Well that is what we call in the UK a load of BS.
Cobol or for that matter any programming language used for applications
has no bearing on the security of any system or systems.
Much more is the security procedures in place of any system that is
exposed to the internet directly or in-directly.
For the old password security systems which does not implement long
encrypted passwords all have such risks.
Modern system such as Linux, Unix, and may be OSX etc which do there is
inherent protection if suitable procedures for users is in place
including enforcing long password using full character blocks.
Trying to force a break in to a system using for example 64 characters
or larger security keys would be impractical to any hacker.
In house we use 1024 byte keys and enforce passwords of 16 chars and
greater where there are rules regarding a password construction.
Any installed security system that does not reject and locks down a user
/ password combo after three or so attempts is not worth the paper it is
written in.
Just my 5 pence worth.
On 26/09/15 22:46, Charles Mills wrote:
"... the OPM is facing a huge problem with modernizing its security measures
and tactics because of one acronym: COBOL. The programming language that
rose to prominence in the 1960s is rampant throughout the OPM and with the
advanced persistent threats federal agencies are experiencing, it's a
significant vulnerability."
-- http://fedtechmagazine.com/OPMhack
Charles
-----Original Message-----
From: IBM Mainframe Discussion List [mailto:[email protected]] On
Behalf Of Charles Mills
Sent: Friday, September 25, 2015 10:11 AM
To: [email protected]
Subject: Setting the writers right
A recurring theme here the past couple of weeks has been the "head in the
1960's" writing about mainframes in news stories and now soap operas.
Seriously, would it make sense for our community to put together a volunteer
team (under the auspices of SHARE? Or ... ?) that would maintain a watch for
stupid mainframe media putdowns and send off a packet of
layperson-accessible education to the offending writers, editors and/or
producers? Perhaps have a Website where writers could get current facts
about the mainframe? Would IBM participate in some way?
Any ideas? I volunteer to participate but not to lead.
----------------------------------------------------------------------
For IBM-MAIN subscribe / signoff / archive access instructions,
send email to [email protected] with the message: INFO IBM-MAIN
