On Fri, 18 Apr 2008 16:02:41 -0700, Main, Kerry wrote:

I know it isn't Row Address Strobe. Usually I can decode the acronym
from the context, but this one has me stumped, guess I am getting dumb.

"
Mainframe-Class RAS in the Processor
The Intel Itanium processor was designed from its inception to
deliver mainframe-class availability. It incorporates leading RAS
capabilities for detecting, correcting and containing the kinds of
unavoidable hard and soft errors that can bring down systems or
corrupt data (Table 1 on next page).
"

I discovered I couldn't cut and paste the above quote from Opera, but
Firefox let me, FWIW.
--
PL/I for OpenVMS
www.kednos.com

In article ,
"Tom Linden" wrote:

> On Fri, 18 Apr 2008 16:02:41 -0700, Main, Kerry wrote:
>
> I know it isn't Row Address Strobe. Usually I can decode the acronym
> from the context, but this one has me stumped, guess I am getting dumb.
>
> "
> Mainframe-Class RAS in the Processor
> The Intel Itanium processor was designed from its inception to
> deliver mainframe-class availability. It incorporates leading RAS
> capabilities for detecting, correcting and containing the kinds of
> unavoidable hard and soft errors that can bring down systems or
> corrupt data (Table 1 on next page).
> "
>
> I discovered I couldn't cut and paste the above quote from Opera, but
> Firefox let me, FWIW.

I'm 99% sure they are referring to this meaning of RAS (and not Remote
Access Server):



"Reliability, Availability, and Serviceability for the Always-on
Enterprise"

--
Paul Sture

Sue's OpenVMS bookmarks:
http://eisner.encompasserve.org/~stu...bookmarks.html

On Apr 19, 1:56 pm, "Tom Linden" wrote:
> On Fri, 18 Apr 2008 16:02:41 -0700, Main, Kerry wrote:
>
> I know it isn't Row Address Strobe. Usually I can decode the acronym
> from the context, but this one has me stumped, guess I am getting dumb.
>
> "
> Mainframe-Class RAS in the Processor
> The Intel Itanium processor was designed from its inception to
> deliver mainframe-class availability. It incorporates leading RAS
> capabilities for detecting, correcting and containing the kinds of
> unavoidable hard and soft errors that can bring down systems or
> corrupt data (Table 1 on next page).
> "
>
> I discovered I couldn't cut and paste the above quote from Opera, but
> Firefox let me, FWIW.
> --
> PL/I for OpenVMSwww.kednos.com

In this context, RAS usually decodes to something like Reliability,
Availability, Serviceability.

I haven't had a proper look at the paper yet. What I did note from a
quick look was that it seemed heavy on benefits and handwaving, light
on real features required to provide real benefits - other than
largely-irrelevant core lockstep, the "two bit" thing is the only
feature I remember reading about. Some of the features/benefits seemed
more like OS kind of things (is "page poisoning" a hardware feature or
something any half-decent OS does for you?). Hopefully later in the
week I'll be back.

The other point to note is that, despite their recent delivery issues,
the real technical competitor to Itanium is imo AMD64. AMD64 and Xeon
may have mostly the same instruction set, but my reading of the AMD64
architecture and current implementations is that they seem, shalll we
say, less legacy-bound than Xeon. CSI (or whatever it's called this
week) may reduce some of that gap, perhaps.

2c
John

> -----Original Message-----
> From: P. Sture [mailtoaul.sture.nospam@hispeed.ch]
> Sent: April 20, 2008 5:23 AM
> To: Info-VAX@Mvb.Saic.Com
> Subject: Re: Intel Itanium RAS Comparison with X86
>
> In article ,
> "Tom Linden" wrote:
>
> > On Fri, 18 Apr 2008 16:02:41 -0700, Main, Kerry
> wrote:
> >
> > I know it isn't Row Address Strobe. Usually I can decode the acronym
> > from the context, but this one has me stumped, guess I am getting
> dumb.
> >
> > "
> > Mainframe-Class RAS in the Processor
> > The Intel Itanium processor was designed from its inception to
> > deliver mainframe-class availability. It incorporates leading RAS
> > capabilities for detecting, correcting and containing the kinds of
> > unavoidable hard and soft errors that can bring down systems or
> > corrupt data (Table 1 on next page).
> > "
> >
> > I discovered I couldn't cut and paste the above quote from Opera, but
> > Firefox let me, FWIW.
>
> I'm 99% sure they are referring to this meaning of RAS (and not Remote
> Access Server):
>
>
>
> "Reliability, Availability, and Serviceability for the Always-on
> Enterprise"
>
> --
> Paul Sture
>
> Sue's OpenVMS bookmarks:
> http://eisner.encompasserve.org/~stu...bookmarks.html

