Hi John

I don't disagree with much of what you say; my own observations mirror pretty much what the report says: there are a load of poorly secured machines out there. One of the reasons for this situation that occurs to me is that over time many smaller shops have fallen into a situation where the system i is neglected by the business because it just runs. The upshot of this is that the time and effort is spent on the PC assets rather than the system i. I have yet to see a unix box that didn't have a knowledgeable resource looking after it, whereas I have seen many system i's that are on site, ticking over day after day, with essentially no-one responsible for them.

You refer to the usually more critical nature of the data stored on the iSeries compared to the data stored on the plethora of Windows boxes out there. It is unfortunate but true - at least in my estimation - that the vast majority of your average managers would consider their email, spreadsheets and word documents of more importance and value than any corporate data bases, at least until you forced them to think about it :) For sure they would break into more of a sweat at the thought that their email could be lost of compromised compared to inventory data being accessible to just anyone who can get onto a machine on their network. This is another reason for the attention these machines get - every manager and pretty much every employee in the an organisation winds up acting as an advocate for "getting something done" about security on the Windows boxes because they have one. they feel they are educated about this stuff and they want THEIR box fixed. Obviously the CEO's PA is one of these voices too... :)

Out of curiosity, is CL one of the languages that will also allow the pointer exploit you mentioned now that it has support for pointers under V5R4 ?

Evan Harris

I think you are right on target here.  Everyone knows Windows systems
have security problems and need attention, and organizations spend loads
of time, money, and people on the problem.  OS/400 does not squeak
nearly as loud, and so organizations can get lulled into a false sense
of security.  They shouldn't be.  It's a computer system. It has
valuable data (arguably more important data than Windows systems).  It
should be properly protected from loss, damage and theft.


John Earl | Chief Technology Officer
The PowerTech Group
19426 68th Ave. S
Seattle, WA 98032
(253) 872-7788 ext. 302
Celebrating our 10th Anniversary Year!

Return to Archive home page | Return to MIDRANGE.COM home page