List of Archived Posts

2007 Newsgroup Postings (10/06 - 10/25)

A question for the Wheelers - Diagnose instruction
what does xp do when system is copying
Windows Live vs Kerberos
Virtualization: Don't Ask, Don't Tell
Horrid thought about Politics, President Bush, and Democrats
Windows Live vs Kerberos
what does xp do when system is copying
what does xp do when system is copying
GETMAIN/FREEMAIN and virtual storage backing up
Computing Change: Researcher Traces History Of The Personal Computer
Horrid thought about Politics, President Bush, and Democrats
what does xp do when system is copying
ANT Censuses of the Internet Address Space
Does software life begin at 40? IBM updates IMS database
Does software life begin at 40? IBM updates IMS database
The SLT Search LisT instruction - Maybe another one for the Wheelers
History dictates future of virtualization
The SLT Search LisT instruction - Maybe another one for the Wheelers
Fixing our fraying Internet infrastructure
Fixing our fraying Internet infrastructure
Hackers Attack Apps While Still in Development
Horrid thought about Politics, President Bush, and Democrats
Enterprise: Accelerating the Progress of Linux
GETMAIN/FREEMAIN and virtual storage backing up
what does xp do when system is copying
VMware: New King Of The Data Center?
Does software life begin at 40? IBM updates IMS database
Does software life begin at 40? IBM updates IMS database
what does xp do when system is copying
what does xp do when system is copying
what does xp do when system is copying
what does xp do when system is copying
what does xp do when system is copying
Google And IBM Take Aim At Shortage Of Distributed Computing Skills
what does xp do when system is copying
what does xp do when system is copying
what does xp do when system is copying
what does xp do when system is copying
what does xp do when system is copying
Oracle Raises Stakes With BEA Offer
Astrophysicist Replaces Supercomputer with a Cluster of Eight PlayStation 3s
Newsweek article--baby boomers and computers
Newsweek article--baby boomers and computers
what does xp do when system is copying
what does xp do when system is copying
Are there tasks that don't play by WLM's rules
Are there tasks that don't play by WLM's rules
Anniversaries
IBM System/3 & 3277-1
Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
US or China?
The history of Structure capabilities
Ancient Apple
Damn
The history of Structure capabilities
IBM Z6 processor
Ancient Apple
IBM Z6 processor
Direction of Stack Growth
Virtualization: Everybody's Doing It, but Few Know How
Fixing our fraying Internet infrastructure
Horrid thought about Politics, President Bush, and Democrats
Fixing our fraying Internet infrastructure
The history of Structure capabilities
Virtual Browsers: Disposable Security
Direction of Stack Growth
Direction of Stack Growth
does memory still have parity?
Direction of Stack Growth
IBM System/3 & 3277-1
IBM System/3 & 3277-1
IBM System/3 & 3277-1
Value of SSL client certificates?
Value of SSL client certificates?

A question for the Wheelers - Diagnose instruction

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: A question for the Wheelers - Diagnose instruction
Newsgroups: alt.folklore.computers
Date: Sat, 06 Oct 2007 15:48:14 -0400
Peter Flass <Peter_Flass@Yahoo.com> writes:
I was just reading the Bitsavers' stuff on CPS. Apparently the first implementation was on a 360/50 with custom microcode. The documented microinstruction was "eval" which evaluated an expression from an encoded list.

CPS as in conversational programming system? It supported conversational basic and pli as subsystem running under os/360 ... done by the boston programming center on 3rd flr of 545 tech sq
http://www.garlic.com/~lynn/subtopic.html#545tech

they also did some microcode performance enhancements for cps on the 360/50. later as the main cp67 group was expanding, splitting off from the science center and turning into vm370 ... it moved to the 3rd flr and absorbed the boston programming center; moving the cps developers to cms. later as the group continued to expand, it outgrow the space on the 3rd flr and moved out to the old SBC bldg. in burlington mall.

one of the (previous) cps developers even did a port of conversational cps basic pli running under cms.

misc. past posts mentioning CPS
http://www.garlic.com/~lynn/2000d.html#37 S/360 development burnout?
http://www.garlic.com/~lynn/2000f.html#66 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
http://www.garlic.com/~lynn/2001b.html#42 John Mashey's greatest hits
http://www.garlic.com/~lynn/2001l.html#24 mainframe question
http://www.garlic.com/~lynn/2001m.html#47 TSS/360
http://www.garlic.com/~lynn/2002.html#48 Microcode?
http://www.garlic.com/~lynn/2002d.html#31 2 questions: diag 68 and calling convention
http://www.garlic.com/~lynn/2002h.html#59 history of CMS
http://www.garlic.com/~lynn/2002j.html#17 CDC6600 - just how powerful a machine was it?
http://www.garlic.com/~lynn/2002j.html#19 ITF on IBM 360
http://www.garlic.com/~lynn/2002o.html#78 Newsgroup cliques?
http://www.garlic.com/~lynn/2002p.html#58 AMP vs SMP
http://www.garlic.com/~lynn/2003c.html#0 Wanted: Weird Programming Language
http://www.garlic.com/~lynn/2003h.html#34 chad... the unknown story
http://www.garlic.com/~lynn/2003k.html#0 VSPC
http://www.garlic.com/~lynn/2003k.html#55 S/360 IPL from 7 track tape
http://www.garlic.com/~lynn/2004.html#20 BASIC Language History?
http://www.garlic.com/~lynn/2004.html#32 BASIC Language History?
http://www.garlic.com/~lynn/2004d.html#42 REXX still going strong after 25 years
http://www.garlic.com/~lynn/2004e.html#37 command line switches [Re: [REALLY OT!] Overuse of symbolic
http://www.garlic.com/~lynn/2004g.html#4 Infiniband - practicalities for small clusters
http://www.garlic.com/~lynn/2004g.html#47 PL/? History
http://www.garlic.com/~lynn/2004m.html#54 Shipwrecks
http://www.garlic.com/~lynn/2004n.html#0 RISCs too close to hardware?
http://www.garlic.com/~lynn/2004p.html#37 IBM 3614 and 3624 ATM's
http://www.garlic.com/~lynn/2004q.html#18 PR/SM Dynamic Time Slice calculation
http://www.garlic.com/~lynn/2004q.html#72 IUCV in VM/CMS
http://www.garlic.com/~lynn/2005.html#8 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005b.html#28 Relocating application architecture and compiler support
http://www.garlic.com/~lynn/2005d.html#74 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005f.html#58 Where should the type information be: in tags and descriptors
http://www.garlic.com/~lynn/2005h.html#37 Software for IBM 360/30
http://www.garlic.com/~lynn/2005i.html#32 Improving Authentication on the Internet
http://www.garlic.com/~lynn/2005j.html#25 IBM Plugs Big Iron to the College Crowd
http://www.garlic.com/~lynn/2005q.html#12 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2005s.html#35 Filemode 7-9?
http://www.garlic.com/~lynn/2006j.html#44 virtual memory
http://www.garlic.com/~lynn/2006m.html#28 Mainframe Limericks
http://www.garlic.com/~lynn/2006o.html#51 The Fate of VM - was: Re: Baby MVS???
http://www.garlic.com/~lynn/2006r.html#41 Very slow booting and running and brain-dead OS's?
http://www.garlic.com/~lynn/2006s.html#1 Info on Compiler System 1 (Univac, Navy)?
http://www.garlic.com/~lynn/2007g.html#39 Wylbur and Paging
http://www.garlic.com/~lynn/2007g.html#43 Wylbur and CRBE
http://www.garlic.com/~lynn/2007l.html#58 Scholars needed to build a computer history bibliography

what does xp do when system is copying

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Sat, 06 Oct 2007 16:31:36 -0400
"Jukka Aho" <jukka.aho@iki.fi> writes:
As Steve suggested, advanced techniques, such as VPNs (Virtual Private Networking), can be used for connecting to your home network securely from the outside world. This would allow you to see and access your home computers, printers, files, etc. remotely, from a friend's house or a hotel room (even from abroad), even though these resources are otherwise hidden and protected behind your router/firewall. It is also possible to control your computer and the programs running on it from another computer, graphically, so that you see the screen of your computer from a remote location. But if you want to use these kind of features you need to set them up separately.

it seemed that ipsec and ipng were having trouble making headway in the early 90s ... where it basically required replacing the existing network stack ... which at the time essentially met getting a new operating system distribution from your vendor and installing it.

i've commented before that barrier to uptake was somewhat behind the rise of both SSL and VPN ... while ipsec would provide end-to-end encryption but (essentially) required replacing your installed system and kernel ... SSL and VPN required neither of these things.

SSL could be deployed just by installing an application ... and it provided "end-to-end" encryption between a new browser application (and some webserver) w/o requiring all the parties involved to install new systems.

the original VPN was introduced at the fall '94 ietf meeting in san jose in the gateway committee by a friend that we had worked on and off with since 1980. he had originally developed it for him and his wife to work at home ... with software update for his home router and the routers at his and his wife's places of work. the state of the art at the time was somewhat link encryptors ... i've commented before about some comment in the mid-80s about the internal network having over half of all the link encryptors in the world
http://www.garlic.com/~lynn/subnetwork.html#internalnet

the couple worked for different companies in a distant city. rather than having two separate 56kbit links from their house to their respective companies in the remote city ... they had a single link from their house to the husband's corporate location with a "tail-circuit" from the husband's company location to the wife's company location. The husband's operated with vpn encrypted link from the house to his corporate location. The wife operated with a vpn encrypted link ... first tunneled thru the husband's vpn encrypted link (to his corporate location) and then via the "tail-circuit" to her corporate location.

my view was all of this caused some amount of heart burn among the ipsec aficionados ... somewhat mitigated when they started calling it "lightweight ipsec" (then others could start calling ipsec, "heavyweight ipsec").

there was also somewhat of a split among the router vendors when vpn was introduced ... because some of the vendors had boxes with powerful enuf processors to perform the required vpn encryption ... but some of the router vendors had very much slower processors that had extreme difficulty performing the required cryptographic operations. As a result, the router vendors with the slower processors appeared to put up all sort of delaying actions and roadblocks.

much later there were vpn implementations that could be deployed in end-user computers (rather than intermediate routers) ... with encrypted sessions tunneled through standard internet connections. however, many of these deployments created serious corporate risks ... in much the same way that having internal, secured corporate personal computers (connected on internal, secured corporate networks) ... when a user might activate a dial-up modem to the standard internet ... and attackers would attack corporate networks thru these unauthorized backdoor dial-up connections. many of the early personal computer vpn implementations had similar difficiencies ... that attackers would compromise the home pc thru the standard internet connection and then gain access to the corporate network via the tunneled vpn connection.

misc. past posts mentioning VPNs
http://www.garlic.com/~lynn/aadsm11.htm#24 Proxy PKI. Was: IBM alternative to PKI?
http://www.garlic.com/~lynn/aadsm12.htm#66 Subpoena Sidelines PKI Project
http://www.garlic.com/~lynn/aadsm15.htm#2 Is cryptography where security took the wrong branch?
http://www.garlic.com/~lynn/aadsm15.htm#17 New authentication protocol, was Re: Tinc's response to "Linux's answer to MS-PPTP"
http://www.garlic.com/~lynn/aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
http://www.garlic.com/~lynn/aadsm23.htm#18 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
http://www.garlic.com/~lynn/aadsm25.htm#19 Hamiltonian path as protection against DOS
http://www.garlic.com/~lynn/aadsm27.htm#20 307 digit number factored
http://www.garlic.com/~lynn/2001g.html#18 VPN solution for school district
http://www.garlic.com/~lynn/2002j.html#40 Beginner question on Security
http://www.garlic.com/~lynn/2002l.html#60 Handling variable page sizes?
http://www.garlic.com/~lynn/2003b.html#53 Microsoft worm affecting Automatic Teller Machines
http://www.garlic.com/~lynn/2003e.html#34 Use of SSL as a VPN
http://www.garlic.com/~lynn/2003e.html#40 IETF meeting (Re: editors/termcap)
http://www.garlic.com/~lynn/2003l.html#23 Why more than 1 hole in FW for IPSec
http://www.garlic.com/~lynn/2003m.html#16 OSI not quite dead yet
http://www.garlic.com/~lynn/2004k.html#29 CDC STAR-100
http://www.garlic.com/~lynn/2004p.html#32 Carrying IP over ATM networks
http://www.garlic.com/~lynn/2005h.html#39 Attacks on IPsec
http://www.garlic.com/~lynn/2005q.html#29 IPSEC wireless router ?
http://www.garlic.com/~lynn/2005u.html#46 Channel Distances
http://www.garlic.com/~lynn/2007d.html#37 MAC and SSL
http://www.garlic.com/~lynn/2007g.html#63 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007h.html#67 SSL vs. SSL over tcp/ip
http://www.garlic.com/~lynn/2007l.html#32 Virtual private networks

Windows Live vs Kerberos

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Windows Live vs Kerberos
Newsgroups: comp.protocols.kerberos
Date: Sun, 07 Oct 2007 09:00:02 -0400
royend <royend@gmail.com> writes:
Can someone tell me differences between Windows Live and Kerberos? Is it possible for instance to sat that Windows Live uses as its basis the Needham-Schroeder protocol, the same way as Kerberos does?

I believe that Kerberos is a more general protocol which is used in network authentication, as Windows Live is a special service for web sites, gathering all users at a single sign on (SSO).


how 'bout ...
https://en.wikipedia.org/wiki/Windows_Live_ID

for a little drift ... original kerberos was done with shared-secret/password for user authentication. once that is done, then kerberos tickets can be passed around between a lot of applications as a sso mechanism.

m'soft contracted with an outside corporation to do a kerberos impelementation for windows ... making it the basis for windows authentication. about the same time that was going on there was a ietf/internet draft written called pk-init for kerberos.

in the original pk-init, the registration of password was replaced with the registration of public keys ... and in place of entering a password, the user generated a digital signature (with their corresponding private key). this was not a PKI implementation which requires something called digital certificates ... which were nominally invented to provide some trusted information about total strangers during first time communication ... aka in the original PKI design point, a total stranger, that is otherwise not known to the organization and/or for which there has never been any prior contact ... can present a digital certificate and be granted access to systems (purely based on the information contained in the digital certificate). in that sense, digital certificates can be considered sort of a very long lived "tickets" ... where all the authorization information is visible/public and targeted at being used by strangers in first time communication (the letters of credit/introducation scenario from sailing ship days, where relying parties had no other recourse to information for first time interaction with total strangers)

There was then some amount of lobbying that the pk-init drift should support both digital signature based authentication involving known individuals (i.e. the original public key registration scenario) as well as the PKI-scenario with digital certificates (supposedly to allow total strangers with no prior contact and/or authorization, access to systems).

misc. past posts mentioning kerberos and/or pk-init
http://www.garlic.com/~lynn/subpubkey.html#kerberos

in the early 80s, we were periodically involved dropping by project athena and reviewing various projects, including kerberos. we happened to be there a week when the original cross-domain kerberos process was being worked out. more recently, we sat thru a vendors description of their SAML implementation for cross-domain authentication. While the format of SAML messages and kerberos tickets are different, the description of the flows were identical.

corresponding kerberos wiki page
https://en.wikipedia.org/wiki/Kerberos_(protocol)

from my rfc index
http://www.garlic.com/~lynn/rfcietff.htm

and click on Term (term->RFC#) in the RFCs listed by section

and then scroll down to kerberos, i.e.
kerberos
see also authentication , generic security service , security
5021 4757 4752 4559 4557 4556 4537 4430 4402 4121 4120 3962 3961 3244 3129 2942 2712 2623 1964 1510 1411


clicking on the RFC numbers, brings up the corresponding summary in the lower frame, for instance:
4757 I
The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows, Brezak J., Jaganathan K., Zhu L., 2006/12/11 (18pp) (.txt=36562) (Refs 1320, 1321, 1964, 2104, 3961, 3962, 4120, 4537)


clicking on the ".txt=nnnn" field, fetches the actual RFC

Virtualization: Don't Ask, Don't Tell

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Virtualization: Don't Ask, Don't Tell
Newsgroups: alt.folklore.computers
Date: Sun, 07 Oct 2007 09:31:07 -0400
recent on 40+yr old technology ... from the science center ... first as cp40 on custom modified 360/40
http://www.garlic.com/~lynn/subtopic.html#545tech

article theme somewhat that IT departments meet SLA-aggreements and their corporate customers don't need to be concerned if virutalization is involved.

Virtualization: Don't Ask, Don't Tell
http://www.linuxinsider.com/story/59692.html

from above:
Such a rush to virtual servers is certainly under way at The Hartford Life and Accident Insurance, where "the standard is that everything new comes in on virtual servers," said Bruno Janssens, senior architect in the company's infrastructure services group.

A dozen of the Simsbury, Conn.-based insurer's 5,000 servers are currently virtualized, as are some 500 Windows XP client machines, he said.


... snip ...

Horrid thought about Politics, President Bush, and Democrats

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Horrid thought about Politics, President Bush, and Democrats ...
Newsgroups: alt.folklore.computers
Date: Sun, 07 Oct 2007 10:51:39 -0400
Frank McCoy <mccoyf@millcomm.com> writes:
.... Not, like bombing us into rubble, like some more hawkish people thought, but by outperforming us. Somewhat like Toyota has overtaken General Motors. That wouldn't have been so bad for the world if true.

note that the suggestions in the 70s and 80s and even into the 90s (that was in progress) was met with strong counter arguments that could aboslutely never be possible. All the signs were clearly visible, but it appeared that the majority/mainstream had enormous variety of reasons why it wasn't happening (delusions?) ... which seemed to be totally unrelated to observable reality.

misc. past posts mentioning automobile industry, import quotas, C4 project and other related tidbits
http://www.garlic.com/~lynn/2000f.html#43 Reason Japanese cars are assembled in the US (was Re: American bigotry)
http://www.garlic.com/~lynn/2003i.html#61 TGV in the USA?
http://www.garlic.com/~lynn/2003l.html#29 Offshore IT
http://www.garlic.com/~lynn/2003o.html#34 Will Prescott work on Win64?
http://www.garlic.com/~lynn/2004b.html#52 The SOB that helped IT jobs move to India is dead!
http://www.garlic.com/~lynn/2004c.html#51 [OT] Lockheed puts F-16 manuals online
http://www.garlic.com/~lynn/2004h.html#22 Vintage computers are better than modern crap !
http://www.garlic.com/~lynn/2005s.html#2 Internet today -- what's left for hobbiests
http://www.garlic.com/~lynn/2006.html#23 auto industry
http://www.garlic.com/~lynn/2006.html#44 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006g.html#14 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#20 The Pankian Metaphor
http://www.garlic.com/~lynn/2006m.html#49 The Pankian Metaphor (redux)
http://www.garlic.com/~lynn/2006v.html#14 In Search of Stupidity
http://www.garlic.com/~lynn/2006x.html#32 Toyota set to lift crown from GM
http://www.garlic.com/~lynn/2007f.html#50 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007g.html#29 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007g.html#34 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007g.html#52 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007i.html#13 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007j.html#31 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#33 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#11 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#24 IBM Unionization
http://www.garlic.com/~lynn/2007n.html#31 IBM obsoleting mainframe hardware

Windows Live vs Kerberos

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Windows Live vs Kerberos
Newsgroups: comp.protocols.kerberos
Date: Sun, 07 Oct 2007 22:08:00 -0400
Frank Siebenlist <franks@mcs.anl.gov> writes:
Ahhh, pkinit history... actually, pkinit originates from the good old DCE efforts at OSF from the 90's.

The DCE-RFC's 68.3/4 show the evolution that Lynn talked about, where the last 68.4 was used for the current IETF pkinit incarnation after some heated ietf-workgroup sessions...
http://www.opengroup.org/dce/tech/pki/dce_pki_spec_08.pdf

The first versions of pkinit were purely key-based, essentially like ssh, where the public key was matched to a Kerberos principal.

At that time we thought that X509-PKIX-PKI was going to take over the world and X509 certs were the future... (I'm sure that Lynn has a few references about those dreams ;-) ), so we introduced X509-cert-based authentication for DCE/Kerberos in RFC 68.4, where the identity management was taken over by the PKI, and Kerberos (ideally) didn't need any user-database and would issue tickets to whoever would authenticate with a x509-cert and the principal name would be derived from the subject's DN.

As mentioned, there were some heated arguments in the ietf working group - the idea that it would demote Kerberos to a credential translation service and would take away the identity management part was probably one reason...

In retrospect, I'm not sure if we made any real improvement with the changes in the pkinit model... maybe we should have listened better to Carl Ellison and Lynn ;-)


re:
http://www.garlic.com/~lynn/2007q.html#2 Windows Live vs Kerberos

one of the issues with x.509 identity (public) digital certificates from the early 90s was "what might the necessary and sufficient information be required in the digital certificates" (for possibly accepting relying parties). as a result there was some direction to include more and more personal information ... to cover the possible requirements of any relying parties which might be depending on the (public) digital certificates (PKI somewhat assumed that public digital certificates were being sprayed all over the world).

however, by the mid-90s, several organizations were starting to realize that x.509 identity (public) digital certificate, increasing overloaded with personal information, represented significant liability and privacy issues. some of these organizations, attempting to salvage something of the digital certificate infrastructure, regressed to something called relying-party-only digital certificates
http://www.garlic.com/~lynn/subpubkey.html#rpo

where the individual information (in the digital certificate) was restricted to some sort of account number (user identifier and/or record locator) and a public key. The account/record allowed the personal information to be removed from public distribution. The issue then was that it could be trivially shown that the actual digital certificates were redundant and superfluous ... since the account/record would (or trivially could) typically also include the public key (effectively regressing to the original pkinit scenario).

The trade-off (from the digital certificate design point adapted from the letters of credit/introduction from sailing ship days) ... was that it was necessary to include all the required information needed by relying party in the document. Once the pertinent information moved some place else ... then the original purpose for such documents (credentials and/or digital certificate) became redundant and superfluous.

There were some additional issues with various of the relying-party-only certificates ... besides becoming redundant and superfluous. Even with relying-party-only digital certificates eliminating all personal specific information (except record-locator/account-record and public key) ... they could still be quite enormous and require significant processing overhead. This was especially apparent in payment transactions ... where the overhead of a relying-party-only digital certificates could represent an 100-fold payload size increase
http://www.garlic.com/~lynn/subpubkey.html#bloat

that issue was so significant (in payment infrastructure) that the x9 financial standards body started a work item for "compressed" digital certificates ... with objective of attempting to reduce the payload bloat increase to possibly only 5-fold (again for something effectively redundant and superfluous).

what does xp do when system is copying

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Mon, 08 Oct 2007 07:31:29 -0400
"Jukka Aho" <jukka.aho@iki.fi> writes:
Corporate VPN clients are usually designed to prevent one from routing between the tunnel and the local networks, and they resort to all sorts of nannying when trying to uphold that policy. But where there's a will, there's always a way... I can assure you from my own experience that trying to prevent someone's personal computer from doing things is doomed to fail if the user is the administrator of that machine, and _wants_ circumvent those restrictions. :)

many of the early corporate vpn client implementations lacked a lot of integrity implementations to counter allowing attackers from standard internet to compromise corporate intranets via vpn clients. the countermeasures for these kinds of attacks somewhat evolved over time.

the simple was to make sure that the client ip-stack had ip-routing turned off ... but then there are various kinds of trojan horses ... somewhat similar to the botnet compromises that effectively can operate somewhat like application level proxy to use the client as platform for corporate attacks.

for other drift, misc. past posts mentioning interop '88.
http://www.garlic.com/~lynn/subnetwork.html#interop88

the four floor nets was one of the first, large scale multiple net installations. on sunday before the show ... the whole infrastructure started crashing and burning ... which continued into the wee hours of monday morning. subsequently there was a default configuration recommendation regarding ip-forwarding appeared in rfc1122 (i.e. std-3), "Requirements for Internet Hosts - commuincations layers"

and recent post including mention of some ipsec related technology (digital certificates, pkix) from the early/mid 90s
http://www.garlic.com/~lynn/2007q.html#5 Windows Live vs Kerberos
kicked off with this post
http://www.garlic.com/~lynn/2007q.html#2 Windows Live vs Kerberos

what does xp do when system is copying

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Mon, 08 Oct 2007 10:16:15 -0400
jmfbahciv writes:
Medicare, Medicaid and the insurance companies have set prices for what they will reimburse for each and every charge, including toilet paper usage. The medical care providers lose money so they charge higher and higher rates to the private patients...those who aren't using insurance as their payment adminstrators. Now consider a law that forces everybody to have insurance. It exists. We have it in this state. The next health bill passed will have that edict.