Slightly different versions of RAS are kicking around:
1. RAS = reliability, availability, serviceability (most common)
2. RAS = reliability, availability, scalability

Fwiw, I like to refer to RASS which is 1. Or 2. + Security


Regards

Kerry Main
Senior Consultant
HP Services Canada
Voice: 613-254-8911
Fax: 613-591-4477
kerryDOTmainAThpDOTcom
(remove the DOT's and AT)

OpenVMS - the secure, multi-site OS that just works.

In article

>,
"Main, Kerry" wrote:

> Slightly different versions of RAS are kicking around:
> 1. RAS = reliability, availability, serviceability (most common)
> 2. RAS = reliability, availability, scalability
>
> Fwiw, I like to refer to RASS which is 1. Or 2. + Security

Thanks.

--
Paul Sture

Sue's OpenVMS bookmarks:
http://eisner.encompasserve.org/~stu...bookmarks.html

In article ,
"Main, Kerry" writes:
>
>> -----Original Message-----
>> From: P. Sture [mailtoaul.sture.nospam@hispeed.ch]
>> Sent: April 20, 2008 5:23 AM
>> To: Info-VAX@Mvb.Saic.Com
>> Subject: Re: Intel Itanium RAS Comparison with X86
>>
>> In article ,
>> "Tom Linden" wrote:
>>
>> > On Fri, 18 Apr 2008 16:02:41 -0700, Main, Kerry
>> wrote:
>> >
>> > I know it isn't Row Address Strobe. Usually I can decode the acronym
>> > from the context, but this one has me stumped, guess I am getting
>> dumb.
>> >
>> > "
>> > Mainframe-Class RAS in the Processor
>> > The Intel Itanium processor was designed from its inception to
>> > deliver mainframe-class availability. It incorporates leading RAS
>> > capabilities for detecting, correcting and containing the kinds of
>> > unavoidable hard and soft errors that can bring down systems or
>> > corrupt data (Table 1 on next page).
>> > "
>> >
>> > I discovered I couldn't cut and paste the above quote from Opera, but
>> > Firefox let me, FWIW.
>>
>> I'm 99% sure they are referring to this meaning of RAS (and not Remote
>> Access Server):
>>
>>
>>
>> "Reliability, Availability, and Serviceability for the Always-on
>> Enterprise"
>>
>> --
>> Paul Sture
>>
>> Sue's OpenVMS bookmarks:
>> http://eisner.encompasserve.org/~stu...bookmarks.html
>
> Slightly different versions of RAS are kicking around:
> 1. RAS =3D reliability, availability, serviceability (most common)
> 2. RAS =3D reliability, availability, scalability
>
> Fwiw, I like to refer to RASS which is 1. Or 2. + Security

On a side note, I am once again serving with DOD (til mid August
this time) and we constantly hear the talk of "99.999% uptime
required" and "critical systems with lives depending on them".
And not a sign or mention of VMS anywhere, go figure. :-)

Somebody tell me again how DOD is one of VMS's biggest customers!

bill

--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999@cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include

