List of Archived Posts
2004 Newsgroup Postings (01/28 - 02/27)
- Is DOS unix?
- The BASIC Variations
- The SOB that helped IT jobs move to India is dead!
- Two subjects: 64-bit OS2/eCs, Innotek Products
- Comments wanted on an authentication protocol
- small bit of cp/m & cp/67 trivia from alt.folklore.computers n.g. (thread)
- Mainframe not a good architecture for interactive workloads
- Mainframe not a good architecture for interactive workloads
- Mars Rover Not Responding
- A hundred subjects: 64-bit OS2/eCs, Innotek Products,
- Mars Rover Not Responding
- Is 3DES more secure than 384 bit RSA?
- pointless embedded systems
- The BASIC Variations
- The BASIC Variations
- harddisk in space
- The SOB that helped IT jobs move to India is dead!
- Seriously long term storage
- Seriously long term storage
- Worst case scenario?
- ARPAnet guest accounts, and longtime email addresses
- A hundred subjects: 64-bit OS2/eCs, Innotek Products,
- Hardware issues [Re: Floating point required exponent range?]
- Health care and lies
- The SOB that helped IT jobs move to India is dead!
- Who is the most likely to use PK?
- determining memory size
- updated merged (security) taxonomy & glossary
- Methods of Authentication on a Corporate
- The SOB that helped IT jobs move to India is dead!
- A POX on you, Dennis Ritchie!!!
- determining memory size
- The SOB that helped IT jobs move to India is dead!
- A POX on you, Dennis Ritchie!!!
- Next generation processor architecture?
- A POX on you, Dennis Ritchie!!!
- CHECKSUM CHALLENGE - (US$ 100)
- The SOB that helped IT jobs move to India is dead!
- The SOB that helped IT jobs move to India is dead!
- SSL certificates
- SSL certificates
- SSL certificates
- The SOB that helped IT jobs move to India is dead!
- The SOB that helped IT jobs move to India is dead!
- Foiling Replay Attacks
- Foiling Replay Attacks
- ARPAnet guest accounts, and longtime email addresses
- new to mainframe asm
- Automating secure transactions
- new to mainframe asm
- The SOB that helped IT jobs move to India is dead!
- Using Old OS for Security
- The SOB that helped IT jobs move to India is dead!
- origin of the UNIX dd command
- origin of the UNIX dd command
- Oldest running code
- Oldest running code
- PLO instruction
- Oldest running code
- A POX on you, Dennis Ritchie!!!
- Paging
Is DOS unix?
Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is DOS unix?
Newsgroups: alt.folklore.computers
Date: Thu, 29 Jan 2004 05:51:10 GMT
Peter Flass writes:
Actually, no one has yet mentioned that CP/M (and so DOS) were
inspired more by VM/CMS, the original "personal computer OS" than by
Unix. Compare DOS's "drive letters", for example, to CMS's
"minidisks". No hierarchical directories in CP/M (adapted from unix
by DOS), etc.
extract from recent post to bit.listserv.ibm-main ... the CMS
convention appear to be from the cp/40 time-frame circa 1965.
http://www.garlic.com/~lynn/2004.html#45 40th anniversary of IBM System/360 on 7 Apr 2004
from pg. 5, GH20-0859, CP-67/CMS User's Guide (this particular manual
is only 1969). note that between cp-67/cms and vm370/cms ... "cms" was
changed from "cambridge monitor system" to "conversational monitor
system" and the primary "personal" disk was changed from the p-disk to
the a-disk.
device virt. symbolic device
number addr name type
---- --- ---- -------
1052 009 CON1 console
2540 00C RDR1 card reader
2540 00D PUN1 card punch
1403 00E PRN1 line printer
231x 190 DSK1 s-disk (system files)
231x 191 DSK2 p-disk (user files)
231x 192 DKS3 t-disk (workspace)
231x --- DSK4 a-disk (user files)
231x --- DSK5 b-disk (user files)
231x 19C DSK6 c-disk
2400 180 TAP1 tape drive
2400 181 TAP2 tape drive
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The BASIC Variations
Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The BASIC Variations
Newsgroups: comp.lang.basic.misc,alt.folklore.computers
Date: Thu, 29 Jan 2004 15:29:29 GMT
erewhon@nowhere.com (J French) writes:
... although IBM were slow to maket with the 386
- which gave Compaq its edge
there was one year were the off-shore clone makers had built up a very
large inventory of 286 machines betting on the fall xmas buying season
... and the 386sx came out in quantity and basically dropped the
bottom out of the 286 prices.
some old PC prices from SJMN (slightly later than the 386sx intro)
... one of the reasons i was regularly posting this was that some of
the boca business cases for PS2s that I saw didn't take into the
account any reality from what was happening with PC-clone street
prices.
http://www.garlic.com/~lynn/2001n.html#79 a.f.c history checkup... (was What specifications will the standard year 2001 PC have?)
http://www.garlic.com/~lynn/2001n.html#80 a.f.c history checkup... (was What specifications will the standard year 2001 PC have?)
http://www.garlic.com/~lynn/2001n.html#81 a.f.c history checkup... (was What specifications will the standard year 2001 PC have?)
http://www.garlic.com/~lynn/2001n.html#82 a.f.c history checkup... (was What specifications will the standard year 2001 PC have?)
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The SOB that helped IT jobs move to India is dead!
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SOB that helped IT jobs move to India is dead!
Newsgroups: alt.folklore.computers
Date: Fri, 30 Jan 2004 17:20:13 GMT
jmfbahciv writes:
Before you state this one again, attend some seminars. You'll
find that American young are not learning about hard core
sciences, math, engineering; these are the areas where
the future jobs come from.
Like you, American kids are now expecting pots of money for no
productive work.
early 90s there were two articles, one out of the (us) census,
something about 50 percent of (us) 18 year olds were functionally
illiterate ... the other (possibly appeared in the SJMN) about 50
percent of the technical Phd graduates (at least in cal. schools) were
foreign. some recruiting at colleges in the very early 90s ... all of
the students with technical 4yr degrees with 4.0 gpa were foreign.
basically the hi-tech boom/bubble wouldn't have had the large
explosion of high tech workers w/o all the people from foreign
countries. the hi-tech boom/bubble requirements coupled with the y2k
remediation effort requirements exceeded resources available in the US
... and a large amount of the y2k remediation was outsourced overseas
(wasn't as much a cost issue ... as the resources just weren't
otherwise available).
the problem was that with the completion of most of the y2k
remediation work and the bursting of the hi-tech bubble ... there was
significant reduction in resource requirements ... but at the same
time the overseas outsourcing business relationship (forged in large
part because of the y2k remediation requirements) didn't just
evaporate. note that y2k remediation typically didn't involve any of
the glamor stuff in the hi-tech bubble ... it did involve a lot of
legacy stuff that is the nuts & bolts of many business operations.
once overseas outsourcing demonstrated expertise/skill in the boring
effort of supporting the nuts & bolts of legacy business operation (as
part of y2k remediation) ... it wasn't likely those resources were
going to be totally discarded/ignored.
misc. related past threads:
http://www.garlic.com/~lynn/2002k.html#45 How will current AI/robot stories play when AIs are real?
http://www.garlic.com/~lynn/2003i.html#28 Offshore IT
http://www.garlic.com/~lynn/2003i.html#31 Offshore IT
http://www.garlic.com/~lynn/2003i.html#45 Offshore IT
http://www.garlic.com/~lynn/2003i.html#55 Offshore IT
http://www.garlic.com/~lynn/2003i.html#67 Offshore IT
http://www.garlic.com/~lynn/2003i.html#71 Offshore IT
http://www.garlic.com/~lynn/2003i.html#81 Offshore IT
http://www.garlic.com/~lynn/2003i.html#85 Offshore IT
http://www.garlic.com/~lynn/2003j.html#28 Offshore IT
http://www.garlic.com/~lynn/2003l.html#29 Offshore IT
http://www.garlic.com/~lynn/2003l.html#56 Offshore IT ... again?
http://www.garlic.com/~lynn/2003p.html#33 [IBM-MAIN] NY Times editorial on white collar jobs going
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Two subjects: 64-bit OS2/eCs, Innotek Products
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Two subjects: 64-bit OS2/eCs, Innotek Products
Newsgroups: alt.os.development,comp.arch,comp.os.os2.misc,comp.os.os2.programmer.misc
Date: Fri, 30 Jan 2004 17:33:12 GMT
Keith R. Williams writes:
TOf course the CalComp suit wasn't a DoJ action. It was a CalComp
action. The article I responded to stated that IBM lost a DoJ anti-
trust suit in the '70s, which is flat false. They did lose other suits
(CalComp, CDC, and likely some others I've forgotten), but not to the
DoJ. AT&T lost their antitrust suit (theirs was concurrent with
IBM's), but IBM's was dismissed by the DoJ. There was no "loss" here,
other than a few hundred million in legal fees.
and little thing like the document retention order. there was one
floor of the 705(6?) bldg. in POK that was loosing an office a day
... being filled (floor to ceiling, wall to wall) with paper that no
longer could be discarded (at least until they started to approach the
floor loading limit of the bldg, at which point they had to start
looking for other storage) ... note that this was just for POK plant
site.
there was some reference/joke about DoJ order to produce some set of
the documents ... and there was some explanation about the very large
number of box cars that would have to be scheduled just to transport
them to DC.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Comments wanted on an authentication protocol
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Comments wanted on an authentication protocol
Newsgroups: sci.crypt
Date: Fri, 30 Jan 2004 17:47:42 GMT
Johan Lindh writes:
Sigh. You're right. As soon as there is any kind of known plaintext in
the stream, a brute force attack is possible offline.
I guess I'll have to look for some kind of key exchange after all. I'd
really hoped to avoid having a lot of number crunching code, prime
searching and whatnot.
note that there are other kinds of public key signature algorithms
like ecdsa ... which are somewhat less compute intensive.
http://csrc.nist.gov/cryptval/dss.htm
there have also been kerberos pk-init to use public key signature in
place of shared-secret/password ... and various kinds of radius
implementations that support public key signature for authentication.
ietf draft discussing key lengths and some time/execution:
http://www.ietf.org/internet-drafts/draft-orman-public-key-lengths-07.txt
pk-init ... or "public key cryptography for initial authentication in
kerberos":
http://www.ietf.cnri.reston.va.us/internet-drafts/draft-ietf-cat-kerberos-pk-init-17.txt
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
small bit of cp/m & cp/67 trivia from alt.folklore.computers n.g. (thread)
Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: small bit of cp/m & cp/67 trivia from alt.folklore.computers n.g. (thread)
Newsgroups: bit.listserv.vmesa-l
Date: Sat, 31 Jan 2004 00:34:43 -0700
discussion was how much (if any) did DOS inherit from CMS ... by way
of CP/M
the following reference was posted indicating that at least the name
CP/M came from CP/67:
http://web.archive.org/web/20071011100440/http://www.khet.net/gmc/docs/museum/en_cpmName.html
Mainframe not a good architecture for interactive workloads
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mainframe not a good architecture for interactive workloads
Newsgroups: bit.listserv.ibm-main
Date: Sun, 01 Feb 2004 05:18:10 GMT
"Rod Burt" writes:
Sadly, TPF has fewer and fewer (but much bigger) licensees as more
and more airlines outsource to the Amadeuses of the world. These
are seriously big systems, handling thousands of (non-trivial)
transactions per second, most with sub-second response time. Try
this on a Unix box.
