OK, so how much of that is due to inherent differences between Windows and z/OS and how much is due to a comparative lack of knowledge and expertise in the black hat community about techniques to penetrate z/OS? I'm pretty sure it's much more the former, but the question needs asking.
On Sat, Apr 23, 2022, 07:48 Bob Bridges <[email protected]> wrote: > I agree that careless (or ignorant) security administration can make any > box open to hackers, no matter how good the provisions made available in > the OS. But it's not the only factor. Two guys, one on a system Z and one > on a Windows box, exerting about equal care for their security, will have > vastly different outcomes, statistically speaking. Or 500 guys and 500 > guys on a thousand systems, if you prefer. > > --- > Bob Bridges, [email protected], cell 336 382-7313 > > /* "Separation [of church and state]" means pretending you're not a > Christian during office hours. -Joseph Sobran */ > > -----Original Message----- > From: IBM Mainframe Discussion List <[email protected]> On Behalf > Of zMan > Sent: Saturday, April 23, 2022 00:16 > > Sorry, I find this "survey" meaningless as reported. Figure 1 says it's > showing downtime, then the text says it's a percentage of systems that > have reported a data breach. Which is it? > > I'd be willing to believe this if it had all x86 servers grouped together. > I don't believe there's something that makes the x86 machines listed > magically resistant to attacks. Z, Itanium (Superdome), Power -- sure: not > that they're necessarily inherently more resistant (the OS may be, but bits > is bits) but they're less common so there are fewer folks bothering to > attack them. > > I'm 100% sure that the good ratings for high-end servers have more to do > with who buys them than the servers themselves. Sort of like saying > "Supercars have better paint finish after several years than low-end cars" > -- right, because they're bought by folks who can afford to take care of > them. People who buy white-box servers are generally not high-end shops, > aren't investing in the things that make them more secure. That also > explains the alleged faster detection. > > ---------------------------------------------------------------------- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to [email protected] with the message: INFO IBM-MAIN > ---------------------------------------------------------------------- For IBM-MAIN subscribe / signoff / archive access instructions, send email to [email protected] with the message: INFO IBM-MAIN
