1 INFO-VAX	Mon, 08 May 2006	Volume 2006 : Issue 255       Contents:8 Re: Automatically create a default DEC$DISLAY at startup8 Re: DCL versus Unix CLIs, was: Re: File output like Unix8 Re: DCL versus Unix CLIs, was: Re: File output like Unix Re: FIBRE-SCSI V8.0 patch  Re: FIBRE-SCSI V8.0 patch P Re: H P To Launch Multi Million Dollar Ad Campaign For The PC [WAS Re: OT: Intel> Re: HP TCPIP SMTP setup for Process PMAS, is it even possible?+ Re: IMCB$V_PARENT_PROT What is it good for?  Re: license problems Linux kernel defective!  Looking for 11/780 EVKAE source  Re: Nemonix Fast Ethernet Card Re: QUANTUM  SGI files for chapter 11 Re: SGI files for chapter 11 Re: SGI files for chapter 11- Re: TAB character in DCL command-line editing - Re: TAB character in DCL command-line editing - Re: TAB character in DCL command-line editing - Re: TAB character in DCL command-line editing - Re: TAB character in DCL command-line editing L Re: This post will self-destruct in 10secs (Was Re: X windows vulnerability)L Re: This post will self-destruct in 10secs (Was Re: X windows vulnerability)L Re: This post will self-destruct in 10secs (Was Re: X windows vulnerability)" Re: What does ANA/DISK/REPAIR do ? Re: [OT] Humour   F ----------------------------------------------------------------------   Date: 8 May 2006 00:27:02 -0700 1 From: "Bart.Zorn@gmail.com" <Bart.Zorn@gmail.com> A Subject: Re: Automatically create a default DEC$DISLAY at startup C Message-ID: <1147073222.733090.291290@j33g2000cwa.googlegroups.com>   - Well, I did not really find it. I just did a:   ' $ SEARCH SYS$STARTUP:DECW*.COM F$DEVICE   3 It seems to be an undocumented feature of F$DEVICE.    Regards,   Bart   ------------------------------   Date: 7 May 2006 17:14:06 -0700 $ From: "AEF" <spamsink2001@yahoo.com>A Subject: Re: DCL versus Unix CLIs, was: Re: File output like Unix B Message-ID: <1147047246.019466.52620@y43g2000cwc.googlegroups.com>   JF Mezei wrote:  > AEF wrote:@ > > And that's part of what makes .EXE special. Try this: renameC > > SYSBOOT.EXE to have some other file type and reboot. Good luck.  >  > F > That is not a good argument. Try renaming "System" to "Chocolate" or  C On second thought, ..., you're right! It's a bad example. OTOH, the D file itself *is* special and it has the file type EXE. But still, itF has to be SYSBOOT.EXE for VMS to boot. Similarly, directory files needB to be .DIR;1 for normal, non-contrived, non-silly directory lookupB operations based on the [DIR1.DIR2.DIR3] dir-spec format. And thatC makes .DIR;1 special the same way SYSBOOT.EXE is special. Yes, with G ODS-5 you can still look up files in a renamed directory, but would you B write an application that mangles directories like this? Would you= tolerate a user who screws things up by renaming directories?   I > "Finder" to "Vanilla" on a classic MAC and try to reboot. When booting, J > the boot block is hardcoded to seek a specific file name. In the case ofG > the mac, there is the concept of a "blessed" folder that contains the I > active "System" file and this is where the boot code will load it from. # > But it still looks for that file.  > J > In the case of VMS, if you could change the boot code, you could have itA > seek SYSBOOT.CHOCOLATE if you wanted. But they coded it to seek A > SSYBOOT.EXE, just like the MAC had been coded to seek "System".  >  > H > Having code seek specific file names is very different than having theM > OS invoke applications to handle a file based solely on its file extension.   A Yeah, you're right. Well, it's different -- I wouldn't say *very* 
