Date: Sun, 17 May 2020 00:33:50 -0600 From: "@lbutlr" <kremels@kreme.com> To: FreeBSD <freebsd-questions@freebsd.org> Subject: Re: [FreeBSD-Announce] FreeBSD 12.0 end-of-life Message-ID: <2161E572-945A-44EC-9E70-35DA3552E8BD@kreme.com> In-Reply-To: <20200516215437.4802660c.freebsd@edvax.de> References: <20200217231452.717FA1E820@freefall.freebsd.org> <CAFYkXjmZi1-MB6W0HsMx9gHek7Xg5heoSKKWkNTnw74dxRTwAw@mail.gmail.com> <85E7C97E-EF8B-4FC7-8EF1-758B7BCBAE90@kreme.com> <05112EEC-7FA3-4E18-974B-263A58058E01@kicp.uchicago.edu> <332714B8-2798-42CF-A082-9EDA180CC65B@kreme.com> <20200516201923.8676289a.freebsd@edvax.de> <257EF587-92B5-4671-B6F4-89E86CC2ACA0@kreme.com> <20200516215437.4802660c.freebsd@edvax.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On 16 May 2020, at 13:54, Polytropon <freebsd@edvax.de> wrote: > On Sat, 16 May 2020 12:56:25 -0600, @lbutlr wrote: >> Otherwise, old OSes are porous insecure botnets-in-wait with >> dozens or hundreds or thousands of exploits. >=20 > That is true, but is significant only as far as those systems > interact with other things, especially over Internet. If the computer is air-gapped, that is one thing. If the computer is on = a network and that network is air gapped, that is something else. Oof = that computer is on a network and any machines on that network have = access to the Internet, then that old insecure machine should be assumed = to be on the Internet. Just look at the many exploits for non-Internet connected LAN printers. > I just want to provide an example that "younger people" (TM) > might find strange: In mainframe world, you can still compile > and run programs written in a way to read data from a punched > card reader and write data to a chain printer or a tape drive. > There is no need to modify the source in order to run such a > program on a current mainframe with a current OS. To a certain > extent, you even have native binary compatibility. And when you have old tools that allow you to, for example, load = information off a tape, you have an attack vector that probably hasn=E2=80= =99t been secure because it was written before we figured out that = security was important (because people suck) and no one has gone back to = look at how exploitable that code is on a modern system. --=20 What we have here is a failure to communicate.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?2161E572-945A-44EC-9E70-35DA3552E8BD>