Thread: Sciences on Moon
View Single Post
  #50  
Old 11-18-2006, 11:57 AM
VAXman's Avatar
VAXman(Admin) VAXman is offline
progger propellerhead
  
Join Date: Dec 2003
Location: Presently reside in Jackson (southern) NJ (20 miles east of NEARfest 2002 & 2003
Posts: 2,362
Send a message via AIM to VAXman Send a message via Skype™ to VAXman
Re: Sciences on Moon
Quote:
Originally Posted by Methem View Post
The factory I was working for also had some older Tandem systems (CLX); the platform nowadays known as NonStop, of course.
Yup.


Quote:
Originally Posted by Methem View Post
However, like many other VMS advocates, you fail to mention one thing: VMS isn't as popular as MS Windows or Unixes. If it were real widely used (after all, it once was), it would be inevitable for it to have vulnerabilities found at least once in a while.
The bandwagoneering argument has never been correlated. If a hacker really wanted to make an impact, I'd think somewhere where it made a large impact would be targetted -- not mom's recipe files on her Weendoze PeeCee.

Buffer overruns executing arbitrary code? Impossible on VMS. Code and data have always been segregated. Pages in memory have protections that protect inner (privileged) modes from executing code -- malicious or otherwise. The whole "privilege" paradigm in VMS extends to all objects -- processes/jobs, memory, disk, images, etc. The image activator, once an image has been activated, keeps the code sections in mapped virtual pages that are read only. Any attempt to do/use a data overrun (one of the major mechanisms employed to breach other systems) would yield an Access Violation when it tried to write in a code region. IF it would only over write data in a process's image data space, it could NEVER be executed even if written there.

Now, if somebody wants to download malicious code from a sight, install it with privies and subsequently execute it, that will be a problem. However, it is not a security issue in the OS; that is a security issue with the idiot that installed the malicious code.

VMS development is a process. Code is reviewed by others in the group. Data integrity and security are the chief criteria for the code review. Feature parity is way down on the list. Features are not introduced if they sacrifice the aforementioned.

I could ramble on for hours. There are OS constructs that do not exist in any other OS. They are there for a reason -- data integrity and security. These things were designed into the OS from the get-go; not layered on as an after thought. If the foundation of flawed and weak, no amount of plastered on after thought security is going to prevent a breach.
__________________
VAXman -- Watcher of the moon, watcher of all.
----------------Mopper of the moon, mopper of all.
-------------------- Aural Moon's Janitorial Services
---------------------and Restroom Supplies, and Techno-patsy --

Cogito ergo iMac.         
Reply With Quote