Software CAN be securely developed; consider VMS.


DevX Home    Today's Headlines   Articles Archive   Tip Bank   Forums   

Results 1 to 6 of 6

Thread: Software CAN be securely developed; consider VMS.

  1. #1
    G.Dinosaur Guest

    Software CAN be securely developed; consider VMS.


    Microsoft's apologists routinely claim that countless security holes
    are just natural, to be expected, inevitable (and so on).

    A counter example is all one needs to demonstrate that this is self serving
    nonsense, and that Microsoft need look no further than its internal
    culture for an explanation of the problems it has introduced into the
    world by publishing carelessly written, poorly debugged software.

    Let me suggest VMS as such an example. While it too had numerous
    security holes in the early 80s, that was an era when networking was
    far from the norm and when not much was expected. More recently the
    OS has had remarkably few holes. (It was recently judged "cool" and
    "unhackable" at DEFCON 9 btw.)

    The reason for this is care in construction. In VMS Engineering, there
    is something called Life of a Project which specifies how changes are
    made. First there is the investigation report, which must be defended
    before a meeting of any affected groups. Repeats of such meetings are
    not uncommon. At the meetings, people look at the code proposed and
    design schemes, and ask questions about security effects and about
    data integrity. The design goes no further if holes are being introduced.
    Then comes the design spec and the functional spec, also which must
    be defended before meetings of usually more groups. Again, security
    questions get asked. Finally there are code reviews and tests. The
    culture is that security holes or data corruptors are showstopper class
    bugs and must be fixed. This leads to everyone considering such issues,
    since nobody likes to have his work show up with problems.

    An example issue could be whether new tape fileskipping functions
    had security relevance. Turns out they do, with some tape management
    systems, an issue which delayed the proposed change. But the system
    came out with the new functions, and without adding security problems
    in doing them.

    Occasional mistakes do occur there, and rather more of them have
    been found internally by the developers before anyone outside noticed
    than have been reported externally. Still, the number of such is well
    below systems like Windows, where no such process exists, and below
    systems like Unix, which had years of early development during which
    security was not an issue. The major unix shops today realize there
    are issues and have addressed many. Microsoft seems not to have a
    development group concerned with this, though, and while its security
    group is, the security group's concerns appear not to have penetrated
    into the rest of the culture.

    VMS is not the only secure OS out there; I just happen to have encountered
    the culture of its developers and don't believe you can get a decently
    secure system unless the developers look for security issues and
    ask one another about them as a matter of routine. (I would suggest
    that OS/400 could be another fertile place to look for industrial
    strength security. IBM has understood such for a long time.)

  2. #2
    Michael Howard Guest

    Re: Software CAN be securely developed; consider VMS.


    and VMS was never connected to the 'net!! that said, the internal process
    is changing at MSFT, the group of which i am a member is charged with beefing
    up the security process, and we are making great strides in improving things,
    which is good for everyone. the most important aspect of what we do is make
    sure we learn from past mistakes. and this has been taken as a critical doctrine.
    stuff that we've learned is available in Writing Secure Code http://www.microsoft.com/mspress/books/5612.asp

    "G.Dinosaur" <GD@gce.com> wrote:
    >
    >Microsoft's apologists routinely claim that countless security holes
    >are just natural, to be expected, inevitable (and so on).
    >
    >A counter example is all one needs to demonstrate that this is self serving
    >nonsense, and that Microsoft need look no further than its internal
    >culture for an explanation of the problems it has introduced into the
    >world by publishing carelessly written, poorly debugged software.
    >
    >Let me suggest VMS as such an example. While it too had numerous
    >security holes in the early 80s, that was an era when networking was
    >far from the norm and when not much was expected. More recently the
    >OS has had remarkably few holes. (It was recently judged "cool" and
    >"unhackable" at DEFCON 9 btw.)
    >
    >The reason for this is care in construction. In VMS Engineering, there
    >is something called Life of a Project which specifies how changes are
    >made. First there is the investigation report, which must be defended
    >before a meeting of any affected groups. Repeats of such meetings are
    >not uncommon. At the meetings, people look at the code proposed and
    >design schemes, and ask questions about security effects and about
    >data integrity. The design goes no further if holes are being introduced.
    >Then comes the design spec and the functional spec, also which must
    >be defended before meetings of usually more groups. Again, security
    >questions get asked. Finally there are code reviews and tests. The
    >culture is that security holes or data corruptors are showstopper class
    >bugs and must be fixed. This leads to everyone considering such issues,
    >since nobody likes to have his work show up with problems.
    >
    >An example issue could be whether new tape fileskipping functions
    >had security relevance. Turns out they do, with some tape management
    >systems, an issue which delayed the proposed change. But the system
    >came out with the new functions, and without adding security problems
    >in doing them.
    >
    >Occasional mistakes do occur there, and rather more of them have
    >been found internally by the developers before anyone outside noticed
    >than have been reported externally. Still, the number of such is well
    >below systems like Windows, where no such process exists, and below
    >systems like Unix, which had years of early development during which
    >security was not an issue. The major unix shops today realize there
    >are issues and have addressed many. Microsoft seems not to have a
    >development group concerned with this, though, and while its security
    >group is, the security group's concerns appear not to have penetrated
    >into the rest of the culture.
    >
    >VMS is not the only secure OS out there; I just happen to have encountered
    >the culture of its developers and don't believe you can get a decently
    >secure system unless the developers look for security issues and
    >ask one another about them as a matter of routine. (I would suggest
    >that OS/400 could be another fertile place to look for industrial
    >strength security. IBM has understood such for a long time.)