 different.  F > (note that DECwidnows file manager does this: base handling of files > based on file extension).    AEF    ------------------------------   Date: 8 May 2006 07:40:33 -0500 ; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) A Subject: Re: DCL versus Unix CLIs, was: Re: File output like Unix 3 Message-ID: <DZEr$WzB9JPf@eisner.encompasserve.org>   j In article <1147022551.096797.203100@j73g2000cwa.googlegroups.com>, "AEF" <spamsink2001@yahoo.com> writes:  > > And that's part of what makes .EXE special. Try this: renameH > SYSBOOT.EXE to have some other file type and reboot. Good luck. (Note:G > I haven't tried this. Maybe it actually works anyway, but I doubt it. 6 > If I have time later, I'll try it on a test system!)  F    That's not a valid test.  If the boot software is coded to look forG    able.a and you rename it to able.b then the boot software will fail,     no matter what a abd b are.  G    A valid test is to find one of at least two places in VMS where .EXE D    is the required extension only because someone made it so in code%    that could have accepted anything.    ------------------------------  % Date: Sun, 07 May 2006 20:59:45 -0500 @ From: "David J. Dachtera" <djesys.nospam@NeOaSrPtAhMlNiOnWk.net>" Subject: Re: FIBRE-SCSI V8.0 patch6 Message-ID: <445EA611.FD041DE0@NeOaSrPtAhMlNiOnWk.net>  / Phillip Helbig---remove CLOTHES to reply wrote:  > J > What's up with the FIBRE-SCSI V8.0 patch?  It appears with a . before itI > in the FTP listing, which means it has been withdrawn, but I don't know J > why.  (I would have expected to get an email, since I got one (actually,B > two---strange since otherwise I only get one) when the patch was > initially announced.  G Got an e-mail from our local Ambassador stating that a problem had been H discovered and that the patch was withdrawn. Seemed a "volunteer" effort0 on his part and not the normal channel for such.   --   David J Dachtera dba DJE Systems  http://www.djesys.com/  & Unofficial OpenVMS Marketing Home Page! http://www.djesys.com/vms/market/   ( Unofficial Affordable OpenVMS Home Page: http://www.djesys.com/vms/soho/   " Unofficial OpenVMS-IA32 Home Page: http://www.djesys.com/vms/ia32/   ) Unofficial OpenVMS Hobbyist Support Page: " http://www.djesys.com/vms/support/   ------------------------------  $ Date: Mon, 8 May 2006 12:50:58 -0400 From: norm.raphael@metso.com" Subject: Re: FIBRE-SCSI V8.0 patchQ Message-ID: <OF05858A85.5FF7CA83-ON85257168.005C7D77-85257168.005C8EA0@metso.com>    From OpenVMS.org:   7               *** OpenVMS ECO Kit Hold Notification ***      Date: May 5,2006  ! Kit Name: VMS732_FIBRE_SCSI-V0800  Release Date:  May 2,2006      DESCRIPTION:  ? After release of the VMS732_FIBRE_SCSI-V0800 patch kit, OpenVMS H engineering received two reports of an INVEXCEPTN, Exception while aboveF ASTDEL system crash in SYS$PKWDRIVER.EXE after this kit was installed.I After investigating the problem, it has been determined that the crash is J due to a SCSI adapter hardware error, however, there is a problem with theJ PKWDRIVER.EXE image in that it does not have the capability to handle thisJ type of error, resulting in the crash. Because of this and the possibilityK that other customers may see this problem, the patch kit is being placed on  hold.        SCOPE:  J This problem affects DS10, DS20 and ES40 family of systems running OpenVMS> Alpha V7.3-2. it specifically supports the KZPBA-xx SCSI card.     RESOLUTION:   G A change has been made to the SYS$PKWDRIVER.EXE image that allows it to I handle this type of error and prevent a system crash. This change will be H released in a VMS732_FIBRE_SCSI-v0900 patch kit. It is expected that hisJ kit will be released the week of May 8th.The PKWDRIVER.EXE change does notI correct the underlying cause of the error. Users may still experience the C error but the system will not crash. Instead, users will see errors I occurring in groups. A device_attention and then a device_error from each J disk on that bus that is being accessed. The device_attention error causesG a SCSI bus reset which will then cause the disks to report that they've  seen a bus reset.   E Engineering is continuing to investigate the root cause of the error.   K Customers who have installed the VMS732_FIBRE_SCSI-V0800 patch kit, and who A are experiencing the failures described can contact their service @ representative for a temporary SYS$PKWDRIVER.EXE image until the4 VMS732_FIBRE_SCSI-V0900 patch kit becomes available.   DOWNLOADABLE SOLUTIONS  ' VMS732_FIBRE_SCSI-V0900.PCSI-DCX_AXPEXE           C "David J. Dachtera" <djesys.nospam@NeOaSrPtAhMlNiOnWk.net> wrote on  05/07/2006 09:59:45 PM:   1 > Phillip Helbig---remove CLOTHES to reply wrote:  > > I > > What's up with the FIBRE-SCSI V8.0 patch?  It appears with a . before  itK > > in the FTP listing, which means it has been withdrawn, but I don't know A > > why.  (I would have expected to get an email, since I got one 