Now where are the health care providers supposed to get the monies to run the businesses?


i think it was 60 minutes(?) a few months ago had a segment on medicare drug bill legislation. the major pt was that the bill excluded negotiated prescription prices ... and gave some comparison of VA prescription drug prices (which allows negotiated prescription prices) being much less than medicare (which precludes negotiated prescription prices) ... for even the same identical drug.

there was one bit on an initial GAO report estimating annual costs (which was supposedly used to decide whether to vote in favor or against the bill) ... then GAO came out with more accurate estimate that was something like twice the earlier estimate ... supposedly the committee chairman was able to block dissemination of the updated estimate until after the bill had passed.

finally there were something like 12-18 people ... either elected officials, aids, and/or staffers responsible for shepherding the legislation thru ... and supposedly over short period after the bill passing, all had left their positions and working in one way or another for the drug industry.

some of this was behind the comptroller general's comments about nobody in congress for the past 50 yrs, has been capable of doing simple middle school arithmatic

yesterday, cspan carried small portion of talk claiming that federal legislation unfunded mandates now amounts to $400k for every man, woman, and child (this isn't current federal debt, this is cost of existing legislation mandated programs for which there hasn't been funding ... presumably requiring future borrowing/debt and/or additional tax burden).

old long-winded post reference to the 80s gov. savings&loan bail-out claiming that the obligation was carried off fed. books since it represented $100k for every man, woman, and child.
http://www.garlic.com/~lynn/aepay3.htm#riskm

a few other posts mentioning unfunded obligations of various kinds:
http://www.garlic.com/~lynn/2004b.html#9 A hundred subjects: 64-bit OS2/eCs, Innotek Products,
http://www.garlic.com/~lynn/2004e.html#19 Message To America's Students: The War, The Draft, Your Future
http://www.garlic.com/~lynn/2007j.html#91 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#93 IBM Unionization

and various other posts mentioning comptroller general's comments
http://www.garlic.com/~lynn/2006f.html#41 The Pankian Metaphor
http://www.garlic.com/~lynn/2006f.html#44 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#9 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#14 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#27 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#2 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#3 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#4 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#17 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#19 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#33 The Pankian Metaphor
http://www.garlic.com/~lynn/2006o.html#61 Health Care
http://www.garlic.com/~lynn/2006p.html#17 Health Care
http://www.garlic.com/~lynn/2006r.html#0 Cray-1 Anniversary Event - September 21st
http://www.garlic.com/~lynn/2006t.html#26 Universal constants
http://www.garlic.com/~lynn/2007j.html#20 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#91 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#19 Another "migration" from the mainframe
http://www.garlic.com/~lynn/2007o.html#74 Horrid thought about Politics, President Bush, and Democrats
http://www.garlic.com/~lynn/2007p.html#22 U.S. Cedes Top Spot in Global IT Competitiveness

GETMAIN/FREEMAIN and virtual storage backing up

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: GETMAIN/FREEMAIN and virtual storage backing up
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Mon, 08 Oct 2007 10:53:12 -0400
peter.hunkeler@ibm-main.lst (Hunkeler Peter , KIUK 3) writes:
Fixed storage is not only to support diabled users but much more often used in the ubiquituos I/O processing. The channel subsystem (the I/O part of System z hardware) does not use DAT. Channel commands transfer data blocks data from and to real storage to and from I/O devices, resp. Before the I/O can be initiated, MVS's I/O supervisor code has to make sure the virtual storage allocated for the I/O buffers is not being paged out while the channel subsystem is working on the I/O request. Therefore, the pages will be fixed before the I/O supervisor passes the I/O request to the channel subs

this was part of the technology that was borrowed from cp67 in the original os/vs2 work ... discussed earlier in this thread
http://www.garlic.com/~lynn/2007p.html#69 GETMAIN/FREEMAIN and virtual storage backing up
http://www.garlic.com/~lynn/2007p.html#70 GETMAIN/FREEMAIN and virtual storage backing up

one of the uses for "fixed" storage was allowing applications to build channel programs with the (previously) "fixed", real storage addresses ... then the application channel program could be directly executed ... w/o requiring the supervisor having to scan ... building a shadow/duplicate channel program with the "real" addresses

for instance, lookup various discussions about EXCPVR compared to EXCP

... this redbook has some discussion of the differences between EXCPVR and EXCP (although most of the discussion is about support for using storage about 2GB line)
http://www.redbooks.ibm.com/abstracts/SG245976.html

from 2.10.3 Using EXCP and EXCPVR
Programs using EXCPVR have the responsibility to page fix all I/O area and build real channel programs.

... snip ...

Computing Change: Researcher Traces History Of The Personal Computer

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Computing Change: Researcher Traces History Of The Personal Computer
Newsgroups: alt.folklore.computers
Date: Mon, 08 Oct 2007 11:36:38 -0400
Computing Change: Researcher Traces History Of The Personal Computer
http://www.sciencedaily.com/releases/2007/10/071008080207.htm

from above:
Thomas Haigh, assistant professor of information studies at the University of Wisconsin-Milwaukee (UWM), is among a very small number of computer experts in the world who are also historians, studying the role of technology in broader social change. These new experts are tracing how computers have changed business and society.

... snip ...

Horrid thought about Politics, President Bush, and Democrats

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Horrid thought about Politics, President Bush, and Democrats ...
Newsgroups: alt.folklore.computers
Date: Tue, 09 Oct 2007 10:25:35 -0400
Walter Bushell <proto@oanix.com> writes:
And with Churchill, who wasn't much of an improvement. He was and out and out imperialist and thought it was proper, for example, for a small island to run a continent for the islands benefit. We revolted from England for exactly the that. Maybe the repression was not as severe in India, as in Russia, but if so, that was because the English had left to justify their rule.

past references to history books/lectures claiming that the country/constitution would have been significantly different if it had been less heavily influenced by the scots/descendants from virginia and more heavily influenced by the english/descendants from new england area.
http://www.garlic.com/~lynn/2006b.html#30 Empires and Imperialism
http://www.garlic.com/~lynn/2006r.html#47 Mickey and friends
http://www.garlic.com/~lynn/2007o.html#51 EZPass: Yes, Big Brother IS Watching You!

within the past couple yrs we had a side-trip to Edinburgh and had chance to visit some number of military museums that extolled the bravery of all the scots that joined the military.

about the same time, we saw a (wwi) blackadder segment that had a line (from english officer, mr bean's character) about if they saw a man in a skirt, they run him thru and nic all his lands. we had also got a BBC DVD multi-part series, a history of britain ... in it there was a comment about after the english had slaughtered so many scotts and took their lands, the only opportunity for young male scotts was to join the military.
http://www.garlic.com/~lynn/2006u.html#57 Pedantry (was RE: Shane's antipodes)

what does xp do when system is copying

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Tue, 09 Oct 2007 16:55:44 -0400
Greg Menke <gusenet@comcast.net> writes:
I'd be inclined to wonder if the redundant layers of crypto might become problematic. A crypto expert I ain't but isn't the usual line that redundant crypto presents a diminishing returns scenario and might tend to reduce overall effectiveness (by which I mean the aggregate effect of the algorithms may weaken the overall cipher, at least in theory) ?

one of the scenarios is about security "in-depth" .... multiple layers of defense ... so that if one is broken, there are still additional layers.

well designed crypto isn't suppose to yield/leak information ... so that attacks aren't any better than brute force attack on the key (i.e. attempting all possible keys).

good encryption should result in bit patterns indistinquishable from noise (or close to it). well designed layered encryption, theoritically requires brute force "key" attack to peal away each layer. however, if the result of the outer layer only yields an inner layer that looks like noise ... it may require an aggregate brute force attack on combination of all possible layered keys ... before it is possible to recognize something other than noise.

"3-des" with 2 56-bit (des) keys achieves this ... there is a DES "encrypt" with the first key ... followed by a DES "decrypt" with the 2nd key (i.e. decrypting something with the wrong key can also look like noise), followed by encryption with the first key again. This is considered to be equivalent of 2*56=112 bit key (requiring a brute force attack of 2**112 rather than brute force of 2**56). 3-des "decryption" then reverses the process; DES "decrypt" with the 1st key, followed by DES "encrypt" with the 2nd key, and finally DES "decrypt" with the 1st key.

one of the other security scenarios is that increasing complexity tends to weaken security ... because complexity increases the chance that things won't be done correctly everytime ... which attackers can take advantage of.

since no specific (well-designed) encryption is suppose to leak information .... multiple application of independent encryption shouldn't ever "increase" the amount of information leaked (ideally, the amount of useful information leaked should decrease with additional, independent encryption).

one of the principles of diminishing returns ... frequently has to do with total end-to-end security ... as opposed to just specific encryption process. nominally end-point attacks have been demonstrated to be easier than much of the communication encryption measures. Doubling the amount of communication encryption just encourages attackers to ignore transmissions and even further increase end-point attack efforts (and has little or no effect on protecting the weakest points ... i.e. the principle that security is only as strong as the weakest link).

An possible exception to communication encryption tending to be one of the strongest part of security, has been the wifi encryption that has been implicated in the tjx breach .. i.e.

WLAN Security Blamed for TJX Payment Card Breach
http://itmanagement.earthweb.com/secu/article.php/3704061

however, the weakness in the wifi encryption has been known for quite some time. there were even early apoligies by the individuals responsible for the design, also claiming that trade-offs were made because of the target wifi devices didn't have capability to perform more complex encryption. although there is some evidence that by the time the encryption was actually deployed, all of the wifi devices being shipped were capable of much more powerful encryption.

we had been brought in to consult with a small client/server startup that wanted to do payment transactions on their server ... some past posts mentioning something called a payment gateway
http://www.garlic.com/~lynn/subnetwork.html#gateway

they had this technology called SSL ... and the effort is now frequently referred to as "electronic commerce". a few recent posts
http://www.garlic.com/~lynn/aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy
http://www.garlic.com/~lynn/aadsm27.htm#1 H6.2 Most Standardised Security Protocols are Too Heavy
http://www.garlic.com/~lynn/aadsm27.htm#15 307 digit number factored
http://www.garlic.com/~lynn/aadsm27.htm#19 307 digit number factored
http://www.garlic.com/~lynn/aadsm27.htm#20 307 digit number factored
http://www.garlic.com/~lynn/aadsm27.htm#21 307 digit number factored
http://www.garlic.com/~lynn/aadsm27.htm#33 The bank fraud blame game
http://www.garlic.com/~lynn/aadsm27.htm#35 The bank fraud blame game
http://www.garlic.com/~lynn/aadsm27.htm#47 If your CSO lacks an MBA, fire one of you
http://www.garlic.com/~lynn/aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
http://www.garlic.com/~lynn/aadsm27.htm#54 Security can only be message-based?
http://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks
http://www.garlic.com/~lynn/2007o.html#23 Outsourcing loosing steam?
http://www.garlic.com/~lynn/2007o.html#25 LAX IT failure: leaps of faith don't work
http://www.garlic.com/~lynn/2007o.html#27 EZPass: Yes, Big Brother IS Watching You!
http://www.garlic.com/~lynn/2007o.html#28 EZPass: Yes, Big Brother IS Watching You!
http://www.garlic.com/~lynn/2007o.html#52 Virtual Storage implementation
http://www.garlic.com/~lynn/2007p.html#54 Industry Standard Time To Analyze A Line Of Code
http://www.garlic.com/~lynn/2007p.html#67 what does xp do when system is copying

lots of past posts about ssl and ssl domain name digital certificates
http://www.garlic.com/~lynn/subpubkey.html#sslcerts

we then got involved in the x9a10 financial standard working group that had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. this required some detailed vulnerability studies and threat models in support of x9.59 financial standard
http://www.garlic.com/~lynn/x959.html#x959

part of this was that by far the greatest leakage of account numbers resulting in fraudulent transactions was the transaction repositories which were needed for a large number of business processes. there was the eventual observation that the account numbers were needed in so many processes ... that there was no amount of security that would prevent account number leakage (in part studies showing that up to seventy percentage of such leakage involve insiders). from a policy standpoint, the circumstance could claim that account number was overloaded ... effectively being used for (something you know) authentication as well as being instrumental for large number of business processess.

the eventual tjx 40million account number breach, may have started with information obtained via the wifi encryption breach but was then leveraged in being able to access the transaction/business repositories (it wasn't using the encryption break to obtain the large number of account numbers thru evesdropping actual transactions).

so the x9.59 financial standard approach was to create a totally separate operation for transaction authentication, independent of the account number. this eliminated the ability of attackers to perform fraudulent transactions having either evesdropped transactions (during transmission) or from copying large business process repositories. this is discussed in more detail in a series of posts about "naked transaction metaphor" (i.e. transactions where the account number is overloaded serving both as means of something you know authentication and for numerous other business processes)
http://www.garlic.com/~lynn/subintegrity.html#payment

x9.59 preventing crooks from performing fraudulent transactions with information gatthered by evesdropping on electronic commerce transmissions ... also effectively eliminates one of the main purposes of SSL.
http://www.garlic.com/~lynn/2007.html#0 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007.html#5 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007.html#6 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007.html#28 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#61 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#62 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#64 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#8 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#15 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#17 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#22 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#26 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#27 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#28 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#30 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#31 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#32 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#33 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#35 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#36 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#37 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#39 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#43 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#44 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#46 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#51 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#52 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#53 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#0 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#5 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#11 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#26 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#68 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#70 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#2 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#12 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#23 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#24 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#28 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#29 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#58 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#61 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#62 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#65 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#8 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#58 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#68 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#72 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007g.html#8 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007h.html#48 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007h.html#51 Securing financial transactions a high priority for 2007

ANT Censuses of the Internet Address Space

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: ANT Censuses of the Internet Address Space
Newsgroups: alt.folklore.computers
Date: Tue, 09 Oct 2007 17:30:24 -0400
ANT Censuses of the Internet Address Space
http://www.isi.edu/ant/address/

Does software life begin at 40? IBM updates IMS database

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Does software life begin at 40? IBM updates IMS database
Newsgroups: alt.folklore.computers
Date: Tue, 09 Oct 2007 20:20:35 -0400
Does software life begin at 40? IBM updates IMS database
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9041719

from above:
IMS, which stores data in a tree structure rather than in the tables used in relational databases, was first used in 1968 for the NASA's Apollo space program.

...

Bernie Spang, director of data servers at IBM, added that the database remains vigorous despite its age. It still runs in the back rooms of over 95% of Fortune 1,000 companies, and, Spang claimed, 80% of large retail banks in the United States, Germany and Japan.


... snip ...

a couple postings with old email mentioning IMS
http://www.garlic.com/~lynn/2007.html#email801016
http://www.garlic.com/~lynn/2007c.html#email830125

some recent posts mentioning IMS:
http://www.garlic.com/~lynn/2007.html#39 Just another example of mainframe costs
http://www.garlic.com/~lynn/2007b.html#9 Mainframe vs. "Server" (Was Just another example of mainframe
http://www.garlic.com/~lynn/2007b.html#48 6400 impact printer
http://www.garlic.com/~lynn/2007c.html#42 Keep VM 24X7 365 days
http://www.garlic.com/~lynn/2007d.html#24 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007e.html#1 Designing database tables for performance?
http://www.garlic.com/~lynn/2007e.html#14 Cycles per ASM instruction
http://www.garlic.com/~lynn/2007e.html#16 Attractive Alternatives to Mainframes
http://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
http://www.garlic.com/~lynn/2007e.html#36 Quote from comp.object
http://www.garlic.com/~lynn/2007e.html#37 Quote from comp.object
http://www.garlic.com/~lynn/2007e.html#41 IBM S/360 series operating systems history
http://www.garlic.com/~lynn/2007f.html#56 Is computer history taught now?
http://www.garlic.com/~lynn/2007f.html#64 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007f.html#66 IBM System z9
http://www.garlic.com/~lynn/2007g.html#25 Bidirectional Binary Self-Joins
http://www.garlic.com/~lynn/2007g.html#26 Bidirectional Binary Self-Joins
http://www.garlic.com/~lynn/2007h.html#35 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007h.html#76 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007k.html#71 The top 10 dead (or dying) computer skills
http://www.garlic.com/~lynn/2007l.html#62 Friday musings on the future of 3270 applications
http://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
http://www.garlic.com/~lynn/2007m.html#47 Capacity and Relational Database
http://www.garlic.com/~lynn/2007m.html#55 Capacity and Relational Database
http://www.garlic.com/~lynn/2007n.html#49 VLIW pre-history
http://www.garlic.com/~lynn/2007o.html#53 Virtual Storage implementation
http://www.garlic.com/~lynn/2007o.html#57 ACP/TPF
http://www.garlic.com/~lynn/2007o.html#59 ACP/TPF
http://www.garlic.com/~lynn/2007p.html#13 IBM Releases Office Desktop Software at No Charge to Foster Collaboration
http://www.garlic.com/~lynn/2007p.html#20 64 gig memory
http://www.garlic.com/~lynn/2007p.html#58 what does xp do when system is copying

Does software life begin at 40? IBM updates IMS database

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Does software life begin at 40? IBM updates IMS database
Newsgroups: alt.folklore.computers
Date: Wed, 10 Oct 2007 16:54:50 -0400
hancock4 writes:
We still use it to power a massive database. Apparently it (at least in earlier years) able to handle very large data volumes so our data is split into multiple databases. An I/O module decides which database to go to to fetch or update the data.

IMS also had an online component, but we use CICS.

They want to rewrite the application in modern web-based, but replacing a massive application isn't so easy.


re:
http://www.garlic.com/~lynn/2007q.html#13 Does software life begin at 40? IBM updates IMS database

CICS is approx. same vintage as IMS. The folklore is that it was developed at a mid-west utility company ... and then picked up to offer as general product. The univ. library had a ONR grant to do some library automation and got selected to be beta-test for the original CICS product. I got tasked to do some of the support/debugging for the installation.

misc. past posts mentioning CICS &/or BDAM
http://www.garlic.com/~lynn/submain.html#bdam

CICS history site
http://www.yelavich.com/history/toc.htm
http://web.archive.org/web/20080123061613/http://www.yelavich.com/history/toc.htm

wiki CICS page
https://en.wikipedia.org/wiki/CICS

and the wiki IMS page
https://en.wikipedia.org/wiki/IBM_Information_Management_System

the above wiki page mentions Vern Watts
http://www.vcwatts.org/ibm_story.html

as well as IMS availability options.

my wife had been con'ed into going to pok to be in charge of (mainframe) loosely-coupled architecture. while there she came up with peer-coupled shared data architecture
http://www.garlic.com/~lynn/submain.html#shareddata

which didn't see a lot of takeup until sysplex (one of the reasons she didn't stay there long) ... except for IMS hot-standby.

this CICS history page mentions the transition of CICS from
"Type II Application Program" to program product
http://www.yelavich.com/history/ev196901.htm
http://web.archive.org/web/20060325095234/http://www.yelavich.com/history/ev196901.htm

and also mentions transition to program product in 1969 in relationship to the 23jun69 unbundling announcement
http://www.garlic.com/~lynn/submain.html#unbundle

and starting to charge for (application) software.

The SLT Search LisT instruction - Maybe another one for the Wheelers

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SLT Search LisT instruction - Maybe another one for the Wheelers
Newsgroups: alt.folklore.computers
Date: Wed, 10 Oct 2007 18:38:14 -0400
Paul Hinman <paul.hinman@shaw.ca> writes:
The Search List Instruction SLT was an RPQ for the 360/67, as I remember it used about 4 implicit registers in addition to the regular operands. It would search up to 256 members of a linked list performing a logical comparison and a bit test on each table entry. If my failing mind is correct the table entries had to be double word aligned, and you had to provide the displacement for the byte to be bit tested, the bit map to test for, the displacement for the logical comparison and the length of the logical field, and the displacement for the pointer to the next table entry.

I believe that MTS used it for managing page tables ore something of the like. It was a problem state instruction so it could be used by anyone. I even used it once. For me it was a solution looking for a problem. I never heard if any of the MTS shops asked for the RPQ for later series machines and I doubt that the ones who used V6-8 Amdahl's could have had the instruction added because they were hardwired. It did do a lot for a single instruction fetch. It had to be interuptible because of the possibility of page faults, even multiple page faults during the execution of the instruction.

Does anyone have a description of the SLT instruction?


listed on the 360/67 blue card ... blue card ref:
http://www.garlic.com/~lynn/2001c.html#15 OS/360 (was LINUS for S/390)
http://www.garlic.com/~lynn/2003m.html#35 SR 15,15 was: IEFBR14 Problems

was defined by lincoln labs and found on many 360/67

extract from cp67 describing SLTSIM implementation/operation:
http://www.garlic.com/~lynn/2001h.html#71 IBM 9020 FAA/ATC Systems from 1960's

it was used in in cp67 kernel to search kernel dynamic storage for allocating block. cp67 frequently searched several hundred blocks that had used half-dozen instruction loop ... which the SLT instruction was more efficient. However SLT still required a couple storage fetches per block searched. For 360/67 w/o SLT instruction, there would be a invalid op-code program interrupt ... which would be checked and sent off to SLTSIM for simulation.

With the change to supporting "subpools" for cp67 dynamic kernel storage allocation ... the use of SLT was eliminated. subpool logic created LIFO push/pop list for most frequently used kernel storage sizes. The LIFO implementation took 14-20 instructions (total, depending on whether tracing was turned on or off). The subpool change handled nearly all storage requests and drastically reduced the kernel storage management overhead.

The kernel storage management subpool logic carried over in the morph to vm370. Even with subpool logic ... the LIFO process still showed up fairly high on the ECPS analysis (percent of total kernel overhead):
http://www.garlic.com/~lynn/94.html#21 370 ECPS VM microcode assist

not because the pathlength was large ... but it so frequently invoked ("FRET" is deallocate/push, "FREE" is allocate/pop):


         path                count   time    percent
(mics)     cp
fre+5a8                      73628   132     3.77
'FRET'
fre+8                        73699   122     3.47
FREE

misc. past posts mentioning SLT instruction:
http://www.garlic.com/~lynn/93.html#26 MTS & LLMPS?
http://www.garlic.com/~lynn/98.html#20 Reviving the OS/360 thread (Questions about OS/360)
http://www.garlic.com/~lynn/2000d.html#47 Charging for time-share CPU time
http://www.garlic.com/~lynn/2001d.html#23 why the machine word size is in radix 8??
http://www.garlic.com/~lynn/2001d.html#33 Very CISC Instuctions (Was: why the machine word size ...)
http://www.garlic.com/~lynn/2002.html#14 index searching
http://www.garlic.com/~lynn/2002.html#48 Microcode?
http://www.garlic.com/~lynn/2002f.html#54 WATFOR's Silver Anniversary
http://www.garlic.com/~lynn/2002h.html#87 Atomic operations redux
http://www.garlic.com/~lynn/2004l.html#17 IBM 3090 : Was (and fek that) : Re: new computer kits
http://www.garlic.com/~lynn/2005b.html#28 Relocating application architecture and compiler support
http://www.garlic.com/~lynn/2005c.html#35 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2006e.html#40 transputers again was: The demise of Commodore
http://www.garlic.com/~lynn/2006j.html#21 virtual memory

History dictates future of virtualization

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: History dictates future of virtualization
Newsgroups: alt.folklore.computers
Date: Wed, 10 Oct 2007 19:19:25 -0400
History dictates future of virtualization
http://www.regdeveloper.co.uk/2007/10/10/virtualization_bigot/

from above:
Even in the 1970s anyone with any sense could see the advantages virtualization offered. It separates applications and operating systems from the hardware. With VM/370 you could even run MVS on top - along with other operating systems such as Unix. The irony was it took a long time for VM/370 - now called z/VM - to overtake MVS and take its place in IBM's product range. By the time it did, it was largely hidden from view - as such "deep" technology ought to be.

... snip ...

... even if some of the stuff was slightly garbled

The SLT Search LisT instruction - Maybe another one for the Wheelers

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The SLT Search LisT instruction - Maybe another one for the Wheelers
Newsgroups: alt.folklore.computers
Date: Thu, 11 Oct 2007 11:33:19 -0400
"Sarr J. Blumson" <sarr@rygar.gpcc.itd.umich.edu> writes:
The GE-6x5 (and presumably the Honeywell/Bull descendants) had a similar instruction, RePeatLink, that would execute a target instruction (which could be a test but didn't have to be) for every element of the list. My failing mind says it also uses a bunch of registers but I don't remember any alignment restrictions. But then it was a word addressed machine.

re:
http://www.garlic.com/~lynn/2007q.html#15 The SLT Search LisT instruction - Maybe another one for the Wheelers

sltsim description
http://www.garlic.com/~lynn/2001h.html#71 IBM 9020 FAA/ATC Systems from 1960's

mentions that the elements in the list had to be double word aligned ... aka

from cp/67 reference (pg. 252):


Module name: SLTSIM

Entry point: SLTSIM

Purpose: Simulation of the SLT (search list) instruction on those
360/67s which do not have the RPQ.

