Richard Hoffbeck wrote:

> VMS is light years ahead of stock Linux as regards host security. Its 
> object based security model is pretty much the same as the one in 
> NT/2000/XP which works pretty well if developers take the time to do 
> the analysis, but even simple things like access control lists make a 
> big difference and have only recently shown up in Linux.

I agree.

> Without getting into my opinion about security at the U in general and 
> the School of Public Health in particular, suffice it to say that I 
> have yet to meet anyone here that I would trust to secure my systems. 
> The thing to keep in mind about VMS is that it hasn't been updated 
> significantly since the days when all networks were considered trusted 
> so its going to be much better against attacks on host security rather 
> than those coming through the network - actually the same seems to be 
> true of most of the IT folks around here :-)


My earlier response pointed out where VMS is in fact secure against 
network attacks. Your point seems to be that since VMS has not been 
"updated significantly" it must be vulnerable. Although I don't agree 
with your premise, how about considering this: VMS is secure by design 
and doesn't need a lot of updating to stay that way.

> I can certainly understand the cases where there are long-term 
> projects tied to applications developed against software tightly tied 
> to VMS - think CCCS or ARIC - where the cost of redeploying the 
> applications isn't funded.  But only a complete idiot would be doing 
> new development against VMS. The Alpha chip is toast, there's no 
> migration/upgrade path, support is going away, software is 
> expensive/obsolete/proprietary, ... stop me anytime ...  :-)

OK, you can stop. :-)

First, Alpha research and development has ended, but that does not mean 
the end of Alpha systems. See HP's published roadmaps for Alpha systems.

Second, there is a migration path: 
http://www.hp.com/products1/evolution/alpha_retaintrust/index.html .

OpenVMS is running today on the HP Integrity Server platform running the 
Intel Itanium processor. The operating system is in field test, with a 
production release (version 8.2) scheduled for the end of this year. You 
can obtain an SDK by going to the migration website noted above.

Third, support is not going away. See the HP roadmaps.

Forth, applications are being ported to OpenVMS I64. The above-mentioned 
migration site contains information, as does the independent website 
www.openvms.org.

I hope I've corrected any misconceptions. Please feel free to contact me 
(offlist) if you would like more information.

-Jeff

Disclaimer: HP is my employer and I am an OpenVMS operating system 
software engineer, so I know a thing or two about OpenVMS :-). I don't 
work in sales or marketing, I just write code (and sometimes teach). 
Statements made represent my understanding of facts, my opinions, and 
are not official statements from HP.

_______________________________________________
TCLUG Mailing List - Minneapolis/St. Paul, Minnesota
Help beta test TCLUG's potential new home: http://plone.mn-linux.org
Got pictures for TCLUG? Beta test http://plone.mn-linux.org/gallery
tclug-list at mn-linux.org
https://mailman.real-time.com/mailman/listinfo/tclug-list