 (actually,D > > two---strange since otherwise I only get one) when the patch was > > initially announced. > I > Got an e-mail from our local Ambassador stating that a problem had been J > discovered and that the patch was withdrawn. Seemed a "volunteer" effort2 > on his part and not the normal channel for such. >  > -- > David J Dachtera > dba DJE Systems  > http://www.djesys.com/ > ( > Unofficial OpenVMS Marketing Home Page# > http://www.djesys.com/vms/market/  > * > Unofficial Affordable OpenVMS Home Page:! > http://www.djesys.com/vms/soho/  > $ > Unofficial OpenVMS-IA32 Home Page:! > http://www.djesys.com/vms/ia32/  > + > Unofficial OpenVMS Hobbyist Support Page: $ > http://www.djesys.com/vms/support/   ------------------------------   Date: 8 May 2006 04:59:03 -0700  From: etmsreec@yahoo.co.ukY Subject: Re: H P To Launch Multi Million Dollar Ad Campaign For The PC [WAS Re: OT: Intel C Message-ID: <1147089543.255912.137560@i39g2000cwa.googlegroups.com>   B Isn't that what's being proposed?  Isn't the PC business the least) profitable and the one with least margin? D Perhaps HP are also having trouble shipping units, competing againstD Dell and their ilk?  Proliants sell themselves since they are one of@ the market leaders.  HP PCs on the other hand probably aren't asC desirable.  Think about all the "incompatibilities" that there were , with industry standard parts and Compaq PCs.   ------------------------------   Date: 8 May 2006 07:29:11 -0700 ( From: "Rich Jordan" <jordan@ccs4vms.com>G Subject: Re: HP TCPIP SMTP setup for Process PMAS, is it even possible? C Message-ID: <1147098551.874346.142590@j73g2000cwa.googlegroups.com>   G Looks like I'll be starting over the whole thing.  Even with saving the E TCPIP data files, and everything that looked to be modified, I've got A my system into a state where HPSWS will no longer run.  The httpd B command returns no errors, the SWS logfile is empty, it just won'tG start.  Even rerunning the configuration, or removing and re-installing B CSWS had no effect, so it looks like a system disk restore will be- needed (I kept backups at stages of testing).   G Nothing I did touched the Apache directories, but if Apache loaded info A into the TCPIP$*.DAT files then the purges would have removed it. B Unfortunately the reconfig and reinstall apparently didn't restore whatever broke.   D I may try again, but as of now I'd have to guess its not possible toF run PMAS and TCPIP SMTP on the same system because its not possible toD get SMTP to run on a different port without causing truly unpleasant
 side effects.    Thats a real shame...    Rich   ------------------------------  # Date: Mon, 08 May 2006 15:40:42 GMT , From: Hoff Hoffman <hoff-remove-this@hp.com>4 Subject: Re: IMCB$V_PARENT_PROT What is it good for?/ Message-ID: <_DJ7g.211$lY2.56@news.cpqcorp.net>   ?    It is my considered opinion as an engineer with some slight  E experience on OpenVMS and with OpenVMS security that I would tend to  F avoid implementing and using UWSS callouts and that I would strive to H avoid using UWSS constructs where I can avoid it, and that I would seek = to avoid mixing trusted and untrusted code in the same image.   @    I would tend to use, as I have indicated, a combination of a H pseudo-driver and an ACP, or communications a dedicated server process, @ and to protect and to secure the trusted code behind the memory  management protections.   F    This is basically the same design model as used by Mach, of course.  