my wife served a stint as chief architect for Amadeus for a while;
until she backed x.25 .... and then there was a push from certain
segments to have her replaced with somebody more sympathetic to sna.
misc. past amadeus refs:
http://www.garlic.com/~lynn/2001g.html#49 Did AT&T offer Unix to Digital Equipment in the 70s?
http://www.garlic.com/~lynn/2001g.html#50 Did AT&T offer Unix to Digital Equipment in the 70s?
http://www.garlic.com/~lynn/2001h.html#76 Other oddball IBM System 360's ?
http://www.garlic.com/~lynn/2003d.html#67 unix
http://www.garlic.com/~lynn/2003n.html#47 What makes a mainframe a mainframe?
some drift into other threads regarding airline reservation systems:
http://www.garlic.com/~lynn/96.html#29 Mainframes & Unix
http://www.garlic.com/~lynn/2000f.html#20 Competitors to SABRE?
http://www.garlic.com/~lynn/2001d.html#69 Block oriented I/O over IP
http://www.garlic.com/~lynn/2001d.html#74 Pentium 4 Prefetch engine?
http://www.garlic.com/~lynn/2001g.html#45 Did AT&T offer Unix to Digital Equipment in the 70s?
http://www.garlic.com/~lynn/2002g.html#2 Computers in Science Fiction
http://www.garlic.com/~lynn/2002g.html#3 Why are Mainframe Computers really still in use at all?
http://www.garlic.com/~lynn/2002h.html#43 IBM doing anything for 50th Anniv?
http://www.garlic.com/~lynn/2002j.html#83 Summary: Robots of Doom
http://www.garlic.com/~lynn/2003c.html#30 diffence between itanium and alpha
http://www.garlic.com/~lynn/2003o.html#17 Rationale for Supercomputers
mentioned in the above ... at one time we were asked to look at routes
... typically 2nd biggest app in res-system (after fares). they had a
list of ten impossible things that they couldn't do.
one of the issues was that lots of the transactions were quite
trivial, had very archaic query syntax and the agent frequently had to
string together a whole series of such queries for a typical
operation.
part of the work was an outgrowth of the work we had done on ha/cmp
http://www.garlic.com/~lynn/subtopic.html#hacmp
and cluster scale-up
http://www.garlic.com/~lynn/95.html#13 SSA
slightly related
http://www.garlic.com/~lynn/2001i.html#52 loosely-coupled, supercomputers, electronic commerce, etc
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Mainframe not a good architecture for interactive workloads
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mainframe not a good architecture for interactive workloads
Newsgroups: bit.listserv.ibm-main
Date: Sun, 01 Feb 2004 05:40:38 GMT
"Rod Burt" writes:
Sadly, TPF has fewer and fewer (but much bigger) licensees as more
and more airlines outsource to the Amadeuses of the world. These
are seriously big systems, handling thousands of (non-trivial)
transactions per second, most with sub-second response time. Try
this on a Unix box.
... out of some box from the basement:
Amadeus
Global Distribution System
24 April 1987
215pgs.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Mars Rover Not Responding
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mars Rover Not Responding
Newsgroups: comp.arch,comp.distributed,comp.lang.java,comp.lang.java.programmer,comp.object,comp.programming,comp.theory,sci.physics
Date: Sun, 01 Feb 2004 21:44:36 GMT
"A. G. McDowell" writes:
I would be very interested to hear more about increasing the
effectiveness of testing beyond all recognition. I am a professional
programmer in an area where we routinely estimate the testing effort as
about equal to the programming effort (in terms of staff time, but not
necessarily staff cost). Do you have references? As a token of sincerity
I will provide references for what we seem to agree is commercial
practice (whether it should be or not):
when we were doing the original payment gateway
http://www.garlic.com/~lynn/aadsm5.htm#asrn2
http://www.garlic.com/~lynn/aadsm5.htm#asrn3
we set up a test matrix ... not for the software ... but for the
service. nominal payment infrastructure trouble desk did 5 minute
problem first level problem determination ... however that was for an
infrastructure that was almost exclusively circuit based.
while it was possible to translate the (payment) message formats from
a circuit-based infrastructure to a packet-based infrastructure ...
translating the circuit-based service operation to a packet-based
infrastructure was less clear cut (merchant/webhost complains that
payments aren't working ... expects internet/packet connection to be
much less expensive than direct circuit ... but at the same time
expects compareable availability).
The claim has been that coding for a service operation is 4-10 times
that of a straight application implementation and ten times the effort
because of needing to understand all possible failure modes
... regardless of whether they are characteristic of the software or
hardware or some totally unrelated environmental characteristic.
in any case, one of the issues was detailed analysis of existing
trouble desk circuit-based problem determination procedures and being
able to translate that into a packet-based (internet) environment and
still attempt to come close to the goal of being able to perform first
level problem determination in five minutes. When we started there
were cases of trouble ticket being closed NTF (no trouble found) after
3hrs of manual investigation.
of course this was also at a time ... when it was difficult to find
any ISP that even knew how to spell service level agreement.
aka ... it is possible for software to perform flawlessly and still be
useless.
some of this came from doing ha/cmp
http://www.garlic.com/~lynn/subtopic.html#hacmp
misc. related past threads
http://www.garlic.com/~lynn/2000g.html#50 Egghead cracked, MS IIS again
http://www.garlic.com/~lynn/2001e.html#48 Where are IBM z390 SPECint2000 results?
http://www.garlic.com/~lynn/2001f.html#75 Test and Set (TS) vs Compare and Swap (CS)
http://www.garlic.com/~lynn/2001k.html#18 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001n.html#85 The demise of compaq
http://www.garlic.com/~lynn/2001n.html#91 Buffer overflow
http://www.garlic.com/~lynn/2001n.html#93 Buffer overflow
http://www.garlic.com/~lynn/2002.html#28 Buffer overflow
http://www.garlic.com/~lynn/2002.html#29 Buffer overflow
http://www.garlic.com/~lynn/2002e.html#73 Blade architectures
http://www.garlic.com/~lynn/2002f.html#24 Computers in Science Fiction
http://www.garlic.com/~lynn/2002h.html#11 Why did OSI fail compared with TCP-IP?
http://www.garlic.com/~lynn/2002h.html#12 Why did OSI fail compared with TCP-IP?
http://www.garlic.com/~lynn/2002n.html#11 Wanted: the SOUNDS of classic computing
http://www.garlic.com/~lynn/2003b.html#53 Microsoft worm affecting Automatic Teller Machines
http://www.garlic.com/~lynn/2003g.html#62 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
http://www.garlic.com/~lynn/2003j.html#15 A Dark Day
http://www.garlic.com/~lynn/2003l.html#49 Thoughts on Utility Computing?
http://www.garlic.com/~lynn/2003p.html#37 The BASIC Variations
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
A hundred subjects: 64-bit OS2/eCs, Innotek Products,
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A hundred subjects: 64-bit OS2/eCs, Innotek Products, ...
Newsgroups: comp.os.os2.programmer.misc,alt.os.development,comp.arch,comp.os.os2.misc
Date: Mon, 02 Feb 2004 07:02:29 GMT
glen herrmannsfeldt writes:
I have heard that description before, but I don't believe it.
Ponzi schemes assume exponential growth of the number of contributors,
usually with a very short time constant.
ponzi schemes just require that the people receiving the money grow
faster than the increase in people paying the money. typical chain
letter has ten people paying off one person ... but creates ten new
people that expect to get paid someday. If the people expecting to get
paid grows by a factor of ten every generation ... then if the
population doesn't also increase by a factor of ten ... then you
eventually run out of new people to pay off the existing people
expecting money.
i believe the original SS circumstance started out with something like
40 people were paying in for each person drawing out (the rates
somewhat were set so that money coming in somewhat matched the money
going out ... typical pay as you go plan).
with declining birth rate, more people living until 65, more people
living longer after 65, more people starting to collect before 65,
... the number of people receiving SS is growing much faster than the
growth in the number of people paying in.
I've heard projected for something like 3 people paying in for each
person drawing (i.e. number of people receiving money grew at least 10
times faster than the growth in the number of people paying in).
one discussion relating SS to the savings & loan situation:
http://www.ieg.ee/keith/docs/welfare/pensions.htm
a rather detailed discussion of the savings & loan situation
and carrying off-book gov. obligations:
http://www.garlic.com/~lynn/aepay3.htm#riskm
don't let the start of the above posting about relationships between
risk management and information security throw you off ... it
eventually gets into some specifics of the savings & loan off-book fed
gov. obligation equivalent to $100k for every person in the country.
the following has some numbers about SS being a pay as you go plan
... aka it isn't "fully funded" pension plan in that the money i'm
paying in is not being banked ... it is being used to pay current
SS beneficiaries:
http://www.ssab.gov/NEW/Publications/Financing/actionshouldbetaken.pdf
in 2001, 154 million workers paying & covered by SS ... and about 45
million people (one out of every 6 americans) are receiving benefits
(almost 3 to 1).
in 2001, there was $604 billion paid into SS and $439 billion was
being paid out. SS accounts for 24 percent of total Fed. gov. spending
and 23 percent of total Fed. gov. receipts.
by 2030, 20 percent of the population is expected to be age 65 or over
(compared to 12 percent in 2001).
chart 5 shows 5.1 workers per SS beneficiary in 1960, dropping to 1.9
workers per beneficiary by 2075 (doesn't show SS starting out with
something like 40 workers per beneficiary)
....
about a month or so ago there were some articles about the steel
industry and its pay as you go pension plan (not fully funded) ...
significantly contributing to bankruptcies (i.e. a significant part of
the cost of steel from US companies goes to pay pensions of current
beneficiaries).
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Mars Rover Not Responding
Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mars Rover Not Responding
Newsgroups: comp.arch,comp.distributed,comp.lang.java,comp.lang.java.programmer,comp.object,comp.programming,comp.theory,sci.physics
Date: Mon, 02 Feb 2004 19:01:49 GMT
"A. G. McDowell" writes:
I would be very interested to hear more about increasing the
effectiveness of testing beyond all recognition. I am a professional
programmer in an area where we routinely estimate the testing effort
as about equal to the programming effort (in terms of staff time,
but not necessarily staff cost). Do you have references? As a token
of sincerity I will provide references for what we seem to agree is
commercial practice (whether it should be or not):
this might also be considered a characteristic difference between
platforms derived from batch oriented systems and platforms derived
from interactive oriented systems.
for 40 years or more, batch systems have tended to provide relatively
clear diagnostic information for the application owner ... since the
application owner wasn't around went their program ran; one specificly
clearly diagnosed & reported item for those 40 some year period has
been space full condition.
interactive platforms have tended to be much more laissez-faire about
providing diagnostics for such things. i've seen payroll application
ported from batch platfrom to an interactive oriented platform
... where the sort would fail because of space full condition ... but
the error didn't get propagated appropriately thru the rest of the
infrastructure. As a result, checks got printed ... but not with
exactly the values expected. some post mortem analysis seemed to
indicate that assumptions were made about individual applications
indicating interactive error message to an human in attendance ... and
the human taking the appropriate action.
now some number of the batch platforms for possibly 20 years now
... have had facilities that could take advantage of batch paradigm
error infrastructure and for conditions like space full ... take
automated proscriped graceful recovery actions (i.e. there is deadline
for getting checks out and can't rely on the vagaries of being able to
count on some human based mediation).
some fundamental issue about not only trying to turn out perfect code
... but also providing an instrumented infrastructure that recognizes
errors will probably happen ... and in the absence of direct human
mediation ... other types of facilities need to be provided
(frequently a characteristic differentiation between batch-oriented
platforms and interactive-oriented platforms).