> -----Original Message-----
> From: Bill Gunshannon [mailto:billg999@cs.uofs.edu]
> Sent: April 20, 2008 12:18 PM
> To: Info-VAX@Mvb.Saic.Com
> Subject: Re: Intel Itanium RAS Comparison with X86
>
> In article
> > t>,
> "Main, Kerry" writes:
> >
> >> -----Original Message-----
> >> From: P. Sture [mailtoaul.sture.nospam@hispeed.ch]
> >> Sent: April 20, 2008 5:23 AM
> >> To: Info-VAX@Mvb.Saic.Com
> >> Subject: Re: Intel Itanium RAS Comparison with X86
> >>
> >> In article ,
> >> "Tom Linden" wrote:
> >>
> >> > On Fri, 18 Apr 2008 16:02:41 -0700, Main, Kerry
>
> >> wrote:
> >> >
> >> > I know it isn't Row Address Strobe. Usually I can decode the
> acronym
> >> > from the context, but this one has me stumped, guess I am getting
> >> dumb.
> >> >
> >> > "
> >> > Mainframe-Class RAS in the Processor
> >> > The Intel Itanium processor was designed from its inception to
> >> > deliver mainframe-class availability. It incorporates leading RAS
> >> > capabilities for detecting, correcting and containing the kinds of
> >> > unavoidable hard and soft errors that can bring down systems or
> >> > corrupt data (Table 1 on next page).
> >> > "
> >> >
> >> > I discovered I couldn't cut and paste the above quote from Opera,
> but
> >> > Firefox let me, FWIW.
> >>
> >> I'm 99% sure they are referring to this meaning of RAS (and not
> Remote
> >> Access Server):
> >>
> >>
> >>
> >> "Reliability, Availability, and Serviceability for the Always-on
> >> Enterprise"
> >>
> >> --
> >> Paul Sture
> >>
> >> Sue's OpenVMS bookmarks:
> >> http://eisner.encompasserve.org/~stu...bookmarks.html
> >
> > Slightly different versions of RAS are kicking around:
> > 1. RAS =3D reliability, availability, serviceability (most common)
> > 2. RAS =3D reliability, availability, scalability
> >
> > Fwiw, I like to refer to RASS which is 1. Or 2. + Security
>
> On a side note, I am once again serving with DOD (til mid August
> this time) and we constantly hear the talk of "99.999% uptime
> required" and "critical systems with lives depending on them".
> And not a sign or mention of VMS anywhere, go figure. :-)
>
> Somebody tell me again how DOD is one of VMS's biggest customers!

DOD certainly is a big OpenVMS Customer. Whether you believe or not
is up to you. Not everyone buys into the hype technology of the day.


>
> bill
>
> --
> Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three
> wolves
> billg999@cs.scranton.edu | and a sheep voting on what's for dinner.
> University of Scranton |
> Scranton, Pennsylvania | #include

Yeah, and let me guess - the people saying this are under 30 (maybe 35)
and are promoting platforms like Windows and Linux that have 5-20 security
patches released each and every month. And that does not include the
fixes auctioned off privately at sites like this:

http://www.darkreading.com/document....WT.svl=news1_1

I'll bet the bad guys from other countries are loving these under
30 types.

:-)


Regards

Kerry Main
Senior Consultant
HP Services Canada
Voice: 613-254-8911
Fax: 613-591-4477
kerryDOTmainAThpDOTcom
(remove the DOT's and AT)

OpenVMS - the secure, multi-site OS that just works.

On Sun, 20 Apr 2008 09:17:53 -0700, Bill Gunshannon
wrote:

> Somebody tell me again how DOD is one of VMS's biggest customers!

Well, they are my biggest!

--
PL/I for OpenVMS
www.kednos.com

Main, Kerry wrote:

>> > Slightly different versions of RAS are kicking around:
>> > 1. RAS =3D reliability, availability, serviceability (most common)
>> > 2. RAS =3D reliability, availability, scalability
>> >
>> > Fwiw, I like to refer to RASS which is 1. Or 2. + Security


To me, RAS is marketing hype. I think that the motherboard/system design
has far more to do with "RAS" than the chip itself.


> DOD certainly is a big OpenVMS Customer. Whether you believe or not
> is up to you. Not everyone buys into the hype technology of the day.

It may not have anything to do about "buying hype technology of the
day". It may be more to do with some VMS customers stuck with VMS
because porting their apps would just cost too much. If you need to
recertify sopme application and this costs in the millions, they are
better off continuing those old apps on VMS as long as possible. But you
must ask yoursefl whetther the new apps are going to VMS or of they are
going to modern platforms.


> Yeah, and let me guess - the people saying this are under 30 (maybe 35)
> and are promoting platforms like Windows and Linux that have 5-20 security
> patches released each and every month. And that does not include the
> fixes auctioned off privately at sites like this:


Oh, this is so easy to reply to....

1- People under 30 (maybe 35) don't know about VMS, why ??? BECAUSE OF
LACK OF MARKETING. When will it ever sink into the VMS
management/engineering heads that widespread marketing IS IMPORTANT not
because it will drive sales up in mom-pop shops, but because it will
gets into the mindset of the very people who don't know about VMS now
and may consider it.

