Just my two cents... there are many reasons why a supported and updated version
is important, and why mainframe is just an other (big, complex) server in the
computer room.
Linux on z: servers that were located in DMZ, now running on z usually without
fw ("because it slows communication").
I also involved in a case where client error destroyed a large complex database
while the user used unsupported version. IBM refused to support them (ibm
Israel did support). At the end, I had to unload parts of the database,
correlate them and delete destroyed ones.
Software should be one step behind last ptf and red alerts should be inserted
immediately.
נשלח מה-iPad שלי
ב-12 ביולי 2017, בשעה 19:21, Charles Mills <[email protected]> כתב/ה:
> It's not Windows versus z/OS. Whether it is number of instances or number of
> viruses or number of mentions in airline magazines, that battle was over a
> long time ago.
>
> "Windows has more viruses than z/OS" is not a substitute for being
> up-to-date with support and patches. "But Windows is much worse" will not
> get your data or your money or your ATM network back.
>
> I work for a z/OS security software vendor. We had a prospect tell us they
> were not going to buy our product because "they had a lot of Windows systems
> and only one z/OS system, so they were not focusing on z/OS." Do you see the
> logical flaw there?
>
> It's not the malware you know about that should worry you the most. The
> phrase "zero day exploit" comes to mind.
>
> Charles
>
>
> -----Original Message-----
> From: IBM Mainframe Discussion List [mailto:[email protected]] On
> Behalf Of R.S.
> Sent: Wednesday, July 12, 2017 8:30 AM
> To: [email protected]
> Subject: Re: Running unsupported is dangerous was Re: AW: Re: LE strikes
> again
>
> W dniu 2017-07-12 o 15:53, Charles Mills pisze:
>>> I know some malware for Win10, but I cannot remind any for z/OS 1.4...
>> Partially because most of the community has a policy of publicizing
>> vulnerabilities, but z/OS does not. The fact that you do not know of
>> any malware for z/OS 1.whatever does not mean that it does not exist.
>>
>> Or expanding on Timothy's point, if you were developing malware, you
>> would have an interesting decision which of the two operating systems to
> target.
>> Windows is high number of instances/low value each -- kind of the
>> WalMart shopping of malware opportunities. z/OS is low number of
>> instances/high value each -- kind of the Tiffany of malware
>> opportunities. With Windows you would take a shotgun approach: "how
>> many machines can I infect, and hope to make some money off of a
>> percentage?" so naturally some number of your targets would end up
>> discovered and publicized. With z/OS, you would take a very targeted
> approach: "what one machine can I break into and steal a lot?"
>> Whether you were successful or not, there might not end up being any
>> publicity.
>>
>> Phrasing it differently, for Windows you would develop "malware" --
>> mass market malware, that would end up with a name and publicity
>> (named by the anti-malware folks, not the authors). For z/OS, you
>> would develop a specific targeted attack. It might be an "approach,"
>> not a "malware package," and might not end up with a name (other than
>> "XYZ Bank's ATMs were down for the third day in a row ..." or "ABC
>> Airlines experienced a massive outage yesterday ...").
>>
>> The absence of evidence is not the evidence of absence.
>
> True, but ...I still rely more on z/OS 1.4 than on Windows 10. In case of
> Win10 I have proofs of evidence - it is a little bit more than lack of
> proofs.
> BTW: z/OS is quite old (including previous names) - how many viruses are
> known for this system? Yes, I know, the absence of evidence is not the
> evidence of absence - however it's 50+ years of the absence!
>
>
> Last, but not least: I'm NOT saying that running unsupported (and not
> patched) system is something good. Even for zOS family.
> However keeping very important data in Windows system is also not good idea,
> is it?
>
> ----------------------------------------------------------------------
> For IBM-MAIN subscribe / signoff / archive access instructions,
> send email to [email protected] with the message: INFO IBM-MAIN
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
