Mike Miller wrote: > On Mon, 18 Oct 2004, Ryan Ware wrote: > >> VMS is about a rock solid as you can get in both stability and security. > > > Yet there are *many* problems with your statement and with continuing > to use VMS. I have some comments below. I would be very interested > in hearing more from the people on this list. I am especially > interested in knowing any ways in which VMS is *superior* to Linux. Stability. Security. Reliability. Availability. > Regarding stability: VMS may be a stable OS, but how stable is the > software that is running on VMS? Well, that depends. Some VMS > software is quite buggy and there is little hope that those bugs will > be fixed any time soon. This brings us to the big problem with VMS - > very little new software is being developed for VMS. Compare that > with Linux! We would like to run R... > http://www.r-project.org/ > > ...but that will never happen on VMS. That's one example. There are > dozens of other examples. The corporations that have owned VMS over > the past few years (it has changed hands several times) have > threatened to put an end to it, but user protest has kept it going. > It's a "lock-in" problem for many users - they have code that runs on > VMS but not on Linux/UNIX. We have to fight lock-in. Nothing gets ported or even written for Linux unless someone steps up and does it. You are certainly free to port R to VMS if you like. Yes, VMS has a very loyal customer base. And VMS is still going strong. > Regarding security: Do you have evidence that VMS is secure? More > secure than Linux/UNIX? I would like to know more. First, VMS is secure because security was designed into the operating system, not added as an afterthought. For example, the 4-layer ring design, where the core ring is the most trusted (kernel mode) and the outer ring least trusted (user mode). Another example: the specialization of privileges and access control lists. There's just one privilege (root) with Linux, though access control lists are starting to appear. Second, DEFCON 9 (July 2001) labeled VMS "Cool and Unhackable" after attempts were made to hack into a standard VMS system with no firewall between it and the hackers. The hackers even had access to an unprivileged user account. VMS is the only operating system to achieve this rating. Third, VMS has earned a security rating from the Department of Defense. > What I see is that we are running insecure protocols because either > SSH is not available for VMS, or our IT staff don't want to run it > (maybe it is prohibitively expensive). I have told them that > telnet/ftp are not secure - passwords are transmitted in the clear > across the internet - but they have not lifted a finger to change this > situation in the 3 years I've been here. (I just found a company that > sells SSH for VMS, but their price is high enough that they don't list > it on their web page, so I left a voice mail in their sales department.) A recent version of HP TCP/IP Services for OpenVMS supports SSH. Perhaps you didn't realize it was available? And seeing as how you are at a university, you might consider talking to your HP representative to see if you qualify for the university pricing. I hear it's quite attractive. > If someone can convince me that use of VMS on servers is a good plan > for a University department, please do so because it will make me feel > better about what's happening where I work. I would be especially > encouraged if you would recommend it for a new unit that has no server > system in place. Let me know if I can be of any more help. I would be happy to put you in touch with someone at HP who can better talk to your needs. > Thanks. > > Mike You're welcome. -Jeff Disclaimer: HP is my employer. I am an OpenVMS operating system software engineer. I don't work in sales or marketing, I just write code (and sometimes teach). Statements made represent my understanding of facts, my opinions, and are not official statements from HP. _______________________________________________ TCLUG Mailing List - Minneapolis/St. Paul, Minnesota Help beta test TCLUG's potential new home: http://plone.mn-linux.org Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery tclug-list at mn-linux.org https://mailman.real-time.com/mailman/listinfo/tclug-list