some random posts on batch vis-a-vis interactive paradigms
http://www.garlic.com/~lynn/96.html#8 Why Do Mainframes Exist ???
http://www.garlic.com/~lynn/98.html#4 VSE or MVS
http://www.garlic.com/~lynn/98.html#18 Reviving the OS/360 thread (Questions about OS/360)
http://www.garlic.com/~lynn/98.html#51 Mainframes suck? (was Re: Possibly OT: Disney Computing)
http://www.garlic.com/~lynn/99.html#16 Old Computers
http://www.garlic.com/~lynn/99.html#197 Computing As She Really Is. Was: Re: Life-Advancing Work of Timothy Berners-Lee
http://www.garlic.com/~lynn/2000.html#81 Ux's good points.
http://www.garlic.com/~lynn/2000.html#83 Ux's good points.
http://www.garlic.com/~lynn/2000f.html#58 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
http://www.garlic.com/~lynn/2001d.html#71 Pentium 4 Prefetch engine?
http://www.garlic.com/~lynn/2001k.html#14 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001l.html#4 mainframe question
http://www.garlic.com/~lynn/2001n.html#90 Buffer overflow
http://www.garlic.com/~lynn/2002.html#1 The demise of compaq
http://www.garlic.com/~lynn/2002.html#24 Buffer overflow
http://www.garlic.com/~lynn/2002f.html#37 Playing Cards was Re: looking for information on the IBM 7090
http://www.garlic.com/~lynn/2002h.html#73 Where did text file line ending characters begin?
http://www.garlic.com/~lynn/2002n.html#41 Home mainframes
http://www.garlic.com/~lynn/2002o.html#0 Home mainframes
http://www.garlic.com/~lynn/2002o.html#14 Home mainframes
http://www.garlic.com/~lynn/2002p.html#54 Newbie: Two quesions about mainframes
http://www.garlic.com/~lynn/2003e.html#11 PDP10 and RISC
http://www.garlic.com/~lynn/2003h.html#56 The figures of merit that make mainframes worth the price
http://www.garlic.com/~lynn/2003j.html#46 Fast TCP
http://www.garlic.com/~lynn/2003n.html#46 What makes a mainframe a mainframe?
http://www.garlic.com/~lynn/2004.html#40 AMD/Linux vs Intel/Microsoft
http://www.garlic.com/~lynn/2004.html#41 AMD/Linux vs Intel/Microsoft
http://www.garlic.com/~lynn/2004.html#43 [Fwd: Re: Mainframe not a good architecture for interactive w
http://www.garlic.com/~lynn/2004.html#47 Mainframe not a good architecture for interactive workloads
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Is 3DES more secure than 384 bit RSA?
Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is 3DES more secure than 384 bit RSA?
Newsgroups: sci.crypt
Date: Tue, 03 Feb 2004 14:42:29 GMT
"JG" writes:
Hello, I'm not sure if you can compare 3DES and RSA key lengths as
they are not the same algorithm.
I am wondering which would be more "secure": 3DES at 112 bits or RSA
at 384 bits?
I can use either but like the idea that I can distribute RSA Public
Keys without all the security hassle associated with distributing
symmetric keys.
try internet draft "Determining Strengths For Public Keys Used For
Exchanging Symmetric Keys":
http://www.ietf.org/internet-drafts/draft-orman-public-key-lengths-07.txt
from above:
System
requirement Symmetric RSA or DH DSA subgroup
for attack key size modulus size size
resistance (bits) (bits) (bits)
(bits)
70 70 947 129
80 80 1228 148
90 90 1553 167
100 100 1926 186
150 150 4575 284
200 200 8719 383
250 250 14596 482
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
pointless embedded systems
Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: pointless embedded systems
Newsgroups: alt.folklore.computers
Date: Wed, 04 Feb 2004 01:18:44 GMT
Keith R. Williams writes:
"Correspondence code" code was the term I was looking for on the 134.5
baud serial link. Though, I don't believe CC and T/R codes were the
same. IIRC, CC was a 6-bit code that had a shift/unshift character
that translated to a 180 degree rotate. Once in a while, when the host
was "thinking" a shift/unshift character would be sent signaling that
the link was still active.
CMS blip would send shift/unshift ... when cpu was being consumed
2741 came in standard and PTTC/EBCD
cp67 would attempt to dynamically determine type on initial connection
by translating input to EBCDIC using PTTC/EBCD translate table
... assuming input was login command and check for L/l. If wasn't
L/l, it would check for Y/y (which was what correspondance L/l
translated to) ... and then retranslate with the correspondance
translate table.
PTTC/EBCD 2741 top row was:
< ; : % ' > * ( ) _ +
1 2 3 4 5 6 7 8 9 0 - &
2nd row had single key between P and the return key which
had at-sign as lower case and cent-sign as upper case.
CMS standard editing convention was based on PTTC/EBCD since it had
at-sign for character delete and cent-sign (upper case at-sign) as
line-delete (i.e. upper and lower case of the key between the P
and the return key on the 2nd row).
standard/correspondance 2741 top row was:
X ' # $ % X & * ( ) _ +
1 2 3 4 5 6 7 8 9 0 - =
X - upper case 1 was a combined minus/plus character
X - upper case 6 was cent-sign
2nd row key between the P and the return was ! (lower-case) and
degree-symbol (upper-case)
My first home terminal was "portable" 2741 (two 40lb suitcases) in
March of 1970 ... later that year it was replaced with a regular 2741.
past posts on blip:
http://www.garlic.com/~lynn/2000g.html#12 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
http://www.garlic.com/~lynn/2002i.html#56 wrt code first, document later
http://www.garlic.com/~lynn/2003b.html#71 Early attempts at console humor?
http://www.garlic.com/~lynn/2003b.html#72 Early attempts at console humor?
http://www.garlic.com/~lynn/2003c.html#16 Early attempts at console humor?
http://www.garlic.com/~lynn/2003c.html#18 Early attempts at console humor?
http://www.garlic.com/~lynn/2003m.html#39 S/360 undocumented instructions?
http://www.garlic.com/~lynn/2003m.html#40 MAD Programming Language
http://www.garlic.com/~lynn/2003o.html#28 When nerds were nerds
http://www.garlic.com/~lynn/2004.html#17 Holee shit! 30 years ago!
past PTTC/EBCD posts
http://www.garlic.com/~lynn/2001.html#15 IBM Model Numbers (was: First video terminal?)
http://www.garlic.com/~lynn/2001l.html#62 ASR33/35 Controls
http://www.garlic.com/~lynn/2002o.html#21 IBM Selectric as printer
http://www.garlic.com/~lynn/2003e.html#1 cp/67 35th anniversary
some CTSS 2741 refs:
http://www.multicians.org/mga.html#2741
http://www.multicians.org/terminals.html
some of the CTSS people went to Multics on 5th floor of 545 tech sq.
and some showed up at the science center on 4th floor of 545 tech
sq (where cp-67/cms was done). misc. other 545 tech sq. refs:
http://www.garlic.com/~lynn/subtopic.html#545tech
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The BASIC Variations
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The BASIC Variations
Newsgroups: alt.folklore.computers
Date: Wed, 04 Feb 2004 05:12:50 GMT
Brian Inglis writes:
It should be said that we both had loud voices, were given to
gesturing, looked at times like fairly wild and woolly monsters, and
in retrospect I may have ended up dealing with him on issues that
others may have passed on.
Guess managers don't actually have to deal with many situations where
there might actually have to be one result, both sides disagree what
it should be, and they both have to end up agreeing on the resolution.
boyd used to tell a similar story when he ran lightweight fighter
plane design at the pentagon (and doing the f16). The one-star that he
reported to thought it wasn't appropriate for him to have loud
discussions/arguments with lts, cpts, & majs under his command.
Boyd says that it reached a point where finally the one-star called a
meeting in the auditorium and publicly fired boyd. however, a
four-star shortly there-after called a meeting in the same auditorium
(with all the same attendees) and rehired Boyd and told the one-star
to never do that again.
misc. boyd posts:
http://www.garlic.com/~lynn/subboyd.html#boyd
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The BASIC Variations
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The BASIC Variations
Newsgroups: alt.folklore.computers
Date: Wed, 04 Feb 2004 18:32:11 GMT
bv@wjv.comREMOVE (Bill Vermillion) writes:
That reminds me of a thing I saw many many years ago, and it may
have even been on the cover of Byte at one time.
It was a hemisphere with many buttons on it. You chorded the keys,
so essentially you had a complete one-handed keyboard input device.
I suspect it would take as much time to get to a usable stage as
learning to play piano, or chord positions on a guitar. Neat idea
though.
in the late 70s, the human factors group in GPD-SJ (I believe possibly
in conjunction with Nat Rochester at the cambridge science center)
... had a half hemisphere with finger depressions and rocker switches
in the depressions. the claim was that people that got use to it
... could type as fast or faster than qwerty keyboard with two hands
(i.e. say 80 wpm) .. did require a bit of fine motor control.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
harddisk in space
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: harddisk in space
Newsgroups: comp.arch,comp.distributed,comp.programming,comp.theory,sci.physics
Date: Wed, 04 Feb 2004 19:17:50 GMT
robertwessel2@yahoo.com (Robert Wessel) writes:
I'd check with the manufacturer before running them in zero G, too.
But in any event, almost all HDDs can be mounted vertically, so you
could still put them back to back. And in zero G, what would it
matter.
in vacuum, there may be a matter of floating heads (not) using air
bearing effect between the head and the surface.
misc. minor past refs to air bearing simulation work for floating,
thin-film heads being done on the 195 in bldg. 28:
http://www.garlic.com/~lynn/2002j.html#30 Weird
http://www.garlic.com/~lynn/2002n.html#63 Help me find pics of a UNIVAC please
http://www.garlic.com/~lynn/2002o.html#74 They Got Mail: Not-So-Fond Farewells
http://www.garlic.com/~lynn/2003b.html#51 Disk drives as commodities. Was Re: Yamhill
http://www.garlic.com/~lynn/2003b.html#52 Disk drives as commodities. Was Re: Yamhill
http://www.garlic.com/~lynn/2003j.html#69 Multics Concepts For the Contemporary Computing World
http://www.garlic.com/~lynn/2003m.html#20 360 Microde Floating Point Fix
http://www.garlic.com/~lynn/2003n.html#45 hung/zombie users ... long boring, wandering story
http://www.garlic.com/~lynn/2004.html#21 40th anniversary of IBM System/360 on 7 Apr 2004
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The SOB that helped IT jobs move to India is dead!
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SOB that helped IT jobs move to India is dead!