E    I've not preferred the UWSS image constructs, bluntly, and I have  G certainly encountered my share of problems with my uses (and sometimes  3 with my deliberate misuses) of these constructions.   I    I don't believe that I could manage to mix trusted UWSS code and code  I that was not expecting to be called with privileges entirely securely --  F without performing a detailed examination of all code involved.  (And B even then, there are considerations around any security exposures H potentially introduced as underlying code is changed or upgraded.)  And F the effort involved in the investigation and the on-going maintenance H can potentially exceed the effort involved in creating a solution using 9 a Mach-like model.  Some of the attacks are quite subtle.   F    If you believe you can manage all this securely, that's your call. + "Have at," to quote the classic expression.   I    Security mistakes I or others might make in the base operating system  H are of a larger potential cost than those that can be introduced within E a more isolated case of a specific LP or of a particular third-party  I package.  All are obviously costly to some folks, of course.  But if I'm  H working with a trusted caller (whether a user-mode application image or G otherwise) in a restricted environment, then the whole UWSS design and  H the whole discussion of trust is moot.  This risk aversion is a central I reason why I tend to (try to) be conservative with my offical and formal  H recommendations, of course.  And why I don't mind writing "have at", at F least once I've indicated that there might be or (if I can reasonably * provide it) where there might be problems.  C    I also need to complete some code that I've promised to certain  G customers (and one or two read the newsgroups) this week, and the work  I done that my management has asked me for.  (And I also wish to set aside  I a few hours in the evening and on the weekends to conduct what I like to  6 delude myself into calling "my life".  But I digress.)   ------------------------------   Date: 8 May 2006 05:05:48 -0700  From: etmsreec@yahoo.co.uk Subject: Re: license problems B Message-ID: <1147089948.503007.88720@j73g2000cwa.googlegroups.com>  E Depends how active your local DECUS/Encompass/whatever chapter is and F how often they choose to update the database on Montagar.  The process isn't automatic.   ------------------------------   Date: 8 May 2006 09:58:32 -0700  From: bob@instantwhip.com   Subject: Linux kernel defective!B Message-ID: <1147107512.704454.85670@e56g2000cwe.googlegroups.com>  ) http://www.theinquirer.net/?article=31543    ------------------------------  % Date: Mon, 08 May 2006 08:48:14 -0400 1 From: Bob Supnik <bob.supnik@sicortex.nospam.com> ( Subject: Looking for 11/780 EVKAE source8 Message-ID: <hdfu525o7vuban112us288p51ap1csf3jo@4ax.com>  C I'm looking for the sources to the 11/780 core diagnostic EVKAE, to F complete debug of the 11/780 CPU in SIMH.  EVKAA through EVKAD now run: successfully (bug fixes will be in 3.6-0); EVKAE does not.  A If you have a source copy that you can share, please let me know.    Thanks,    /Bob Supnik    ------------------------------  % Date: Mon, 08 May 2006 05:41:44 -0400 + From: Steve Matzura <number6@speakeasy.net> ' Subject: Re: Nemonix Fast Ethernet Card 8 Message-ID: <hh4u52dkirj8nu0m1di00433bq7pds2l7v@4ax.com>  , On Sat, 06 May 2006 17:55:05 -0400, JF Mezei% <jfmezei.spamnot@teksavvy.com> wrote:    >Steve Matzura wrote: G >> The limiting factor is, of course, bus speed.  The interesting thing E >> is, you say they're available for 4100-series machines?  I thought  >> only 7000's could use them. > G >For the 4000 series, I was told that the fast ethernet card hooks into O >the memory bus instead of Qbus and thus can access data at much faster speeds.   ? Sounds nice, if that's really how it works.  You might actually 9 realize better throughput than I ever did with my 7000's.    ------------------------------   Date: 8 May 2006 07:45:06 -0500 ; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler)  Subject: Re: QUANTUM3 Message-ID: <Ks87A6NvqBUJ@eisner.encompasserve.org>   w In article <e3ilh4$7ad$1@online.de>, helbig@astro.multiCLOTHESvax.de (Phillip Helbig---remove CLOTHES to reply) writes: 4 > What, in general, do people recommend for QUANTUM? > F > The default, 20, is from early VAX days, and is probably not correctE > now.  I still have it at 20 on fast VAXes (VAXstation 4000/90A, VAX I > 4000/105A) and, years ago, set it to 2 on ALPHA (then a 255/233, now a  J > 3000/600).  Interestingly, though it is apparently an AUTOGEN parameter J > on ALPHA, a few dozen AUTOGENs since setting it to 2 have never changed  > its value. >   E    We used to run our 11/780 doing realtime work with QUANTUM of 200.   7    As in all things, it probably depends on your needs.    ------------------------------   Date: 8 May 2006 09:39:46 -0700 - From: "Andrew" <andrew_harrison@symantec.com> ! Subject: SGI files for chapter 11 B Message-ID: <1147106386.199341.93280@g10g2000cwb.googlegroups.com>  C SGI one of the major Itanium vendors has filed for protection under 
 chapter 11  ] http://news.com.com/SGI+files+for+Chapter+11+bankruptcy/2100-1014_3-6069612.html?tag=nefd.top      Regards  Andrew Harrison    ------------------------------   Date: 8 May 2006 09:55:18 -0700  From: bob@instantwhip.com % Subject: Re: SGI files for chapter 11 B Message-ID: <1147107318.301518.69380@e56g2000cwe.googlegroups.com>  6 HP is the only major itanium vendor to worry about ...   ------------------------------   Date: 8 May 2006 10:08:56 -0700 - From: "Andrew" <andrew_harrison@symantec.com> % Subject: Re: SGI files for chapter 11 C Message-ID: <1147108136.879764.277650@j73g2000cwa.googlegroups.com>    b...@instantwhip.com wrote: 8 > HP is the only major itanium vendor to worry about ...  D As you know it doesn't really work like that, if HP becomes the onlyC Itanium vendor and you cannot rule this possibility out then you do % really have something to worry about.   - Remember Alpha is never going to get revived.   C EV8 is not a processor its just a set of slides and some nice white + papers and you cannot run anything on that.   C Sun/IBM/The tooth Fairy are not going to buy OpenVMS and port it to 	 anything.   ) HP are highly unlikely to port it to x86.   D It doesn't matter home many CERT counts OpenVMS has or hasn't or how many didn't get posted.   E The only thing that matters is that OpenVMS needs IA-64 to suceed and  make HP and Intel very happy.    Regards  Andrew Harrison    ------------------------------   Date: 8 May 2006 05:54:53 -0700 $ From: "Wilm" <w4.boerhout@planet.nl>6 Subject: Re: TAB character in DCL command-line editingC Message-ID: <1147092893.100313.315860@y43g2000cwc.googlegroups.com>   > even reproducible on SIMH 3.5-2 (VAXserver3900), VMS 7.3 OPA0:  C in insert mode, nothing is insertable before or at a TAB character, 9 only when positioned after the TAB char the insert works.    /Wilm    ------------------------------   Date: 8 May 2006 07:32:26 -0500 ; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) 6 Subject: Re: TAB character in DCL command-line editing3 Message-ID: <tCMvFnQEeK86@eisner.encompasserve.org>   L In article <445BB014.3040602@triumf.ca>, Fred Bach <music@triumf.ca> writes:  ? >     The problem is this:  Inserting a TAB anywhere on the DCL A >     command line prevents inserting characters using Control-A. > >     DELETE still works, but no characters can be inserted onC >     my DCL command lines here as long as there is a tab character  >     present. > % >     Can anyone else reproduce this?   +    I cannot reporduce this using VMS 7.3-1.    ------------------------------   Date: 8 May 2006 07:33:52 -0500 ; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) 6 Subject: Re: TAB character in DCL command-line editing3 Message-ID: <FJU4yD++LX5k@eisner.encompasserve.org>   l In article <445bb501$0$14807$ba620dc5@nova.planet.nl>, Wilm Boerhout <w4OLD.boerhout@PAINTplanet.nl> writes:& > Fred Bach wrote on 5-5-2006 22:05... > % >>    Can anyone else reproduce this?  > & > And also on EISNER:: (decuserve.org) >  > $ multinet show /versionD > Process Software MultiNet V5.1 Rev A-X, AlphaServer DS20 500 MHz,  > OpenVMS AXP V7.2-1  B    It doesn't happen to me.  I wonder if it depends on whether you3    start with /insert (which I do) or /overstrike ?    ------------------------------   Date: 8 May 2006 07:35:17 -0500 ; From: koehler@eisner.nospam.encompasserve.org (Bob Koehler) 6 Subject: Re: TAB character in DCL command-line editing3 Message-ID: <tC1YzbNauNi1@eisner.encompasserve.org>   c In article <445bdeab@news.langstoeger.at>, peter@langstoeger.at (Peter 'EPLAN' LANGSTOEGER) writes:  > E > You can't insert characters into the DCL command line before a tab.        Ah, now that I can reproduce.   ------------------------------  # Date: Mon, 08 May 2006 15:10:08 GMT , From: Forrest Kenney <Forrest.Kenney@hp.com>6 Subject: Re: TAB character in DCL command-line editing& Message-ID: <445F5F17.7E7F4299@hp.com>  A 	I sent mail to the original poster about this.  What he observed H is a documented restriction of the Terminal Line Editing code.  You can E see a complete discussion of the restrictions in the I/O Users Guide   in section 5.2.1.1.   @ 	I have submitted a documentation problem report about the fact H the help topic for line_editing is incomplete.  No promises when it will+ get acted upon but it is now in the system.   @ 	The restriction ties back to where and how the line editing is D done in the terminal driver.  At the time the trade off in CPU cost F was just not worth allowing several desirable features to line ediing.B Things line wraps and multi-line editing.  All of which have been B discussed at various times in the past.  They always loose out to  other work.      Forrest 
 OpenVMS Group    ------------------------------   Date: 8 May 2006 04:58:21 -0700 - From: "Andrew" <andrew_harrison@symantec.com> U Subject: Re: This post will self-destruct in 10secs (Was Re: X windows vulnerability) B Message-ID: <1147089501.618204.22050@v46g2000cwv.googlegroups.com>   Richard B. Gilbert wrote:  > Richard Maher wrote: >  > > Hi,  > > 7 > > (Listen very carefully! I shall say siss only once)  > > P > > It has been my painful experience that, more often than not, VMS engineeringN > > simply refuses to discuss "a particular vulnerability". Heads-in-the-sand,J > > platitudes about "this not being the right forum" or "details would be( > > fodder for script kiddies" etc, etc. > > J > > But then I forgot that we're in denial - Where are my affirmations and > > mantras? > >  > > a) VMS doesn't have bugs > > b) VMS has never had a bug  > > c) VMS will never have a bug5 > > d) Decimation of testing staff means no more bugs > > > e) Porting of crap UNIX and C practises means no more bugsC > > f) No one developing on VMS anymore is good news - no more bugs N > > g) "Don't ask - Don't tell" - What you do with other bugs in your own home > > is your business > > h) Loose Lips Sink ShipsL > > i) Massaging pig ignorant customer's egos with NDAs really placates themN > > j) If anyone questions the ethos spread FUD, attack credibility, disparageP > > k) Be suspicious of anyone who purports to be developing software on VMS for > > VMS  > >  > > Regards Richard Maher  > >  > <snip> > D > Would you prefer that the details of each vulnerability and how to+ > exploit it were published on comp.os.vms?   E I wouldn't  normally have a viewpoint either way, after all OpenVMS's ? installed base is so tiny that is is unlikely to be a target to G interest hackers anyway.  This BTW is the only thing that was proven by ! the often hyped DEFCON excercise.   ? However people who claim that OpenVMS is more secure than other A platforms on the basis of the lack of public responses to generic A vunerabilities going back as far as POD are clearly on very shaky D ground.  Using security through obscurity (or lack of interest) as a3 weapon to attack other OS platforms is dim at best.    