2- Read a really good interview some time ago with the head of the
mozilla project. She said that real security people don't compare
products (in that case firefox vs Internet Explorer) by the count of
patches, but rather by the length of time a known vulnerability exists
before it is patched.

If I were you, I would stop using that patch analogy. Consider that VMS
has had known security vulnerabilities for years now in its TCPIP
product. No patches in sight. For modern platforms with real development
resources, security vulnerabilities are measured in days/weeks before
the patch is available. For VMS, we don't even know if they will ever be
fixed.

Sorry, but that is a real sign to me that development resources have
been reduced to a bare minimum. If HP chooses to actively ignore what
is being said in comp.os.vms, it is its decision. But if as a result of
this, they also ignore serious descriptions of security vulnerabilities,
then the resposability falls back on HP.

Bill Gunshannon wrote:
[...]
>
> On a side note, I am once again serving with DOD (til mid August
> this time) and we constantly hear the talk of "99.999% uptime
> required" and "critical systems with lives depending on them".
> And not a sign or mention of VMS anywhere, go figure. :-)
>
> Somebody tell me again how DOD is one of VMS's biggest customers!

OK, but permit me to turn the question around a little bit:

With the uptime and life-saving requirements listed above, how does
Windows accomplish these goals? I realize that you can't go into detail
without killing me :-) but there must be general principles and rules
that illustrate the stability of Windows in these critical environments.

The reason I ask is because of a similar situation that I see in the
healthcare field. Many of you are probably acquainted with GE
Healthcare systems. You may have seen their logo on MRI or CAT scan
equipment, and there are other devices that they manufacture, as well.
Since these are critical clinical systems, they have strict uptime and
reliability requirements as well, since people's lives may depend on the
information they render.

I work on the "business" side of the healthcare industry, and we too,
have a system manufactured by GE. Luckily, our system is not clinical
but accounting-oriented. It's Windows-based, and a POS. M$ SQL is used
as the DB holding the information, and as often as not the information
is not available, slow in coming, or occasionally corrupted in some
fashion. Never mind the fact that our client PC's, which access the
server, suffer from the usual maladies common to the Windows platform.

I sure hope that the DoD systems are indeed more reliable than their
civilian counterparts. :-)
> bill
>

bradhamilton wrote:

> I sure hope that the DoD systems are indeed more reliable than their
> civilian counterparts. :-)

To the disbelief of the rest of the world, in 2004, the american public
re-elected a government who killed over 100,000 innocent iraqis.
Politically, precision is only important prior to the attack when
politicians brag about high tech weapons who will only destroy specific
targets and not kill any innocent civilians. Once the attack has
commenced, control of the USA media ensures that all the system problems
that result in loss of civilian life are not reported, so politicans get
away with in in the USA.

And in reality, the application is far more important than the operating
system. And having experienced people who know the strengths and
weakenesses of the OS will result in an application that is robust and
stable.

In article ,
"Main, Kerry" writes:
>
>> -----Original Message-----
>> From: Bill Gunshannon [mailto:billg999@cs.uofs.edu]
>> Sent: April 20, 2008 12:18 PM
>> To: Info-VAX@Mvb.Saic.Com
>> Subject: Re: Intel Itanium RAS Comparison with X86
>>
>> In article
>> >> t>,
>> "Main, Kerry" writes:
>> >
>> >> -----Original Message-----
>> >> From: P. Sture [mailtoaul.sture.nospam@hispeed.ch]
>> >> Sent: April 20, 2008 5:23 AM
>> >> To: Info-VAX@Mvb.Saic.Com
>> >> Subject: Re: Intel Itanium RAS Comparison with X86
>> >>
>> >> In article ,
>> >> "Tom Linden" wrote:
>> >>
>> >> > On Fri, 18 Apr 2008 16:02:41 -0700, Main, Kerry
>>
>> >> wrote:
>> >> >
>> >> > I know it isn't Row Address Strobe. Usually I can decode the
>> acronym
>> >> > from the context, but this one has me stumped, guess I am getting
>> >> dumb.
>> >> >
>> >> > "
>> >> > Mainframe-Class RAS in the Processor
>> >> > The Intel Itanium processor was designed from its inception to
>> >> > deliver mainframe-class availability. It incorporates leading RAS
>> >> > capabilities for detecting, correcting and containing the kinds of
>> >> > unavoidable hard and soft errors that can bring down systems or
>> >> > corrupt data (Table 1 on next page).
>> >> > "
>> >> >
>> >> > I discovered I couldn't cut and paste the above quote from Opera,
>> but
>> >> > Firefox let me, FWIW.
>> >>
>> >> I'm 99% sure they are referring to this meaning of RAS (and not
>> Remote
>> >> Access Server):
>> >>
>> >>
>> >>
>> >> "Reliability, Availability, and Serviceability for the Always-on
>> >> Enterprise"
>> >>
>> >> --
>> >> Paul Sture
>> >>
>> >> Sue's OpenVMS bookmarks:
>> >> http://eisner.encompasserve.org/~stu...bookmarks.html
>> >
>> > Slightly different versions of RAS are kicking around:
>> > 1. RAS =3D3D reliability, availability, serviceability (most common)
>> > 2. RAS =3D3D reliability, availability, scalability
>> >
>> > Fwiw, I like to refer to RASS which is 1. Or 2. + Security
>>
>> On a side note, I am once again serving with DOD (til mid August
>> this time) and we constantly hear the talk of "99.999% uptime
>> required" and "critical systems with lives depending on them".
>> And not a sign or mention of VMS anywhere, go figure. :-)
>>
>> Somebody tell me again how DOD is one of VMS's biggest customers!
>
> DOD certainly is a big OpenVMS Customer. Whether you believe or not
> is up to you. Not everyone buys into the hype technology of the day.