Newsgroups: alt.folklore.computers
Date: Wed, 04 Feb 2004 23:33:41 GMT
jmfbahciv writes:
Thanks. I had forgotten about that little detail. This is what
caused people, who shouldn't have been in the biz, to get paid
ungoldly amounts of money, raising their expectations of
salaries they'll never see again.
wired is running article "the new face of the silicon age"
http://www.wired.com/wired/archive/12.02/india.html
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Seriously long term storage
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Seriously long term storage
Newsgroups: alt.folklore.computers
Date: Fri, 06 Feb 2004 17:13:49 GMT
"Nico de Jong" writes:
I think I must disagree with you. When I nowadays show magnetic
cards to people, i.e. the ones used by IBM System 6 word processors,
they ask "What the f... is that ? Is it a punch card ?". When I then
say, that they accommodate 2K = 1 full page of text, they wet their
pants
was that the same as the mag-card selectric? little search engine use
and found
http://www.ibmcomposer.org/
with a more detailed picture
http://www.ibmcomposer.org/MagCardComposer/description.htm
a number of pictures of selectric w/dates and adds:
http://www.etypewriters.com/history.htm
also there was a mag-tape selectric ... tapes looked something like
3480/3490 cartridge .. i still have one that (i believe still
possibly) has some pages I typed up for boston share presentation,
fall 1968 ... (fortunately i also still had paper copy in
some files):
http://www.garlic.com/~lynn/94.html#18 CP/67 & OS MFT14
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Seriously long term storage
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Seriously long term storage
Newsgroups: alt.folklore.computers
Date: Fri, 06 Feb 2004 17:27:28 GMT
Pete Verdon writes:
I think that's another "there weren't many of them" effect, as I
previously explained. Note that these people *do* know about
punch-cards, which are of a similar vintage, because they were so
much more common. And CDs now are even more prevalent than any
punch-card ever was - the house I'm sitting in probably contains
15-20[1] CD readers (data and music), and God knows how many
discs. Compare that with the spread of punch-cards among the general
population.
while there may not have been that many from a consumer stand-point
... there were quite a large number from business use standpoint.
little google use ... shows at some companies at least selling
ribbons and other supplies for mag-card (and mag-tape) selectrics
(do search engine on "+mag +selectric")
punch cards were much earlier vintage (1890) ... and were also used
for a lot of purposes that general/consumer public would have
encounterd ... like sense-mark versions ... that people would fill-in
for various kinds of registration. shipping made use of them
also ... with punch card enclosed in the package. there were all those
don't spindle, fold or mutilate warnings for the general/consumer
public ... which has passed into more general cultural use.
some punch card description:
http://www.cs.uiowa.edu/~jones/cards/
"do not fold, spindle or mutilate", a cultural history of the punch card:
http://ccat.sas.upenn.edu/slubar/fsm.html
a little more retrospective ... viruses in the '60s (people
changing punch holes in their cards):
http://www.melbpc.org.au/pcupdate/9606/9606article8.htm
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Worst case scenario?
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Worst case scenario?
Newsgroups: comp.arch
Date: Fri, 06 Feb 2004 17:31:22 GMT
"Del Cecchi" writes:
That's a little harsh. Do you recall a company run by Steve Chen
called SSI? Stood for something like Scientific Supercomputers Inc
and was located in a little town in Wisconsin (Eau Claire). Just
down the road from the Big Eddie Spring, the Leinenkugel Brewery,
and Chippawa Falls.
kingston dumped a lot of money into ssi. my wife and i had some
differences of opinion with the people in kingston on some of the
stuff going on at the time .... random unrelated reference:
http://www.garlic.com/~lynn/95.html#13
we actually did some consulting for Steve when he showed up as the CTO
of another company 6-7 years ago.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
ARPAnet guest accounts, and longtime email addresses
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ARPAnet guest accounts, and longtime email addresses
Newsgroups: rec.arts.sf.written,alt.folklore.computers
Date: Fri, 06 Feb 2004 21:52:46 GMT
Yeechang Lee writes:
And speaking of MIT, what about people with longtime email addresses?
Philip Greenspun is well known for having had the same
email address since 1976 (presumably barring the shift over from bang
paths). Compared to that, my @columbia.edu (Sep 1994) and @pobox
(1996) addresses are still
very much youngsters, even if older than perhaps 97% of today's
net. Other candidates, besides Greenspun, for the longevity title?
obviously i don't still have it ... but the internal network was
larger than the arpanet/internet up thru possibly 1985. However, I may
have the distinction of being one of the earlier people with email
address on their business card ... circa 1978 (i still have about half
box of them).
i had email at csc (4th floor of 545 tech. sq .... mit multics was on
the 5th floor) ... and got a home terminal in march of 1970 ... and
pretty much have had home online access continuously since then.
recent home terminal reference:
http://www.garlic.com/~lynn/2004b.html#12
various past postings on internal network, arpanet, internet:
http://www.garlic.com/~lynn/internet.htm
http://www.garlic.com/~lynn/subnetwork.html#internet
i did have lynn@netcom.com (shell account) starting in 1993 .... but
that was expired when earthlink.net bought netcom.com (or maybe it was
after earthlink.net had bought mindspring which had previously bought
netcom.com but not discontinued the shell accounts).
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
A hundred subjects: 64-bit OS2/eCs, Innotek Products,
Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A hundred subjects: 64-bit OS2/eCs, Innotek Products, ...
Newsgroups: comp.os.os2.programmer.misc,alt.os.development,comp.arch,comp.os.os2.misc
Date: Sat, 07 Feb 2004 00:34:02 GMT
"Stephen Fuld" writes:
Yes, but the point is that when you retire, you are going to get
more than $20K per year, and those who are retiring now and are
getting the $20K/yer put in, far less than the $10K per year for
most of their careers.
simple litmus test:
401k (deductions) tends to come out of before-tax income (i.e. it is
tax deductable) ... and then later when you take the proceeds it is
part of gross income for tax purposes.
SS deductions aren't tax deductable at the time they are paid and the
benefits aren't tax deductable at the time they are received. based
on that, one could claim that the SS deductions and the SS benefits
aren't directly related (they tax it when they take from you and they
tax again when they give it back?). SS deductions are just part of
federal taxes ... but under different name ... and SS benefits just
happen to use similar name.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Hardware issues [Re: Floating point required exponent range?]
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
�From nobody Sun Feb 08 08:21:27 2004
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Hardware issues [Re: Floating point required exponent range?]
Newsgroups: comp.arch
Date: Sun, 08 Feb 2004 14:54:36 GMT
Andi Kleen writes:
VIA apparently thought it was worth including. The latest C3 has a
random generator instruction. Given the C3's focus on being die
space efficient (as far as that's possible for an x86) it probably
wasn't all that costly.
Intel seems to be moving in the other direction. Their latest
chipsets seem to have dropped the hardware random generator.
one of the issues is bootstraping integrity based on strong
authentication. using either DSA or EC/DSA (FIPS186-2) digital
signature requires high quality random number as part of the digital
signature process (or the private key could be compromised)
intel had gone thru various rounds of including strong authentication
in the chip itself. current round has much of it moved out into
separate chip on the motherboard. recent article on the subject:
http://www.securitypipeline.com/17602019;jsessionid=IYLU5NK2LDPEGQSNDBCCKHQ
this isn't how much is it used ... but is the integrity of the
infastructure based on it.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Health care and lies
Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Health care and lies
Newsgroups: alt.folklore.computers
Date: Sun, 08 Feb 2004 15:21:31 GMT
"J. Clarke" writes:
I am? NASA promised $500/lb to orbit with the Shuttle. It worked
out closer to $5000 per pound. Of that, contrary to popular belief
$20/lb is the cost of fuel and the remainder is maintenance and
infrastructure. If a second generation shuttle can be constructed
that operates with about the same amount of maintenance as a
conventional aircraft then you've cut the cost to orbit by more than
2 orders of magnitude right there. And the numbers for a lunar base
looked pretty good at 500.
this quotes has it as much as $10k/lb
http://www.spacefuture.com/archive/space_the_final_financial_frontier.shtml
i've been at a number of rotan presentations .... searching for
references on the web ... turned of this discussion of propulsion
technology
http://www.avg-aerospace.com/html/access_to_space.html
another referenced turned up by search engine
http://www.hobbyspace.com/AAdmin/archive/RLV/1999/RLVNews1999-04-08.html
in hsdt ...
http://www.garlic.com/~lynn/subnetwork.html#hsdt
we had a transponder on bird going up on 41-d ... so got to go to
launch party and sit in vip stands for 41-d launch (one of the guys
that had been on the moon was a couple seats over):
http://www.garlic.com/~lynn/2000b.html#27 Tysons Corner, Virginia
http://www.garlic.com/~lynn/2003j.html#29 IBM 3725 Comms. controller - Worth saving?
http://www.garlic.com/~lynn/2003k.html#14 Ping: Anne & Lynn Wheeler
random past shuttle threads:
http://www.garlic.com/~lynn/99.html#24 BA Solves Y2K (Was: Re: Chinese Solve Y2K)
http://www.garlic.com/~lynn/2000.html#94 Those who do not learn from history...
http://www.garlic.com/~lynn/2002p.html#28 Western Union data communications?
http://www.garlic.com/~lynn/2003i.html#33 Fix the shuttle or fly it unmanned
http://www.garlic.com/~lynn/2003i.html#34 Fix the shuttle or fly it unmanned
http://www.garlic.com/~lynn/2003i.html#42 Fix the shuttle or fly it unmanned
http://www.garlic.com/~lynn/2003i.html#47 Fix the shuttle or fly it unmanned
http://www.garlic.com/~lynn/2003i.html#48 Fix the shuttle or fly it unmanned
http://www.garlic.com/~lynn/2003i.html#54 Fix the shuttle or fly it unmanned
http://www.garlic.com/~lynn/2003j.html#2 Fix the shuttle or fly it unmanned
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The SOB that helped IT jobs move to India is dead!
Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SOB that helped IT jobs move to India is dead!
Newsgroups: alt.folklore.computers
Date: Sun, 08 Feb 2004 22:35:49 GMT
Bernd Felsche writes:
The Soviets had one resource of which the Germans had
rapisly-diminishing quantities: tank crews to BBQ.
boyd made some assertion about the US position with production
quantity vis-a-vis quality for shermans ... and the availability of
crews. a couple past tiger/sherman posts:
http://www.garlic.com/~lynn/2000c.html#85 V-Man's Patton Quote (LONG) (Pronafity)
http://www.garlic.com/~lynn/2001.html#30 Review of Steve McConnell's AFTER THE GOLD RUSH
http://www.garlic.com/~lynn/2001m.html#3 mainframe question
http://www.garlic.com/~lynn/2001m.html#10 mainframe question
http://www.garlic.com/~lynn/2001m.html#11 mainframe question
http://www.garlic.com/~lynn/2001m.html#16 mainframe question
http://www.garlic.com/~lynn/2003n.html#27 Controversial paper - Good response article on ZDNet
collection of boyd refs:
http://www.garlic.com/~lynn/subboyd.html#boyd
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Who is the most likely to use PK?
Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Who is the most likely to use PK?
Newsgroups: sci.crypt
Date: Mon, 09 Feb 2004 15:37:18 GMT
dsr writes:
As with all public key systems, web browsers use a static key. The
cert does not get updated as you visit all those "secure" web sites.
You are stuck with that cert till you replace the browser in many
cases. Any secure site you visit including possibly a site you are
redirected to can get a copy of your cert. Now armed with your cert
a hacker could go on a shopping spree.
You may argue that a hacker would be less likely to have matching
credit card numbers in an identity threat such as that.