Entry conditions:

gpr 0, bits 16-23, contains the key mask.
bits 24-31, contains the count of the number of elements to be searched
gpr2:  contains the address of the first element (which must be on a doubleword
boundary)
gpr3:  contains the number of bytes to be compared for the data match (1 through 4)
gpr4:  contains the value of the offset for the data check
gpr5:  contains the value of the offset for the key check
gpr14: contains a pointer to the instruction being simulated

exit conditions

0     - unsuccessful comparion and key test with completion due to count
1     - succesful comparison and unsuccesful key test
2     - unsuccesful comparison and succesful key test
3     - succesful comparison and key test

gpr0:  contains the number of elements unchecked
gpr1:  contains the predecessor element
gpr2:  contains the matched element

...

Fixing our fraying Internet infrastructure

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Fixing our fraying Internet infrastructure
Newsgroups: alt.folklore.computers
Date: Thu, 11 Oct 2007 12:21:30 -0400
past couple months seems like there has been barrage of articles on all sorts of fraying infrastructure ... lots of milking the infrastructure for whatever can be extracted ... frequently with little or no attention given to care and maintenance; transportation, roads, bridges, power, water, etc. There was even a news item the past couple days that a major overhaul of the nations traffic light system could save 10-12 percent in energy use ... but the money hasn't been spent for that either.

Fixing our fraying Internet infrastructure
http://news.zdnet.com/2010-1035_22-6212819.html

from above:
The broadband infrastructure in the United States is largely invisible to all but a few engineers. Were it as visible as a road system it would appear to be excellent in some places, but riddled with potholes in others; heavily congested at many times and locations; and in need of massive redesign.

... snip ...

lots of posts mentioning arpanet/internet
http://www.garlic.com/~lynn/subnetwork.html#internet

and misc. posts specifically about original nsfnet backbone effort
http://www.garlic.com/~lynn/subnetwork.html#nsfnet

Fixing our fraying Internet infrastructure

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Fixing our fraying Internet infrastructure
Newsgroups: alt.folklore.computers
Date: Fri, 12 Oct 2007 06:09:59 -0400
Morten Reistad <first@last.name> writes:
The "next generation" internet, ipv6, is almost non-existant in the US, except from some visionary ISPs. It is growing fast in the far east, and getting acceptance in europe; this development will be "backwards".

re:
http://www.garlic.com/~lynn/2007q.html#18 Fixing our fraying Internet infrastructure

some of it is addressing ... ala ipv6 ... but there are other things like physical infrastructure ... ala internet2

Blazingly fast Internet2 gets 10x boost
http://news.yahoo.com/s/ap/faster_internet
Blazingly Fast Internet2 Gets 10x Boost
http://www.redorbit.com/news/technology/1097295/blazingly_fast_internet2_gets_10x_boost/index.html
Blazingly Fast Internet2 Gets 10x Boost
http://www.physorg.com/news112452609.html
Internet2 finishes its nationwide network infrastructure
http://www.networkworld.com/news/2007/101207-bea-oracle.html?t51hb
100 Gb/s Internet2 completed
http://www.tgdaily.com/content/view/38553/108/

for some archeological drift ... back to nsfnet backbone ... some old email
http://www.garlic.com/~lynn/lhwemail.html#nsfnet
and other posts
http://www.garlic.com/~lynn/subnetwork.html#nsfnet

when we were prevented from bidding on nsfnet backbone ... director of nsf wrote a letter ... part of which referenced what we already had deployed (internally) was at least five yrs ahead of all (nsfnet backbone) bid submissions (to build something new). some of the stuff, like rate-based pacing didn't really show up until after internet2 started.

Hackers Attack Apps While Still in Development

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Hackers Attack Apps While Still in Development
Newsgroups: alt.folklore.computers
Date: Fri, 12 Oct 2007 06:50:57 -0400
Hackers Attack Apps While Still in Development
http://www.darkreading.com/document.asp?doc_id=136139

from above:
Chess and his fellow researchers at Fortify recently dubbed this class of vulnerabilities as "cross-build injection." Attackers insert vulnerabilities and malware into code during the software development process, rather than the more common approach of finding holes after the software is operational.

... snip ...

Fortify finds Trojan devs in open source
http://www.cbronline.com/article_news.asp?guid=35137085-5D15-4D62-89A3-BE1F9A486FF5

from above:
Fortify has written a paper documenting the exploit and release a new rule pack to its tooling to help developers identify and eliminate the threat. The update to the rule pack also includes support for CWE, an emerging standard that specifies a common language for identifying software vulnerabilities.

... snip ...

for other drift

Common Weakness Enumeration
http://cwe.mitre.org/about/index.html

from above:
MITRE began working on the issue of categorizing software weaknesses as early 1999 when it launched the CVE List. As part of the development of CVE during the last 5+ years MITRE's CVE Team developed a preliminary classification and categorization of vulnerabilities, attacks, faults, and other concepts to help define common software weaknesses. However, while sufficient for CVE those groupings are too rough to be used to identify and categorize the functionality offered within the offerings of the code security assessment industry.

... snip ...

I had complained to MITRE and others about classification difficulty (using CVE and other similar repositories) ... past posts mentioning attempts at classification using CVE
http://www.garlic.com/~lynn/2004e.html#43 security taxonomy and CVE
http://www.garlic.com/~lynn/2004f.html#20 Why does Windows allow Worms?
http://www.garlic.com/~lynn/2005b.html#20 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005c.html#28 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005c.html#32 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005d.html#0 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005d.html#67 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005k.html#3 Public disclosure of discovered vulnerabilities
http://www.garlic.com/~lynn/2006x.html#29 "The Elements of Programming Style"

Horrid thought about Politics, President Bush, and Democrats

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Horrid thought about Politics, President Bush, and Democrats  ...
Newsgroups: alt.folklore.computers
Date: Fri, 12 Oct 2007 07:21:02 -0400
jmfbahciv writes:
Hitler couldn't decide between two areas in Russia, so he went after both: Moscow and the oil fields southeast of Germany. That made three fronts. Hitler didn't have enough men, gear or supplies to do all three. From what I've been told, and read, having two fronts east and west was a bad idea.

internal transportion infrastructure within the country was supposedly what helped make that even attempted. lessons learned from that transportation infrastructure supposedly also contributed significantly to the interstate highway system act. however, that required that the highway system be built to sustain fairly heavyweight transports. possibly in the guise of dual-use cost justification ... that then would require promoting quite a bit of commercial heavyweight traffic.

as been discussed in past posts, it is the commercial heavyweight traffic that causes nearly all the wear&tear on the transportation infrastructure ... to the point that highways are designed for axle ton-mile heavy truck traffic (use by lighter weight vehicles has nearly no infrastructure wear&tear impact).

recent topic drift:
http://www.garlic.com/~lynn/2007q.html#18 Fixing our fraying Internet infrastructure
http://www.garlic.com/~lynn/2007q.html#19 Fixing our fraying Internet infrastructure

post posts mentioning axle ton-mile wear&tear
http://www.garlic.com/~lynn/2002j.html#41 Transportation
http://www.garlic.com/~lynn/2002j.html#42 Transportation
http://www.garlic.com/~lynn/2004c.html#20 Parallel programming again (Re: Intel announces "CT" aka
http://www.garlic.com/~lynn/2006g.html#5 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#6 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#10 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#12 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#15 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#19 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#24 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#26 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#32 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#35 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#46 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#48 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#49 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#50 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#51 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#52 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#53 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#54 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#56 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#57 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#59 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#60 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#61 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#62 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#0 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#5 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#6 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#11 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#23 The Pankian Metaphor
http://www.garlic.com/~lynn/2006p.html#2 Overweight truckers stopped by tech checks
http://www.garlic.com/~lynn/2006r.html#25 Computer Artifacts
http://www.garlic.com/~lynn/2007n.html#97 Loads Weighing Heavily on Roads

Enterprise: Accelerating the Progress of Linux

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Enterprise: Accelerating the Progress of Linux
Newsgroups: alt.folklore.computers
Date: Fri, 12 Oct 2007 07:37:54 -0400
another item on the new, 40+ yr old technology

Enterprise: Accelerating the Progress of Linux
http://www.linuxinsider.com/story/59781.html

from above ...
To enable the next generation data center and make sure it's built on Linux, we all need to focus on two key areas -- virtualization and management. We believe the future of virtualization lies in hardware-assisted paravirtualization. People will be using virtualization for server consolidation, test and development environments, rapid application deployment, business continuity and application isolation.

... snip ...

effectively same old song dating back to the 60s (golden oldies).

other recent posts mentioning the new 40+ yr old technology
http://www.garlic.com/~lynn/2007.html#39 Just another example of mainframe costs
http://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
http://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#30 Health Care
http://www.garlic.com/~lynn/2007f.html#36 Silly beginner questions
http://www.garlic.com/~lynn/2007f.html#39 Silly beginner questions
http://www.garlic.com/~lynn/2007h.html#77 Linux: The Completely Fair Scheduler
http://www.garlic.com/~lynn/2007j.html#43 z/VM usability
http://www.garlic.com/~lynn/2007k.html#47 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007k.html#52 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#23 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007m.html#15 Patents, Copyrights, Profits, Flex and Hercules
http://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#64 Operating systems are old and busted
http://www.garlic.com/~lynn/2007m.html#66 Off Topic But Concept should be Known To All
http://www.garlic.com/~lynn/2007n.html#27 What if phone company had developed Internet?
http://www.garlic.com/~lynn/2007n.html#29 Programmable TLB management?
http://www.garlic.com/~lynn/2007n.html#30 How would a relational operating system look like?
http://www.garlic.com/~lynn/2007n.html#55 computerworld 40 yr articles
http://www.garlic.com/~lynn/2007n.html#93 How old are you?
http://www.garlic.com/~lynn/2007o.html#31 EZPass: Yes, Big Brother IS Watching You!
http://www.garlic.com/~lynn/2007o.html#36 It's No Secret: VMware to Develop Secure Systems for NSA
http://www.garlic.com/~lynn/2007o.html#38 It's No Secret: VMware to Develop Secure Systems for NSA
http://www.garlic.com/~lynn/2007o.html#39 It's No Secret: VMware to Develop Secure Systems for NSA
http://www.garlic.com/~lynn/2007p.html#7 what does xp do when system is copying
http://www.garlic.com/~lynn/2007p.html#28 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#59 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell

GETMAIN/FREEMAIN and virtual storage backing up

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: GETMAIN/FREEMAIN and virtual storage backing up
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 12 Oct 2007 08:30:18 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
The first operational 370 hardware supporting virtual memory was a 370/145 engineering processor. However, cp67h with cp67i running in a 370 virtual machine was in regular operation a year before the 370/145 engineering box was operational. In fact, cp67i system was used as initial software brought up on the 370/145 engineering box.

re:
http://www.garlic.com/~lynn/2007p.html#74 GETMAIN/FREEMAIN and virtual storage backing up

for additional topic drift, another internal project that drew on some of the cp67h activity was the inciption of the internal HONE project. lots of past posts mentioning HONE (and/or APL)
http://www.garlic.com/~lynn/subtopic.html#hone

this is at least partially motivated by the 23jun69 unbundling announcement ... a little topic drift here
http://www.garlic.com/~lynn/2007q.html#13 Does software life begin at 40? IBM updates IMS database
http://www.garlic.com/~lynn/2007q.html#14 Does software life begin at 40? IBM updates IMS database

misc. other posts mentioning unbundling and starting to charge for application software
http://www.garlic.com/~lynn/submain.html#unbundle

the other aspect of unbundling was that it also started to charge for SE time/services. prior to that, (young/new) SEs picked up a lot of their experience via "on the job training" ... working with more experienced SEs on the customer machine. with unbundling and charging customers for SE services/time, this "hands-on" learning experience evaporated.

somewhat as a substitute, HONE (Hands-On Network Environment) was created ... with a number of 360/67 running a clone of the science centers
http://www.garlic.com/~lynn/subtopic.html#545tech

cp67 system were installed around the country. the idea was that SEs (at branch offices) could pickup ("hands-on") experience running/testing operating systems remotely in the HONE cp67 virtual machines.

for slightly other, topic drift ... this recent post
http://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux

When initial 370 was announced, virtual memory still wasn't available ... but there were a few new instructions ... and the operating systems were updated to make use of the new instructions. that is somewhat where a subset of the "cp67h" enhancements came into play (at HONE) ... it was possible to run the latest (370) operating systems in cp67 virtual machines ... with cp67 kernel simulating the latest, new 370 instructions.

Another activity by the science center, effectively resulted in the direction of HONE completely changing. The science center had also did a port of apl\360 to cms as cms\apl. Among other things ... APL "work spaces" could now be 16mbytes ... instead of the 16kbyte-32kbytes typical of apl\360 ... and an API for operating system functions was added (things like being able to do file i/o). This allowed APL to start being used for real-world applications (instead of toy demos that were frequently the result of the 16k limitation). In this period, APL was frequently used for lots of things that spreadsheets are used for today.

Quite a few APL applications (like configurators) in support of sales and marketing were deployed on HONE ... and overtime these started to consume all available HONE processing ... and the original use for SE "hands-on" withered and disappeared. After vm370 became available, HONE upgraded from cp67 to vm370 (and HONE clones started to sprout up around the world). Also by the mid-70s, it was no longer possible for computing system orders to be submitted w/o first having been processed through some number of HONE APL applications (like configurators).

other posts in this thread:
http://www.garlic.com/~lynn/2007p.html#69 GETMAIN/FREEMAIN and virtual storage backing up
http://www.garlic.com/~lynn/2007p.html#70 GETMAIN/FREEMAIN and virtual storage backing up
http://www.garlic.com/~lynn/2007p.html#73 GETMAIN/FREEMAIN and virtual storage backing up
http://www.garlic.com/~lynn/2007q.html#8 GETMAIN/FREEMAIN and virtual storage backing up

In the 70s, the various (US) HONE datacenters were consolidated in cal. with possibly largest "single system image" operation. This involved quite a few operational and functional enhancements to vm370 supporting load-balancing and fall-over ... that allowed a large number of loosely-coupled (tightly-coupled) multiprocessors to effectively operate as single large timesharing service (in part driven by the significant processing requirements because of using APL) ... somewhat reminiscent of some modern day advanced operations. Then because of business continuity considerations, the california datacenter was replicated first in Dallas, and then a 3rd in Boulder (supporting geographic load-balancing and fall-over).

for even more topic drift ... misc. posts mentioning cp67 and vm370 based commercial timesharing services
http://www.garlic.com/~lynn/submain.html#timeshare

and for some unbundling topic drift ... the original unbundling and starting to charge for (application) software was motivated by various litigation activities ... however (at the time), is was justified that the kernel/supervisor software should still be free (or bundled, depending on your view).

with the rise of clone processors (and their customers being able to obtain "free" kernel software), the opinion about charging for kernel software started to change.

as an undergraduate, i had done a lot of work on dynamic adaptive resource management for cp67 ... a lot of which shipped in various cp67 releases. however, as part of the morph from cp67 to vm370, a lot of the dynamic adaptive resource management features disappeared. numerous customers lobbied thatthe features should be re-introduced in vm370 and eventually i was allowed to put together a large product update to the vm370 kernel
http://www.garlic.com/~lynn/subtopic.html#fairshare
http://www.garlic.com/~lynn/subtopic.html#wsclock

and i was chosen to be the guinea pig for charging for kernel software (which met spending a lot of time with lawyers and business people working out policies/principles for kernel software charging).

what does xp do when system is copying

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Fri, 12 Oct 2007 13:58:32 -0400
Charlton Wilbur <cwilbur@chromatico.net> writes:
You can consult something like _Applied Cryptography_ for more details, but the basic approach to authentication is that both sides have a shared-secret, which they use to authenticate each other and then to exchange a one-time key that will be used to encrypt traffic.

So no, since both ends need to communicate, it can't be local to either end. But it doesn't necessarily need a third party to participate in the actual exchange, so if there's a power outage for the entire country where the hardware you're talking to lives, your problem is not authentication but operation at all.


in public key ... a known public key is "bound" to you. basically asymmetric key cryptography is some technology. public/private key is a business process application of asymmetric key technology where one key is designated as private, kept confidential and never divulged ... and the other key (of the pair) is designated public and made widely available.

now, anybody can encrypt something for you, with your public key and they know it can only be decrypted with your private key. this addresses one of the problems with symmetric key cryptography involving getting the secret keys distributed (i.e. public keys can be widely distributed w/o impacting evesdroppers from being able to impersonate you).

in a lot of common implementations, like SSL, public key cryptography is viewed as very expensive ... so a layered approach is used. A random "secret" key is generated and used to encrypt the message; the secret key is then encrypted with the recipient's public key; the encrypted random secret key and the encrypted message is then transmitted. The sender still knows that only the designated recipient can decrypt the message (since only the designated recipient will be able to decrypt the random secret key which is then required to decrypt the rest of the message). Any responses (from the original recipient) would be encrypted with the original random secret key (you know that it could only come from them ... since only the original recipient would be able to discover the random secret key).

In the late 80s and early 90s, there was work on PKIs and x.509 identity digital certificates ... to address the opportunity involving first time communication between complete strangers ... basically an electronic analog to the letters of credit/introduction from sailing ship days. The issue was in this situation, relying parties had no other recourse to timely information about complete strangers in first time communication. The target scenario was left-over from offline email from the early 80s ... i.e. dial-up your local electronic post-office, download email, hang-up ... and potentially be faced with having to process first time email from complete strangers. "digital certificates" could be appended to these types of communications ... which originated from comingly trusted third parties and could be verified.

There were a couple issues going into the mid-90s.

First, numerous institutions were starting to realize that x.509 identity digital certificates, frequently overloaded with increasing amounts of personal information, represented significant liability and privacy issues. These organizations started retrenching to something called relying-party-only certificates
http://www.garlic.com/~lynn/subpubkey.html#rpo

which limited the individual information to the individual's public key and some sort of account number, record locator, and/or userid that would be used for repository lookup ... where all the necessary personal information was actually stored. However, in all operations involving relying-party-only certificates, it was trivial to demonstrate that the digital certificates were redundant and superfluous ... since all the actual information would be retrieved from the repository.

Another issue, was that the digital certificate paradigm involved stale, static information (originally justified as better than nothing in a purely offline enviornment for first time interaction between total strangers). For many operations, access to timely, aggregated and/or locally-stored historical information represented significant more value. This started to relegate digital certificate paradigm to "no-value" operations (that couldn't justify online and/or local repositories) and/or offline environments.

As the cost of online access dropped and became more ubiquitous ... and the cost of dataprocessing (for repositories) continued to drop, the "no-value" market niche for digital certificates continued to shrink (i.e. those "no-value" operations that couldn't justify their own historical information and/or online access to timely information).

This unnecessary introduction of digital certificates was recently replayed in this discussion about public keys for kerberos
http://www.garlic.com/~lynn/2007q.html#2 Windows Live vs Kerberos
http://www.garlic.com/~lynn/2007q.html#5 Windows Live vs Kerberos

VMware: New King Of The Data Center?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: VMware: New King Of The Data Center?
Newsgroups: alt.folklore.computers
Date: Sat, 13 Oct 2007 08:49:39 -0400
more on the new 40+ yr old technology

VMware: New King Of The Data Center?
http://www.informationweek.com/news/showArticle.jhtml?articleID=202402093

from above:
Usually the bully kicks sand in the little guy's face, but VMware is switching that story. In a speech at LinuxWorld in August, VMware chief scientist Mendel Rosenblum talked up application-specific operating systems provided by ISVs that would run on a hypervisor--no general-purpose OS needed. You can bet Microsoft took notice.

... snip ...

this is somewhat the virtual appliance (or called service virtual machine from earlier virtual machine environments).

CMS was possibly the original ... started out as "cambridge monitor system" from the mid-60s,
http://www.garlic.com/~lynn/subtopic.html#545tech

the name changed to "conversational monitor system" in the cp67 to vm370 morph

Another example was the implementation that was the basis for the internal network
http://www.garlic.com/~lynn/subnetwork.html#internalnet

a couple past posts referencing the original author discovering a nearly exact conversion of some vnet/rscs code from 360 assembler to C in one of the major real-time operating systems.
http://www.garlic.com/~lynn/2004q.html#56 CAS and LL/SC (was Re: High Level Assembler for MVS & VM & VSE)
http://www.garlic.com/~lynn/2006y.html#32 "The Elements of Programming Style"
http://www.garlic.com/~lynn/2007p.html#51 Translation of IBM Basic Assembler to C?

other past posts mentioning virtual appliance and/or service virtual machine:
http://www.garlic.com/~lynn/2002m.html#26 Original K & R C Compilers
http://www.garlic.com/~lynn/2003c.html#77 COMTEN- IBM networking boxes
http://www.garlic.com/~lynn/2004q.html#72 IUCV in VM/CMS
http://www.garlic.com/~lynn/2005.html#59 8086 memory space
http://www.garlic.com/~lynn/2005j.html#58 Q ALLOC PAGE vs. CP Q ALLOC vs ESAMAP
http://www.garlic.com/~lynn/2006p.html#10 What part of z/OS is the OS?
http://www.garlic.com/~lynn/2006t.html#45 To RISC or not to RISC
http://www.garlic.com/~lynn/2006t.html#46 To RISC or not to RISC
http://www.garlic.com/~lynn/2006v.html#22 vmshare
http://www.garlic.com/~lynn/2006w.html#16 intersection between autolog command and cmsback (more history)
http://www.garlic.com/~lynn/2006w.html#25 To RISC or not to RISC
http://www.garlic.com/~lynn/2006w.html#52 IBM sues maker of Intel-based Mainframe clones
http://www.garlic.com/~lynn/2006x.html#6 Multics on Vmware ?
http://www.garlic.com/~lynn/2006x.html#8 vmshare
http://www.garlic.com/~lynn/2007i.html#21 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#36 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
http://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
http://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center

Does software life begin at 40? IBM updates IMS database

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Does software life begin at 40? IBM updates IMS database
Newsgroups: alt.folklore.computers
Date: Sat, 13 Oct 2007 21:21:49 -0400
Paul Hinman <paul.hinman@shaw.ca> writes:
If I remember correctly CICS was single threaded and so did not take advantage of tightly coupled multi-processors, in our shop we ran multiple copies of CICS for that reason. Or is this grandfather just suffering from creative recall.

re:
http://www.garlic.com/~lynn/2007q.html#14 Does software life begin at 40? IBM updates IMS database

and misc. past posts mentioning cics &/or bdam (access method used in original/early cics implementation)
http://www.garlic.com/~lynn/submain.html#bdam

i.e. CICS did its own multithreading under single operating system TCB ... limiting it to single processor operation.

The Evolution of CICS: CICS/VS 1.5 Continues CICS' Rapid Growth (1979)
http://www.yelavich.com/history/ev197901.htm
http://web.archive.org/web/20060325095346/http://www.yelavich.com/history/ev197901.htm

i.e. 1.5 introduced multiple region operation ... each region had their own TCB ... so could be dispatched concurrently on multiple different processors. however, one of the reasons for multiple region operations was each region got its own address space ... which was (initially) still limited to 16mbytes; however, mvs kernel took 8mbytes in each address space, and the common segment started out taking 1mbyte out of each address space ... but eventually, for large operations common segment could be 5-6 mbytes ... leaving possibly only 2-3mbytes for actual application (i.e. total available for cics region operation).

The Evolution of CICS: CICS and Multi-region Operation (1980)
http://www.yelavich.com/history/ev198001.htm
http://web.archive.org/web/20040705000349/http://www.yelavich.com/history/ev198001.htm

later some "large" installations might have in excess of 120 CICS regions.

The Evolution of CICS: CICS and Multiprocessor Exploitation (2004)
http://www.yelavich.com/history/ev200402.htm
http://web.archive.org/web/20041023110006/http://www.yelavich.com/history/ev200402.htm

i.e. having more than one "operating system" TCB per region to enable multithreaded, multiprocessor operation.

other CICS history information
http://www.yelavich.com/history/toc.htm
http://web.archive.org/web/20080123061613/http://www.yelavich.com/history/toc.htm

for instance

The Evolution of CICS: CICS - State of the Art (1992)
http://www.yelavich.com/history/ev199203.htm
http://web.archive.org/web/20070322221728/http://www.yelavich.com/history/ev199203.htm

and for other drift, from above:
In the early 1990s, IBM acquired Transarc, a company which had its own support offerings for transaction processing on UNIX-based systems. Encina would now be offered on MVS-based systems, and some of its components would satisfy prerequisites for the newly announced CICS for AIX on RISC System/6000 (CICS/6000). Most notable were the Encina components, Structure File Server (SFS), Peer-to-peer Executive and Peer-to-peer Gateway. SFS provided a VSAM-like facility on UNIX and the Executive and Gateway enabled intersystem communications with TCP and SNA network.