Belief has nothing to do with it. When one works in the DOD
environment and can point to only one project still using VMS
and that after more than 3 years of actually searching, just
how big a customer can they be? When you work for the agency
responsible for validating information systems within DOD and
that agencty does not even have a procedure for validating VMS
systems but treats each one as a unique and exceptional case,
you draw the conclusion.

>
>
> Yeah, and let me guess - the people saying this are under 30 (maybe 35)

No, actually my peers alone range in age from their 20's to nearly 60.
The people making policy tend to be at the higher end of the spectrum.

> and are promoting platforms like Windows and Linux that have 5-20 security
> patches released each and every month. And that does not include the
> fixes auctioned off privately at sites like this:
>
> http://www.darkreading.com/document.....svl=3Dnews1_1

You really are a "one hit wonder". Can't get off this and can't seem to
grasp the concept that there are perfectly secure Windows systems in use
all over. And we all know the rate at which Linux is growing. Seems the
only system conspicuous in its absence in the industry today is VMS.

>
> I'll bet the bad guys from other countries are loving these under
> 30 types.

Not sure where you found these supposed "under 30 types" but they sure
aren't the guys I work with in DOD every day. (For those of you who
are used to me being just someone in a University CS department and
having a hard time understanding where I am coming from, I am currently
back on active duty with the Army again for a while and at the place
responsible for all Army, and quite a bit of other DOD groups, IT
training, so I am not just wearing, or talking thru my academic hat!!) :-)

bill

--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999@cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include

In article ,
"Tom Linden" writes:
> On Sun, 20 Apr 2008 09:17:53 -0700, Bill Gunshannon
> wrote:
>
>> Somebody tell me again how DOD is one of VMS's biggest customers!
>
> Well, they are my biggest!

Well, you'll pardon me for saying this but if DOD VMS PL/I users make up
the majority of your business your a lot smaller than I thought.

bill


--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999@cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include

JF Mezei wrote:
> Main, Kerry wrote:
>
>>>> Slightly different versions of RAS are kicking around:
>>>> 1. RAS =3D reliability, availability, serviceability (most common)
>>>> 2. RAS =3D reliability, availability, scalability
>>>>
>>>> Fwiw, I like to refer to RASS which is 1. Or 2. + Security
>
>
> To me, RAS is marketing hype. I think that the motherboard/system design
> has far more to do with "RAS" than the chip itself.
>
>
>> DOD certainly is a big OpenVMS Customer. Whether you believe or not
>> is up to you. Not everyone buys into the hype technology of the day.
>
> It may not have anything to do about "buying hype technology of the
> day". It may be more to do with some VMS customers stuck with VMS
> because porting their apps would just cost too much. If you need to
> recertify sopme application and this costs in the millions, they are
> better off continuing those old apps on VMS as long as possible. But you
> must ask yoursefl whetther the new apps are going to VMS or of they are
> going to modern platforms.
>
>
>> Yeah, and let me guess - the people saying this are under 30 (maybe 35)
>> and are promoting platforms like Windows and Linux that have 5-20 security
>> patches released each and every month. And that does not include the
>> fixes auctioned off privately at sites like this:
>
>
> Oh, this is so easy to reply to....
>
> 1- People under 30 (maybe 35) don't know about VMS, why ??? BECAUSE OF
> LACK OF MARKETING. When will it ever sink into the VMS
> management/engineering heads that widespread marketing IS IMPORTANT not
> because it will drive sales up in mom-pop shops, but because it will
> gets into the mindset of the very people who don't know about VMS now
> and may consider it.
>