Regards  Andrew Harrison    ------------------------------  $ Date: Mon, 8 May 2006 06:57:29 +08003 From: "Richard Maher" <maher_rj@hotspamnotmail.com> U Subject: Re: This post will self-destruct in 10secs (Was Re: X windows vulnerability) 1 Message-ID: <e3ltun$dqe$1@news-02.connect.com.au>    Hi,   > "Richard B. Gilbert" <rgilbert88@comcast.net> wrote in message* news:eKednSQX1NQGYcDZRVn-jA@comcast.com...D > Would you prefer that the details of each vulnerability and how to+ > exploit it were published on comp.os.vms?   K I would prefer the details of each vulnerability and how to protect against I it. (Obviously I'd prefer it if there were no vulnerabilities at all, but  hey it's not a perfect world.)  < > IF you can't find out, the crackers probably can't either.  K That's the spirit! Why didn't Homeland Security think of that and just save L 1.25 million? I'll think you'll find that the hackers out there are probablyL far more dedicated to the cause and certainly have more resources than lowly moi.  F > If you could find out, do you have the resources to fix the problem?  L If it was in my code yes. I do concede your point about the timing window ofJ opportunity but we are talking about prevention here aren't we? Or are we?  J > Not being part of the "in group" may sting but limiting the distributionB >   of the details seems to have worked quite well over the years.  G You're right! Just look at what maintaining the clique has done for VMS I growth over the years. We're kickin' arse! When there are no customers at K all then there will be absolutely zero vulnerabilities. Excellent strategy!   L Anyway, I'm off to the office to burn that Bin Laden bible "The Guide to VMSF Security". What the hell were they thinking when they brought out that$ little How-to-Hack guide? The fools!   Regards Richard Maher    > Richard Maher wrote: >  > > Hi,  > > 7 > > (Listen very carefully! I shall say siss only once)  > > D > > It has been my painful experience that, more often than not, VMS engineering ; > > simply refuses to discuss "a particular vulnerability".  Heads-in-the-sand,J > > platitudes about "this not being the right forum" or "details would be( > > fodder for script kiddies" etc, etc. > > J > > But then I forgot that we're in denial - Where are my affirmations and > > mantras? > >  > > a) VMS doesn't have bugs > > b) VMS has never had a bug  > > c) VMS will never have a bug5 > > d) Decimation of testing staff means no more bugs > > > e) Porting of crap UNIX and C practises means no more bugsC > > f) No one developing on VMS anymore is good news - no more bugs I > > g) "Don't ask - Don't tell" - What you do with other bugs in your own  home > > is your business > > h) Loose Lips Sink ShipsL > > i) Massaging pig ignorant customer's egos with NDAs really placates themD > > j) If anyone questions the ethos spread FUD, attack credibility,	 disparage L > > k) Be suspicious of anyone who purports to be developing software on VMS for  > > VMS  > >  > > Regards Richard Maher  > >  > <snip> > D > Would you prefer that the details of each vulnerability and how to+ > exploit it were published on comp.os.vms?  > < > IF you can't find out, the crackers probably can't either. > F > If you could find out, do you have the resources to fix the problem? > J > Not being part of the "in group" may sting but limiting the distributionB >   of the details seems to have worked quite well over the years.   ------------------------------   Date: 8 May 2006 06:43:14 +0100 2 From: "Dave Weatherall" <djw-nothere@nospam.nohow>U Subject: Re: This post will self-destruct in 10secs (Was Re: X windows vulnerability) ? Message-ID: <DTiotGxQ0bj6-pn2-4TBdt6sdUP33@dave2_os2.home.ours>   1 On Sun, 7 May 2006 22:57:29 UTC, "Richard Maher"  $ <maher_rj@hotspamnotmail.com> wrote:   > Hi,  > @ > "Richard B. Gilbert" <rgilbert88@comcast.net> wrote in message, > news:eKednSQX1NQGYcDZRVn-jA@comcast.com...F > > Would you prefer that the details of each vulnerability and how to- > > exploit it were published on comp.os.vms?  > M > I would prefer the details of each vulnerability and how to protect against K > it. (Obviously I'd prefer it if there were no vulnerabilities at all, but   > hey it's not a perfect world.) > > > > IF you can't find out, the crackers probably can't either. > M > That's the spirit! Why didn't Homeland Security think of that and just save N > 1.25 million? I'll think you'll find that the hackers out there are probablyN > far more dedicated to the cause and certainly have more resources than lowly > moi. > H > > If you could find out, do you have the resources to fix the problem? > N > If it was in my code yes. I do concede your point about the timing window ofL > opportunity but we are talking about prevention here aren't we? Or are we? > L > > Not being part of the "in group" may sting but limiting the distributionD > >   of the details seems to have worked quite well over the years. > I > You're right! Just look at what maintaining the clique has done for VMS K > growth over the years. We're kickin' arse! When there are no customers at M > all then there will be absolutely zero vulnerabilities. Excellent strategy!  > N > Anyway, I'm off to the office to burn that Bin Laden bible "The Guide to VMSH > Security". What the hell were they thinking when they brought out that& > little How-to-Hack guide? The fools!  C One possible _good_ reason for just keeping it tight and not 'just  C fixing' it is perhaps that the elapsed time window for unsupported  F (i.e. out-of support) versions of VMS could actually be quite long... F Presumably, users of such versions would prefer the details kept quiet! if there is no defense available.    --   Cheers - Dave W.   ------------------------------   Date: 8 May 2006 04:20:37 -0700 # From: "Al" <hobbit_cis@yahoo.co.uk> + Subject: Re: What does ANA/DISK/REPAIR do ? C Message-ID: <1147087237.620427.323150@u72g2000cwu.googlegroups.com>    JF Mezei wrote:  > AEF wrote:L > >> http://h71000.www7.hp.com/doc/82FINAL/6048/6048pro_083.html#stages_adsk > G > many thanks. Exactly what I was looking for. Interestingly though, it B > doesn't seem to mention performaing the "file marked for delete"I > operations to recuparate space. (although I suspect that the wording of & > the text probably encompasses this). > J > There really should be a /VERBOSE option that would have ANA/DISK output- >  informtion on each phase it is performing.   E By default it is verbose, I think, but you can always put /CONFIRM on @ the command line and it will ask you whether you want to do eachG operation before you do it. The usual way to use this untility, though,  is $ ANAL /DISK /NOREPAIR     .      .      . 1 $ ANAL /DISK /REPAIR       ! /CONFIRM if you wish    Al.   & (These PC things'll never catch on...)   ------------------------------  % Date: Sun, 07 May 2006 23:43:45 +0200 / From: Paul Sture <paul.sture.nospam@hispeed.ch>  Subject: Re: [OT] Humour; Message-ID: <2660f$445e6a13$50db5015$25704@news.hispeed.ch>    Phaeton wrote: > , >     Which UNIX system admin are YOU :-)  ? > < >     http://www.vaiism.com/bigadmin/sysadmin_fieldguide.txt >   / Here are another couple, fresh into my mailbox:   I "The Hackers Test" - first written in 1989, so somewhat dated, but still   fun:  7 http://www.neystadt.org/john/humor/The-Hackers-Test.htm   $ "Windows XP boots on a Macbook Pro":  3 http://www.mathcaddy.com/windowsxpbootsonamac!!!!1/    ------------------------------   End of INFO-VAX 2006.255 ************************                                                                                                                                                                                                                                                                                                                    	QdָB
*.I¢v? 8WtCuGQ/v\YЏѰ&[L1sV2c?ʝ(FF413T/F]Uh|BT[fPG7N͸j׵_Tg^mp}}Z}q
=&ؘy$~r450KDF27$KYD,ل-.V&vPH`*mcF,%jR.,-P)mnoqL.|>D.n@0%-US3L]ʃa4ˤ8~!$͇UOA|:TZQa3
?*@@Zߏ@5szAF|v
zw)r*0b~Ϗu-3zMu_4,%&=vc