as everyone else 
> and take all the usual precautions as a result. 
> 
> If he is right about this, just think about what will happen when 
> one of the security researchers decide to probe x86-64 VMS. Much of 
> what they find, and they _will_ find vulnerabilities, will apply to 
> earlier architectures as well. 
> 
> Simon. 
> 
> -- 
> Simon Clubley, clubley at remove_me.eisner.decus.org-Earth.UFP 
> Walking destinations on a map are further away than they appear.

If you take what you say to its full extent, than you would never see VAX/VMS V5.5 systems running today, nor Alpha V7.3-2 systems running today.  I currently support both for more than 1 client each.

Yes, many OpenVMS systems remain at "known" levels for extended periods of time.  This is one of the reasons for uptimes measured in years.

I would posit that until OpenVMS runs native on the hardware, the majority if not all