Marketing is important only if you want to sell the product! HP doesn't
want to market VMS. I think they just wish it would go away quietly!!

Bill Gunshannon wrote:

> Belief has nothing to do with it. When one works in the DOD
> environment and can point to only one project still using VMS
> and that after more than 3 years of actually searching, just
> how big a customer can they be?

That is because of the "I can tell you, but then i'll have to shoot you"
policy. Anyone who finds a VMS application is immediatly shot :-)

VMS is like field mice in a farm. You know they are out there, but you
can never actually find one. :-) :-) All part of VMS' decades long
stealth marketing.

Of course, with cats (linux/windows) prowling, the number of mice is
decreasing and nobody is doing anything about it. And since you don't
know the number of mice around, you can't quantify the loss of mice and
how many there are left.

In article <480B98FB.4070906@comcast.net>,
bradhamilton writes:
> Bill Gunshannon wrote:
> [...]
>>
>> On a side note, I am once again serving with DOD (til mid August
>> this time) and we constantly hear the talk of "99.999% uptime
>> required" and "critical systems with lives depending on them".
>> And not a sign or mention of VMS anywhere, go figure. :-)
>>
>> Somebody tell me again how DOD is one of VMS's biggest customers!
>
> OK, but permit me to turn the question around a little bit:
>
> With the uptime and life-saving requirements listed above, how does
> Windows accomplish these goals?

I keep trying, but most people here are just not willing to accept
the possibility even when it is shoved down their throats.

> I realize that you can't go into detail
> without killing me :-)

Of course I can. a lot of the information is publicly available. As
a matter of fact, organizations like DISA, NIST and even the NSA would
really like to see more people actualy follow the guidelines.

> but there must be general principles and rules
> that illustrate the stability of Windows in these critical environments.
>

http://iase.disa.mil/stigs/index.html

I apply a lot of this on the systems I manage at the University. I tend
to be a bit less draconian in the University environment than what I do
on DOD systems but even that has made the systems secure, stable and
reliable without adversely affecting the users ability to do what they
need to do.

> The reason I ask is because of a similar situation that I see in the
> healthcare field. Many of you are probably acquainted with GE
> Healthcare systems. You may have seen their logo on MRI or CAT scan
> equipment, and there are other devices that they manufacture, as well.
> Since these are critical clinical systems, they have strict uptime and
> reliability requirements as well, since people's lives may depend on the
> information they render.

And, considering that these machines are intended for one specific
use and are not general purpose PC's, I would expect that the more
draconian settings would be both acceptable and appropriate. I
would be willing to bet that the the PC's that run systems like this
are more often than not set up no different than the average home
system.

>
> I work on the "business" side of the healthcare industry, and we too,
> have a system manufactured by GE. Luckily, our system is not clinical
> but accounting-oriented. It's Windows-based, and a POS. M$ SQL is used
> as the DB holding the information, and as often as not the information
> is not available, slow in coming, or occasionally corrupted in some
> fashion. Never mind the fact that our client PC's, which access the
> server, suffer from the usual maladies common to the Windows platform.

If politics doesn't get in the way, start applying the guidelines you will
find at the web site I posted above and see the difference. Of course,
your users may start complaining about not being able to install that
really cool screensaver they found on the web. And they may start asking
why they can't find the Control Panel but that's just the price you have
to pay. :-)

>
> I sure hope that the DoD systems are indeed more reliable than their
> civilian counterparts. :-)

The DOD systems are just fine. But then, as much as people here refuse
to accept it, so are the systems in my civilian job. :-) Not a single
virus since Windows98 days. No BSOD that wasn't hardware related since
early Win2K. No problems at all on Server versions. But nobody is
going to take my word for it cause it's much more fun to bash MS than
to just fix things.

bill

--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999@cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include