  3. #3
    Don Bevis Guest

    Re: Software CAN be securely developed; consider VMS.

    Hogwash!


    "Michael Howard" <mikehow@microsoft.com> wrote in message
    news:3bd5f6bf$1@news.devx.com...
    >
    > and VMS was never connected to the 'net!!

    [..] snip



  4. #4
    Michael Howard Guest

    Re: Software CAN be securely developed; consider VMS.


    i knew someone would respond :-)

    so name 20 web sites running VMS on the Internet...!

    "Don Bevis" <dbweb1@premiersi.com> wrote:
    >Hogwash!
    >
    >
    >"Michael Howard" <mikehow@microsoft.com> wrote in message
    >news:3bd5f6bf$1@news.devx.com...
    >>
    >> and VMS was never connected to the 'net!!

    >[..] snip
    >
    >



  5. #5
    Michael Howard Guest

    Re: Software CAN be securely developed; consider VMS.


    >>so name 20 web sites running VMS on the Internet...!


    ...that are not affiliated with digital or the vms community, they don't
    count!!


    "Michael Howard" <mikehow@microsoft.com> wrote:
    >
    >i knew someone would respond :-)
    >
    >so name 20 web sites running VMS on the Internet...!
    >
    >"Don Bevis" <dbweb1@premiersi.com> wrote:
    >>Hogwash!
    >>
    >>
    >>"Michael Howard" <mikehow@microsoft.com> wrote in message
    >>news:3bd5f6bf$1@news.devx.com...
    >>>
    >>> and VMS was never connected to the 'net!!

    >>[..] snip
    >>
    >>

    >



  6. #6
    Don Bevis Guest

    Re: Software CAN be securely developed; consider VMS.

    1. http://liftoff.msfc.nasa.gov/home/server/server.html
    2. http://kcgl1.eng.ohio-state.edu/www/doc/serverinfo.html
    3. http://www.mrs.umn.edu/cs/Newsletters/fall01/www.shtml
    4. http://www.marquette.edu/studentlife/organizations.html
    5. http://mail-index.netbsd.org/port-va...7/04/0000.html
    6. http://web.upstate.edu/ons/webserver.html
    7. http://notebook.ifas.ufl.edu/internet.htm
    8. http://www.mctel.fr/spd_euroweb_en.html
    9. http://www.iit.edu/departments/cns/computers.html
    10.
    http://www.acs.fau.edu/Training/down...%20Session.pdf
    11. http://www.wcu.edu/cc/OnlineRes/info.../pers-web.html
    12. http://www.ciac.org/ciac/bulletinsBy...bulletins.html
    13. http://www.uc.edu/ucitnow/winter_99/webservice.html
    14. http://uhaweb.hartford.edu/www/index_howto.html
    15.
    http://cal.bemidji.msus.edu/english/...xDirectory.htm
    l
    16. http://web.upstate.edu/ons/websteps.html
    17. http://www.lns.cornell.edu/~pvhp/vms-web.html
    18. http://publish.bsu.edu/tliu/faq/
    19. http://notebook.ifas.ufl.edu/intranet.htm
    20. http://www.wmich.edu/etti/etti99/prep.html

    There's more, but this completes the assignment...



    "Michael Howard" <mikehow@microsoft.com> wrote in message
    news:3be95d0c@147.208.176.211...
    >
    > >>so name 20 web sites running VMS on the Internet...!

    >
    > ..that are not affiliated with digital or the vms community, they don't
    > count!!
    >
    >
    > "Michael Howard" <mikehow@microsoft.com> wrote:
    > >
    > >i knew someone would respond :-)
    > >
    > >so name 20 web sites running VMS on the Internet...!
    > >
    > >"Don Bevis" <dbweb1@premiersi.com> wrote:
    > >>Hogwash!
    > >>
    > >>
    > >>"Michael Howard" <mikehow@microsoft.com> wrote in message
    > >>news:3bd5f6bf$1@news.devx.com...
    > >>>
    > >>> and VMS was never connected to the 'net!!
    > >>[..] snip
    > >>
    > >>

    > >

    >




Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
HTML5 Development Center
 
 
FAQ
Latest Articles
Java
.NET
XML
Database
Enterprise
Questions? Contact us.
C++
Web Development
Wireless
Latest Tips
Open Source


   Development Centers

   -- Android Development Center
   -- Cloud Development Project Center
   -- HTML5 Development Center
   -- Windows Mobile Development Center