... snip ...

i've mentioned before that ibm had equally split mit athena funding with DEC ($25m each) ... but had provided $50m funding for cmu andrew. andrew included things liked widgets, distributed file system, microkernel (MACH), and transaction processing (Camelot). it then provided some of the seed funding when Camelot was split off into independent company, transarc ... and then bought transarc outright (which might be considered paying for the same thing three different times).

mach showed up in number of places ... and still around as apple's kernel

misc. past posts mentioning transarc
http://www.garlic.com/~lynn/2000.html#64 distributed locking patents
http://www.garlic.com/~lynn/2000e.html#20 Is Al Gore The Father of the Internet?^
http://www.garlic.com/~lynn/2001.html#49 Options for Delivering Mainframe Reports to Outside Organizat ions
http://www.garlic.com/~lynn/2001f.html#59 JFSes: are they really needed?
http://www.garlic.com/~lynn/2001i.html#49 Withdrawal Announcement 901-218 - No More 'small machines'
http://www.garlic.com/~lynn/2002o.html#32 I found the Olsen Quote
http://www.garlic.com/~lynn/2003.html#50 Origin of Kerberos
http://www.garlic.com/~lynn/2004c.html#53 defination of terms: "Application Server" vs. "Transaction Server"
http://www.garlic.com/~lynn/2004h.html#42 Interesting read about upcoming K9 processors
http://www.garlic.com/~lynn/2004n.html#9 RISCs too close to hardware?
http://www.garlic.com/~lynn/2005b.html#1 Foreign key in Oracle Sql
http://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
http://www.garlic.com/~lynn/2007b.html#16 V2X2 vs. Shark (SnapShot v. FlashCopy)

misc. past posts mentioning mach
http://www.garlic.com/~lynn/2000e.html#27 OCF, PC/SC and GOP
http://www.garlic.com/~lynn/2001b.html#14 IBM's announcement on RVAs
http://www.garlic.com/~lynn/2001f.html#23 MERT Operating System & Microkernels
http://www.garlic.com/~lynn/2001n.html#35 cc SMP
http://www.garlic.com/~lynn/2002i.html#73 Unisys A11 worth keeping?
http://www.garlic.com/~lynn/2003.html#46 Horror stories: high system call overhead
http://www.garlic.com/~lynn/2003.html#50 Origin of Kerberos
http://www.garlic.com/~lynn/2003c.html#45 Early attempts at console humor?
http://www.garlic.com/~lynn/2003e.html#25 A Speculative question
http://www.garlic.com/~lynn/2003e.html#33 A Speculative question
http://www.garlic.com/~lynn/2003i.html#66 TGV in the USA?
http://www.garlic.com/~lynn/2003j.html#72 Microkernels are not "all or nothing". Re: Multics Concepts For
http://www.garlic.com/~lynn/2004c.html#53 defination of terms: "Application Server" vs. "Transaction Server"
http://www.garlic.com/~lynn/2004k.html#50 Xah Lee's Unixism
http://www.garlic.com/~lynn/2005b.html#22 The Mac is like a modern day Betamax
http://www.garlic.com/~lynn/2005c.html#44 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005j.html#13 Performance and Capacity Planning
http://www.garlic.com/~lynn/2005j.html#26 IBM Plugs Big Iron to the College Crowd
http://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2005r.html#43 Numa-Q Information
http://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
http://www.garlic.com/~lynn/2006c.html#42 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006c.html#43 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006l.html#43 One or two CPUs - the pros & cons
http://www.garlic.com/~lynn/2006m.html#14 The AN/FSQ-31 Did Exist?!
http://www.garlic.com/~lynn/2007d.html#16 "The Elements of Programming Style"
http://www.garlic.com/~lynn/2007g.html#70 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007i.html#26 Latest Principles of Operation

Does software life begin at 40? IBM updates IMS database

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Does software life begin at 40? IBM updates IMS database
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 10:27:11 -0400
Justa Lurker <JustaLurker@att.net> writes:
The individual articles that Lynn linked still seem to be there, but are there any plans to archive this stuff and maintain its availability ? It's good !

the wayback machine can be your friend
http://web.archive.org/web/20080123061613/http://www.yelavich.com/history/toc.htm

other posts in this thread:
http://www.garlic.com/~lynn/2007q.html#13 Does software life begin at 40? IBM updates IMS database
http://www.garlic.com/~lynn/2007q.html#14 Does software life begin at 40? IBM updates IMS database
http://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database

and for some wayback folklore
http://www.archive.org/index.php

wiki article
https://en.wikipedia.org/wiki/Internet_Archive

and more wiki articles
https://en.wikipedia.org/wiki/Brewster_Kahle
https://en.wikipedia.org/wiki/Wide_area_information_server
https://en.wikipedia.org/wiki/Thinking_Machines

misc. past posts mentioning brewster, wais, and/or thinking machines
http://www.garlic.com/~lynn/2000d.html#64 "all-out" vs less aggressive designs
http://www.garlic.com/~lynn/2001c.html#67 What ever happened to WAIS?
http://www.garlic.com/~lynn/2001n.html#17 CM-5 Thinking Machines, Supercomputers
http://www.garlic.com/~lynn/2001n.html#68 CM-5 Thinking Machines, Supercomputers
http://www.garlic.com/~lynn/2001n.html#70 CM-5 Thinking Machines, Supercomputers
http://www.garlic.com/~lynn/2001n.html#83 CM-5 Thinking Machines, Supercomputers
http://www.garlic.com/~lynn/2003.html#44 Will Apple ever offer a newsreader?
http://www.garlic.com/~lynn/2003c.html#29 Will Apple ever offer a newsreader?
http://www.garlic.com/~lynn/2007.html#29 Just another example of mainframe costs

one morning, i happened to be walking (along the charles) from hotel on the way to a meeting and stopped to watch a worker prying the corporate letters off the face of the building.

what does xp do when system is copying

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 11:19:42 -0400
jmfbahciv writes:
That is because people no longer pay their own bills. Payments for medical services have become invisible, and thus, are considered an infinite pool of money.

one of the issues is what are the fully loaded costs ... for instance, while salaried workers "see" social security + medicare tax as 7.65 percent ... it is actually 15.3 percent ... with employers effectively having to pay the other 7.5 percent before calculating the salary the individual sees. this can be more readily seen for self-employeed individuals which have to pay the full amount.
http://www.ssa.gov/OACT/ProgData/taxRates.html

fully loaded costs also can show up in contracts where the employer pays employee benefits ... as opposed to it coming out of individuals "paycheck" (aka it still shows up as part of fully loaded total cost of having employees ... whether it appears as part of paycheck or not).

cspan had program this morning with congressman talking about (hidden) total costs of programs (passed by congress ... making the programs sound like the subprime teaser rates in the mortgage industry) ... and if things continue as-is, ... that US will have significantly higher tax rate than all other industrial countries.

other recent posts related to figuring out fully loaded costs
http://www.garlic.com/~lynn/2007i.html#18 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying

one of the scenarios from the 90s is projections about combination of dropping competitiveness of the US workers ... and drastically increasing taxes (because of projected runaway gov. program costs) ... would result in nearly all high-value jobs/industries moving to other countries (the very jobs/industries that are required to generate revenue on which the taxes would need to come from)

what does xp do when system is copying

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 14:21:00 -0400
Charlton Wilbur <cwilbur@chromatico.net> writes:
This is called a "man in the middle" attack. Once the two ends have a shared-secret, it can be used to eliminate this.

there are some issues with man-in-the-middle (MITM) attacks ... lots of past posts
http://www.garlic.com/~lynn/subintegrity.html#mitm

which can be succesful ... even with various kinds of shared-secrets.

one of the issues is very careful examination of sequence that various kinds of operations occurs ... this is also somewhat related to comment that too much complexity can contribute to insecurity ... recent comments
http://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying

there have been some phishing attacks ... where attackers have created a static copy of valid websites ... then convinced victims to click on urls taking them to the counterfeit websites ... and then extracted necessary personal information allowing them to mount various kinds of account and/or identity fraud.

there have been some countermeasures to such exploits by creating a shared-secret that the clients use to recognize a valid website. however, long before such countermeasures were created ... there was a another kind of much more sophisticated ... but actually much simpler to deploy ... man-in-the-middle attack ... which subsequently sometimes been called an "active" mitm-attack (possibly trying to imply that it is new ... even tho it has been around for a long time).

this involves a bogus website ... that purely acts in much the same way as widely deployed application proxies ... the actual bogus website is transparent to the end-user ... other than for the initial URL ... aka the bogus website has a session with the actual client/user and creates a separate session with the real website ... pairs the two sessions and forwards transmissions back&forth transparently between the two sessions. other than some code borrowed from widely available proxy technology ... the bogus websites don't actually require any local files/data in attempt to emulate the valid website (but can still harvest the personal information necessary for account and/or identity fraud).

some number of the more recently deployed shared-secret countermeasures against the static-kind of bogus (phishing) websites ... are still quite vulnerable to the (active) bogus websites that can relatively trivially borrow from application proxy technology.

what does xp do when system is copying

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 15:34:06 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
one of the issues is very careful examination of sequence that various kinds of operations occurs ... this is also somewhat related to comment that too much complexity can contribute to insecurity ... recent comments
http://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying


re:
http://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying

SSL was supposedly created to address fake websites and all kinds of mitm-vulnerabilities.

we had been asked to consult with small client/server startup that wanted to do payment transactions ... and the result is frequently now called "electronic commerce" ... some number of posts
http://www.garlic.com/~lynn/subnetwork.html#payment

they also had this security technology called SSL ... which we had to do an end-to-end business process investigation. It was designed to both be a countermeasure to various kinds of bogus and/or mitm-attacks ... as well hide/encrypt information transmitted through the internet.

part of the SSL end-to-end investigation was look in detail at the threat models and how SSL actually addressed those threat models.

a basic threat model was some integrity issues in the domain name infrastructure ... with things like cache poisoning (i.e. the official ip-address associated with a specific domain name is replaced with an ip-address of the attackers ... taking clients to the wrong webistes).

ssl would have these "trusted" domain name ssl "digital certificates" ... and a processor that a webserver can proove to the client that they are the only valid website for the domain name contained in the URL used by the client browser. however, the end-to-end process was predicated on the client/user having intimate knowledge of the binding between the website they believed they were talking to and the URL for that webiste. The SSL browser process then did the 2nd step that made sure that the website being talked to was the webiste that matched that URL.

The end-to-end process (for electronic commerce, as well as all other uses) required that the user actively/always paid attention to the URL. That process (for electronic commerce) was almost immediately broken. The SSL process required that the user provided the URL that was checked by the browser SSL process. Then all further communcation was encrypted with an exchanged random shared-secret ... providing the assurance that the client was still communicating with the same webserver.

Merchants fairly quickly found that SSL cut their webserver thruput by 80-90 percent. As a result, the merchants dropped back from basic requirement of SSL ... that the initial user URL contact is validated ... to the initial user URL contact is non-SSL. Then at some later time in the electronic commerce process ... a check-out/pay butten is supplied by the webserver ... which generates an SSL URL resulting in the payment portion of electronic commerce being encrypted.

However, the "click" metaphor ... breaks the SSL security process ... no longer is the URL provided by the user being checked ... but only the URL provided by the (potentially bogus) website is being checked. All the attacker needs is any valid SSL domain name digital certificate for any URL that the attacker provides in the check-out/pay button.

lots of past posts related to the almost immediate undermining of the SSL paradigm by the "click" metaphor (which creates a disconnect between the website that the user believes they are talking to and the URL for that website).
http://www.garlic.com/~lynn/subpubkey.html#sslcert

Once the "click" metaphor ... used by nearly all the valid websites ... broke the SSL paradigm ... the crooks could make use of the failure with both website bogus "click" URL fields and eventually bogus "click" URL fields distributed by email. A fundamental requirement for SSL to provide end-to-end security ... required that the user always knew/managed the URLs for the websites that they believed they talked to.

Another implicit characteristic of the original countermeasures justifying SSL was that the domain name infrastructure had integrity issues ... including, but not limited to things like cache poisoning.

However, there is a very peculiar catch-22 ... basis of SSL being able to validate a website is the integrity of the process issuing SSL domain name digital certificates. What happened was that the certification authorities (that issued SSL domain name digital certificates) would require significant amount of identification information by applicants for SSL domain name digital certificates.

The certification authorities would then contact the domain name infrastructure and request the identification information for the owner of the specified domain name. Then there was a time-consuming, error prone, and expensive identification process matching the identification information for the domain name owner (from the domain name infrastructure) and the identification information for the applicant for the SSL domain name digital certificate (to guarantee that digital certificates were only being issued to the correct entities).

However, the authoritative agency for domain name ownership is the exact same domain name infrastructure that has integrity problems justifying the existance of SSL domain name digital certificates. One of the other kinds of attacks on domain name infrastructure is domain name hijacking ... where an attacker changes the domain name owner of record at the domain name infrastructure. Once the attacker has created fraudulent information at the domain name infrastructure ... they then can obtain a perfectly valid SSL domain name digital certificate from a certification authority.

So the catch-22 ... the whole SSL infrastucture is suppose to address integrity problems with the domain name infrastructure ... but in turn the SSL infrastructure is dependent on the integrity of that same infrastructure
http://www.garlic.com/~lynn/subpubkey.html#catch22

So, some domain name infrastructure improvements ... backed by the certification authority industry, includes having a domain name owner register a public key when they register a domain name. then the domain name owner uses the corresponding private key to digital sign all communication. The domain name infrastructure then can check all communication from domain name owners by validating the digital signatures with the on-file public keys ... as countermeasure to numerous kinds of domain name hijacking and other attacks. Note this is a certificate-less, non-PKI public key operation
http://www.garlic.com/~lynn/subpubkey.html#certless

The other suggestion for the certification authority industry is that they require all domain name ssl digital certificate applications be digitally signed. They then can retrieve the public key from the domain name infrastructure to validate the digital signature ... replacing a time-consuming, error prone, and expensive identification process with a much simpler, more reliable and less expensive authentication process.

There is a number of catch-22s for this also. Improving the general integrity of the domain name infrastructure lessens the original justification for ssl domain name digital certifictes. furthermore, if certification authorities can dynamically retrieve, on-file (certificate-less) public keys for authentication operates ... the rest of the world might also start doing the same thing (eliminating any requirement for certification authority process and the domain name digital certificates).

there is also the suggestion that such a process could significant reduce the existing SSL overhead and protocol chatter. Instead of all the back&forth and overhead in SSL with digital certificates, the response to the browser request to the domain name infrastructure for the ip-address for a given hostname ... could piggy-back a trusted public key. The browser/client then immediately generates random symmetric key, encrypts the message, and encryptes the random symmetric key with the public key ... and potentially can do a single round-trip message exchange with the webserver.

what does xp do when system is copying

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 15:51:00 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
this involves a bogus website ... that purely acts in much the same way as widely deployed application proxies ... the actual bogus website is transparent to the end-user ... other than for the initial URL ... aka the bogus website has a session with the actual client/user and creates a separate session with the real website ... pairs the two sessions and forwards transmissions back&forth transparently between the two sessions. other than some code borrowed from widely available proxy technology ... the bogus websites don't actually require any local files/data in attempt to emulate the valid website (but can still harvest the personal information necessary for account and/or identity fraud).

re:
http://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying

a big upswing in the popularity of application proxies happened in the early to mid-90s because of the enormous number of coding vulnerabilities in popular demon/server implementations ... especially related to the huge number of c-language length related vulnerabilities ... that frequently represented the majority of all exploits in the period
http://www.garlic.com/~lynn/subintegrity.html#overflow

some of these proxies just amounted to a simulated server that simply did an incoming line length check before forwarding the transmission to the real server (and then the real server would respond to the proxy which would then forward it back to the real client).

some of the mitm-attacks simply involve taking an application proxy ... and simply recording all traffic that happens to pass through.
http://www.garlic.com/~lynn/subintegrity.html#mitm

other posts in this (sub)thread:
http://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#30 what does xp do when system is copying

what does xp do when system is copying

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 16:17:47 -0400
Frank McCoy <mccoyf@millcomm.com> writes:
Public-Key cryptography obviates that. Whether Public-Key cryptography will hold up over time, is still being tested. So far, it seems reasonably secure. It's known though, that if quantum computers ever become a reality, then the whole scheme falls apart. Hopefully by then we'll have a good replacement also based on quantum-cryptography.

it is asymmetric key cryptography ... a key pair, what one key encodes, the other key decodes. public/private key ... is a business process where one of the keys is labeled public and (potentially) made freely available ... and the key labeled "private" is kept confidential and never divulged.

there has been recent discussion in crypto mailing list about RSA vis-a-vis elliptical curve technologies. one of the comments is that the integer-based asymmetric key cryptography appears to becoming more and more vulnerable ... faster than some have projected because of advances in descrete log algorithms involved with factoring integers. so far, similar improvements for attacks on elliptical curves haven't shown up during the same period.

somewhat as a result ... the recommended key sizes (and associated overhead) for integer-based infrastructure are significantly growing. by comparison, there hasn't been similar requirements for rapid growth in EC-based keysizes.

Even before the more recent requirements for increased integer-based infrastructure key sizes ... EC-based operations were significantly faster and/or required significant less power. For many chip implementations, the significantly higher power and elapsed time requirements for integer-based asymmetric key cryptography operations made them much more vulnerable to things like differential power attacks.

recent other posts in this sub-thread:
http://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#30 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying

misc. past posts mentioning things like elliptical curve technology, fips-186, ec/dsa, differential power attacks, etc
http://www.garlic.com/~lynn/aadsm2.htm#straw AADS Strawman
http://www.garlic.com/~lynn/aadsm5.htm#x959 X9.59 Electronic Payment Standard
http://www.garlic.com/~lynn/aadsm9.htm#3dvulner5 3D Secure Vulnerabilities?
http://www.garlic.com/~lynn/aadsm11.htm#7 Meaning of Non-repudiation
http://www.garlic.com/~lynn/aadsm11.htm#17 Alternative to Microsoft Passport: Sunshine vs Hai
http://www.garlic.com/~lynn/aadsm11.htm#38 ALARMED ... Only Mostly Dead ... RIP PKI ... part II
http://www.garlic.com/~lynn/aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda
http://www.garlic.com/~lynn/aadsm12.htm#13 anybody seen (EAL5) semi-formal specification for FIPS186-2/x9.62 ecdsa?
http://www.garlic.com/~lynn/aadsm14.htm#23 Maybe It's Snake Oil All the Way Down
http://www.garlic.com/~lynn/aadsm14.htm#26 Maybe It's Snake Oil All the Way Down
http://www.garlic.com/~lynn/aadsm14.htm#27 Maybe It's Snake Oil All the Way Down
http://www.garlic.com/~lynn/aadsm14.htm#31 Maybe It's Snake Oil All the Way Down
http://www.garlic.com/~lynn/aadsm17.htm#34 The future of security
http://www.garlic.com/~lynn/aadsm18.htm#6 dual-use digital signature vulnerability
http://www.garlic.com/~lynn/aadsm19.htm#45 payment system fraud, etc
http://www.garlic.com/~lynn/aadsm20.htm#1 Keeping an eye on ATM fraud
http://www.garlic.com/~lynn/aadsm24.htm#19 Use of TPM chip for RNG?
http://www.garlic.com/~lynn/aadsm25.htm#24 DDA cards may address the UK Chip&Pin woes
http://www.garlic.com/~lynn/99.html#224 X9.59/AADS announcement at BAI this week
http://www.garlic.com/~lynn/2000b.html#93 Question regarding authentication implementation
http://www.garlic.com/~lynn/2001g.html#14 Public key newbie question
http://www.garlic.com/~lynn/2002e.html#53 Mainframers: Take back the light (spotlight, that is)
http://www.garlic.com/~lynn/2002e.html#65 Digital Signatures (unique for same data?)
http://www.garlic.com/~lynn/2002g.html#38 Why is DSA so complicated?
http://www.garlic.com/~lynn/2002g.html#41 Why is DSA so complicated?
http://www.garlic.com/~lynn/2002g.html#42 Why is DSA so complicated?
http://www.garlic.com/~lynn/2002h.html#83 Signing with smart card
http://www.garlic.com/~lynn/2002i.html#10 Signing email using a smartcard
http://www.garlic.com/~lynn/2002i.html#78 Does Diffie-Hellman schema belong to Public Key schema family?
http://www.garlic.com/~lynn/2002j.html#21 basic smart card PKI development questions
http://www.garlic.com/~lynn/2002j.html#55 AADS, ECDSA, and even some TCPA
http://www.garlic.com/~lynn/2002j.html#73 How to map a user account to a digital cert?
http://www.garlic.com/~lynn/2002j.html#82 formal fips186-2/x9.62 definition for eal 5/6 evaluation
http://www.garlic.com/~lynn/2002j.html#84 formal fips186-2/x9.62 definition for eal 5/6 evaluation
http://www.garlic.com/~lynn/2002j.html#86 formal fips186-2/x9.62 definition for eal 5/6 evaluation
http://www.garlic.com/~lynn/2002k.html#11 Serious vulnerablity in several common SSL implementations?
http://www.garlic.com/~lynn/2002l.html#38 Backdoor in AES ?
http://www.garlic.com/~lynn/2002m.html#44 Beware, Intel to embed digital certificates in Banias
http://www.garlic.com/~lynn/2002n.html#14 So how does it work... (public/private key)
http://www.garlic.com/~lynn/2002n.html#20 Help! Good protocol for national ID card?
http://www.garlic.com/~lynn/2003c.html#26 Crypto Standards Organizations
http://www.garlic.com/~lynn/2003d.html#18 Efficent Digital Signature Schemes
http://www.garlic.com/~lynn/2003g.html#70 Simple resource protection with public keys
http://www.garlic.com/~lynn/2003h.html#29 application of unique signature
http://www.garlic.com/~lynn/2003i.html#29 electronic-ID and key-generation
http://www.garlic.com/~lynn/2003j.html#30 How is a smartcard created?
http://www.garlic.com/~lynn/2003k.html#38 Code Sizing for Digital Signature Verification - DSS/DSA
http://www.garlic.com/~lynn/2003l.html#5 Multiple ECDSA signatures with the same random nonce
http://www.garlic.com/~lynn/2003l.html#61 Can you use ECC to produce digital signatures? It doesn't see
http://www.garlic.com/~lynn/2003l.html#64 Can you use ECC to produce digital signatures? It doesn't see
http://www.garlic.com/~lynn/2003n.html#23 Are there any authentication algorithms with runtime changeable key length?
http://www.garlic.com/~lynn/2003n.html#25 Are there any authentication algorithms with runtime changeable
http://www.garlic.com/~lynn/2003n.html#32 NSA chooses ECC
http://www.garlic.com/~lynn/2004.html#37 When rsa vs dsa
http://www.garlic.com/~lynn/2004b.html#4 Comments wanted on an authentication protocol
http://www.garlic.com/~lynn/2004b.html#22 Hardware issues [Re: Floating point required exponent range?]
http://www.garlic.com/~lynn/2004d.html#7 Digital Signature Standards
http://www.garlic.com/~lynn/2004d.html#8 Digital Signature Standards
http://www.garlic.com/~lynn/2004f.html#10 racf
http://www.garlic.com/~lynn/2004h.html#11 Mainframes (etc.)
http://www.garlic.com/~lynn/2004h.html#12 ECC book reference, please
http://www.garlic.com/~lynn/2004h.html#21 Basics of key authentication
http://www.garlic.com/~lynn/2004h.html#30 ECC Encryption
http://www.garlic.com/~lynn/2004j.html#2 Authenticated Public Key Exchange without Digital Certificates?
http://www.garlic.com/~lynn/2004j.html#9 Smart card Authentification
http://www.garlic.com/~lynn/2005d.html#43 Secure design
http://www.garlic.com/~lynn/2005d.html#46 Secure design
http://www.garlic.com/~lynn/2005e.html#22 PKI: the end
http://www.garlic.com/~lynn/2005e.html#31 Public/Private key pair protection on Windows
http://www.garlic.com/~lynn/2005f.html#62 single-signon with X.509 certificates
http://www.garlic.com/~lynn/2005j.html#0 private key encryption - doubts
http://www.garlic.com/~lynn/2005j.html#4 private key encryption - doubts
http://www.garlic.com/~lynn/2005j.html#9 Determinstic OpenSSL signature
http://www.garlic.com/~lynn/2005u.html#26 RSA SecurID product
http://www.garlic.com/~lynn/2005u.html#27 RSA SecurID product
http://www.garlic.com/~lynn/2006r.html#1 Greatest Software Ever Written?
http://www.garlic.com/~lynn/2006r.html#19 Greatest Software Ever Written?
http://www.garlic.com/~lynn/2007b.html#30 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007b.html#47 newbie need help (ECC and wireless)
http://www.garlic.com/~lynn/2007b.html#65 newbie need help (ECC and wireless)
http://www.garlic.com/~lynn/2007j.html#67 open source voting
http://www.garlic.com/~lynn/2007l.html#12 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007l.html#39 My Dream PC -- Chip-Based

Google And IBM Take Aim At Shortage Of Distributed Computing Skills

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Google And IBM Take Aim At Shortage Of Distributed Computing Skills
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 18:06:48 -0400
Google And IBM Take Aim At Shortage Of Distributed Computing Skills
http://www.informationweek.com/news/showArticle.jhtml?articleID=202402156
Google And IBM Take Aim At Shortage Of Distributed Computing Skills
http://news.yahoo.com/s/cmp/202402093

from above:
IBM and Google, working with six universities, last week launched a program to develop distributed computing skills, which are expected to be in much greater demand as software as a service and massive data warehouses become more pervasive.