In article <480bd69e$0$7307$c3e8da3@news.astraweb.com>,
JF Mezei writes:
> Bill Gunshannon wrote:
>
>> Belief has nothing to do with it. When one works in the DOD
>> environment and can point to only one project still using VMS
>> and that after more than 3 years of actually searching, just
>> how big a customer can they be?
>
> That is because of the "I can tell you, but then i'll have to shoot you"
> policy. Anyone who finds a VMS application is immediatly shot :-)

More bullcrap. The one system I found was thru a publicly posted job
vacancy announcement. It was for a Fortran programmer with VMS
experience. A legacy simulation system. What does that sound like?
Maintenance or development? Or maybe, a conversion?

bill

--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999@cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include

Bill Gunshannon wrote:
> In article <480B98FB.4070906@comcast.net>,
> bradhamilton writes:
[...]
>> I realize that you can't go into detail
>> without killing me :-)
>
> Of course I can. a lot of the information is publicly available. As
> a matter of fact, organizations like DISA, NIST and even the NSA would
> really like to see more people actualy follow the guidelines.
>
>> but there must be general principles and rules
>> that illustrate the stability of Windows in these critical environments.
>>
>
> http://iase.disa.mil/stigs/index.html

Thanks! Just to get this back OT :-) there's a OpenVMS checklist
document there. Of course, the doc is two years old, and only covers
VMS up to V7.3-N, but I suppose that means that VMS exists in DoD,
perhaps just not as visibly as other platforms. :-)

> I apply a lot of this on the systems I manage at the University. I tend
> to be a bit less draconian in the University environment than what I do
> on DOD systems but even that has made the systems secure, stable and
> reliable without adversely affecting the users ability to do what they
> need to do.
>
>> The reason I ask is because of a similar situation that I see in the
>> healthcare field. Many of you are probably acquainted with GE
>> Healthcare systems. You may have seen their logo on MRI or CAT scan
>> equipment, and there are other devices that they manufacture, as well.
>> Since these are critical clinical systems, they have strict uptime and
>> reliability requirements as well, since people's lives may depend on the
>> information they render.
>
> And, considering that these machines are intended for one specific
> use and are not general purpose PC's, I would expect that the more
> draconian settings would be both acceptable and appropriate. I
> would be willing to bet that the the PC's that run systems like this
> are more often than not set up no different than the average home
> system.

Most average "home" systems are "set up" with the defaults, which means
"wide open". I would expect (and hope) that any Windows system in a
hospital, especially those tasked with critical clinical functions or
monitoring, would be as locked-down as possible.

>> I work on the "business" side of the healthcare industry, and we too,
>> have a system manufactured by GE. Luckily, our system is not clinical
>> but accounting-oriented. It's Windows-based, and a POS. M$ SQL is used
>> as the DB holding the information, and as often as not the information
>> is not available, slow in coming, or occasionally corrupted in some
>> fashion. Never mind the fact that our client PC's, which access the
>> server, suffer from the usual maladies common to the Windows platform.
>
> If politics doesn't get in the way, start applying the guidelines you will
> find at the web site I posted above and see the difference. Of course,
> your users may start complaining about not being able to install that
> really cool screensaver they found on the web. And they may start asking
> why they can't find the Control Panel but that's just the price you have
> to pay. :-)

Politics, no.

I would get the former question a lot more frequently than the latter
question. :-)

>> I sure hope that the DoD systems are indeed more reliable than their
>> civilian counterparts. :-)
>
> The DOD systems are just fine. But then, as much as people here refuse
> to accept it, so are the systems in my civilian job. :-) Not a single
> virus since Windows98 days. No BSOD that wasn't hardware related since
> early Win2K. No problems at all on Server versions. But nobody is
> going to take my word for it cause it's much more fun to bash MS than
> to just fix things.

Since M$ is so ubiquitous (and Intel HW almost as) it would behoove most
of us to know how to secure these systems, whether the platform be
Windows or Linux. Years ago, I could turn up my nose at non-VMS
systems; these days, anything that pays the bills will do. I even
reboot my W2K PC at work regularly, because the applications work faster
and better when I do so. It would be nice to have newer, more reliable
systems, but I'll do the best with what I have.