Unfortunately computer criminals know credit card algorithms and IP
cloaking methods. If you are unlucky enough to tangle with one of
these hackers just visiting their site could make you a suspect.
an AADS-oriented paradigm doesn't require a certificate
http://www.garlic.com/~lynn/x959.html#aads
just that the transaction/message is digitally signed with private
key. the corresponding public key can be registered with the financial
institution ... in much the same way that PINs or *mother's maiden
name* is registered.
to some extent, there was transition from x.509 identity certificates
to relying-party-only certificates in the mid-90s because of the
privacy information leakage problem. however, even these certificates
contained at minimum an account number and could still allow the
privacy information leakage described.
the design point for PKI certificates was to handle offline-email
(from the early '80s, dialup, exchange email, hangup) between parties
that previously had no communication. W/o being online and having no
previous communication ... there was requirement for offline
authentication.
one issue with account number is that there are possibly dozens of
business processes that require the account number. some discussions
of problems with protecting account numbers by hiding:
http://www.garlic.com/~lynn/2001h.html#61
and completely blanketing the earth in mile deep encryption won't
address all the problems.
the requirement given the x9a10 working group was to preserve the
integrity of the financial infrastructure for all electronic
retail payments:
http://www.garlic.com/~lynn/x959.html#x959
which changed the paradigm from hiding the number (which was
recognized to be effectively impossible) to requiring that account
numbers in x9.59 transactions could not be used in non-authenticated
transactions (i.e. even with total public disclosier of the account
number, it could not be used in fraudulent, non-authenticated
transactions).
one of the issues was that the payment card industry started to make
the transaction from offline, physical authentication to online,
electronic authentication in the 70s ... and totally bypassed the
intermediate step (reprsented by certificates) of offline, and
electronic. I gave a presentation in the mid-90s that the use of
certificates in online payment transactions represented a fall-back in
state-of-the-art of nearly 30 years to pre-70s.
misc. past threads regarding relying-party-only certificates
http://www.garlic.com/~lynn/subpubkey.html#rpo
which, in part evolved, in order to address serious privacy
information leakage problem (with traditional x.509 identity
certificates)... along with assertion that in any form of online
environmeht with relying-party-only certificates, the certificates are
redundant and superfluous.
The redudnant and superfluous issue is, in part, becuase the
certificates represent stale, static, copy of some information in a
database. in an online transaction of any value ... not only would
there be desire to reference stale, static type of data (including
data that might not be included in a certificate because of privacy
leakage issues) ... but also aggregated and timely information (like
credit balance). If the online database can register lots of
information, then it can also register an account's public key.
If other than no-value transation is involved and recourse to online
database is required ... then that online database not only contains a
superset of stale, static information (of the kind that might be found
in a certificate, including stale, static information not found in a
certificate because of privacy concerns) but also aggregated and
timely information (credit balance, pattern of previous transactions,
etc). Given recourse to online database containing a superset of any
information in that might be contained in a stale, static certificate,
then the stale, static certificate becomes redundant and superfluous.
misc. other refs on risks, fraud, exploits:
http://www.garlic.com/~lynn/subintegrity.html#fraud
and assurance
http://www.garlic.com/~lynn/subintegrity.html#assurance
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
determining memory size
Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: determining memory size
Newsgroups: bit.listserv.vmesa-l
Date: Mon, 09 Feb 2004 09:05:06 -0700
At 9:43:26, 8 feb 2004, richgr@panix.com wrote:
Back in the dark ages of VM/370, VM discovered the size of main storage
by starting at the top of the nucleus and cleared storage until it got
a program check, then it knew wher main stor ended.
Guess what happened the first time it was IPL'd on a processor with 16m
of main?
I got called in to look at getting vm/370 up and running on 256k byte
370/125. I had originally done pageable kernel implementation on cp/67
(as an undergraduate) to conserve real memory. While some of the other
stuff that I had done while an undergraduate shipped in various cp/67
release ... the pageable kernel support didn't ship until vm/370. In
any case, this involved looking at how much more could be removed from
the fixed portion of the vm/370 kernel .... in order to free-up more
space for paging (trying to get the vm/370 fixed kernel down under
80k-90k bytes).
However, before getting very far, it turned out there was a microcode
bug on the 370/125. The early vm/370 boot procedure had been changed
to use 370 MVCL to both clear memory and test for memory size. The
problem was a change between 360/370 for standard instructions and the
new 370 long instructions. The standard 360/370 would take the
address, add the length and abort the instruction if (all four of) the
origin and destination starting and ending addresses weren't
available. The new long instructions would specified to incrementally
execute a byte at a time w/o testing the ending address. The 370/125
had a bug in the MVCL since it added the length to the starting
address and pre-tested the ending address. The VM/370 boot MVCL had
starting address just after the boot routine for a length of 16mbytes
and expected the boot MVCL to fail at end-of-storage (w/o wrapping
storage). VM/370 was expecting the registers after the addressing
interrupting on the boot MVCL to indicate end of storage, but the
370/125 microcode bug resulted in it not executing at all.
Note that this was different problem than having full 16mbytes of real
storage and having the MVCL wrap w/o taking an addressing interrupt.
updated merged (security) taxonomy & glossary
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: updated merged (security) taxonomy & glossary
Newsgroups: comp.security.misc
Date: Mon, 09 Feb 2004 21:16:11 GMT
in the past month or so i've updated the merged security taxonomy and
glossary
http://www.garlic.com/~lynn/secure.htm
with terms from FFIEC Examination handbook, vulnerability testing
glossary, and NIST 800-61. for more information see:
http://www.garlic.com/~lynn/index.html#glosnote
I've also updated the merged privacy taxonomy and glossary with
terms from the EU data privacy directive
http://www.garlic.com/~lynn/privacy.htm
and the merged taxonomy taxonomy and glossary with terms from the
UN drugs and crime money laundering glossary:
http://www.garlic.com/~lynn/financial.htm
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Methods of Authentication on a Corporate
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Methods of Authentication on a Corporate
Newsgroups: comp.security.misc
Date: Mon, 09 Feb 2004 21:43:41 GMT
nickowen@yahoo.com (Nick Owen) writes:
I would be careful with biometrics. If you digitize someone's
fingerprint and lose it to hackers, you may well have some problems
with various privacy laws. I would stay away from anything that
requires readers as the cost of maintenance alone will kill your ROI.
the issue of biometrics is whether or not they are treated as
shared-secrets ... aka if the templates are stored in a some
database and readers have to transmit the readings to the central
facility for matching. Basically this is analogous to PINs/password as
shared-secrets ... except that if a PIN/password is compromised,
then it is possible to issue a replacement PIN/password ... while it
is somewhat more difficult to issue replacement fingers. x9.84
biometric standard goes to quite a length about security needed around
shared-secret based biometrics.
match on card biometrics come in a number of forms ....
1) standard cards that are inserted into readers where the readers
contain the fingerprint reader. For 7816 contact cards in high traffic
areas ... the reader can subject to wear & tear on both the contacts
as well as the fingerprint sensor.
2) sensor on the card ... but the conversion of the fingerprint to
digital template form is done by a chip in the reader and then the
result is sent back to the card for matching against the
template. some possibility that these could be 14443/contactless if
there is enuf bandwidth. sensor on the card and contactless eliminates
many of the failure points in distributed stations/readers.
3) sensor on the card ... and the conversion of the fingerprint to
digital template form is done by chip in the card (and the match
is performed based on template on the card). this is less likely to
be contactless because of the power requirements to reduce fingerprint
to digital form.
Note when the biometric sensor and chip is part of PDA with its own
power source ... there is less of a issue about where the power for
the operation needs to come from ... and interface to station can be
wireless ... also eliminating lots of distributed station/reader
failure modes.
basically the authentication taxonomy
• something you have
• something you know
• something you are
you can have one-factor, two-factor, and/or three-factor
authentication. something you know and something you are both can
either be
• shared-secret based (where the information is recorded in some
database) or
• non-shared-secret based ... where it is possible to proove that the
information has been validated w/o having to transmit that
information)
there is further issue with biometrics .... quite a few of the
biometric infrastructures have fixed scoring values. bioemtrics tend
to be a fuzzy reading (possibly several readings) of some biometric
value which is digitized and recorded as a template. Some time later a
new reading of the biometric is taken and a fuzzy match is made
against a recorded template. A scoring threshold may be set whether
the match is accepted or not. For some situations, the scoring
threshhold might be on the order of 10-15 percent match. Various fixed
scoring threshholds can lead to false positives (i.e. accepting
incorrect matches) and false negatives (rejecting correct matches).
Another issue is that some biometrics can be more subject to
environmental conditions ... like fingerprints can work better in a
white collar office environment than, say, in a car
repair/maint. garage.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The SOB that helped IT jobs move to India is dead!
Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SOB that helped IT jobs move to India is dead!
Newsgroups: alt.folklore.computers
Date: Mon, 09 Feb 2004 21:59:14 GMT
Charles Richmond writes:
"Entirely" has an atomic weight of 3.58 humungous weight units...
A humungous weight unit is equal to 93 million times the weight
of the earth...
from long ago and far away:
AUSMINIUM FOUND IN HEAVY RED-TAPE DISCOVERY
Administratium experts from around the company, while searching piles
of red-tape in and around Austin, recently uncovered great quantities
of Heavy Red-Tape. While there have been prior findings of Heavy
Red-Tape at other red-tape sites, it only occurred in minute
quantities. The quantities of Heavy Red-Tape, in and around Austin
have allowed Administratium experts to isolate what they believe to
be a new element that they are tentatively calling AUSMINIUM.
At this time, plant officials are preparing an official press release
declaring that there is no cause for alarm and absolutely NO truth to
the rumors that because of the great concentration of Heavy Red-Tape
in the area, that there is imminent danger of achieving critical mass
and the whole area collapsing into a black hole. Plant officials are
stating that there is no evidence that large quantities of Heavy
Red-Tape can lead to the spontaneous formation of a black-hole. They
point to the lack of any scientific studies unequivocally showing
that there are any existing black-holes composed of Heavy Red-Tape.
The exact properties of Heavy Red-Tape and ausminium are still under
study.
SCIENTIST DISCOVERS NEW ELEMENT - ADMINISTRATIUM
The heaviest element known to science was recently discovered by
University physicists. The element, tentatively named Administratium
(AD), has no protons or electrons, which means that its atomic number
is 0. However, it does have 1 neutron, 125 assistants to the neutron,
75 vice-neutrons and 111 assistants to the vice-neutrons. This gives
it an atomic mass number of 312. The 312 particles are held together
in the nucleus by a force that involves the continuous exchange of
meson-like particles called memos.
Since it has no electrons, Administratium is inert. However, it can be
detected chemically because it seems to impede every reaction in which
it is present. According to one of the discoverers of the element, a
very small amount of Administratium made one reaction that normally
takes less than a second take over four days.
Administratium has a half-life of approximately 3 years, at which time
it does not actually decay. Instead, it undergoes a reorganization in
which assistants to the neutron, vice-neutrons, and assistants to the
vice-neutrons exchange place. Some studies have indicated that the
atomic mass number actually increases after each reorganization.
Administratium was discovered by accident when a researcher angrily
resigned from the chairmanship of the physics department and dumped
all of his papers in the intake hatch of the University's particle
accelerator. "Apparently, the interaction of all of those reports,
grant forms, etc. with the particles in the accelerator created the
new element." an unnamed source explained.
Research at other laboratories seems to indicate that Administratium
might occur naturally in the atmosphere. According to one scientist,
Administratium is most likely to be found on college and university
campuses, and in large corporation and government centers, near the
best-appointed and best-maintained building.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
A POX on you, Dennis Ritchie!!!
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A POX on you, Dennis Ritchie!!!
Newsgroups: alt.folklore.computers
Date: Tue, 10 Feb 2004 02:58:29 GMT
Torfinn Ingolfsen writes:
I guess you are a slkw learner then, since you haven't changed to
another language. :)
Perhaps a more modern one, with features that doesn't create
confusions so easy?
