My perspective is that at some point you have to consider that security wasn't as great of a threat actor in the 1980's. Even only in the last decade have we seen us move from IT security to more cyber security measures for the average organization.
Those systems were designed with security in mind for the environment and threat model of that time. It is why these types of things are grandfathered or improved upon to mitigate the latest scenarios and threat actors. The difference is that they probably couldn't foresee that it would remain the foundation for so long, and what todays world would look like.
Those systems were designed with security in mind for the environment and threat model of that time. It is why these types of things are grandfathered or improved upon to mitigate the latest scenarios and threat actors. The difference is that they probably couldn't foresee that it would remain the foundation for so long, and what todays world would look like.