Date: Fri, 11 Dec 2009 15:23:56 -0800 From: "Kevin Oberman" <oberman@es.net> To: Matthew Seaman <m.seaman@infracaninophile.co.uk> Cc: Polytropon <freebsd@edvax.de>, Bill Moran <wmoran@potentialtech.com>, freebsd-current@freebsd.org, "Sam Fourman Jr." <sfourman@gmail.com>, Anton Shterenlikht <mexas@bristol.ac.uk>, freebsd-questions@freebsd.org Subject: Re: Root exploit for FreeBSD Message-ID: <20091211232356.309C21CC09@ptavv.es.net> In-Reply-To: Your message of "Fri, 11 Dec 2009 08:49:42 GMT." <4B2207A6.7070204@infracaninophile.co.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
> Date: Fri, 11 Dec 2009 08:49:42 +0000 > From: Matthew Seaman <m.seaman@infracaninophile.co.uk> > Sender: owner-freebsd-current@freebsd.org > > Polytropon wrote: > > On Fri, 11 Dec 2009 01:42:36 -0600, "Sam Fourman Jr." <sfourman@gmail.com> wrote: > >> I have tried looking around and OpenBSD appears to be the undisputed > >> #1 track record in terms of security and FreeBSD is #2 (I didn't count > >> dragonflyBSD) > > > > VMS would be #0, then? :-) > > I dunno. Haven't seen many MS-DOS exploits recently either... I'm sure that there are systems happily running MSDOS, but I bet not too many are networked. I know that there is still a lot of VMS out there and that it has remained a cash cow for HP. It lived on primarily in the banking and financial sector, though I guess the use is dropping since HP recently outsourced support to India and that lead to the retirement of the last of the original VMS developers, Andy Goldstein. Also, the the end of TECO as Andy was responsible for porting it to almost every platform DEC ever sold (RSX, RSTS, VMS, TOPS-10 and TOPS-20, RT-11, and several others) and continued to maintain it until his retirement. (Most readers of this list probably don't even remember TECO.) And, for may years VMS had major network security problems, especially the infamous default DECNET/DECNET account that lead to may compromises and the second major network worm, Worms Against Nuclear Killers. (I won't use the acronym so as not to offend our British readers. I found out about that when the BBC interviewed me about it and I was told that I could not utter the word.) -- R. Kevin Oberman, Network Engineer Energy Sciences Network (ESnet) Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab) E-mail: oberman@es.net Phone: +1 510 486-8634 Key fingerprint:059B 2DDF 031C 9BA3 14A4 EADA 927D EBB3 987B 3751
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20091211232356.309C21CC09>