Interesting article. I'm not much of an OS guy, anyone can shed more light into the subject? Why the object oriented operating systems was integral to the OS's ability to withstand intrusion?
I can't comment on the "never been infected" claim, but the AS/400 does have an unusual architecture based on something
called "capabilities" that provide support for objects and protection in the hardware (actually, the microcode). Then the OS is built on that. There is a detailed explanation of how this works in the AS/400 ancestor System/38
in chapter 8 in this book:
I'm not an OS guy either, but the article is setting off my baloney detector.
There's nothing inherent in OOP which is going to make it magically secure. It just seems like a spurious fact about OS/400 (and I say that as someone with very little knowledge of it, although I did use it as an 8 year old). Moreover, (maybe) there's no public record of infected instances, but that doesn't mean it didn't happen.