On Apr 2, 2012, at 10:46 AM, "R.S." <r.skoru...@bremultibank.com.pl> wrote:
> .... > The same with unauthorized code - maybe the system is not bulletproof, but we > have no documented case of such flaw. Sorry, but you are totally wrong there. Absence of publicized cases does not imply absence of cases. These matters are generally NOT publicized in order to avoid encouraging copycats - particularly in the financial sector. As for evidence; long ago in a previous life, I was *personally* involved in detecting/collecting evidence for prosecution in three separate cases where insiders (one sysprog and two operators) exploited integrity holes. One was proven to be an attempt at theft on a significant scale. One was an attempt at destructive behavior by a soon to be ex employee and the third was just some fool poking around to see what he could do - or that was his story anyway. In all three cases the employees were terminated and one was prosecuted. This is THE reason why I make so much fuss about integrity issues. The community mythology that z/OS and it's ancestors are immune to these things is just a myth. I have seen it happen up close and personal and I don't believe there is anything special about my experience. If I encountered these things in the real world, I am fairly certain it must have been happening in a lot more places around the world. CC ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@bama.ua.edu with the message: INFO IBM-MAIN