Like Ruby (http://www.ruby-lang.org/), Modula-3 (http://www.m3.org/),
Python (http://www.python.org/), or even Rexx?
great computer language shootout
http://www.bagley.org/~doug/shootout/index2.shtml
some feature list
http://tabini.topcities.com/langmain.html
misc. haskel refs:
http://www.haskell.org/
http://citeseer.nj.nec.com/hudak94haskell.html
http://www.galoisconnections.com/HCSPage1.htm
http://www.cs.uu.nl/people/franka/lang ... compilers & interpreters
http://www.cse.ogi.edu/~jl/
http://www.xoltar.org/2003/aug/04/haskellConcise.html
http://www.lns.cornell.edu/spr/2001-03/msg0031792.html
http://mail.python.org/pipermail/python-list/2002-January/079394.html
http://www.dcs.gla.ac.uk/mail-www/haskell/msg00743.html
http://www.cse.ogi.edu/~mpj/pubs/springschool.html
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
determining memory size
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: determining memory size
Newsgroups: bit.listserv.vmesa-l
Date: Tue, 10 Feb 2004 09:57:56 -0700
On 9 Feb 2004 11:23:54, Gerard Schildberger wrote:
why wasn't that bug found out when VM/370 was IPLed 2nd level?
I'm sure somebody must have gave a VM/370 guest 16 Megabytes to see
how well it performed 2nd level with lots of "real memory". Did VM/370
intercept the address check and fudge-up what was expected ?
I know, in later years, VM/370 took notice that it was running under
VM, and used other interfaces to detect/handle thingys. __________Gerard S.
the fix went in fairly early. the first 370s with virtual memory
support were 370/145 with 512k bytes of memory.
one of the original links in the internal network was between
cambridge and endicott. this was a project to modify CP/67 in two
stages:
- modified CP/67 to provide 370 virtual machines instead of 360
virtual machines (mostly in the area of virtual memory support since
the architecture was somewhat different)
- modified cp/67 that ran on on machine with 370 virtual memory
architecture
the typical operation at cambridge was then:
- real 360/67
- running (relatively) standard cp/67-l
- in 360/67 virtual machine, ran cp/67-h (modifications to provide 370
virtual machines)
- in 370 virtual machine, ran cp/67-i (modified to run on 370 architecture)
- cms
CP/67-h could have run on the bare iron ... except there was a
security issue with a number of MIT and, BU students and other non-IBM
employees having access to the cambridge machine.
This setup was running a year before endicott had the first 370/145
engineering model with virtual memory operational. CP/67-i was used as
the initial boot test on this machine (which had a knife switch as an
ipl button). It initially crashed and wouldn't boot. It turns out that
the engineers had gotton the implementation of two of the new "B2"
opcodes backwards. CP/67-I was patched to reversed the "B2" opcode use
(to correspond to the implementation mistake) and it then ran
succesfully.
In any case, this was somewhat the environment that early vm/370 work
went on. While CMS was relatively unmodified in the CP/67 to VM/370
transition (other than the name change from cambridge monitor system
to conversational monitor system), the CP kernel was significantly
rewritten.
In any case, all the early vm/370 development was either under cp/67-h
on a real 360/67 or eventually on a 370/145 under cp/67-i.
The issue is say you have vm/370 running in a 4mbyte virtual machine
on a 512kbyte real machine (with other work going on).... if vm/370
boot/ipl was actually clearing 4mbytes of virtual memory, boot can
take a very, very long time.
random past posts mention cp67l, cp67h, and cp67i work:
http://www.garlic.com/~lynn/93.html#23 MTS & LLMPS?
http://www.garlic.com/~lynn/93.html#26 MTS & LLMPS?
http://www.garlic.com/~lynn/94.html#18 CP/67 & OS MFT14
http://www.garlic.com/~lynn/97.html#22 Pre S/360 IBM Operating Systems?
http://www.garlic.com/~lynn/97.html#26 IA64 Self Virtualizable?
http://www.garlic.com/~lynn/97.html#28 IA64 Self Virtualizable?
http://www.garlic.com/~lynn/98.html#21 Reviving the OS/360 thread (Questions about OS/360)
http://www.garlic.com/~lynn/99.html#93 MVS vs HASP vs JES (was 2821)
http://www.garlic.com/~lynn/2000.html#81 Ux's good points.
http://www.garlic.com/~lynn/2000f.html#60 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
http://www.garlic.com/~lynn/2000f.html#63 TSS ancient history, was X86 ultimate CISC? designs)
http://www.garlic.com/~lynn/2000g.html#16 360/370 instruction cycle time
http://www.garlic.com/~lynn/2001b.html#23 Linux IA-64 interrupts [was Re: Itanium benchmarks ...]
http://www.garlic.com/~lynn/2001e.html#7 Blame it all on Microsoft
http://www.garlic.com/~lynn/2001e.html#53 Pre ARPAnet email?
http://www.garlic.com/~lynn/2001h.html#12 checking some myths.
http://www.garlic.com/~lynn/2002f.html#38 Playing Cards was Re: looking for information on the IBM
http://www.garlic.com/~lynn/2002f.html#39 Playing Cards was Re: looking for information on the IBM
http://www.garlic.com/~lynn/2002g.html#2 Computers in Science Fiction
http://www.garlic.com/~lynn/2002h.html#50 crossreferenced program code listings
http://www.garlic.com/~lynn/2002i.html#55 wrt code first, document later
http://www.garlic.com/~lynn/2002j.html#70 hone acronym (cross post)
http://www.garlic.com/~lynn/2002l.html#56 10 choices that were critical to the Net's success
http://www.garlic.com/~lynn/2002l.html#62 Itanium2 performance data from SGI
http://www.garlic.com/~lynn/2003.html#17 vax6k.openecs.org rebirth
http://www.garlic.com/~lynn/2003d.html#72 cp/67 35th anniversary
http://www.garlic.com/~lynn/2003g.html#29 Lisp Machines
http://www.garlic.com/~lynn/2003g.html#51 vnet 1000th node anniversary 6/10
http://www.garlic.com/~lynn/2003i.html#14 instant messaging
http://www.garlic.com/~lynn/2003k.html#27 Microkernels are not "all or nothing". Re: Multics Concepts For
http://www.garlic.com/~lynn/2003l.html#30 Secure OS Thoughts
http://www.garlic.com/~lynn/2003m.html#31 SR 15,15 was: IEFBR14 Problems
http://www.garlic.com/~lynn/2004.html#35 40th anniversary of IBM System/360 on 7 Apr 2004
The SOB that helped IT jobs move to India is dead!
Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SOB that helped IT jobs move to India is dead!
Newsgroups: alt.folklore.computers
Date: Wed, 11 Feb 2004 00:15:49 GMT
cstacy@news.dtpq.com (Christopher C. Stacy) writes:
Concerning our discussion where I predicted the eventual demise
of "brick and mortar" stores for purchasing music: the largest
chain that was in that business, Tower Records, has gone under
and filed today for bankruptcy. The explanation given is that
they just can't compete with either on-line stores like Amazon,
nor with the new online music download services.
i renenber tower in the '70s on s. bascom across from the pruneyard
... there were three sections to the store ... about half was records,
about 1/4 was various tapes, and about 1/4 was black light posters and
certain kind of paraphernalia.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
A POX on you, Dennis Ritchie!!!
Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A POX on you, Dennis Ritchie!!!
Newsgroups: alt.folklore.computers
Date: Wed, 11 Feb 2004 00:19:49 GMT
Peter Flass writes:
Rexx is usually interpreted, and interpreters are available for just
about everything. The first thing I do when moving to a new platform
is install rexx. Look at www.rexxla.org. AFAIK the only "compilers"
(so-called) exist for IBM mainframe systems, and basically just
tokenize the source.
random rexx references ... back to when it was still rex (before the name
change):
http://www.garlic.com/~lynn/94.html#11 REXX
http://www.garlic.com/~lynn/94.html#22 CP spooling & programming technology
http://www.garlic.com/~lynn/95.html#00 old mainframes & text processing
http://www.garlic.com/~lynn/2000b.html#29 20th March 2000
http://www.garlic.com/~lynn/2000b.html#30 20th March 2000
http://www.garlic.com/~lynn/2000b.html#31 20th March 2000
http://www.garlic.com/~lynn/2000b.html#32 20th March 2000
http://www.garlic.com/~lynn/2000b.html#33 20th March 2000
http://www.garlic.com/~lynn/2000c.html#41 Domainatrix - the final word
http://www.garlic.com/~lynn/2001.html#27 VM/SP sites that allow free access?
http://www.garlic.com/~lynn/2001b.html#30 perceived forced conversion from cp/m to ms-dos in late 80's
http://www.garlic.com/~lynn/2001e.html#60 Estimate JCL overhead
http://www.garlic.com/~lynn/2001f.html#10 5-player Spacewar?
http://www.garlic.com/~lynn/2001h.html#8 VM: checking some myths.
http://www.garlic.com/~lynn/2001h.html#76 Other oddball IBM System 360's ?
http://www.garlic.com/~lynn/2001j.html#26 Help needed on conversion from VM to OS390
http://www.garlic.com/~lynn/2001k.html#35 Newbie TOPS-10 7.03 question
http://www.garlic.com/~lynn/2001m.html#43 FA: Early IBM Software and Reference Manuals
http://www.garlic.com/~lynn/2001n.html#11 OCO
http://www.garlic.com/~lynn/2001n.html#26 Open Architectures ?
http://www.garlic.com/~lynn/2001n.html#36 Movies with source code (was Re: Movies with DEC minis)
http://www.garlic.com/~lynn/2002e.html#45 REXX and its designer (was: IBM 7090 instruction set)
http://www.garlic.com/~lynn/2002f.html#29 Computers in Science Fiction
http://www.garlic.com/~lynn/2002g.html#27 Security Issues of using Internet Banking
http://www.garlic.com/~lynn/2002g.html#57 Amiga Rexx
http://www.garlic.com/~lynn/2002g.html#58 Amiga Rexx
http://www.garlic.com/~lynn/2002g.html#59 Amiga Rexx
http://www.garlic.com/~lynn/2002g.html#60 Amiga Rexx
http://www.garlic.com/~lynn/2002h.html#35 Computers in Science Fiction
http://www.garlic.com/~lynn/2002j.html#3 HONE, Aid, misc
http://www.garlic.com/~lynn/2002j.html#83 Summary: Robots of Doom
http://www.garlic.com/~lynn/2002j.html#85 Summary: Robots of Doom
http://www.garlic.com/~lynn/2002k.html#9 Avoiding JCL Space Abends
http://www.garlic.com/~lynn/2002k.html#18 Unbelievable
http://www.garlic.com/~lynn/2002k.html#38 GOTOs cross-posting
http://www.garlic.com/~lynn/2002k.html#52 Dump Annalysis
http://www.garlic.com/~lynn/2002l.html#39 Moore law
http://www.garlic.com/~lynn/2002n.html#71 bps loader, was PLX
http://www.garlic.com/~lynn/2002o.html#51 E-mail from the OS-390 ????
http://www.garlic.com/~lynn/2002p.html#2 IBM OS source code
http://www.garlic.com/~lynn/2003b.html#19 Card Columns
http://www.garlic.com/~lynn/2003c.html#43 Early attempts at console humor?
http://www.garlic.com/~lynn/2003c.html#75 The relational model and relational algebra - why did SQL become the industry standard?
http://www.garlic.com/~lynn/2003c.html#78 The relational model and relational algebra - why did SQL become the industry standard?
http://www.garlic.com/~lynn/2003f.html#3 Alpha performance, why?
http://www.garlic.com/~lynn/2003f.html#4 Alpha performance, why?
http://www.garlic.com/~lynn/2003i.html#58 assembler performance superiority: a given
http://www.garlic.com/~lynn/2003k.html#2 Rexx vs. Batch
http://www.garlic.com/~lynn/2003k.html#63 SPXTAPE status from REXX
http://www.garlic.com/~lynn/2003m.html#14 Seven of Nine
http://www.garlic.com/~lynn/2003p.html#23 1960s images of IBM 360 mainframes
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Next generation processor architecture?