... snip ...

some postings of old email related to distributed computing infrastructures
http://www.garlic.com/~lynn/lhwemail.html#medusa

and posts about distributed lock manager activity ... somewhat in same effort that also involved medusa
http://www.garlic.com/~lynn/2000.html#64 distributed locking patents
http://www.garlic.com/~lynn/2001.html#40 Disk drive behavior
http://www.garlic.com/~lynn/2001c.html#66 KI-10 vs. IBM at Rutgers
http://www.garlic.com/~lynn/2001e.html#2 Block oriented I/O over IP
http://www.garlic.com/~lynn/2001f.html#22 Early AIX including AIX/370
http://www.garlic.com/~lynn/2001i.html#21 3745 and SNI
http://www.garlic.com/~lynn/2001i.html#30 IBM OS Timeline?
http://www.garlic.com/~lynn/2001j.html#17 I hate Compaq
http://www.garlic.com/~lynn/2001j.html#47 OT - Internet Explorer V6.0
http://www.garlic.com/~lynn/2001k.html#5 OT - Internet Explorer V6.0
http://www.garlic.com/~lynn/2001k.html#18 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001l.html#5 mainframe question
http://www.garlic.com/~lynn/2001l.html#8 mainframe question
http://www.garlic.com/~lynn/2001l.html#17 mainframe question
http://www.garlic.com/~lynn/2001n.html#23 Alpha vs. Itanic: facts vs. FUD
http://www.garlic.com/~lynn/2002b.html#36 windows XP and HAL: The CP/M way still works in 2002
http://www.garlic.com/~lynn/2002b.html#37 Poor Man's clustering idea
http://www.garlic.com/~lynn/2002d.html#31 2 questions: diag 68 and calling convention
http://www.garlic.com/~lynn/2002e.html#67 Blade architectures
http://www.garlic.com/~lynn/2002f.html#1 Blade architectures
http://www.garlic.com/~lynn/2002f.html#17 Blade architectures
http://www.garlic.com/~lynn/2002k.html#8 Avoiding JCL Space Abends
http://www.garlic.com/~lynn/2002m.html#21 Original K & R C Compilers
http://www.garlic.com/~lynn/2002n.html#27 why does wait state exist?
http://www.garlic.com/~lynn/2002o.html#14 Home mainframes
http://www.garlic.com/~lynn/2003c.html#53 HASP assembly: What the heck is an MVT ABEND 422?
http://www.garlic.com/~lynn/2003d.html#2 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
http://www.garlic.com/~lynn/2003d.html#8 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
http://www.garlic.com/~lynn/2003d.html#54 Filesystems
http://www.garlic.com/~lynn/2003h.html#35 UNIX on LINUX on VM/ESA or z/VM
http://www.garlic.com/~lynn/2003i.html#70 A few Z990 Gee-Wiz stats
http://www.garlic.com/~lynn/2003k.html#10 What is timesharing, anyway?
http://www.garlic.com/~lynn/2003k.html#17 Dealing with complexity
http://www.garlic.com/~lynn/2004c.html#53 defination of terms: "Application Server" vs. "Transaction Server"
http://www.garlic.com/~lynn/2004d.html#72 ibm mainframe or unix
http://www.garlic.com/~lynn/2004i.html#1 Hard disk architecture: are outer cylinders still faster than inner cylinders?
http://www.garlic.com/~lynn/2004i.html#2 New Method for Authenticated Public Key Exchange without Digital Certificates
http://www.garlic.com/~lynn/2004m.html#0 Specifying all biz rules in relational data
http://www.garlic.com/~lynn/2004m.html#5 Tera
http://www.garlic.com/~lynn/2004q.html#10 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2004q.html#37 A Glimpse into PC Development Philosophy
http://www.garlic.com/~lynn/2004q.html#70 CAS and LL/SC
http://www.garlic.com/~lynn/2005.html#40 clusters vs shared-memory (was: Re: CAS and LL/SC (was Re: High Level Assembler for MVS & VM & VSE))
http://www.garlic.com/~lynn/2005.html#55 Foreign key in Oracle Sql
http://www.garlic.com/~lynn/2005f.html#18 Is Supercomputing Possible?
http://www.garlic.com/~lynn/2005h.html#26 Crash detection by OS
http://www.garlic.com/~lynn/2005i.html#42 Development as Configuration
http://www.garlic.com/~lynn/2005m.html#8 IBM's mini computers--lack thereof
http://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
http://www.garlic.com/~lynn/2006c.html#8 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006c.html#41 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006j.html#20 virtual memory
http://www.garlic.com/~lynn/2006o.html#32 When Does Folklore Begin???
http://www.garlic.com/~lynn/2006o.html#62 Greatest Software, System R
http://www.garlic.com/~lynn/2006x.html#3 Why so little parallelism?
http://www.garlic.com/~lynn/2007.html#32 V2X2 vs. Shark (SnapShot v. FlashCopy)
http://www.garlic.com/~lynn/2007b.html#3 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007c.html#42 Keep VM 24X7 365 days
http://www.garlic.com/~lynn/2007d.html#16 "The Elements of Programming Style"
http://www.garlic.com/~lynn/2007i.html#50 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#61 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#19 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#24 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#55 Capacity and Relational Database
http://www.garlic.com/~lynn/2007n.html#49 VLIW pre-history
http://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database

and lack of distributed computing skills has some overlap with previous thread on lack of parallel computing skills/technology
http://www.garlic.com/~lynn/2007d.html#13 Why so little parallelism?
http://www.garlic.com/~lynn/2007l.html#24 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#26 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#38 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#60 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#63 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#5 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#13 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#14 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#19 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#22 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#26 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#29 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#37 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#39 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#49 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#51 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#52 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#54 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#58 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#59 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#61 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#1 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#3 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#6 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#25 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#28 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#38 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#39 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007p.html#55 Is Parallel Programming Just Too Hard?

what does xp do when system is copying

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 18:57:09 -0400
Frank McCoy <mccoyf@millcomm.com> writes:
That *last* is mainly because of poorly designed chips. Of course, completely symmetrical chips with fixed-time algorithms would easily cost twice as much. OTOH, What's the difference to a consumer of $0.10 per card and $0.20 per card, if one is 10,000 times as secure as the other?

a decade ago we did a lot of work on secure chip
http://www.garlic.com/~lynn/x959.html#aads

somewhat in support of work on x9.59 financial standard
http://www.garlic.com/~lynn/x959.html#x959

i had made some semi-facetious comments that we would take a $500 mil-spec part and aggresively cost reduce it by 2-3 orders of magnitude while making it more secure.

Another requirement was that it would be capable of supporting transit gate requirement ... iso 14443 contactless and iso 1443 contactless power profile, with transit gate timing ... 100millisecond or so elapsed time (i.e. one method that some of the RSA approaches attempted to try and get elapsed time down to a few seconds ..... was to put in massively parallel circuit operation which resulting in massive increase in power draw ... far outside anything that could be provided in reasonable period of time within iso 14443 contactless specification).

Another requirement was that it needed to perform "dynamic" operations ... so that every transaction was different/unique ... as a countermeasure to static data vulnerabilities and exploits like replay attacks (also vulnerability of static data shared-secrets).

One of the interesting characteristics in nearly all of the current generation of contactless chipcard deployments are using static data paradigm (vulnerable to various kinds of evesdropping/havesting and replay attacks) and are at least as expensive as what we were doing a decade ago.

Turns out that fips-186, ecdsa with some tweaks could be done within the stated requirements. part of the aggresive cost reduction was to build it all into the silicon manufacturing and do the dynamic asymmetric keygen and public key export integrated with initial poweron/test process (while still in wafer ... before slicing and dicing ... w/o even increasing the elapsed time to do the existing poweron/test cycle) ... aka the aggresive cost reduction looked at every aspect of creating a chipcard from chip design thru final delivery to enduser.

one of the problems we later ran into was ability to get an eal5-high evaluation. the issue was that since ecdsa was built into the silicon ... and not loaded onto the chip at some later time ... ecdsa evaluation had to be part of the protection profile evaluation. in part because of a reference evaluation for ecdsa ... this resulting in only be able to get an eal4-high evaluation.

this is contrasted with others being able to get an eal5-high evaluation for a very similar chip .... which allowed loading of the crypto code onto the chip after evaluation. We claimed that our final delivered chip with only a eal4-high evaluation with no provision for post manufacturing application loading ... actually had a much higher integrity than a similar chip with an eal5-high evaluation ... but all the application and software needed for end-user delivery ... was loaded afterwards and wasn't evaluatted.

one of the breakthroughs a decade ago was coming up with an acceptable random number source. ec/dsa (as well was dsa) is dependent on having a very high quality random number generation for every digital signature.

one of the possible reasons for prevalence of RSA deployments at the time was that RSA didn't require a random number as part of digital signature generation (and the perception that it was very difficult to have high quality random number source). Lack of high quality random number source also propagates into key generation (where it is also required) ... not only most of the chips from the period ... very slow digital signature (using RSA) but also had external keygen (because it needed higher quality random number source ... and RSA keygen is even significantly slower than RSA operations) with (external) key "injection" as part of numerous post manufacturing steps

really high quality random number source could be considered a tipping point for both move to ec/dsa (with much higher thruput) and fast, efficient on-chip keygen.

past posts in this subthread:
http://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#30 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#32 what does xp do when system is copying

some recent posts about particular kind of attack on some deployed chipcards (involving "static data") sometimes referred to as yes card
http://www.garlic.com/~lynn/subintegrity.html#yescard

what does xp do when system is copying

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 19:28:43 -0400
Frank McCoy <mccoyf@millcomm.com> writes:
That *last* is mainly because of poorly designed chips. Of course, completely symmetrical chips with fixed-time algorithms would easily cost twice as much. OTOH, What's the difference to a consumer of $0.10 per card and $0.20 per card, if one is 10,000 times as secure as the other?

re:
http://www.garlic.com/~lynn/2007q.html#32 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#34 what does xp do when system is copying

one of the problems with the aggressive cost reduction was that work was done on both the whole end-to-end process of actually deliverying something to the end-user ... as well as the number of chips per wafer ... aka in large volume, manufacturing costs effectively are fixed per wafer ... so ten-fold increase in chips/wafer will represent nearly ten-fold reduction in (manufacturing) cost/chip (in more traditional deployments ... the post manufacturing processing costs begin to dominate total, fully loaded delivery costs).

drastically reducing the circuits per chip ... while still maintaining security and feature/function was a challenge ... but eventually put the implementation on nearly same track as the product "barcode/UPC" RFID chips; i.e. with comparable number of circuits.

as the number of circuits/chips was reduced and the size of circuits shrank ... the wafer area taken up by the slicing and dicing ... cutting chips from the wafers ... became larger than the total area for chips. the next big jump in number of chips/wafer (and related big reduction in cost/chip) required developement of new wafer slice&dice technology ... significantly reducing area of the cut size (in large part motivated by efforts to significantly reduce cost of product "barcode/UPC" RFID chips) ... allowing big increase in number of (very small) chips/wafer.

other posts in this subthread
http://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#30 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying

what does xp do when system is copying

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Sun, 14 Oct 2007 21:43:50 -0400
Morten Reistad <first@last.name> writes:
That assumes you can control the hardware, e.g. with a virtual machine. But then, this is excactly what some new trojans do.

and ..
http://www.garlic.com/~lynn/2007q.html#34 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#35 what does xp do when system is copying

silicon not even possible to load software.

i gave talk on some of the issues in assurance panel in the trusted computing track at intel developers conference a few years ago ... quiping that over the previous couple yrs that TPM chip was starting to look more and more like the aads strawman. the guy running the TPM chip effort was in the front row and quipped back that i didn't have a committee of 200 people helping with the chip design.

misc. past posts mentioning talk at intel developers conference
http://www.garlic.com/~lynn/aadsm27.htm#36 TPM, part 2
http://www.garlic.com/~lynn/2002j.html#78 Future interconnects
http://www.garlic.com/~lynn/2006h.html#31 Intel vPro Technology
http://www.garlic.com/~lynn/2007g.html#61 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007g.html#63 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007m.html#20 Patents, Copyrights, Profits, Flex and Hercules

i wasn't at the rump session when the md5 attack was described ... but i did get email in real-time from somebody attending the talk ... asking if i could provide all the RFCs that have references to MD5 ... somewhat as adjunct of my RFC index
http://www.garlic.com/~lynn/rfcietff.htm

so i started generating
http://www.garlic.com/~lynn/rfcmd5.htm

as part of the rfc index generation process.

what does xp do when system is copying

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Mon, 15 Oct 2007 09:37:54 -0400
Frank McCoy <mccoyf@millcomm.com> writes:
I don't know *why* designers don't fix the power-attack methods by using symmetrical and fixed-time computing. It's not *that* hard to design. Give me a circuit; and I could make it symmetrical in my sleep. Give me an algorithm; and I could come up with a dozen ways to make all calculations take the same time and path through the machine; none longer than the normal "longest path". The easiest way for most things, is to calculate zeroes just like you do ones; instead of the usual shortcut of ignoring them. Rather like a barrel-shifter in a CPU, instead of shifting each bit over separately. The second method is *cheaper*; but not that much these days.

re:
http://www.garlic.com/~lynn/2007q.html#32 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#34 what does xp do when system is copying

one countermeasure ... is inserting random (again requiring some sort of random source) dummy cycles ... which throws off the differential power analysis ... along with more care given to the implementation.

wiki article
https://en.wikipedia.org/wiki/Power_analysis
and references here
http://www.cryptography.com/resources/whitepapers/DPA.html
http://www.cryptography.com/technology/dpa/licensing.html

what does xp do when system is copying

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Tue, 16 Oct 2007 10:21:23 -0400
jmfbahciv writes:
You might try to remember to notice if you run across anything going on in Mass. The governor (who is Dukakis^3) has just submitted a bill to open three gambling casinos. When he first started flapping his lips about this last month, it was in the same breath as talking about fixing bridges and roads (these politicians have already forgotten about the dams that need attention). This week there isn't any words about bridges and roads, and I'll bet one of my dimes that the incomes from these casinos are going to be going into General Fund ...again.

People here seem to think that money is an infinite resource and have no idea that it comes from created wealth which is caused by people making stuff instead of craps.


re:
http://www.garlic.com/~lynn/2007q.html#28 what does xp do when system is copying

other states have claimed that it is all going to fund education systems.

wasn't something similar with the toll on mass turnpike ... which had been legislated to disappear once the original construction bonds had been paid off (and was disappearing into general fund?)

for a little computer related ... when we were doing ha/cmp product,
http://www.garlic.com/~lynn/subtopic.html#hacmp

an early adopter was one of the large gaming companies that ran some number of casinos. it was getting ready to open the largest casino in conn. (on indian reservation). ha/cmp was going to be some of the cash management and other stuff ... accessed by pit bosses and backroom. there was supposedly going to be a one week test period before the actual opening of the casino. something like 24hrs into the test period, they decided to open the doors (running 24hrs a day, 7 days week). misc. past posts mentioning casino:
http://www.garlic.com/~lynn/2006g.html#3 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#11 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#16 The Pankian Metaphor

however, back to gov. taxing/revenue, i remember being in sweden and all the stories about alcoholism being such a problem in the country, that the gov. operate all the liquor stores and there are enormous taxes on alcohol (all part of programs to discourage use) ... and then seeing tv advertisements by the gov. stores to come in and buy alcohol.

recently some of the arguments against the current form of child health bill mentioned similar issues about basing major revenue on taxes on something that is supposedly being discouraged. other programs for major "discouragement" taxes have said that the taxes would be specifically used for health problems directly related to use. although even this could run into significant actuary problems ... with health problems possibly showing up in major part of the population decades after actual use and also possibly after the programs to discourage use have started to become succesful (heavily front loaded revenues collected decades before actually needed, have a habit of disappearing into general fund). old post
http://www.garlic.com/~lynn/2006g.html#29 The Pankian Metaphor

Other similar actuary numbers have been about (enormous) life-long health problem costs for babies born to drug addicted mothers (typically expected to also be the responsibility of gov. programs) ... recent post
http://www.garlic.com/~lynn/2007p.html#66 what does xp do when system is copying

Oracle Raises Stakes With BEA Offer

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Oracle Raises Stakes With BEA Offer
Newsgroups: alt.folklore.computers
Date: Tue, 16 Oct 2007 11:26:52 -0400
one of the cable business news channels just had rumor that IBM was about to make an offer for BEA.

back when ... sun and at&t had a major unix alliance ... and hp, dec. ibm, etc got together in OSF as a counter to sun/at&t unix

at&t had some business transaction monitor called Tuxedo. The "counter" in OSF was the cmu-camelot/transarc-encina ... recent camelot/encina mention (and ibm buying transarc, using encina as basis for a "unix" cics implementation)
http://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database

at&t spun off tuxedo ... and later, BEA was formed by taking over the spun-off company ... wiki references:
https://en.wikipedia.org/wiki/Tuxedo_(software)
https://en.wikipedia.org/wiki/BEA_Systems

transarc/encina reference
https://en.wikipedia.org/wiki/Transarc

various oracle/bea news items last couple days:

Oracle Raises Stakes With BEA Offer
http://itmanagement.earthweb.com/article.php/3705001
Oracle gets hostile with BEA bid
http://www.cbronline.com/article_news.asp?guid=67FFC49D-A173-4227-B5CD-D0DD3D0D461F
All abuzz over Oracle's BEA bid
http://www.infoworld.com/article/07/10/15/42OPeditor_1.html
Oracle Clarifies Offer After BEA Snubs First Bid
http://www.informationweek.com/news/showArticle.jhtml?articleID=202402814
Oracle's BEA Bid Turns Unfriendly
http://www.pcworld.com/article/id,138426-c,mergersacquisitions/article.html
Oracle's BEA bid turns unfriendly
http://www.infoworld.com/article/07/10/12/Oracles-BEA-bid-turns-unfriendly_1.html
Oracle says BEA canceled meeting
http://news.zdnet.com/2100-3513_22-6213362.html
Oracle's $6.7 Billion Bid for BEA Turned Down
http://it.slashdot.org/it/07/10/12/2058208.shtml
Oracle Raises Stakes With BEA Offer
http://www.internetnews.com/bus-news/article.php/3704881
Five Reasons BEA Is Better Off Being Bought By Oracle
http://www.crn.com/software/202402100
BEA Partners Back Oracle Bid, See Technology Benefits
http://www.crn.com/software/202402054
Oracle Launches $6.6 Billion BEA Takeover Bid
http://www.crn.com/software/202401861
Would BEA disappear under Oracle?
http://www.networkworld.com/news/2007/110607-marines-look-for-a-few.html
BEA and Oracle - doing the math
http://www.theregister.com/2007/10/16/oracle_bea_arithmetic/
SAP Says It Won't Make A Counter Bid For BEA Systems
http://www.informationweek.com/news/showArticle.jhtml?articleID=202404710

other past posts mentioning camelot, encina, and/or tuxedo
http://www.garlic.com/~lynn/2000.html#64 distributed locking patents
http://www.garlic.com/~lynn/2001.html#44 Options for Delivering Mainframe Reports to Outside Organizat ions
http://www.garlic.com/~lynn/2001i.html#49 Withdrawal Announcement 901-218 - No More 'small machines'
http://www.garlic.com/~lynn/2002i.html#54 Unisys A11 worth keeping?
http://www.garlic.com/~lynn/2002o.html#32 I found the Olsen Quote
http://www.garlic.com/~lynn/2003.html#46 Horror stories: high system call overhead
http://www.garlic.com/~lynn/2003.html#50 Origin of Kerberos
http://www.garlic.com/~lynn/2003k.html#58 What is timesharing, anyway?
http://www.garlic.com/~lynn/2004c.html#53 defination of terms: "Application Server" vs. "Transaction Server"
http://www.garlic.com/~lynn/2004h.html#42 Interesting read about upcoming K9 processors
http://www.garlic.com/~lynn/2004k.html#50 Xah Lee's Unixism
http://www.garlic.com/~lynn/2004n.html#9 RISCs too close to hardware?
http://www.garlic.com/~lynn/2005b.html#1 Foreign key in Oracle Sql
http://www.garlic.com/~lynn/2005b.html#22 The Mac is like a modern day Betamax
http://www.garlic.com/~lynn/2005j.html#26 IBM Plugs Big Iron to the College Crowd
http://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
http://www.garlic.com/~lynn/2006l.html#43 One or two CPUs - the pros & cons
http://www.garlic.com/~lynn/2006m.html#10 An Out-of-the-Main Activity
http://www.garlic.com/~lynn/2007d.html#16 "The Elements of Programming Style"

Astrophysicist Replaces Supercomputer with a Cluster of Eight PlayStation 3s

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Astrophysicist Replaces Supercomputer with a Cluster of Eight PlayStation 3s
Newsgroups: alt.folklore.computers
Date: Thu, 18 Oct 2007 12:58:32 -0400
Astrophysicist Replaces Supercomputer with Eight PlayStation 3s
http://www.abcnews.go.com/Technology/story?id=3740738&page=1
Astrophysicist Replaces Supercomputer with a Cluster of Eight PlayStation 3s
http://www.wired.com/techbiz/it/news/2007/10/ps3_supercomputer

from above ...
Suffering from its exorbitant price point and a dearth of titles, Sony's PlayStation 3 isn't exactly the most popular gaming platform on the block. But while the console flounders in the commercial space, the PS3 may be finding a new calling in the realm of science and research.

... snip ...

over the past couple yrs there have been periodic references about using cell for implementing various supercomputer applications ... as well as the ongoing theme about difficulty of (nearly all kinds of) parallel programming

a couple other recent articles

3 Playstation 3s Reproduce Human Brain Functions
http://www.acus.org/new_atlanticist/sp-downgrades-usa-time-downgrade-sp?utm_source=feedburner
http://www.actiontrip.com/rei/comments_news.phtml?id=101507_11
Supercharging Seismic Processing with GPUs
http://www.hpcwire.com/hpc/1803161.html

posts in early thread(s)
http://www.garlic.com/~lynn/2004c.html#20 Parallel programming again (Re: Intel announces "CT" aka
http://www.garlic.com/~lynn/2007l.html#19 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#24 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#26 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#38 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#42 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007l.html#60 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#63 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#5 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#13 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#14 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#19 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#22 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#26 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#29 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#37 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#39 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#49 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#51 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#52 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#54 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#58 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#59 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#61 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#1 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#3 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#6 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#25 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#28 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#38 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#39 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007p.html#55 Is Parallel Programming Just Too Hard?

Newsweek article--baby boomers and computers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Newsweek article--baby boomers and computers
Newsgroups: alt.folklore.computers
Date: Thu, 18 Oct 2007 13:50:57 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
it is somewhat a combination of subprime loans and rating of securitized mortgage bonds. in olden times, banks would offer mortgages on properties and the bank loan officer would maintain oversight on the property, mortgage payments etc (along with much more detailed knowledge of the quality, risks and other details associated with the loans).

re:
http://www.garlic.com/~lynn/2007p.html#50 Newsweek article--baby boomers and computers

business news today hitting on the rating companies ... saying that changes have led to lower values that rating companies are able to give to credit-backed bonds (as compared to corporate-based/backed bonds)... also speculation that hearings have some possibility that new rules for ratings could significantly change the business.

somewhat related from today:

S.& P. Cuts Rating for Mortgage Bonds
http://www.nytimes.com/2007/10/18/business/18rating.html?ref=business

from above:
Standard & Poor's, the credit ratings agency, yesterday downgraded more than 1,700 bonds tied to mortgages that were issued this year, including more than three dozen that received the agency's highest rating a few months ago.

... snip ...

