[Info-vax] VSI strategy for OpenVMS

Wed Sep 15 19:07:41 EDT 2021

>-----Original Message-----
>From: Info-vax <info-vax-bounces at rbnsn.com> On Behalf Of Mark Berryman
>via Info-vax
>Sent: September-15-21 2:09 PM
>To: info-vax at rbnsn.com
>Cc: Mark Berryman <mark at theberrymans.com>
>Subject: Re: [Info-vax] VSI strategy for OpenVMS
>
>On 9/14/21 4:14 PM, Arne Vajhøj wrote:
>> On 9/14/2021 5:05 PM, Phillip Helbig (undress to reply) wrote:
>>> In article <shq9sa$djn$1 at gioia.aioe.org>,
>>> =?UTF-8?Q?Arne_Vajh=c3=b8j?= <arne at vajhoej.dk> writes:
>>>> On 9/14/2021 9:38 AM, David Jones wrote:
>>>>> On Tuesday, September 14, 2021 at 8:53:40 AM UTC-4, Jan-Erik
>>>>> SÃ¶derholm wrote:
>>>>>> No, a web *browser* on VMS would do nothing positive for VMS.
>>>>>> It is simply neither asked for or needed.
>>>>>> Browsers are run on desktop environments.
>>>>>
>>>>> A GUI browser isn't necessary, but a current curl using up-to-date
>>>>> TLS and root certificate list is pretty useful for download
>>>>> scripts.
>>>>
>>>> Direct download from the internet to VMS may not be wise or common.
>>>
>>> Probably much less of a worry than direct download to Windows.
>>
>> No.
>>
>> Risk wise Windows may be more targeted but it should also be more
>> uptodate patch wise.
>>
>> The big difference is the impact. The Windows desktop PC should not be
>> critical for the business and there should be firewalls behind it and
>> systems that are critiocal for the business. The VMS system most
>> likely ruins something critical for the business.
>
>Sadly, not true.
>
>Let's see, there was the bug in Windows IIS handling of HTTPS that allowed
>anyone to whom the web pages were being served to take over that host and
>use it as a launch point to attack the rest of the network.
>
>Then there have been bugs in Windows domain handling where, if you
>compromised any member of the domain, you owned the domain.
>
>So no, the impact of compromising a Windows system is not necessarily
small.
>And no, as we have seen time and time again, too many windows systems are
>not kept up to date with their plethora of patches.
>
>Mark Berryman
>

Yep, one of the challenges Windows admins (and to a bit lesser extent,
Linux) have is just the sheer volume of monthly patches (security and
functionality).

This is not OS religion - simply reality.

That is one of the hidden challenges with OS sprawl and even if the business
does not provide the downtime approvals, it is usually the OPS teams that
get burned if the company gets hacked because of some patch was not applied.

One lottery company support admin told me that they had adopted a
patch-n-pray philosophy as they just do not have the cycles to properly test
all these monthly patches with all their Apps on a continual basis.

It will be interesting to see if OpenVMS runs into this same challenge not
that it will soon be released on X86-64.

Regards,

Kerry Main
Kerry dot main at starkgaming dot com

-- 
This email has been checked for viruses by AVG.
https://www.avg.com