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Next generation processor architecture?
Newsgroups: comp.arch
Date: Wed, 11 Feb 2004 15:50:11 GMT
"Andy Glew" <glew2public-news@sbcglobal.net> writes:
It's probably not surprising that you haven't encountered
multifile Word documents. "Master documents" and subdocuments
did not start working well until Word 2000; they were broken
in the original and SP1 versions of Word XP / 2002, but
got fixed again by Word 2003.
i was at m'soft developers conference in '96 at mascone and remember
somebody (offline) commenting that 100 percent of the office features
that 99 percent of people use ... had already been shipped and there
was concern about why would people buy the next version (new car every
year syndome). that year every presentation had the phase protecting
your investment ... code phrase for m'soft promising to not obsolete
visual basic skills of the audience.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
A POX on you, Dennis Ritchie!!!
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A POX on you, Dennis Ritchie!!!
Newsgroups: alt.folklore.computers
Date: Wed, 11 Feb 2004 19:42:18 GMT
Alexandre Peshansky <alex*@*mail.rockefeller.edu> writes:
Real programmers can make dumb C errors in any language ;-)
some references to various *real*
http://www.garlic.com/~lynn/2001e.html#31 High Level Language Systems was Re: computer books/authors (Re: FA:
http://www.garlic.com/~lynn/2002e.html#39 Why Use *-* ?
http://www.garlic.com/~lynn/2002o.html#69 So I tried this //vm.marist.edu stuff on a slow Sat. night,
http://www.garlic.com/~lynn/2002o.html#72 So I tried this //vm.marist.edu stuff on a slow Sat. night,
http://www.garlic.com/~lynn/2003b.html#58 When/why did "programming" become "software development?"
http://www.garlic.com/~lynn/2003j.html#43 An a.f.c bibliography?
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
CHECKSUM CHALLENGE - (US$ 100)
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: CHECKSUM CHALLENGE - (US$ 100)
Newsgroups: comp.misc,comp.programming,comp.dcom.modems,sci.crypt,comp.arch.embedded
Date: Wed, 11 Feb 2004 21:16:11 GMT
"Max Firmware" writes:
And tossing in a bunch off FF's that aren't part of the packet
doesn't help either!!!!
i.e. possibly to maintain one bit density for various
transmission/sync'ing requirements.
there is the ancient (in)famous case at cornell university that tried
out new (RF_ wireless technology for campus communication between
various mainframe operations. the mainframe communication controller
used standard crc for detecting transmission errors. however, the
wireless modem used similar polynomial for permuting transmission bits
(maintain one-bits transmission density?). the result was that
transmission errors tended to be permuted in such a way that they
weren't caught by the CRC.
ancient ref (nearly 20 years old)
overview:
http://vm.marist.edu/~vmshare/vmshscn1
detail
http://vm.marist.edu/~vmshare/read?fn=CRC-FAIL&ft=PROB&line=1
description
http://vm.marist.edu/~vmshare/read?fn=CRC-FAIL&ft=PROB&line=474
discussion of crc polynomial issues:
http://vm.marist.edu/~vmshare/read?fn=CRC-FAIL&ft=PROB&line=660
from a co-worker (at the time) ... purely random coincidence but he
happen to send me some email a couple weeks ago (after over ten years
lapse). in any case, in the above, he references an article on the
subject he worte for april 1985 PC tech journal titled "high
performance crc generation".
above fragments as single article:
http://vm.marist.edu/~vmshare/browse?fn=CRC-FAIL&ft=PROB#660
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The SOB that helped IT jobs move to India is dead!
Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SOB that helped IT jobs move to India is dead!
Newsgroups: alt.folklore.computers
Date: Thu, 12 Feb 2004 17:32:30 GMT
earlier post:
http://www.garlic.com/~lynn/2004b.html#2
greenspan's testimony (live, in real time) is highlighting US
education ssytem; at up to about 4th grade it is about average but by
12th grade it isn't competitive at all; many of the people that should
be going thru grad. school aren't even making it thru highschool; in
the future, all the high paying jobs will be conceptual based; the
community college system is doing about the best job of retraining
current workers for the new necessary skills.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The SOB that helped IT jobs move to India is dead!
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SOB that helped IT jobs move to India is dead!
Newsgroups: alt.folklore.computers
Date: Thu, 12 Feb 2004 17:52:00 GMT
oh yes, slightly convoluted thread .. in:
http://www.garlic.com/~lynn/2004b.html#2
there was reference to:
http://www.garlic.com/~lynn/2002k.html#45
which in turn referenced ... "scope of the literacy need" which had
some 1992 stats (general literacy, not technical):
http://www.nifl.gov/nifl/facts/facts_overview.html
also from above ... 94-98 international literacy survey:
• The average composite literacy score of native-born adults in
the U.S. was 284 (Level 3); the U.S. ranked 10th out of 17
high-income countries;
• The mean prose literacy scores of U.S. adults with primary or no
education, ranked 14th out of 18 high-income countries;
• The mean prose literacy scores of U.S. adults with some high
school, but no diploma or GED, ranked 19th out of 19 high-income
countries;
• The mean prose literacy scores of U.S. adults with a high school
diploma or GED (but no college), ranked 18th (tie) out of 19
countries;
• The mean prose literacy scores of U.S. adults with 1-3 years of
college, ranked 15th out of 19 countries;
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
SSL certificates
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: SSL certificates
Newsgroups: comp.os.ms-windows.networking.tcp-ip,sci.crypt,microsoft.public.windowsnt.protocol.tcpip,comp.protocols.tcp-ip
Date: Fri, 13 Feb 2004 16:13:42 GMT
Mailman writes:
After all, robbing a bank is nothing when compared to _opening_ a bank!
or attacks on the owner of the website.
lots of past comments about SSL merchant server "comfort" certificates:
http://www.garlic.com/~lynn/subpubkey.html#sslcert
ssl was to address perceived weakness involving perceived domain name
hijacking weaknesses in the domain name infrastructure; merchants
would get a ssl server certificate from a TTP (trusted third party)
certification authority with their domain name, client browsers would
compare the domain name in the certificate with the URL they typed
... and have some comfort that the server they were talking to was the
one they expected to talk to from the URL. there was also the issue
that it supported an encrypted session, hiding the credit card number
while in transit.
a couple issues:
1) The TTP-CAs aren't the authoritative agency as to who owns the
domain name ... the domain name infrastructure is the authoritative
agency as to who owns the domain name. As part of the TTP-CA issuing
the ceritifcate to the merchant ... they had to contact the domain
name infrastructure to see if the entity requesting the certificate is
the same entity that owns the domain name ... however this is the
domain name infrastructure that has the integrity issues that gave
rise to desire for needing certificates. So somewhat from the TTP-CA
industry there has been some proposals to improve the integrity of the
domain name infrastructure ... so that the TTP-CA industry can trust
them as part of issuing certificates. However, the net is that
various of the proposals to improve the integrity of the domain name
infrastructure (so that it can be trusted by the TTP-CA industry as
part of issuing certificates) also improves the domain name
infrastructure integrity so it can be trusted by everybody ... going a
long ways to eliminating the original requirement for needing the
merchant comfort certificates in the first place.
2) the major vulnerability to credit card numbers have been havesting
of the transaction files from the merchant location. this is what
shows up in all the press ... various references:
http://www.garlic.com/~lynn/subintegrity.html#fraud
where the crook gets a hundred thousand numbers in one operation ...
as compared to the theoritical evesdropping attack trying to catch a
credit card number in flight ... a vulnerability for which
there have been no known published actually occurances (as far as i
know) ... the ROI fraud is so much higher harvesting the transaction
file compared to try and get something out of evesdropping. a
discussion of security proportional to risk/fraud ... and the threat
model associated with the merchant transaction file:
http://www.garlic.com/~lynn/2001h.html#61
so the two threat models address by SSL merchant server certificates:
a) vulnerability in domain name infrastructure with domain name
hijacking .... except to some degree certificates are cosmetic coating
since the vulnerabilities are still there and somebody just hijacks
the domain name and then applies for the certificate (and in fact the
CA industry has motivated solutions to the domain name infrastructure
vulnerabilities but the solutions would also eliminate justification
for needing certificates).
b) vulnerability in credit card number transmission ... for which
there have been no published exploits ... since it is so much more
productive to harvest the merchant transaction file.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
SSL certificates
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: SSL certificates
Newsgroups: comp.os.ms-windows.networking.tcp-ip,sci.crypt,microsoft.public.windowsnt.protocol.tcpip,comp.protocols.tcp-ip
Date: Fri, 13 Feb 2004 17:48:14 GMT
"Pete Davis" writes:
No, not really. My thinking was, I question the point of developing
session keys after the initial contact using the certificate
keys. I'm sure there's a good reason, but it seems to me that if the
certificate key isn't secure enough for the entire conversation,
then the entire conversation is no more secure than the initial
certificate key. If the certificate key were compromised, then the
negotiated session keys would also be compromised, would they not?
use of the certificate (asymmetric) key has significantly more
computational overhead than a symmetric key ... the certificate key is
used for a little bit of data to address the key-exhange requirement
... then use a symmetric key for the volumes of data (because the
processing overhead is so much less). the key switch isn't
particularly a security theory issue ... it is a practical
implementation issue.
slightly related ... previous post regarding key sizes and
attack resistance:
http://www.garlic.com/~lynn/2004b.html#11 Is 3DES more secure than 384 bit RSA?
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
SSL certificates
Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: SSL certificates
Newsgroups: comp.os.ms-windows.networking.tcp-ip,sci.crypt,microsoft.public.windowsnt.protocol.tcpip,comp.protocols.tcp-ip
Date: Fri, 13 Feb 2004 17:57:58 GMT
Paul Rubin <http://phr.cx@NOSPAM.invalid> writes:
What kind of compromise do you have in mind? The public key is,
well, public. Nothing bad happens if the attacker learns what it
is. If you're afraid the attacker might substitute his own public
key for the server's, that means you're catching on. The public key
is wrapped in a certificate which is signed by an issuer (the
"certificate authority" or CA) that the client has to be
preconfigured to trust (the CA public key is preinstalled in the
client). If the CA private key gets loose, the system's security is
shot. But fortunately, the CA private key is used only at the time
the server certificate itself is created. That can be done
completely offline using (say) a laptop computer that spends all its
time locked in a safe when not in use.
a real attack against the SSL domain name certificate infrastructure
can have nothing at all to do with the CA private key. The certificate
is supposedly used to certify some information (the server's domain
name) that otherwise has integrity issues (because of perceived
integrity problems with the domain name infrastructure). as a result,
the integrity of the certificate is checked by the client (using a CA
public key), then the domain name in the certificate is checked
against the original URL ... and then the validity of the
communication with the server is check using the server's public key
from the certificate.
note however there is supposedly a "chain of trust" ... however the
chain of trust goes all the way back to the authoritative agency that
the CA checks with for validating the information that goes into their
signed certificate. In the case of SSL domain name certificates, the
authoritative agency for who owns a domain name is the domain name
infrastructure; so the trust root ... isn't with the CA ... but is
with the authoritative agency that the CA uses for validating the
information as part of the certification. Trust propagation goes from
the domain name infrastructure to the CA to the client (i.e. the CA is
the trust root for the certificate ... but not for the actual
validatity of the information being certified contained in the
certificate).