Newsweek article--baby boomers and computers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Newsweek article--baby boomers and computers
Newsgroups: alt.folklore.computers
Date: Thu, 18 Oct 2007 20:29:35 -0400
somewhat unrelated ... but a business news channel had interview with oil investment specialist ... who made some statement that oil exploration/development investment was underfunded in 2005 by 1/3rd ... likely leading to 1m barrel/day production shortfall in 2010-2011 timeframe (although there are significant uncertainties that could affect that shortfall prediction), growing to possibly 4m barrel/day production shortfall by 2013-2014.

the interviewer asked what are the possible reasons for the shortfall in investments. the "specialist" explained that one reason is that 1/2 of the production project specialists will reach retirement age over the next three years and there wasn't enough talent to undertake additional projects that typically take 7-8yrs.

what does xp do when system is copying

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Thu, 18 Oct 2007 23:41:13 -0400
re:
http://www.garlic.com/~lynn/2007q.html#38 what does xp do when system is copying

some old posts mentioning calculations related to "churn" in gov. sponsored lotteries:
http://www.garlic.com/~lynn/2005b.html#10 Factoring problem, solved
http://www.garlic.com/~lynn/2006g.html#3 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#11 The Pankian Metaphor

i.e. each week they may have something like 80percent payout ... and they keep 20percent ... but the payout also gets taxed ... so direct retained plus taxes on payout may possibly total 40percent of each weeks bettings. in theory, gov. lottories could be structured to have 100percent weekly payout ... and just plan on making it from weekly tax churn.

what does xp do when system is copying

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: what does xp do when system is copying
Newsgroups: alt.folklore.computers
Date: Fri, 19 Oct 2007 09:11:38 -0400
krw <krw@att.bizzzz> writes:
The lotteries I know abut have a 50% payout. The mob looks good in comparison. ...no taxes either.

re:
http://www.garlic.com/~lynn/2007q.html#43 what does xp do when system is copying

at 50percent payout along with taxes ... played every week ... the money that populace still has, quickly goes to zero ... unless it is constantly being refreshed. casinos with possibly 99percent payout on slots, eventually collects large percentage of money played, if it is repeatedly played

for gov. lottories, say 30percent retained (after taxes on payout) ... then after five weeks it is down to .3**5 = .002 (casinos are figuring possibly 100 cycles, or much more, of money repeately played ... at 100 cycles w/.99percent payout, .99**100 = .366) ... this is really the joke about the govs. where you are told to send them all your money and then they decide how much you should get back.

Are there tasks that don't play by WLM's rules

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Are there tasks that don't play by WLM's rules
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 19 Oct 2007 09:47:03 -0400
eamacneil@YAHOO.CA (Ted MacNEIL) writes:
It's not just z/OS UNIX. The first implementation of TCP/IP on OS/390 was a port from VM. And, it was a pig until they decided to re-implement by starting from scratch using z/OS UNIX (circa 2.7).

there was two issues ... the base was implemented in vs/pascal on on 3090 (under vm) it got about 44kbytes/sec thruput and consumed nearly whole 3090 processor. i did the support for rfc 1044
http://www.garlic.com/~lynn/subnetwork.html#1044

and in some tuning tests at cray research ... got 1mbyte/sec (channel media) thruput between 4341 clone and cray machine ... using only very modest amount of the 4341 ... about 25 times the bytes moved for maybe 1/30th the pathlength ... say nearly three orders of magnitude improvement in bytes/mip thruput

the initial port to os ... kept the base vm tcp/ip code unchanged and implemented a cut-down vm emulation underneath (just enuf to run the tcp/ip code) ... which further aggravated the poor tcp/ip thruput

there was then a tcp/ip implementation done "in vtam" that had been outsourced to subcontractor. the folklore is that initial version delivered had tcp with higher thruput than lu6.2 and the subcontractor was told that everybody knows that lu6.2 has much higher thruput (than tcp/ip) and therefor the tcp/ip implementation must be incorrect ... and only a "correct" implementation was going to be accepted.

misc. past references to folklore about the vtam-based implementation for tcp/ip
http://www.garlic.com/~lynn/2000b.html#79 "Database" term ok for plain files?
http://www.garlic.com/~lynn/2000c.html#58 Disincentives for MVS & future of MVS systems programmers
http://www.garlic.com/~lynn/2002k.html#19 Vnet : Unbelievable
http://www.garlic.com/~lynn/2002q.html#27 Beyond 8+3
http://www.garlic.com/~lynn/2003j.html#2 Fix the shuttle or fly it unmanned
http://www.garlic.com/~lynn/2004e.html#35 The attack of the killer mainframes
http://www.garlic.com/~lynn/2005h.html#43 Systems Programming for 8 Year-olds
http://www.garlic.com/~lynn/2005p.html#15 DUMP Datasets and SMS
http://www.garlic.com/~lynn/2005r.html#2 Intel strikes back with a parallel x86 design
http://www.garlic.com/~lynn/2006f.html#13 Barbaras (mini-)rant
http://www.garlic.com/~lynn/2006l.html#53 Mainframe Linux Mythbusting (Was: Using Java in batch on z/OS?)
http://www.garlic.com/~lynn/2006w.html#29 Descriptive term for reentrant program that nonetheless is
http://www.garlic.com/~lynn/2007h.html#8 whiny question: Why won't z/OS support the HMC 3270 emulator

i had a project i called hsdt (high-speed data transport)
http://www.garlic.com/~lynn/subnetwork.html#hsdt

that would periodically run into contention with the communication group. among other things, had deployed backbone connected to the internal network
http://www.garlic.com/~lynn/subnetwork.html#internalnet

that had T1 (and higher speed) terrestrial and satellite links.

recent post
http://www.garlic.com/~lynn/2007p.html#64

mentioning business trip to the far east to visit a company that we were buying some hardware from. the friday before we left, somebody in raleigh had announced a new internal discussion group that was to use the following terminology references:
low-speed <9.6kbits medium-speed 19.2kbits high-speed 56kbits very high-speed 1.5mbits

on the wall of a conference room, the following monday on the other side of the pacific
low-speed <20mbits medium-speed 100mbits high-speed 200-300mbits very high-speed >600mbits

we had also been doing some work with NSF and various universities leading up to what was to be NSFNET backbone ... aka tcp/ip is the technology basis for the modern internet, nsfnet backbone was the operational basis for the modern internet and CIX was the business basis for the modern internet.

some old email references from that period
http://www.garlic.com/~lynn/lhwemail.html#nsfnet

Are there tasks that don't play by WLM's rules

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Are there tasks that don't play by WLM's rules
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 19 Oct 2007 10:45:12 -0400
Patrick.Falcone writes:
I seem to remember this as TCP/IP version 3.2 with 3.3 having the fixes for optimization. Weren't there twin stacks being managed or some such thing. I'm not too TCP/IP literate. We had this original version implemented because I remember doing a pre/post resource impact analysis finding additional CPU, significant in relation to prior usage, in use by TCP/IP.

re:
http://www.garlic.com/~lynn/2007q.html#45 Are there tasks that don't play by WLM's rules

as per previous post ... there was the vs/pascal implementation ported from vm ... with a "diagnose" instruction simulation done in os ... and then the vtam-based implementation (that started out only being "correct" if it had lower thruput than lu6.2).

some part of the base code poor thruput (and high processor consumption) was that (only) a channel-attached "bridge" box was being supported ... rather than a native channel-attached tcp/ip "router" box.

In the LAN "bridge" scenario ... the mainframe host code not only had to do the ip-header gorp ... but also had to do the lan/mac header overhead before passing the packet to the channel for processing by the "bridge" box.

part of the rfc 1044 three orders of magnitude improvement
http://www.garlic.com/~lynn/subnetwork.html#1044

was having a real channel-attach tcp/ip router box ... eliminating the mainframe host code having to also provide the lan/mac header overhead processing (needed by a lan/mac "bridge" box ... rather than having a real channel-attach tcp/ip router box).

part of this possibly was the whole focus on the sna communication paradigm (the old joke that it wasn't a system, wasn't a network, and wasn't an architecture) ... where vtam provided the communication addressing (and didn't have the concept of networking).

in the early days of sna ... my wife had co-authored AWP39 for peer-to-peer networking architecture ... which was possibly viewed as somewhat in competition with sna. part of the issue is that in most of the industry, networking is peer-to-peer ... it is only when sna had co-opted the term "networking" to apply to communication ... that it was necessary to qualify "networking" with "peer-to-peer". this was possibly also why she got con'ed into going to pok to be in charge of loosely-coupled architecture. while there she also created peer-coupled shared data architecture ... which, except for ims hot-standby, didn't see a lot of uptake until sysplex. misc past posts
http://www.garlic.com/~lynn/submain.html#shareddata

for other archeological trivia ... APPN was originally "AWP164". misc. past posts mentioning AWP39
http://www.garlic.com/~lynn/2004n.html#38 RS/6000 in Sysplex Environment
http://www.garlic.com/~lynn/2004p.html#31 IBM 3705 and UC.5
http://www.garlic.com/~lynn/2005p.html#8 EBCDIC to 6-bit and back
http://www.garlic.com/~lynn/2005p.html#15 DUMP Datasets and SMS
http://www.garlic.com/~lynn/2005p.html#17 DUMP Datasets and SMS
http://www.garlic.com/~lynn/2005q.html#27 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2005u.html#23 Channel Distances
http://www.garlic.com/~lynn/2006h.html#52 Need Help defining an AS400 with an IP address to the mainframe
http://www.garlic.com/~lynn/2006j.html#31 virtual memory
http://www.garlic.com/~lynn/2006k.html#9 Arpa address
http://www.garlic.com/~lynn/2006k.html#21 Sending CONSOLE/SYSLOG To Off-Mainframe Server
http://www.garlic.com/~lynn/2006l.html#4 Google Architecture
http://www.garlic.com/~lynn/2006l.html#45 Mainframe Linux Mythbusting (Was: Using Java in batch on z/OS?)
http://www.garlic.com/~lynn/2006o.html#62 Greatest Software, System R
http://www.garlic.com/~lynn/2006r.html#4 Was FORTRAN buggy?
http://www.garlic.com/~lynn/2006r.html#9 Was FORTRAN buggy?
http://www.garlic.com/~lynn/2006t.html#36 The Future of CPUs: What's After Multi-Core?
http://www.garlic.com/~lynn/2006u.html#28 Assembler question
http://www.garlic.com/~lynn/2006u.html#55 What's a mainframe?
http://www.garlic.com/~lynn/2007b.html#9 Mainframe vs. "Server" (Was Just another example of mainframe
http://www.garlic.com/~lynn/2007b.html#48 6400 impact printer
http://www.garlic.com/~lynn/2007d.html#55 Is computer history taugh now?
http://www.garlic.com/~lynn/2007h.html#35 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007h.html#39 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007l.html#62 Friday musings on the future of 3270 applications
http://www.garlic.com/~lynn/2007o.html#72 FICON tape drive?
http://www.garlic.com/~lynn/2007p.html#12 JES2 or JES3, Which one is older?
http://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers

Anniversaries

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Anniversaries
Newsgroups: alt.folklore.computers
Date: Fri, 19 Oct 2007 11:57:18 -0400
"Micheal H. McCabe" <mhmccabe@alltel.net> writes:
We had the source for VS/9 on the Univac 90/60 at Edinboro State College. Much of it (at least what I got to see -- job scheduling, system accounting, etc.) was written in PL/I with just enough machine language "glue" to run the low-level stuff. Not sure how they bootstrapped the PL/I compiler itself -- some of the listings looked suspiciously like they came off an IBM 360. We had paper, mag-tape, and microfiche versions -- not all of which matched up version wise.

there is old folklore story about some gov. agency looking into considering MVS but had requirement that they have the "exact" source code corresponding to what was executing

by comparison, customers built cp67 (and vm370) systems directly from the source code.

there was a reputed $5m spent on investigating whether it was possible to acquire listings or m'fiche that exactly corresponded to any specific mvs system. they eventually gave up ... that it simply wasn't practical. it wasn't that m'fiche "source" couldn't be obtained for mvs ... it was that there was no process to guarantee that any specific listing/m'fiche source exactly respresented any specific executing mvs system.

a previous post mentioning the investigation:
http://www.garlic.com/~lynn/2002q.html#32 Collating on the S/360-2540 card reader?

IBM System/3 & 3277-1

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM System/3 & 3277-1
Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main
Date: Fri, 19 Oct 2007 12:16:21 -0400
hancock4 writes:
(For the AS/400 I never could figure the internal code architecture, IBM used something called "LIC" that was rather vague. I once tried to get an optional machine language listing of my application program compilation but it was very confusing. I believe IBM used a multi- layered approach for AS/400 internals, remnants of its "Future System" effort. I was not a big AS/400 fan, except for a file-aid tool that was better than mainframe tools.)

one of the things that as/400 layered approach bought was that it could move from a CISC chip to a (power/pc) RISC chip w/o a lot of trouble.

the future system project was going to replace 360/370 in the early-to-mid 70s ... when the project was eventually canceled there was big effort to make up for lost time resulting from the future system distraction
http://www.garlic.com/~lynn/submain.html#futuresys

attempting to get stuff back into the 370 (hardware & software) product pipelines ... crash program for 303x was part of that. part of the analysis "killing" the project was that if a "future system" machine was built from the fastest hardware then available (370/195) it would have the thruput of a 370/145.

the folklore is that some of the future system participants regrouped in rochester, coming out with the s/38 (which didn't have nearly the thruput requirements).

i've periodically commented that there is some characteristics of the 801 risc activities in the 70s .... to go to the exact opposite extreme of what went on in future system.

a early, big push for 801/risc was effort to replace the multitude of corporate internal microprocessors with common risc architecture chips (every low-to-mid range 370 implemented with microcode on their own unique microprocessor, controllers, and other kinds of microprocessors). one of these was going to be the s/38 followon, as/400. the common 801/risc microprocessor effort ran into all sorts of problems and eventually died off ... at which time, as/400 had crash project to design a new CISC processor. misc. past 801, romp, rios, fort knox, power, power/pc, somerset, etc postings
http://www.garlic.com/~lynn/subtopic.html#801

as well as some old email from the period
http://www.garlic.com/~lynn/lhwemail.html#801

effectively the effort was revisited when rochester began move of as/400 from their CISC chip to its current use of 801/RISC chip.

Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Slimmed Down Windows Offers Glimpse Into Microsoft's  Virtualization Ambitions
Newsgroups: alt.folklore.computers
Date: Fri, 19 Oct 2007 19:13:55 -0400
Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
http://www.crn.com/software/202404947

from above:
In an Oct. 13 presentation at the University Of Illinois, Eric Traut, a distinguished engineer at Microsoft, talked about virtualization and also slipped in details about the project, code-named MinWin.

... snip ...

other articles:

Microsoft Wants Smaller Software Footprints Starting With Windows 7
http://www.informationweek.com/news/showArticle.jhtml?articleID=202805289
Microsoft Shows Shaved-Down Kernel For Next Windows OS
http://www.pcworld.com/article/id,138666/article.html
Microsoft to slim down 'bloated' Windows
http://www.techworld.com/opsys/news/index.cfm?newsid=10398&pagtype=all

misc. other posts mentioning new 40+ yr old technology
http://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007j.html#43 z/VM usability
http://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
http://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
http://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#93 How old are you?
http://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center
http://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
http://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?

US or China?

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: US or China?
Newsgroups: alt.folklore.computers
Date: Sat, 20 Oct 2007 10:18:43 -0400
jmfbahciv writes:
If you want to watch the US' next set of innovations in the computing biz, follow what the scientists are starting to do with that game station. Lynn, IIRC, just posted about it. This has been going on for several years and is just now attracting outside-the-lab attention.

re:
http://www.garlic.com/~lynn/2007q.html#40 Astrophysicist Replaces Supercomputer with a Cluster of Eight PlayStation 3s

actually i wrote a bit about it nearly 25yrs ago in some internal forums ... in terms of consumer electronics taking over hitech industry.

one of the things in hsdt
http://www.garlic.com/~lynn/subnetwork.html#hsdt

was cost of things like encryption, forward error correcting hardware ... especially for higher speed links (or things like vlsi and surface mount technology). one comment (from the period) was that i could get at least as good optics and better forward error correcting in $300 cdrom than i could in a $20k "computer industry" box (also behind rise of cdrom, dvd, 8mm tape, 4mm tape, etc in computer industry)

this was one of the issues in the difference between mainframe (fiber) escon and rs6000 (fiber) sla. escon technology had been laying around pok since the 70s w/o making much headway. 6000 engineer from austin picked it up ... tweaked the technology so that it was about ten percent faster ... but it was also deployed with much less expensive "cdrom" optic driver technology.

this also motivated the work on large clusters of risc chips in ha/cmp project
http://www.garlic.com/~lynn/subtopic.html#hacmp
misc. old email from the period
http://www.garlic.com/~lynn/lhwemail.html#medusa

i've also periodically commented that this was source of much of the churn in the hdtv meetings sponsored by the commerce dept. in the 1990 timeframe.

misc. past post mentioning $300 cdrom
http://www.garlic.com/~lynn/2001j.html#23 OT - Internet Explorer V6.0
http://www.garlic.com/~lynn/2001n.html#77 a.f.c history checkup... (was What specifications will the standard year 2001 PC have?)
http://www.garlic.com/~lynn/2002l.html#27 End of Moore's law and how it can influence job market
http://www.garlic.com/~lynn/2003h.html#3 Calculations involing very large decimals
http://www.garlic.com/~lynn/2003o.html#54 An entirely new proprietary hardware strategy
http://www.garlic.com/~lynn/2004o.html#43 360 longevity, was RISCs too close to hardware?
http://www.garlic.com/~lynn/2004o.html#44 360 longevity, was RISCs too close to hardware?
http://www.garlic.com/~lynn/2004p.html#57 IBM 3614 and 3624 ATM's
http://www.garlic.com/~lynn/2005n.html#27 Data communications over telegraph circuits
http://www.garlic.com/~lynn/2006.html#45 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006q.html#62 Cray-1 Anniversary Event - September 21st
http://www.garlic.com/~lynn/2007d.html#50 Is computer history taugh now?

misc. past posts mentioning hdtv activity
http://www.garlic.com/~lynn/2000e.html#11 Is Al Gore The Father of the Internet?^
http://www.garlic.com/~lynn/2001.html#73 how old are you guys
http://www.garlic.com/~lynn/2001b.html#2 FCC rulemakings on HDTV
http://www.garlic.com/~lynn/2001j.html#23 OT - Internet Explorer V6.0
http://www.garlic.com/~lynn/2005k.html#25 The 8008
http://www.garlic.com/~lynn/2006.html#45 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006q.html#62 Cray-1 Anniversary Event - September 21st
http://www.garlic.com/~lynn/2006s.html#63 Microsoft to design its own CPUs - Next Xbox In Development
http://www.garlic.com/~lynn/2007d.html#50 Is computer history taugh now?

misc. past posts mentioning escon
http://www.garlic.com/~lynn/96.html#5 360 "channels" and "multiplexers"?
http://www.garlic.com/~lynn/96.html#15 tcp/ip
http://www.garlic.com/~lynn/2000d.html#14 FW: RS6000 vs IBM Mainframe
http://www.garlic.com/~lynn/2000f.html#31 OT?
http://www.garlic.com/~lynn/2001.html#12 Small IBM shops
http://www.garlic.com/~lynn/2001.html#18 Disk caching and file systems. Disk history...people forget
http://www.garlic.com/~lynn/2001.html#46 Small IBM shops
http://www.garlic.com/~lynn/2001e.html#22 High Level Language Systems was Re: computer books/authors (Re: FA:
http://www.garlic.com/~lynn/2001j.html#23 OT - Internet Explorer V6.0
http://www.garlic.com/~lynn/2001k.html#22 ESCON Channel Limits
http://www.garlic.com/~lynn/2001m.html#25 ESCON Data Transfer Rate
http://www.garlic.com/~lynn/2002.html#10 index searching
http://www.garlic.com/~lynn/2002e.html#7 Bus & Tag, possible length/distance?
http://www.garlic.com/~lynn/2002e.html#32 What goes into a 3090?
http://www.garlic.com/~lynn/2002f.html#6 Blade architectures
http://www.garlic.com/~lynn/2002f.html#7 Blade architectures
http://www.garlic.com/~lynn/2002f.html#11 Blade architectures
http://www.garlic.com/~lynn/2002g.html#33 ESCON Distance Limitations - Why ?
http://www.garlic.com/~lynn/2002q.html#40 ibm time machine in new york times?
http://www.garlic.com/~lynn/2003h.html#0 Escon vs Ficon Cost
http://www.garlic.com/~lynn/2003o.html#54 An entirely new proprietary hardware strategy
http://www.garlic.com/~lynn/2003o.html#64 1teraflops cell processor possible?
http://www.garlic.com/~lynn/2004d.html#68 bits, bytes, half-duplex, dual-simplex, etc
http://www.garlic.com/~lynn/2004n.html#45 Shipwrecks
http://www.garlic.com/~lynn/2005e.html#12 Device and channel
http://www.garlic.com/~lynn/2005e.html#13 Device and channel
http://www.garlic.com/~lynn/2005h.html#7 IBM 360 channel assignments
http://www.garlic.com/~lynn/2005h.html#13 Today's mainframe--anything to new?
http://www.garlic.com/~lynn/2005l.html#26 ESCON to FICON conversion
http://www.garlic.com/~lynn/2005r.html#14 Intel strikes back with a parallel x86 design
http://www.garlic.com/~lynn/2005u.html#23 Channel Distances
http://www.garlic.com/~lynn/2005v.html#0 DMV systems?
http://www.garlic.com/~lynn/2006i.html#34 TOD clock discussion
http://www.garlic.com/~lynn/2006l.html#43 One or two CPUs - the pros & cons
http://www.garlic.com/~lynn/2006m.html#52 TCP/IP and connecting z to alternate platforms
http://www.garlic.com/~lynn/2006p.html#46 "25th Anniversary of the Personal Computer"
http://www.garlic.com/~lynn/2006x.html#3 Why so little parallelism?
http://www.garlic.com/~lynn/2006x.html#11 The Future of CPUs: What's After Multi-Core?
http://www.garlic.com/~lynn/2006x.html#13 The Future of CPUs: What's After Multi-Core?
http://www.garlic.com/~lynn/2006x.html#15 The Future of CPUs: What's After Multi-Core?
http://www.garlic.com/~lynn/2007.html#29 Just another example of mainframe costs
http://www.garlic.com/~lynn/2007.html#35 V2X2 vs. Shark (SnapShot v. FlashCopy)
http://www.garlic.com/~lynn/2007h.html#9 21st Century ISA goals?
http://www.garlic.com/~lynn/2007o.html#54 mainframe performance, was Is a RISC chip more expensive?
http://www.garlic.com/~lynn/2007o.html#72 FICON tape drive?

The history of Structure capabilities

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The history of Structure capabilities
Date: Sat, 20 Oct 2007 21:10:18 -0400
Newsgroups: comp.lang.asm.x86,alt.folklore.computers
Frank McCoy wrote:
I've found that the more and more-complicated the instruction-set is, the less of it that gets actually used ... and that's not just by assembly-language programmers, but by compiler-writers and code-writers as well.

Doesn't anybody even remember the concept of RISC these days? ;-{


i've periodically suggested that john's
http://domino.research.ibm.com/comm/pr.nsf/pages/news.20020717_cocke.html

reason for creating RISC
http://www.garlic.com/~lynn/subtopic.html#801

was to go to the opposite extreme of the (failed/canceled) future system project
http://www.garlic.com/~lynn/submain.html#futuresys

one of the nails in the FS coffin was a study that claimed if a FS machine was built out of the fastest technology then available (370/195), it would only have the thruput of a 370/145 (maybe 30:1 slowdown).

sporadic quote about future system project
http://web.archive.org/web/20110718153549/http://www.ecole.org/Crisis_and_change_1995_1.htm
http://www.ecole.org/en/seances/CM07

from above:
IBM tried to react by launching a major project called the 'Future System' (FS) in the early 1970's. The idea was to get so far ahead that the competition would never be able to keep up, and to have such a high level of integration that it would be impossible for competitors to follow a compatible niche strategy. However, the project failed because the objectives were too ambitious for the available technology. Many of the ideas that were developed were nevertheless adapted for later generations. Once IBM had acknowledged this failure, it launched its 'box strategy', which called for competitiveness with all the different types of compatible sub-systems. But this proved to be difficult because of IBM's cost structure and its R&D spending, and the strategy only resulted in a partial narrowing of the price gap between IBM and its rivals

... snip ...

i.e. significant motivation for FS was the rise of the clone (compatible) controllers.

some number of past posts about being part of team (as an undergraduate) creating clone controller (which got written up for sparking clone controller business)
http://www.garlic.com/~lynn/subtopic.html#360pcm

there is also some speculation that some of the characteristics of SNA and the complex relationship between vtam and 3705 is also an outgrowth of both clone telecommunication controllers and failure of future system project

the distraction of the future system project also contributed to dearth of items in 370 product pipeline for a period ... which would have helped clone processors being able to get a foothold.

