HP3000-L Archives

November 2006, Week 5

HP3000-L@RAVEN.UTC.EDU
Options: Use Monospaced Font
Show Text Part by Default
Show All Mail Headers

Message: [<< First] [< Prev] [Next >] [Last >>]
Topic: [<< First] [< Prev] [Next >] [Last >>]
Author: [<< First] [< Prev] [Next >] [Last >>]

Print Reply
Subject:
Re: MPE/iX Virus Vulnerability
From:
John Clogg <[log in to unmask]>
Reply To:
John Clogg <[log in to unmask]>
Date:
Thu, 30 Nov 2006 13:09:45 -0800
Content-Type:
text/plain
Parts/Attachments:
text/plain (70 lines) 
Dave's answer is a good one, and probably will be the kind of thing your 
auditors will want to see.  Still, I think it is relevant to answer their 
question about virus detection tools by saying that no such tools exist for 
one very important reason: there has *NEVER* been an MPE virus.  Not one.  
Viruses are written by geeks with Windows machines who like to see how many 
millions of machines they can infect.  Those guys have never heard of an 
HP3000, and wouldn't be interested if they did.  You might suggest that 
their time and yours would be better spent securing your machine against 
actual threats rather than extremely hypothetical ones.

John Clogg

>From: "Dave Powell, MMfab" <[log in to unmask]>
>Reply-To: "Dave Powell, MMfab" <[log in to unmask]>
>To: [log in to unmask]
>Subject: Re: [HP3000-L] MPE/iX Virus Vulnerability
>Date: Thu, 30 Nov 2006 12:45:01 -0800
>
>Maybe you could tell them that the "separation of data & programs" that HP
>built into the 3000 from the start, was the same thing as the "data 
>execution
>protection" that Intel added a few years ago, and that MPE has always had
>built in "buffer overrun" protection.  Also, no activex, different machine
>instruction set, etc.
>
>Maybe also go techno-sarcastic on them and claim that MPE sys-admins &
>programmers are smarter and less gullible than Wintel users, hence less 
>likely
>to fall for phishing schemes.  And MPE end-users don't have admin 
>capability,
>so they can't mess things up as badly as we could, unlike Wintel machines
>where most users are logged on as administrators.  Also, nobody uses the 
>3000
>to browse for porn, so the 3000 won't get infected by malicious web sites.
>Also, I'd guess that few of us read email from the outside world on our 
>3000s,
>so no nasty attachments would even get a chance to run even if they used
>instructions the 3000 could understand.
>
>----- Original Message -----
>From: "Reid Baxter" <[log in to unmask]>
>To: <[log in to unmask]>
>Sent: Thursday, November 30, 2006 11:03
>Subject: Re: [HP3000-L] MPE/iX Virus Vulnerability
>
>
> > Joe,
> >
> > Thanks and yes we do use Vesoft Security/3000. I was looking for a more
> > technically definitive answer though. I once recall seeing someone post
> > (programmer perspective) a response that eluded to stacks, storage area,
> > etc. based reasons that a virus could not exist within the MPE/iX OS
> > architecture. Anyone recall that ? Wirt ? Stan ?
> >
> > Regards,
> >
> > Reid E. Baxter
> >
><snip>
>
>* To join/leave the list, search archives, change list settings, *
>* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

_________________________________________________________________
Fixing up the home? Live Search can help 
http://imagine-windowslive.com/search/kits/default.aspx?kit=improve&locale=en-US&source=hmemailtaglinenov06&FORM=WLMTAG

* To join/leave the list, search archives, change list settings, *
* etc., please visit http://raven.utc.edu/archives/hp3000-l.html *

ATOM RSS1 RSS2