However, the catch-22 is that the original justification for these
certificates were trust and integrity issues with the domain name
infrastructure .... which continues to be the trust root .... even
with SSL domain name server certificates. So there are some proposals
to improve the integrity of the domain name infrastructure
... somewhat prompted by the CA industry. However, many of the
integrity improvements for the domain name infrastructure also go a
long way to eliminating the original justifications for the
certificates.
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The SOB that helped IT jobs move to India is dead!
Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SOB that helped IT jobs move to India is dead!
Newsgroups: alt.folklore.computers
Date: Fri, 13 Feb 2004 20:22:09 GMT
Anne & Lynn Wheeler writes:
earlier post:
http://www.garlic.com/~lynn/2004b.html#2
the other thing from the us census article in the early '90s
... besides half of the 18 year olds being functionally illiterate was
that (at the time) over half of the (us) manufacturing jobs were in
some way subsidized ... aka the claim that over half of the employees
in manufacturing jobs were receiving total benefits (salary,
retirement, insurance, medical, etc) in excess of the value of the
work they performed (the difference in the value they provided and the
benefits they received had to be made up in some way). recent posts
http://www.garlic.com/~lynn/2004b.html#37 The SOB that helped IT jobs move to India is dead!
http://www.garlic.com/~lynn/2004b.html#38 The SOB that helped IT jobs move to India is dead!
a related thread ran recently in comp.arch regarding social security
beneifts not being fully funded (and future generations will have to
make up the difference):
http://www.garlic.com/~lynn/2004b.html#9 A hundred subjects: 64-bit OS2/eCs, Innoteck Products
http://www.garlic.com/~lynn/2004b.html#21 A hundred subjects: 64-bit OS2/eCs, Innoteck Products
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
The SOB that helped IT jobs move to India is dead!
Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SOB that helped IT jobs move to India is dead!
Newsgroups: alt.folklore.computers
Date: Fri, 13 Feb 2004 21:20:35 GMT
Brian Inglis writes:
Looked at online grocery shopping offerred here a few years ago,
first via fax, now via web, and the per-item pick charges and
delivery charges are high enough that it pays me to do it myself.
i remember seeing somebody buying one of the bankrupt online grocery
companies .... not for the grocery business ... but they had developed
this wiz-bang optimized packing, scheduling, and routing application
(optimized scheduling/routing can make substantial difference in
operational costs).
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Foiling Replay Attacks
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Foiling Replay Attacks
Newsgroups: sci.crypt
Date: Sat, 14 Feb 2004 17:10:58 GMT
Mark Shelor writes:
The only two mechanisms I'm familiar with for guarding against replay
are sequence numbers and timestamps. Are there other techniques
(e.g. server-generated nonces) mentioned in the literature?
depends on whether or not it is an atomic operation/message or can
involve real-time protocol chatter.
payment system uses a log and looks for duplicate transactions (which
include the full details of the transaction) ... but it is a atomic
operation with single round-trip scenario w/o protocol
chatter. because of infrastructure issues the times are a little
fuzzy. there have been instances where a person used credit card to
make to succesive identical purchases at a merchant and have the 2nd
one rejected as duplicate.
the depth of the log can be abbreviated based on how syncronized the
clocks are (and therefor the timestamps) ... or just recording the
previously sequentially used number.
for non-single round trip allowing protocol chatter ... there are
instances like RADIUS login scenario where the client contacts the
server, the server responds with a random number/challenge, the client
combines the server random number/challenge with client random number
... digitally signs the combined value and returns the message and
digital signature.
the real-time protocol chatter, in effect, substitutes for having a
log of (one or more) previous interactions. w/o the real-time protocol
chatter, some sort of log is used. the depth of the log may be one
deep if the environment is sufficiently controlled. In a less
controlled environment, the log may have to consist of interactions
spanning hours or even days.
random previous replay attack threads:
http://www.garlic.com/~lynn/2001d.html#20 What is PKI?
http://www.garlic.com/~lynn/aadsm12.htm#6 NEWS: 3D-Secure and Passport
http://www.garlic.com/~lynn/aadsm13.htm#27 How effective is open source crypto?
http://www.garlic.com/~lynn/aadsm13.htm#28 How effective is open source crypto? (addenda)
http://www.garlic.com/~lynn/aadsm13.htm#29 How effective is open source crypto? (bad form)
http://www.garlic.com/~lynn/aadsm13.htm#31 How effective is open source crypto? (bad form)
http://www.garlic.com/~lynn/aadsm14.htm#30 Maybe It's Snake Oil All the Way Down
http://www.garlic.com/~lynn/aadsm16.htm#13 The PAIN mnemonic
http://www.garlic.com/~lynn/aadsm16.htm#22 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
http://www.garlic.com/~lynn/aadsm17.htm#2 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
http://www.garlic.com/~lynn/2002m.html#14 fingerprint authentication
http://www.garlic.com/~lynn/2003g.html#70 Simple resource protection with public keys
http://www.garlic.com/~lynn/2003j.html#25 Idea for secure login
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003p.html#6 Does OTP need authentication?
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
Foiling Replay Attacks
Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Foiling Replay Attacks
Newsgroups: sci.crypt
Date: Sat, 14 Feb 2004 17:33:23 GMT
"Tom St Denis" writes:
Though a related method of preventing replays would be S/KEY I
guess. It's a protocol for password logins that is based on proving
you know the input for a given output. E.g. you compute
H[0] = password
H[i] = hash(H[i-1]), for i = 1...n
Then you create the account with H[n]. To login you give them
H[n-1] which they verify hash(H[n-1]) = H[n]. If it does the login
is accepted and server stores H[n-1]. Repeat until you hit H[1] in
which case you have to make a new array of hashes.
An attacker trying to replay an old stream will not have the
required hash since the server will be expecting a different one and
the attacker only knows the previous ones.
The client has a unique password that it remembers and a hone-way hash
function. The RFC allows that as part of registration ... that the
server provide the client a unique server-specific value (this allows
the client to use the same password with different servers). The
client then does the hash of the combination of the password and the
server specific value and iterates the hashing N-times. The server
then records N and the result from the interactive hash.
When the client goes to login, the server presents N-1 and the
server-specific value. The client then repeats the original operation
but only performs the hash N-1 times ... and returns the value. The
server then performs the hash one additional time and checks it with
the recorded value for N-times. If they match, the session is
succesful and the server updates the iteration value to N-1 and the
recently presented hash value.
The stated purpose is that 1) this foils evesdropping attacks
listening to cleartext password transmission, 2) client only has to
remember the password/passphrase (everything else is remembered by the
server) and 3) the same password can be used with a large number of
different servers (addressing the huge human factors problem with
having to deal with scores of unique passwords).
The MITM attack is that the attacker evesdrops on the communication
(as assumed under the basic justification for the whole design) and
and substitutes a count of "1" in the transmission to the client (in
place of N-1). The attacker now has the first hash ... and can repeat
the rest of the hashes and transmit to the server (and then gets out
of the way of the rest of the session). Later the attacker can
impersonate the client for any hash value larger than one (w/o knowing
the actual password).
minor past ref:
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication
--
Anne & Lynn Wheeler | http://www.garlic.com/~lynn/
Internet trivia 20th anv http://www.garlic.com/~lynn/rfcietff.htm
ARPAnet guest accounts, and longtime email addresses
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ARPAnet guest accounts, and longtime email addresses
Newsgroups: rec.arts.sf.written,alt.folklore.computers
Date: Sat, 14 Feb 2004 21:14:28 GMT
... from long ago and far away ...
Date: Tue, 16 Jul 91 12:24:28 IST
From: Hank Nussbacher <HANK%VM.BIU.AC.IL@TAUNIVM.TAU.AC.IL>
Subject: Network maps v2
To: tcp-ip@nic.ddn.mil
This document is meant to catalog all known network maps in postscript
format that are available via the Internet. One purpose is so that people
can review other network maps for ideas and formats. The main purpose
is for the newly forming RIPE mapping WG to determine what icons people
use in their network maps and to create an RFC that standardizes the
icons as well as the format that people will create for their network
maps. Please send all corrections and additions to this list to:
hank@vm.tau.ac.il
CAVAET:
Some Postscript maps won't print correctly on many laser printers.
This is due to the files being in Apple Postscript rather than in
standard postscript. Most maps reported here will print properly.
-----------------------------------------------------------------
1) anonymous ftp name and number
aarnet.edu.au 139.130.204.4
2) cd __________
pub/maps
3) get ___________.ps
aarn-backbone.ps
4) What is included in your map?
Backbone of AARNet network, link speeds, comment on topology
5) How often is it updated?
Whenever something significant changes! Say, every three months,
6) Contact?
P.Elford@aarnet.edu.au
-----------------------------------------------------------------
1) anonymous ftp name and number
ftp.cc.berkeley.edu 128.32.136.9
2) cd __________
pub
3) get ___________.ps
ucb.map.ps
4) What is included in your map?
The UCB IP routers
5) How often is it updated?
Whenever I feel like it (actually I just created it recently).
6) Contact?
cliff@garnet.berkeley.edu
-----------------------------------------------------------------
1) anonymous ftp name and number
Arizona.EDU 128.196.128.233
2) cd __________
networks.maps
3) get ___________.ps
uanet-prepped.ps
4) What is included in your map?
Subnets of the University of Arizona's network (128.196.0.0).
5) How often is it updated?
Once every couple of months or so.
6) Contact?
Leonard@Arizona.EDU
-----------------------------------------------------------------
1) anonymous ftp name and number
NIS.NSF.NET 35.1.1.48
2) cd __________
maps
3) get ___________.ps
ASIANET PS V 128 276 8 1/17/89 1:30:13
BACKBONE NEW-PS V 117 6765 50 10/01/90 14:41:43
BACKBONE OLD-PS V 94 2437 25 2/24/89 15:40:22
BACKBONE OLD2-PS V 94 2445 25 2/24/89 15:39:57
BACKBONE T1-PS V 106 6375 46 4/18/91 12:36:39
BACKBONE T1T3-PS V 108 7088 51 4/23/91 9:39:58
BACKBONE T3-PS V 117 6515 46 4/18/91 15:05:57
BARRNET PS V 124 1222 10 5/30/90 11:39:03
BITNET PS V 130 2870 85 1/17/89 1:30:20
BITNET4 PS V 130 3389 101 1/17/89 1:30:28
CERFNET PS V 876 3594 24 11/30/90 11:03:39
CICNET PS V 28 23597 68 2/11/91 18:16:12
CORNELL PS V 112 110 2 2/17/89 1:53:49
DC PS V 99 421 5 3/23/89 11:01:45
EARNET PS V 129 1447 43 1/17/89 1:30:33
ESNET PS V 94 2462 25 5/05/89 14:10:25
HARVARD MAP V 78 59 1 2/17/89 1:57:53
LOSNETTO PS V 106 1309 9 11/27/90 17:26:12
MERIT-MI PS V 88 6449 19 6/01/90 11:50:09
MIDNET PS V 132 730 6 2/17/89 1:52:58
NA_NETS PS V 94 2802 26 5/17/89 9:56:55
NCAR PS V 255 1602 11 2/17/89 1:52:46
NETMAP DOC V 78 1140 13 2/24/89 16:05:27
NETNORTH PS V 129 511 16 1/17/89 1:30:36
NYSERNET PS V 53 2475 9 2/17/89 1:56:40
PREPNET PS V 80 1856 9 2/22/89 9:59:39
PSC_