Ancient Apple

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Ancient Apple
Newsgroups: alt.folklore.computers
Date: Sun, 21 Oct 2007 09:50:57 -0400
Morten Reistad <first@last.name> writes:
A house, OTOH expands and contracts as much as 3-4% just due to normal seasons, and you have to make constructions that follow that cycle.

one of the things that i did in hsdt project
http://www.garlic.com/~lynn/subnetwork.html#hsdt

was work on mainframe "channel extender" ... remoting local "channel attached" devices using T1/1.5mbit links.

The first deployment was for STL (now renamed silicon valley lab) that was bursting at the seams and needed to "remote" something like 300 people from the IMS group to offsite building. they had tested standard remote 3270s terminals which ran over 9.6kbit links and found the response horrible. The relocation of 300 "local" 3270s terminals to remote bldg via T1/1.5mbit channel extender ... appeared to provide "local" response ... and because of some additional factors, improved overall system thruput by 10-15percent.

The T1/1.5mbit link was actually provided by a subchannel on a T3 collins digital radio (microwave) plant site "campus" installation.

Then there was another IMS group near Boulder that was facing somewhat similar situation ... and were moving the IMS group to a nearby bldg on the other side of a busy highway. It was decided to deploy a similar solution but using T1 infrared (optical) modems mounted on the roofs of the two (multi-story) bldgs. One of the early problems was that there was lots of problems maintaining alignment of the T1 infrared modems ... problem was the change in height of the bldgs on different sides as the sun moved across the sky during the day.

misc. past posts mentioning channel extension with the T1 infrared modems
http://www.garlic.com/~lynn/94.html#23 CP spooling & programming technology
http://www.garlic.com/~lynn/2000c.html#65 Does the word "mainframe" still have a meaning?
http://www.garlic.com/~lynn/2001e.html#72 Stoopidest Hardware Repair Call?
http://www.garlic.com/~lynn/2001e.html#76 Stoopidest Hardware Repair Call?
http://www.garlic.com/~lynn/2003b.html#29 360/370 disk drives
http://www.garlic.com/~lynn/2005e.html#21 He Who Thought He Knew Something About DASD
http://www.garlic.com/~lynn/2005u.html#22 Channel Distances
http://www.garlic.com/~lynn/2006y.html#3 The Future of CPUs: What's After Multi-Core?

Damn

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Damn ....
Newsgroups: alt.folklore.computers
Date: Sun, 21 Oct 2007 10:41:42 -0400
krw <krw@att.bizzzz> writes:
Perhaps, but I don't know for what. It was in interceptor, not a fighter. It surely wasn't worth a damn for air-to-mud.

old post mentioning some Boyd's comments about vietnam air-to-air fights (specifically about airforce missile being used)
http://www.garlic.com/~lynn/99.html#120 atomic History

Boyd wasn't flying in vietnam ... but served tour in charge of spook base ... misc. past comments
http://www.garlic.com/~lynn/2005t.html#1 Dangerous Hardware
http://www.garlic.com/~lynn/2005t.html#2 Dangerous Hardware
http://www.garlic.com/~lynn/2005t.html#5 Dangerous Hardware
http://www.garlic.com/~lynn/2006u.html#51 Where can you get a Minor in Mainframe?
http://www.garlic.com/~lynn/2007g.html#13 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007i.html#4 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#69 Lean and Mean: 150,000 U.S. layoffs for IBM?
http://www.garlic.com/~lynn/2007m.html#60 Scholars needed to build a computer history bibliography

past posts mentioning John Boyd
http://www.garlic.com/~lynn/subboyd.html#boyd
misc. URLs from around the web mentioning Boyd
http://www.garlic.com/~lynn/subboyd.html#boyd2

The history of Structure capabilities

From: Anne & Lynn Wheeler  <spamtrap@crayne.org>
Subject: Re: The history of Structure capabilities
Newsgroups: comp.lang.asm.x86,alt.folklore.computers
Date: Sun, 21 Oct 2007 15:28:21 -0400
Morten Reistad <spamtrap@crayne.org> writes:
Yes, but the transition to compiler-generated code predates RISC by a few years. This is the important event in this respect.

I would say the eighties saw a transition from programmer-generated code to compiler-generated code. In the middle, RISC appeared, because the fact that people didn't have to generate code, but a compiler could use a lot of math before actually spitting out code meant that the code generation process could have a lot of complexity. This again implied that this complexity could be reduced from the ISA itself, but the ISA was then tuned to what a code generator writer would like, not what a regular Joe Q Programmer would like.


ref previous post
http://www.garlic.com/~lynn/2007q.html#51 The history of Structure capabilities

side-note ... some posts to this particular thread from yesterday are just starting to trickle in ... i know i reposted the same thing a couple times because of the delay.

the meetings i attended on 801/risc in the 70s
http://www.garlic.com/~lynn/subtopic.html#801

.... was all about significantly reducing hardware complexity ... some of it appeared to be reaction to do the exact opposite of future system project
http://www.garlic.com/~lynn/submain.html#futuresys

and some amount of it explicitly stated that there was purposeful trade-off moving complexity out of hardware and into compiler/software.

part of original 801/risc design-point was that there was no hardware protection domains at all ... all protection/integrity would be provided by compilers generating correct code and kernel only loading correctly generated compiler code for execution.

.... there were then various efforts to do technology transfer from pl.8 (pli subset compiler for the 801/risc project) into other languages .... pli, fortran, pascal, c, etc (and for other hardware architectures)

here is recent post with various old email from 78-81 timeframe mentioning 801/risc
http://www.garlic.com/~lynn/2006t.html#9 32 or even 64 registers for x86-64?

including '81 email discussing comparision of pl.8 technology (on non-risc machines)
http://www.garlic.com/~lynn/2006t.html#email810808

IBM Z6 processor

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM Z6 processor
Newsgroups: comp.arch
Date: Mon, 22 Oct 2007 07:58:00 -0400
nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
Well before that, actually. IBM's vector unit was designed not to be very fast, but to be a cheap, bolt-on for people who wanted mainframes but did some vector calculations.

there was some folklore that 3090 VF didn't get a whole lot higher thruput than scalar. one justification for vector is that it can take advantage of "spare" memory bus cycles to feed the additional data to additional fp units (or that individual fp took so long that there are spare memory bus cycles). supposedly 3090 scalar fp had been so highly optimized that it was capable of saturating the memory bus ... and then 3090 VF was a marketing tool (buzzword) for science/engineering.

Ancient Apple

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Ancient Apple
Newsgroups: alt.folklore.computers
Date: Mon, 22 Oct 2007 08:51:29 -0400
jmfbahciv writes:
Kewl. Was the change in inches? How did was this problem solved... [first things first] Was the problem solved?

re:
http://www.garlic.com/~lynn/2007q.html#52 Ancient Apple

instead of mounting on nearside bldg. sides ... mount near the center of both bldgs roofs.

there were also concerns about snow/rain fade of the signal. turns out there was some measurable bit-error-rate during one "white-out" snow storm (didn't make a lot of difference, especially since nobody was able to make it into the office)

for othe drift ... one of the reasons for infrared modems was that there was some issues with permits for microwave.

one of the places we were putting in 4.5meter satellite dishes had big uproar with some local citizens at planning/bldg commission meeting ... citizens extremely concerned about radiation. they were told that one of the reasons for the large dish was very weak signal from satellite in space ... and the transmission from ground used a 25watt transmitter ... that had uplink power control that nominally operated at 7watts during clear-sky conditions (which was focused straight up). still didn't seem to mean anything. so it was explained that if somebody was suspended directly above the (ground) transmitter ... they would receive much less radiation than people were receiving in their homes from the nearby 50,000 watt radio transmission tower.

recent post in another thread mentioning hsdt satellite
http://www.garlic.com/~lynn/2007q.html#45 Are there tasks that don't play by WLM's rules
http://www.garlic.com/~lynn/2007q.html#46 Are there tasks that don't play by WLM's rules

other hsdt posts
http://www.garlic.com/~lynn/subnetwork.html#hsdt

IBM Z6 processor

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM Z6 processor
Newsgroups: comp.arch
Date: Mon, 22 Oct 2007 10:17:58 -0400
nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
I think that's a bit unfair. All of the marketing that I saw made it VERY clear that it was not intended to compete in the true HPC market, but was intended for the sort of company that runs the administration during the day and simulations at night. It was intended as a cheap bolt-on that would not impact the rest of the system when not in use.

re:
http://www.garlic.com/~lynn/2007q.html#55 IBM Z6 processor

nah, some of the 3090 engineers possibly thot it was a bit unfair that VF detracted from the significant work that had gone into sustained scalar FP thruput

Direction of Stack Growth

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Direction of Stack Growth
Newsgroups: comp.arch.embedded,comp.arch,comp.realtime,comp.dsp
Date: Mon, 22 Oct 2007 10:38:02 -0400
nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
Ah. You mean the model of JUST code and stack? For those, I agree, but those stopped being important back in the 1950s. The resurgence in the 1970s and 1980s was short-lived and not very important.

I am pretty sure that this is yet another artifact of the way that DEC was the dominating computer science supplier in the 1970s. Now, why DEC did things the way they did, I don't know.

Witness that System/360 stacks were normally upwards growing in the 1960s and 1970s, and changed as the new generation of people with a DEC background moved in during the 1980s.


the gov. legal action affected the discount educational institutions could get (between the 60s & 70s)

minicomputer prices could fit into individual dept. budgets as opposed to institutional-wide large processor. there was some resurgence with introduction of 43xx (but a lot of those boxes went into commercial accounts ... some number with orders of multiple hundreds at a time)

gov. legal action also resulted in the 23jun69 unbundling announcement
http://www.garlic.com/~lynn/submain.html#unbundle

which also marked starting to charge for (application) software.

Virtualization: Everybody's Doing It, but Few Know How

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Virtualization: Everybody's Doing It, but Few Know How
Newsgroups: alt.folklore.computers
Date: Mon, 22 Oct 2007 13:31:42 -0400
more, new, 40+ yr old technology ... dating back to mid-60s at science center
http://www.garlic.com/~lynn/subtopic.html#545tech

Virtualization: Everybody's Doing It, but Few Know How
http://www.linuxinsider.com/story/59931.html

from above:
As more organizations adopt server virtualization software, they're also looking to hire people who have worked with the technology in live applications.

But such workers can be hard to find,


... snip ...

and ..

Virtualization Services Market, 2007-2011 Forecast
http://itmanagement.earthweb.com/erp/article.php/3694386

from above:
As large enterprises embrace virtualization, the market for virtualization services is growing robustly -- and is expected to grow still faster in the next few years.

... snip ...

Fixing our fraying Internet infrastructure

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Fixing our fraying Internet infrastructure
Newsgroups: alt.folklore.computers
Date: Mon, 22 Oct 2007 14:52:12 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
past couple months seems like there has been barrage of articles on all sorts of fraying infrastructure ... lots of milking the infrastructure for whatever can be extracted ... frequently with little or no attention given to care and maintenance; transportation, roads, bridges, power, water, etc. There was even a news item the past couple days that a major overhaul of the nations traffic light system could save 10-12 percent in energy use ... but the money hasn't been spent for that either.

re:
http://www.garlic.com/~lynn/2007q.html#18 Fixing our fraying Internet infrastructure
http://www.garlic.com/~lynn/2007q.html#19 Fixing our fraying Internet infrastructure

one of the business channels was just interviewing somebody about sectors for investment ... he commented that there is currently a one trillion dollar deficit in infrastructure spending (i.e. money that should have been spent but wasn't for transportation, water, power, etc) ... and as more and more of these infrastructures have various failures (some catastrophic), at some point they will have to get around spending the money on refurbishing/renewing/maintenance/etc

a couple recent posts (some of it deferred maintenance that nobody ever gets around to actually doing)
http://www.garlic.com/~lynn/2007n.html#97 Loads Weighing Heavily on Roads
http://www.garlic.com/~lynn/2007o.html#6 Loads Weighing Heavily on Roads

when we were doing our ha/cmp product
http://www.garlic.com/~lynn/subtopic.html#hacmp

we got involved in some continuous availability issues ... coining the terms disaster survivability and geographic survivability (to differentiate from disaster recovery)
http://www.garlic.com/~lynn/submain.html#available

some of these were considered "natural" disasters ... but there seems to be a growing number of failures that are result of just not carrying through with various well understood processes.

Horrid thought about Politics, President Bush, and Democrats

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Horrid thought about Politics, President Bush, and Democrats ...
Newsgroups: alt.folklore.computers
Date: Tue, 23 Oct 2007 09:12:51 -0400
Morten Reistad <first@last.name> writes:
The immigration bill could have become law. That would actually have fixed a lot of things. It would have made legal migrants of all the mexicans, and they would have had rights; and could demand decent wages, and not represent a rotting part of the US economy anymore.

i thot that feds had promised to correct the immigration situation ... as part of immigration bills in the 80s granting amnesty.

wiki page
https://en.wikipedia.org/wiki/Immigration_Reform_and_Control_Act_of_1986

misc. other references
http://www.mbbp.com/resources/employment/reform_act.html
http://louisville.edu/hr/policies/PER109.html
http://www.lib.niu.edu/ipo/1987/im870511.html

reference to 1995 gao report (on national net costs of illegal aliens) on the subject (in an older thread)
http://www.garlic.com/~lynn/2007i.html#18 John W. Backus, 82, Fortran developer, dies

and ....

http://www.cis.org/articles/1997/IR28/5million.html

from above ...
The INS estimates that as of October 1996 there were five million illegal aliens living in the United States,

...
The number of illegal aliens who remained after the completion of the Immigration Reform and Control Act (IRCA) legalization in October of 1988 was 2,775,000, well above the 2.18 million previously estimated.

... snip ...

http://www.fairus.org/site/PageServer?pagename=iic_immigrationissuecenterse4a5

from above:
In 1986, Congress passed the Immigration Reform and Control Act (IRCA) giving amnesty legal forgiveness to all illegal aliens who had successfully evaded justice for four years or more or were illegally working in agriculture.


Various Amnesties of Illegal Aliens
IRCA (including dependents)             2,831,351
NACARA                                    405,000
Haitian Act                                50,000
INA Section 249 (from 1987-1997)           69,670
TOTAL                                   3,356,021

... snip ...

Fixing our fraying Internet infrastructure

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Fixing our fraying Internet infrastructure
Newsgroups: alt.folklore.computers
Date: Tue, 23 Oct 2007 10:11:38 -0400
jmfbahciv writes:
Mass. has this problem. Then there are the union people who sabotage what they fix so they can fix it next year.

re:
http://www.garlic.com/~lynn/2007q.html#18 Fixing our fraying Internet infrastructure
http://www.garlic.com/~lynn/2007q.html#19 Fixing our fraying Internet infrastructure
http://www.garlic.com/~lynn/2007q.html#60 Fixing our fraying Internet infrastructure

or just not do it correctly, i remember some joke during the 70s about using water soluable asphalt for road repairs ... past reference:
http://www.garlic.com/~lynn/2003j.html#11 Idiot drivers

when i 1st moved to mass. somebody seriously commented about entrenched road repair institution dependent on annual contracts for repeatedly repairing the same stuff (can't exactly say that they weren't spending money on infrastructure).

this is somewhat related to recent article on nothing succeeds like failure
http://www.garlic.com/~lynn/2007h.html#29 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007h.html#33 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/aadsm26.htm#59 On cleaning up the security mess: escaping the self-perpetuating trap of Fraud?

a couple yrs ago there was some charges brought against public utility company in cal. ... where part of PUC approved customer fees were to go to trimming foilage away from transmission lines. after some number of fires ... they found that the company was "deferring maintenance" on the foilage trimming and the money diverted to bonuses for executives.

The history of Structure capabilities

From: Anne & Lynn Wheeler  <spamtrap@crayne.org>
Subject: Re: The history of Structure capabilities
Newsgroups: comp.lang.asm.x86,alt.folklore.computers
Date: Tue, 23 Oct 2007 08:37:23 -0400
krw <spamtrap@crayne.org> writes:
It was also thought that IBM could control, and even buy, Intel if need be (it did). They couldn't with a corporation like Moto.

IBM Sells Back Much of Intel Stake
http://query.nytimes.com/gst/fullpage.html?res=9B0DE3DC153FF931A25755C0A961948260

from above:
In total, I.B.M. invested $642.7 million in Intel in 1983 and 1984, in return for about 20 percent of the company's outstanding stock. Its average purchase price per share was $28.44. Under yesterday's agreement, Intel purchased back those shares for $40.625 each. Intel's Excess of Cash

.... snip ...

I have some vague recollection that IBM had option to buy even more ... instead it eventually sold it off. The above article mentions a deal for IBM to manufacture 386 ... and there was some work on a customized 386 chip design.

a couple old posts with old '89 article about motorola and intel still being somewhat neck & neck
http://www.garlic.com/~lynn/2005q.html#44 Intel strikes back with a parallel x86 design
http://www.garlic.com/~lynn/2005q.html#45 Intel strikes back with a parallel x86 design

Virtual Browsers: Disposable Security

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Virtual Browsers: Disposable Security
Newsgroups: alt.folklore.computers
Date: Tue, 23 Oct 2007 16:01:10 -0400
latest new 40+ yr old technology

Virtual Browsers: Disposable Security
http://www.linuxinsider.com/story/59949.html

from above:
If users are working on a virtualized PC, or at least a virtualized Web browser, then throwing it out is trivial. So is replacing it with a fresh, uncluttered, uninfected version. Virtual IT is built to be disposable. OK, you've heard about this virtualization magic before. However, it seems too good to be true, and it sounds complicated and expensive.

... snip ...

some recent references to using virtualization for volitile environment ... not only is the environment constrained/partitioned ... but everything is discarded (including any infections) at the end of session (sort of the equivalent of vaporizing medical waste)
http://www.garlic.com/~lynn/2007i.html#26 Latest Principles of Operation
http://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007o.html#7 Hypervisors May Replace Operating Systems As King Of The Data Center

related article

It's time to install virtual throw-away PCs
http://computerworld.co.nz/news.nsf/mgmt/BD8BDF1543B9281ACC257372000354FE

from above:
I give up. You should too. It's time to stop trying to secure users' web browsers, and instead just throw them away. We can't stop users from clicking on the wrong links or going to compromised websites. We can't eliminate drive-by worm infections or block zero-day rootkits.

But thanks to virtualisation, we can flush them all away.


... snip ...

other recent references to the new 40+ yr old technology
http://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007l.html#23 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007p.html#7 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell
http://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
http://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
http://www.garlic.com/~lynn/2007q.html#49 Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
http://www.garlic.com/~lynn/2007q.html#59 Virtualization: Everybody's Doing It, but Few Know How

oh and an advertisement that was displayed on the 1st article's page:
What's Linux with a Lineage? Verio Linux VPS delivers root access, advanced FairShare technology for better performance, and support that's actually supportive. It's all from Verio, the Virtual Private Server technology pioneer, with over 500,000 customers.

... snip ...

misc. past posts mentioning doing fair share, original as undergraduate some 39 yrs ago ... modifications to cp67 virtual machine kernel.
http://www.garlic.com/~lynn/subtopic.html#fairshare

modifications were dropped in the morph from cp67 to vm370 ... but later re-introduced as part of resource manager. implementation was actually dynamic adaptive resource management policies ... with the default policy being fair share.

Direction of Stack Growth

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Direction of Stack Growth
Newsgroups: comp.arch.embedded,comp.arch,comp.realtime,comp.dsp,comp.os.linux.embedded
Date: Tue, 23 Oct 2007 18:47:36 -0400
glen herrmannsfeldt <gah@ugcs.caltech.edu> writes:
IBM S/360 and S/370 don't have a stack. CALL and RETURN are done through a linked list that also includes space to save the registers. Called routines are expected to save and restore most of the general registers. The calling convention used by OS/360 and many of the supported high-level languages has the calling routine supply a 72 byte save area addressed in R13. R14 is the return address, and R15 is the address of the routine being called. The called routine then saves registers 14 through 12 in the save area addressed by R13, arranges its own save area as the next element in a linked list. Traditionally many assembly and Fortran programs used a static save area (no recursion). Languages that allow recursion dynamically allocate a save area along with space for local variables.

q&d conversion of old greencard ios3270 to html
http://www.garlic.com/~lynn/gcard.html

call/save/return conventions
http://www.garlic.com/~lynn/gcard.html#50

Direction of Stack Growth

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Direction of Stack Growth
Newsgroups: comp.arch.embedded,comp.arch,comp.realtime,comp.dsp,comp.os.linux.embedded
Date: Tue, 23 Oct 2007 22:19:16 -0400
glen herrmannsfeldt <gah@ugcs.caltech.edu> writes:
IBM S/360 and S/370 don't have a stack. CALL and RETURN are done through a linked list that also includes space to save the registers. Called routines are expected to save and restore most of the general registers. The calling convention used by OS/360 and many of the supported high-level languages has the calling routine supply a 72 byte save area addressed in R13. R14 is the return address, and R15 is the address of the routine being called. The called routine then saves registers 14 through 12 in the save area addressed by R13, arranges its own save area as the next element in a linked list. Traditionally many assembly and Fortran programs used a static save area (no recursion). Languages that allow recursion dynamically allocate a save area along with space for local variables.

re:
http://www.garlic.com/~lynn/2007q.html#65 Direction of Stack Growth

in the os/360 convention called routine only needs its own savearea if it is planning on calling other routine(s). a routine that doesn't make any calls ... won't need its own savearea. a routine is only allocating/chaining savearea (on entry), when it is calling other routine(s) (for their use).

original/early cp67 kernel allocated 100 (contiguous) "saveareas" at boot initialized/managed as push/pop list. all internal kernel call/returns were done via svc (supervisor call) interrupt which would allocate/deallocate a savearea (from push/pop list). the called routine was still responsible for "saving" registers in the (recently) allocated savearea. when the 100 "savearea" were exhausted ... system failed. on entry, the pointer to the "active" savearea was in register 13 ... as per os/360 convention.

early on (as undergraduate) in the 60s, i made a number of cp67 kernel modifications:

several "called" kernel routines were "closed" ... i.e. they didn't call to any other routines. for these i changed the calling sequence from a supervisor call interrupt to (more familiar) BALR ... and these called routines, saved (calling routines) registers (on entry) in a single, kernel-wide savearea (actually in "page zero" ... so it was a per processor, kernel-wide savearea ... one for every processor in a multiprocessor configuration).

if the initial 100 saveareas were exhausted (actually any time available saveareas were exhausted) ... it would savange some storage and replenish the list with another block of saveareas.

....

the change to dynamicly extend kernel saveareas then complicated standard cp67 kernel failure analysis ... since it had been possible to examine all extent active and pending process indications by examining the fixed (location) preallocated, contiguous 100 saveareas.

these eventually shipped in standard cp67 product.

also as undergraduate i did an enhancement that moved some number of kernel routines out of fixed kernel storage and made them pageable. this required a little slight of hand ... while cp67 supported virtual memory and ran all of its virtual machines in virtual address spaces ... the cp67 kernel ran in "real addressing" (non virtual addressing mode). while the "pageable" kernel routines were fetched into memory and removed from memory via standard paging facilities ... the routines ran in "real addressing" mode w/o address translation turned on and couldn't depend on virtual address translation and/or hardware page faults. this didn't ship in standard cp67 product ... but was incorporated into the product as part of the morph from cp67 to vm370.

for a little topic drift ... some recent posts about the "new", 40+ yr old virtual machine technology
http://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007l.html#23 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007p.html#7 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell
http://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
http://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
http://www.garlic.com/~lynn/2007q.html#49 Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
http://www.garlic.com/~lynn/2007q.html#59 Virtualization: Everybody's Doing It, but Few Know How
http://www.garlic.com/~lynn/2007q.html#64 Virtual Browsers: Disposable Security

does memory still have parity?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: does memory still have parity?
Newsgroups: alt.folklore.computers
Date: Wed, 24 Oct 2007 09:20:37 -0400
Eric Sosman <esosman@ieee-dot-org.invalid> writes:
Stratus used that technique. A CPU board actually had two CPU's and a comparator; if the comparator reported a disagreement the board electrically isolated itself from the backplane. The boards themselves were installed in pairs, so the system still ran on the surviving board. Things like I/O boards used a similar strategy, with both on-board and dual-board redundancy.