In article <480BDF54.3090103@comcast.net>,
bradhamilton writes:
> Bill Gunshannon wrote:
>> In article <480B98FB.4070906@comcast.net>,
>> bradhamilton writes:
> [...]
>>> I realize that you can't go into detail
>>> without killing me :-)
>>
>> Of course I can. a lot of the information is publicly available. As
>> a matter of fact, organizations like DISA, NIST and even the NSA would
>> really like to see more people actualy follow the guidelines.
>>
>>> but there must be general principles and rules
>>> that illustrate the stability of Windows in these critical environments.
>>>
>>
>> http://iase.disa.mil/stigs/index.html
>
> Thanks! Just to get this back OT :-) there's a OpenVMS checklist
> document there. Of course, the doc is two years old, and only covers
> VMS up to V7.3-N, but I suppose that means that VMS exists in DoD,
> perhaps just not as visibly as other platforms. :-)

Actually, I think what it says is that there was a time when VMS was
popular enough in DOD that the effort needed to create and test those
was considered necessary. Which also says something about the fact
that they are not being kept up to date.

>
>> I apply a lot of this on the systems I manage at the University. I tend
>> to be a bit less draconian in the University environment than what I do
>> on DOD systems but even that has made the systems secure, stable and
>> reliable without adversely affecting the users ability to do what they
>> need to do.
>>
>>> The reason I ask is because of a similar situation that I see in the
>>> healthcare field. Many of you are probably acquainted with GE
>>> Healthcare systems. You may have seen their logo on MRI or CAT scan
>>> equipment, and there are other devices that they manufacture, as well.
>>> Since these are critical clinical systems, they have strict uptime and
>>> reliability requirements as well, since people's lives may depend on the
>>> information they render.
>>
>> And, considering that these machines are intended for one specific
>> use and are not general purpose PC's, I would expect that the more
>> draconian settings would be both acceptable and appropriate. I
>> would be willing to bet that the the PC's that run systems like this
>> are more often than not set up no different than the average home
>> system.
>
> Most average "home" systems are "set up" with the defaults, which means
> "wide open". I would expect (and hope) that any Windows system in a
> hospital, especially those tasked with critical clinical functions or
> monitoring, would be as locked-down as possible.

I would too, but everyone else here seems to insist that they are not.
I only point out that they can be.

>
>>> I work on the "business" side of the healthcare industry, and we too,
>>> have a system manufactured by GE. Luckily, our system is not clinical
>>> but accounting-oriented. It's Windows-based, and a POS. M$ SQL is used
>>> as the DB holding the information, and as often as not the information
>>> is not available, slow in coming, or occasionally corrupted in some
>>> fashion. Never mind the fact that our client PC's, which access the
>>> server, suffer from the usual maladies common to the Windows platform.
>>
>> If politics doesn't get in the way, start applying the guidelines you will
>> find at the web site I posted above and see the difference. Of course,
>> your users may start complaining about not being able to install that
>> really cool screensaver they found on the web. And they may start asking
>> why they can't find the Control Panel but that's just the price you have
>> to pay. :-)
>
> Politics, no.
>
> I would get the former question a lot more frequently than the latter
> question. :-)
>
>>> I sure hope that the DoD systems are indeed more reliable than their
>>> civilian counterparts. :-)
>>
>> The DOD systems are just fine. But then, as much as people here refuse
>> to accept it, so are the systems in my civilian job. :-) Not a single
>> virus since Windows98 days. No BSOD that wasn't hardware related since
>> early Win2K. No problems at all on Server versions. But nobody is
>> going to take my word for it cause it's much more fun to bash MS than
>> to just fix things.
>
> Since M$ is so ubiquitous (and Intel HW almost as) it would behoove most
> of us to know how to secure these systems, whether the platform be
> Windows or Linux. Years ago, I could turn up my nose at non-VMS
> systems; these days, anything that pays the bills will do. I even
> reboot my W2K PC at work regularly, because the applications work faster
> and better when I do so. It would be nice to have newer, more reliable
> systems, but I'll do the best with what I have.

Believe it or not, you will not only be more secure if you apply the
sytuff you will find at DISA but you may also find the systems more
stable and running better. It has somewhat to do with all the extra
crap that Wndows runs by default that is totally unnecessary and is
eliminated by the scripts.

bill


--
Bill Gunshannon | de-moc-ra-cy (di mok' ra see) n. Three wolves
billg999@cs.scranton.edu | and a sheep voting on what's for dinner.
University of Scranton |
Scranton, Pennsylvania | #include