Keeping the OS/2 Flame Alive

nanday writes "Ever wondered what happened to OS/2? With IBM officially abandoning the operating system last year, users are relying on a third party version of OS/2 -- and, increasingly, using free and open source software to keep it alive." From the article: "According to Haverblad, the main reason that users stay with OS/2 is for 'features that Windows and Linux don't have yet.' He singles out the REstructured eXtended eXecutor (REXX), an interpreted programming language known for its ease of use, a 'rock solid kernel,' 'excellent multitasking,' and low system requirements. Haverblad also claims a lack of viruses and spyware and, referencing a report on OS/2 Warp Server by Secunia, fewer security vulnerabilities." Newsforge is also an OSTG site.

The problem is...

[ajiva]

Unfortunetly for OS/2 is that the installed software base is very small. So if you are content with whatever software is out there for OS/2 (old versions of browsers, etc) and don't have a fast computer then yes I agree OS/2 is worth it. Otherwise you're better off with Linux, Windows or maybe even Solaris.

OS/2

[certel]

I would still be using OS/2 if it was receiving regular updates for new hardware. I feel that if IBM was to relook at the OS, they may gain some market share because users are now more educated as to the workings of a computer.

Security Problems...

[Manip]

Considering the timeframe OS/2 was developed in, and its complexity excuse me if I don't believe it is secure. Most of the software from that timeframe has been shown to have a LOT of security problems, primarily because the training, and tools to discover holes didn't exist at the time.

Plus a complete OS that is secure? ... I don't think so... Linux, and BSD, in their lifetimes have had lots of security problems, particularly as they have grown in popularity.

If OS/2 was released OpenSource tomorrow and got popular you'd have it with the MOST security venerabilities by years end I guarantee it.

The ONLY reason OS/2 /appears/ to be secure is because it isn't worth any one's time trying to crack it.

REXX

[Shag]

I used to code in REXX in 1989.

It was pretty handy for scripting, useful as "glue" between different things and all that.

By 1989 standards, mind you.

I think modern things (like AppleScript/Automator) can probably do everything REXX could ever do, and more, while being more readable to us humans.

Re:A worthy attempt but...

[kwandar]

I tend to agree. I had/have OS/2 v4 and maybe I'll get around to adding it to Grub, but its really a legacy system at this point. What I would like to see, is for OS/2 to be open sourced. I'm sure IBM wouldn't care, but I suspect there may be some legacy MS component lurking in the background, as it was orignally a joint MS/IBM venture. Who knows - an open sourcing of API's could help. Even MS might benefit if they really thought about it, as its old technology and, as they view open source as a competitor, better that open source spend time on the old, rather than the new.

Re:Security Problems...

[SatanicPuppy]

Barring a few stupid corporations (*cough* Diebold *cough*), most ATMs accept extremely limited input, and have a very narrow range of possible actions they can take with that input, so there really isn't much to gain by hacking an ATM, and no real way to do it, because it's not really set up for that, and isn't running other, exploitable, services.

Now, those Diebold machines that run Windows, on the other hand...I've seen screenshots of those things after a bluescreen, with the browser up, and the media player going. I'd bet there was a way to get them to spit out their complete internal cash supply. That's a good 250k, if it's full. Can you insert a buffer overflow on the back of an ATM card?

REXX is NOT unique to OS2

[forgotten_my_nick]

http://www-306.ibm.com/software/awdtools/obj-rexx/ [ibm.com]

We have apps running in Object REXX on Windows.

Re:OS/2

[garcia]

I feel that if IBM was to relook at the OS, they may gain some market share because users are now more educated as to the workings of a computer.

You're joking right? OS/2 failed during a time when it was MORE likely that people using computers would understand them. Now, with OSs that nearly force you to NOT know about computers (by hiding everything behind purty graphics) people know even less about how their computers interact with the OS.

Just because more people can *use* computers doesn't mean that they know how they work.

Claiming lack of virii due to quality of OS

[TheSkepticalOptimist]

Could we stop chauking up the lack of virii to the quality of the OS?

I mean, honestly, no OS/2 virii? Is there any reason to target the 10 people out there still running OS/2 Warp with a virus?

While I will agree that good OS design will prevent the kind of zombie take over of a machine that allow viruses to propogate and activate without user intervention, I don't believe for a second that ANY OS is virus proof.

Virii are weapons of mass desctruction, that is, they want to have the greatest number of targets. An OS/2 virus, even if it had a 100% infection rate, would not make the news rounds, and might get a quick blurb on Slashdot. Virus writers are not going to waste time exploiting OS/2.

We have seen a virus launched against OSX recently, probably due to the higher profile Apple has been getting recently with their new Macintel machines. Before this, people assumed OSX was virus proof, but its just that it wouldn't make an impact to write an OSX virus unless the writer can claim some fame by having it affect the greatest number of people and be talked about in the news.

Also, when it comes to OS/2 having lower system requirements, it WAS written for computers designed about 15 years ago. I doubt OS/2 Warp server would be able to run or peform well with the typical client load that most servers today have to contend with. Email spam filtering alone can bring a modern server to its knees, I doubt OS/2 Warp Server would be able to function properly with 256mb of RAM, 10 gb hard drive space running on a Pentium class CPU even handling the email load a typical small business puts on today's servers.

