Mainframe, MVS and zOS Discussion

Hi,

Why it is always said that the mainframe is so secure and the virus can't affect the mainframe? Historically is this never happened?

Because Punched Cards are "read only".

I'd believe that any "virus" is created to do a damage in "any" environment and to do that it (program - the virus) should have the capability of execution in the said environment. If you can't execute your virus-program, you really can't do damage. Now, accepting the fact that the "virus" must acquire an "authority" to access and possibly change the data and programs we also need to consider the fact that to attain these attributes in a mainframe environment are difficult (if not impossible).

Said that, I believe mainframes can be impacted by viruses but you need to be very skilled to do that...the industry is, anyways, in lack of mainframe programmers for more than a decade now -- so getting virus on mainframes is a distant possibility!


That's an interesting take on it William!

Theoretically, a virus could be written that would recompile itself on each platform and could thus impact a mainframe. However, the mainframe architecture is radically different from the Intel architecture used for Windows and Unix machines (Intel machines use ASCII while mainframes use EBCDIC just as one example) and hence would require a compile for the virus to be executable on the mainframe. Most mainframe sites have security implemented which could prevent such a recompile. I don't think it is impossible for a mainframe virus to be developed, but the difficulty is probably 2 or 3 orders of magnitude more difficult than Windows viruses.

Probably in my view Virus could be be still injected only by the person within the SYSTEM as most of the access related things are stopped by the "RACF"
May be some naughty admin could think of doing it at cost off some severe punishment and loss of job

William Collins wrote:Because Punched Cards are "read only".

But we don't use punch cards. All is on computers now. And for many comapnies it is outsourced but it is still secured?

But we don't use punch cards

&holy &deity ...
looks like You do not have a bit of sense of humor

Yes, it was a joke.

Think of something a virus does, like trash a hard-disk. How would you trash a hard-disk on a Mainframe? Attach itself to another executable file? Scan your email folder and send itself to everyone?

In many years I've only ever once managed to trash a Mainframe hard-disk (and it was an accident, and recoverable (from the image backups which fortunately had been taken earlier that day).

Understand that it was a joke but is it that virus never attacked mainframe becuause it never had general users using it? And it is used only by "maintainence" programmers?

but is it that virus never attacked mainframe becuause it never had general users using it? And it is used only by "maintainence" programmers?

I don't really think you understand the previous posts.  There are MILLIONS of "general user(s)" of mainframes every day.  And thousands of application programmers (I assume that is what you meant by "maintanance (sic) programmers" use the mainframe every day.  Writing a virus for a mainframe could probably be done -- but it would be MUCH more difficult that writing a virus for a Windows machine; the architecture is radically different, the underlying principles of operation are radically different, the security process on the mainframe is radically different, and so forth.  How would the virus spread since most mainframes are isolated from the internet?