Anyways, I don't believe that OS/2 has any better ability to fight off virii then any other OS, just that its been forgotten about except by those too cheap to upgrade to a new computer and OS.

Rexx programmer!

[SlippyToad]

Sorry, I actually program in REXX, and "ease of use" is not the first thing that comes to mind. FUCKING HEADACHE, maybe. There are a dozen languages right handy that are easier to use, and especially debug, than REXX. Whenever possible I avoid it. If I'm doing glue scripting, TCL is my language of choice these days.

Insightful? This is just fallacy after fallacy.

[Jerk City Troll]

Considering [OS/2's] complexity excuse me if I don't believe it is secure.

Complexity and security are not oppposites. All modern operating systems are complex but they tend to have varying levels of security. Cryptography and fine-grained access control significantly increase complexity but also harden a system. In otherwords, complexity can make security weaker or stronger.

Most of the software from that timeframe has been shown to have a lot of security problems

Given multiple products competing in the same space for any timeframe, some will have lower standards than others. You cannot conclude logically that all products for a given timeframe will therefore have lower standards. The reality is quite the opposite of your statement. OS/2 had a market presence the same time as DOS and Windows 3.1 but it was far superior, offering features found in all operating systems today. In terms of stability and security, it was years ahead of the game, hence its popularity. When a system is designed does not necessarily indicate its performance for any metric. How a system is design and built, on the otherhand, does.

[T]he training, and tools to discover holes didn't exist at the time.

What training would that be? The techniques for cracking systems today have been around for as long as computing. Computer science and cryptography with computers are likewise just as old as any computer system. As for tools, you mean debuggers, packet sniffers, profilers, and so forth?

If OS/2 was released [open source] tomorrow and got popular you'd have it with the most security [vulnerabilities] by years end I guarantee it.

Besides your guarantee, what are the reasons for this? Apache HTTPD is open source yet has far fewer vulnerabilities than Internet Information Server. Why does open source mean more vulnerabilities?

The only reason OS/2 appears to be secure is because it isn't worth any one's time trying to crack it.

Or perhaps it is well designed. Another false argument along these lines is used to explain why Windows has more vulnerabilities than any given Linux distro: because its ubiquity. When you consider the wide-spread use of Apache versus IIS, you see this argument holds no water.

IBM support was SOOO uneven

[gelfling]

Even when it was a so called supported product, we could never understand why they had zero interest in developing a browser. When they finally did it was a personal project of guys inside IBM that got product-ized but basically not supported. Similarly the nntp client and bunch of other stuff like that.

We could never understand why IBM could NEVER fix the single threaded IO queue no matter how many times we complained about it.

We could never understand why they never made an effort to improve or at least fix the fixpack process which could often as not leave you with a non operating system.

We could never understand why the desktop utilities were so incomplete that freeware or sharware like FM/2 were necessary.

We could never understand why we could get a bunch of APPC/APPM com tech support engineers on the phone but NO ONE inside the company was allowed to acknowledge the existence of Ethernet.

Re:Insightful? This is just fallacy after fallacy.

[heinousjay]

When you consider the wide-spread use of Apache versus IIS, you see this argument holds no water.

All I really see from this statement is that you have no understanding of logic. That's not too much of a problem here on Slashdot - handwaving and misdirection seem to win most arguments I read on this site.

Note: I am not speaking to the assertions regarding vulnerabilities in any way. I am merely pointing out that the quoted statement has no value as the rebuttal it was intended to be.

Re:REXX is NOT unique to OS2

[Flashpot]

IIRC, REXX was originally developed *ON* S/370. It was found to be so useful that it quickly spread around to all of IBM's platforms, although it's rather broken on AS400|iSeries|System I5|whatever they're calling it these days.

Re:Insightful? This is just fallacy after fallacy.

[Jerk City Troll]

All I really see from this statement is that you have no understanding of logic.

If an argument supports that a claim is true in general, the argument is shown to be invalid if an example to the contrary is found. Mind clarifying the mistake for my benefit?

What OS/2 and AmigaOS taught me

[Sloppy]

It doesn't matter how awesome it is. If it isn't free, then PHBs control its destiny, and the users are probably doomed to suffer from lack of maintenance. And no matter how much they want it, no matter how much they love it, no matter how loudly they cry or scream, they are impotent.

Been there, done that. Never again. I now use software that I am 100% certain will last forever. Linux may not be as fast as Amiga OS and KDE may not be as "nifty" as WPS (although it's actually getting pretty decent), but at least I don't have to worry about the future. Even the Microsofties aren't this safe.

Re:Argh OS/2 Story... Must... Post...

[Greyfox]

Ugh don't get me started. Personally I think what they could have done was have Gerstner format a floppy and edit a document at the same time. That would have made for a neat and VERY pointed commercial. It took Windows YEARS to be able to do the same thing.

One of the problems, as I said, was the IBM attitude of the time. PCs were still considered toys and no one in the company seemed to see the writing on the wall that in a matter of a few years those PCs would surpass a lot of the bigger iron that the company was making money on.

They got complacent and they rested on their laurels and Microsoft realized they were a threat and stepped up the attack at the same time. A lot of factors came together to kill OS/2 and I think it set the industry back by a number of years. Then again, if everyone had gone the OS/2 route, Linux might not have taken off so well and I'm much more comfortable in Linux :-)