Stratus liked to talk a lot about the reliability they could offer with this setup, but tended to soft-pedal the price consequences of putting four of everything in the box. I also don't know how they dealt with failures in the comparators. Any Stratus folks out there who can illuminate (and maybe correct my mis-recollections)?


one of the issues was that it use to be the largest percentage of failures came from hardware failures. during the late 70s and early 80s, hardware reliability significantly improved ... and the majority of the failures/outages were no longer computer hardware but had shifted to software, human mistakes, disasters, etc

when we were doing our ha/cmp product
http://www.garlic.com/~lynn/subtopic.html#hacmp

... one of the things we marketing against was stratus (or its corporate rebranded system/88). one place we came up against was in 1-800 lookup/call-routing ... which had requirement for something like 5mins of downtime per year. at the time, stratus required taking the system down to perform kernel/system maintenance ... which could easily run an hr or two a year (exceeeding the down-time budget).

their counter was a pair of fail-over systems (to handle system maintenance and other scheduled outages) ... however a single system was already significantly more expensive than a ha/cmp configuration (and the statistical downtime/outage probabilities were all within the 5min/yr requirement).

misc. past posts mentioning stratus, s/88, and/or tandem
http://www.garlic.com/~lynn/2000e.html#49 How did Oracle get started?
http://www.garlic.com/~lynn/2000f.html#69 TSS ancient history, was X86 ultimate CISC? designs)
http://www.garlic.com/~lynn/2001.html#62 California DMV
http://www.garlic.com/~lynn/2001i.html#48 Withdrawal Announcement 901-218 - No More 'small machines'
http://www.garlic.com/~lynn/2001i.html#49 Withdrawal Announcement 901-218 - No More 'small machines'
http://www.garlic.com/~lynn/2001j.html#31 Title Inflation
http://www.garlic.com/~lynn/2001k.html#9 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001k.html#10 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001k.html#11 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001k.html#13 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001k.html#15 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2002.html#1 The demise of compaq
http://www.garlic.com/~lynn/2002.html#8 The demise of compaq
http://www.garlic.com/~lynn/2002f.html#14 Mail system scalability (Was: Re: Itanium troubles)
http://www.garlic.com/~lynn/2002f.html#15 Mail system scalability (Was: Re: Itanium troubles)
http://www.garlic.com/~lynn/2002f.html#18 Mail system scalability (Was: Re: Itanium troubles)
http://www.garlic.com/~lynn/2002f.html#25 When will IBM buy Sun?
http://www.garlic.com/~lynn/2002g.html#59 Amiga Rexx
http://www.garlic.com/~lynn/2002j.html#45 M$ SMP and old time IBM's LCMP
http://www.garlic.com/~lynn/2002j.html#46 M$ SMP and old time IBM's LCMP
http://www.garlic.com/~lynn/2002j.html#62 Server and Mainframes
http://www.garlic.com/~lynn/2002k.html#22 Vnet : Unbelievable
http://www.garlic.com/~lynn/2002p.html#13 Multics on emulated systems?
http://www.garlic.com/~lynn/2002p.html#14 Multics on emulated systems?
http://www.garlic.com/~lynn/2003.html#48 InfiniBand Group Sharply, Evenly Divided
http://www.garlic.com/~lynn/2003d.html#10 Low-end processors (again)
http://www.garlic.com/~lynn/2004q.html#75 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005.html#46 8086 memory space
http://www.garlic.com/~lynn/2005c.html#50 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005d.html#37 Thou shalt have no other gods before the ANSI C standard
http://www.garlic.com/~lynn/2005j.html#5 The 8008
http://www.garlic.com/~lynn/2005u.html#61 DMV systems?
http://www.garlic.com/~lynn/2006d.html#14 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006h.html#9 It's official: "nuke" infected Windows PCs instead of fixing them
http://www.garlic.com/~lynn/2006l.html#24 Google Architecture
http://www.garlic.com/~lynn/2007f.html#56 Is computer history taught now?
http://www.garlic.com/~lynn/2007h.html#76 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#34 Internal DASD Pathing
http://www.garlic.com/~lynn/2007j.html#46 John W. Backus, 82, Fortran developer, dies

Direction of Stack Growth

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Direction of Stack Growth
Newsgroups: comp.arch.embedded,comp.arch,comp.realtime,comp.dsp,comp.os.linux.embedded
Date: Wed, 24 Oct 2007 15:54:14 -0400
mojaveg@mojaveg.lsan.mdsg-pacwest.com (Everett M. Greene) writes:
While on the subject of return addresses, isn't the ARM a throwback to the old BALR days? It's granted that you can save a push operation for leaf functions, but otherwise you spend the same or more operations saving the return address than just having the hardware do it automagically.

re:
http://www.garlic.com/~lynn/2007q.html#58 Direction of Stack Growth
http://www.garlic.com/~lynn/2007q.html#65 Direction of Stack Growth
http://www.garlic.com/~lynn/2007q.html#66 Direction of Stack Growth

a separate issue showed up in os/360 days in the transition from real storage to virtual memory. part of the problem was there was a very ingrained pointer-passing convention that permeated the infrastructure. in the transition to virtual memory on 370s ... the idea was to give each process possibly a full, maximum 16mbyte virtual address space. the downside was that because of the ingrained pointer-passing convention ... contributed to the kernel image being included in every (process) virtual address space ... which took up 8mbytes (of the 16mbytes).

then there were a lot of operating system "subsystems" that lived outside the kernel ... but provided services to applications and where the pointer-passing paradigm was also ingrained. these got moved into their own virtual address space. now the pointer-passing paradigm got a little more difficult. to address this ... there was something called a "common segment" that started out as one megabyte ... appearing in ever virtual address space. an application would find some space in the common segment, stuff in arguments, and make a kernel call with a pointer to the stuff in the common segment ... which would passthru the kernel and switch to the subsystem address space. the subsystem then could pass back information ... also in the common segment. the problem here was that for larger installations, with numerous "subsystems", the common segment would grow to five or possibly even six megabytes.

so you know have kernel image taking 8mbytes of every 16mbyte application virtual address space ... and the common segment taking another 5-6 mbytes of every application 16mbyte virtual address space ... leaving possibly as little as 2mbytes for the application.

something called "dual-address" space mode was introduced with 3033 ... it allowed for semi-privileged applications to execute with two virtual address space pointers ... one was the private virtual address space ... and one typically belonged to the calling application virtual address space. in this scenario ... each instance of the subsystem execution actually required register with both the address of the passed parameter pointer ... and a (control) register with the corresponding calling applicaton virtual address space. however, this still required passing thru the kernel ... executing software instructions to do the necessary permission checking and switching around address pointers (along with instructions that accessed storage in other virtual address spaces).

later came "access registers" and program call/return. access registers generalized dual-address space mode to multiple virtual address spaces. there was kernel hardware table referenced by program call/return that supported applications being able to effectively make "BALR" type calls to subsystem services (in different virtual address spaces) and have all the various control registers be fiddled with (w/o having the overhead of executing instructions in the kernel) ... and then perform the return ... again w/o requiring kernel software exeuction. program call/return started out being a hierarchical infrastrucutre ... but later mesh-type operation was added.

current description of address types, virtual address types, access register specified virtual address, etc
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/3.2.1?SHELF=&DT=20040504121320&CASE=

more address space discussion
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/3.8?DT=20040504121320

more discussion discussion able to handle up to 16 address spaces, the primary address space and up to 15 AR-specified address spaces
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/3.8?DT=20040504121320

access-register introduction
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/5.7?DT=20040504121320

linkage-stack introduction
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/5.10?DT=20040504121320

linkage-stack operations
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/5.12?DT=20040504121320

program call instruction
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/10.34?DT=20040504121320

program return instruction
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/10.35?DT=20040504121320

program transfer and program transfer with instance instructions
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/10.37?DT=20040504121320

misc. past posts mentioning dual-address space, access registers, program call/return, etc
http://www.garlic.com/~lynn/98.html#36 What is MVS/ESA?
http://www.garlic.com/~lynn/2000c.html#84 Is a VAX a mainframe?
http://www.garlic.com/~lynn/2000d.html#28 RS/6000 vs. System/390 architecture?
http://www.garlic.com/~lynn/2000e.html#58 Why not an IBM zSeries workstation?
http://www.garlic.com/~lynn/2001d.html#28 Very CISC Instuctions (Was: why the machine word size ...)
http://www.garlic.com/~lynn/2001h.html#73 Most complex instructions
http://www.garlic.com/~lynn/2001i.html#13 GETMAIN R/RU (was: An IEABRC Adventure)
http://www.garlic.com/~lynn/2001k.html#16 Minimalist design (was Re: Parity - why even or odd)
http://www.garlic.com/~lynn/2002d.html#51 Hardest Mistake in Comp Arch to Fix
http://www.garlic.com/~lynn/2002g.html#17 Black magic in POWER5
http://www.garlic.com/~lynn/2002g.html#18 Black magic in POWER5
http://www.garlic.com/~lynn/2002l.html#57 Handling variable page sizes?
http://www.garlic.com/~lynn/2002n.html#58 IBM S/370-168, 195, and 3033
http://www.garlic.com/~lynn/2002n.html#74 Everything you wanted to know about z900 from IBM
http://www.garlic.com/~lynn/2002q.html#1 Linux paging
http://www.garlic.com/~lynn/2003c.html#13 Unused address bits
http://www.garlic.com/~lynn/2003d.html#53 Reviving Multics
http://www.garlic.com/~lynn/2003d.html#69 unix
http://www.garlic.com/~lynn/2003e.html#0 Resolved: There Are No Programs With >32 Bits of Text
http://www.garlic.com/~lynn/2003e.html#12 Resolved: There Are No Programs With >32 Bits of Text
http://www.garlic.com/~lynn/2003g.html#13 Page Table - per OS/Process
http://www.garlic.com/~lynn/2003m.html#29 SR 15,15
http://www.garlic.com/~lynn/2004c.html#6 If the x86 ISA could be redone
http://www.garlic.com/~lynn/2004e.html#41 Infiniband - practicalities for small clusters
http://www.garlic.com/~lynn/2004f.html#27 [Meta] Marketplace argument
http://www.garlic.com/~lynn/2004f.html#53 Infiniband - practicalities for small clusters
http://www.garlic.com/~lynn/2004n.html#26 PCIe as a chip-to-chip interconnect
http://www.garlic.com/~lynn/2004n.html#54 CKD Disks?
http://www.garlic.com/~lynn/2004o.html#18 Integer types for 128-bit addressing
http://www.garlic.com/~lynn/2004o.html#57 Integer types for 128-bit addressing
http://www.garlic.com/~lynn/2005.html#3 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005b.html#53 The mid-seventies SHARE survey
http://www.garlic.com/~lynn/2005c.html#63 intel's Vanderpool and virtualization in general
http://www.garlic.com/~lynn/2005d.html#62 Misuse of word "microcode"
http://www.garlic.com/~lynn/2005f.html#7 new Enterprise Architecture online user group
http://www.garlic.com/~lynn/2005f.html#41 Moving assembler programs above the line
http://www.garlic.com/~lynn/2005f.html#57 Moving assembler programs above the line
http://www.garlic.com/~lynn/2005p.html#18 address space
http://www.garlic.com/~lynn/2005p.html#19 address space
http://www.garlic.com/~lynn/2005q.html#41 Instruction Set Enhancement Idea
http://www.garlic.com/~lynn/2005q.html#48 Intel strikes back with a parallel x86 design
http://www.garlic.com/~lynn/2006.html#39 What happens if CR's are directly changed?
http://www.garlic.com/~lynn/2006b.html#25 Multiple address spaces
http://www.garlic.com/~lynn/2006b.html#28 Multiple address spaces
http://www.garlic.com/~lynn/2006i.html#33 virtual memory
http://www.garlic.com/~lynn/2006p.html#10 What part of z/OS is the OS?
http://www.garlic.com/~lynn/2006r.html#26 A Day For Surprises (Astounding Itanium Tricks)
http://www.garlic.com/~lynn/2006r.html#32 MIPS architecture question - Supervisor mode & who is using it?
http://www.garlic.com/~lynn/2006s.html#42 Ranking of non-IBM mainframe builders?
http://www.garlic.com/~lynn/2006t.html#23 threads versus task
http://www.garlic.com/~lynn/2006x.html#23 Multiple mappings
http://www.garlic.com/~lynn/2006y.html#39 Multiple mappings
http://www.garlic.com/~lynn/2007g.html#39 Wylbur and Paging
http://www.garlic.com/~lynn/2007g.html#59 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
http://www.garlic.com/~lynn/2007k.html#14 Some IBM 3033 information
http://www.garlic.com/~lynn/2007k.html#27 user level TCP implementation
http://www.garlic.com/~lynn/2007k.html#28 IBM 360 Model 20 Questions
http://www.garlic.com/~lynn/2007l.html#71 IBM 360 Model 20 Questions
http://www.garlic.com/~lynn/2007o.html#10 IBM 8000 series
http://www.garlic.com/~lynn/2007p.html#21 Newsweek article--baby boomers and computers

IBM System/3 & 3277-1

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM System/3 & 3277-1
Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main
Date: Wed, 24 Oct 2007 19:04:01 -0400
ArarghMail710NOSPAM writes:
I could read ASCII from a paper tape. Took me a while. :-)

previous post in this thread:
http://www.garlic.com/~lynn/2007q.html#48 IBM System/3 & 3277-1

i eventually learned to read 12-2-9 (i.e. card punch holes for hex "02") "txt" text deck cards ... as part of multi-punch/duplicate cards and punching patches ... i had a 2000 card assembler program and it was frequently faster to multi-punch fixes (into duplicate/new card) than to reassemble program (which could take 30-60 minutes elapsed time ... this was on 360/30 under os/360 release 6 ... i had dedicated university machine room on weekends for 48hrs stretch). basically had to not only be able to read storage dumps and equivalence between hexcode and things like instructions and/or addresses ... but the similar information on cards in "punch hole" representation.

field/col definition for 12-2-9 TXT card:
col 1 12-2-9 / x'02' 2-4 TXT 5 blank 6-8 relative address of first instruction on record 9-10 blank 11-12 byte count ... number of bytes in information field 15-16 ESDID 17-72 56-byte information field 73-80 deck id, sequence number, or both

cols. 2-4 and 73-80 were character ... the other fields were hex.

q&d converstion of gcard ios3270 to html
http://www.garlic.com/~lynn/gcard.html

but it lacks card punch hole equivalence for hex (on real green card)

here is actual scan of a 360 green card ... front & back (11mb)
http://weblog.ceicher.com/archives/IBM360greencard.pdf
from:
http://weblog.ceicher.com/archives/2006/12/ibm_system360_green_card.html

the following table is from
http://www.cs.uiowa.edu/~jones/cards/codes.html

giving equivalence between card punch codes, hexidemal value, and ebcdic


00  10  20  30  40  50  60  70  80  90  A0  B0  C0  D0  E0  F0
  ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___
0|NUL|   |DS |   |SP | & | - |   |   |   |   |   |   |   |   | 0 |0
 |__1|___|__2|___|__3|__4|__5|___|___|___|___|___|___|___|___|___|
1|   |   |SOS|   |   |   | / |   | a | j |   |   | A | J |   | 1 |1
|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
2|   |   |FS |   |   |   |   |   | b | k | s |   | B | K | S | 2 |2
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
3|   |TM |   |   |   |   |   |   | c | l | t |   | C | L | T | 3 |3
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
4|PF |RES|BYP|PN |   |   |   |   | d | m | u |   | D | M | U | 4 |4
|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
5|HT |NL |LF |RS |   |   |   |   | e | n | v |   | E | N | V | 5 |5
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
6|LC |BS |EOB|UC |   |   |   |   | f | o | w |   | F | O | W | 6 |6
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
7|DEL|IL |PRE|EOT|   |   |   |   | g | p | x |   | G | P | X | 7 |7
|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
8|   |   |   |   |   |   |   |   | h | q | y |   | H | Q | Y | 8 |8
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
9|   |   |   |   |   |   |   |   | i | r | z |   | I | R | Z | 9 |9
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
A|   |   |   |   | ¢ | ! |   | : |   |   |   |   |   |   |   |   |2-8
|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
B|   |   |   |   | . | $ | , | # |   |   |   |   |   |   |   |   |3-8
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
C|   |   |   |   | < | * | % | @ |   |   |   |   |   |   |   |   |4-8
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
D|   |   |   |   | ( | ) | _ | ' |   |   |   |   |   |   |   |   |5-8
|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
E|   |   |   |   | + | ; | > | = |   |   |   |   |   |   |   |   |6-8
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
F|   |   |   |   | | | ¬ | ? | " |   |   |   |   |   |   |   |   |7-8
 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|
12  11  10      12  11  10      12  11  10      12  11  10
9   9   9                       10  12  11

> i.e. hex values down the left and across the top, punch holes dorwn the right adn across the bottom.

and card punch format ... card rows are number 12, 11, 0-9 from the top.


/&-0123456789ABCDEFGHIJKLMNOPQR/STUVWXYZb#@'>V?.¤[<§!$*];^±,%v\¶
12 / O           OOOOOOOOO                        OOOOOO
11|   O                   OOOOOOOOO                     OOOOOO
0|    O                           OOOOOOOOO                  OOOOOO
1|     O        O        O        O
 2|      O        O        O        O       O     O     O     O
3|       O        O        O        O       O     O     O     O
 4|        O        O        O        O       O     O     O     O
5|         O        O        O        O       O     O     O     O
6|          O        O        O        O       O     O     O     O
7|           O        O        O        O       O     O     O     O
 8|            O        O        O        O OOOOOOOOOOOOOOOOOOOOOOOO
9|             O        O        O        O
  |__________________________________________________________________

IBM System/3 & 3277-1

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM System/3 & 3277-1
Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main
Date: Thu, 25 Oct 2007 05:22:24 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
field/col definition for 12-2-9 TXT card:

col 1 12-2-9 / x'02' 2-4 TXT 5 blank 6-8 relative address of first instruction on record 9-10 blank 11-12 byte count ... number of bytes in information field 15-16 ESDID 17-72 56-byte information field 73-80 deck id, sequence number, or both

cols. 2-4 and 73-80 were character ... the other fields were hex.


re:
http://www.garlic.com/~lynn/2007q.html#69 IBM System/3 & 3277-1

"txt" card decks were nearly executable output from assemblers and compilers. more information about format of other cards in txt card deck
http://www.garlic.com/~lynn/2001.html#14 IBM Model Numbers (was: First video terminal?)

before i learned about "rep" cards, i would duplicate a "TXT", multipunching the patch/fix into the duplicated card.

keypunches just had keys for punching the character information, if you were dealing with hex ... for which there was no equivalent character ... it would be necessary to "multi-punch" to get the correct holes punched. for hex, it was necessary to read the holes ... since even if the card had been "interpreted" ... there were no corresponding character symbols for the majority of the hex codes.

my process was to fan the txt card deck ... reading the holes in cols 6-8 (displacement address in the program of data punched in the specific card) ... looking for the card corresponding to the data i needed to patch. I would then take that card and duplicate it out to the cols that needed to be "fixed" ... multi-punch the corrections (in the duplicate/new card) and then resume duplicating the remaining of the card.

misc past posts mentioning multi-punch
http://www.garlic.com/~lynn/93.html#17 unit record & other controllers
http://www.garlic.com/~lynn/2000f.html#75 Florida is in a 30 year flashback!
http://www.garlic.com/~lynn/2001b.html#26 HELP
http://www.garlic.com/~lynn/2001b.html#27 HELP
http://www.garlic.com/~lynn/2001k.html#27 Is anybody out there still writting BAL 370.
http://www.garlic.com/~lynn/2001k.html#28 Is anybody out there still writting BAL 370.
http://www.garlic.com/~lynn/2002k.html#63 OT (sort-of) - Does it take math skills to do data processing ?
http://www.garlic.com/~lynn/2004p.html#24 Systems software versus applications software definitions
http://www.garlic.com/~lynn/2005c.html#54 12-2-9 REP & 47F0
http://www.garlic.com/~lynn/2006c.html#17 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006g.html#43 Binder REP Cards (Was: What's the linkage editor really wants?)
http://www.garlic.com/~lynn/2006g.html#58 REP cards
http://www.garlic.com/~lynn/2006l.html#64 Large Computer Rescue
http://www.garlic.com/~lynn/2007d.html#51 IBM S/360 series operating systems history
http://www.garlic.com/~lynn/2007f.html#78 What happened to the Teletype Corporation?

IBM System/3 & 3277-1

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM System/3 & 3277-1
Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main
Date: Thu, 25 Oct 2007 06:01:19 -0400
hancock4 writes:
What I don't understand is pre sorting a deck that will be used as input to the computer--couldn't the computer sort it faster than a person could? The machine sorted strictly sequentially, while the computer had bubble or shell sorts that were more efficient. maybe tape sorting was slow, but disk sorting should've been fast. If the machine had some core ie 128 k, then plenty of work could be done within the CPU at very high speed.

simple example would be fortran student jobs. the "master" of the program is the individual student's card deck. the student has access to only fortran compile & execution capability ... and compile would be one pass of the input card deck.

when i started, the univ. had 1401 that was used as unit-record front-end to 709. the card decks (potentially multiple student jobs) would be collected in card tray. when the tray approached full (our every couple hrs), the tray of cards would be read by the 1401 and transferred to tape. the tape would be carried to 709 tape drive and processed (sequentially, each job compiled and executed) with output going to another tape. When processing finished, the output tape would be moved to 1401 and results printed.

The operator would take the printed, fan-fold output, "burst it" ... i.e. tear it into individual jobs, match the bursted print output with corresponding original card deck, wrap the bursted print output around the input card deck (with rubber band) and place it in output bin for student pickup.

there were some administrative jobs that used sort ... but that frequently had trays and trays of cards ... written to tape .. and then multiple tape sort (with intermediate tape files) that ran for extended period of time.

i did write part of an application that was used for class registration. 2540 could not only read "holes" ... but also had the capability of reading "sense-marked" cards (i.e. no. 2 pencil marks in little boxes on cards). the 2540 had two feeds from the sides with five card stackers in the middle. one side read cards and could select two of the read-side stackers or the middle stacker, the other side punched cards and could select two of the punch-side stackers or the middle stacker.

class registration had all these sense-marked cards ... which would read and place in the middle stacker. if the processing found some problem with a card ... a blank card from the punch side would be punched behind the recently read sense-marked card (with some problem ... before the next card would be read/processed)

standard processing had an operator removing cards from the stacker and placing in card trays. all of the class registration sense-marked cards were plain manilla. the "punch" cards were loaded with cards that had yellow (or sometimes red) across the top band of the card.

once all class registration cards were processed ... there would be multiple trays ... sporadically sprinkled with yellow top-edge cards ... clearly identifying the registration cards with some kind of problem.

q&d conversion of gcard ios3270 to html
http://www.garlic.com/~lynn/gcard.html
reader/punch channel program command codes
http://www.garlic.com/~lynn/gcard.html#23

system/360 model 30 machine room, 2540 is seen in middle, in front of the tape drives and partly obscured by 2311 disk drive. the "card reader" (feed) is on the right and the punch is on the left, the five output stackers are in the center
http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_PP2030.html
system 370 model 40 machine room, 2540 is in upper middle
http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_PP2040.html

better picture of 2540 on the right with somebody loading deck of cards to be read
http://www.cs.ncl.ac.uk/events/anniversaries/40th/images/ibm360_672/slide19.jpg

Value of SSL client certificates?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Value of SSL client certificates?
Newsgroups: sci.crypt,comp.security.misc
Date: Thu, 25 Oct 2007 06:40:23 -0400
daw@taverner.cs.berkeley.edu (David Wagner) writes:
Can you elaborate? If the bank's web server uses SSL and knows the public key of each of their account holders, then I would have thought that would defeat MITM attacks.

we claimed that in x9.59 financial standard we eliminated the requirement to encrypt the transmission.

we had been called in to consult with this small client/server startup that wanted to do payment transactions on their server
http://www.garlic.com/~lynn/subnetwork.html#gateway

they had this technology they called SSL they had invented and they wanted to use it in conjunction with the payment transactions. They had the SSL domain name certificates as part of webserver authentication ... but for payment transactions we had to enhance it with mutual authentication ... for interaction between the webserver and the payment gateway. we also had to do detailed end-to-end business process analysis of the while operation ... including this things that were starting to call themselves certification authorities.

recent postings on the subject in some other threads
http://www.garlic.com/~lynn/2007q.html#30
http://www.garlic.com/~lynn/aadsm27.htm#62

afterwards we got involved in the x9a10 financial standards working group that had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. As part of that effort we eventually did a much detailed vulnerability and threat model study (including analysing exactly what benefits did the digital certificates provide in the previous effort related to SSL ... which is now frequently referred to as electronic commerce).

x9a10 effort resulted in the x9.59 payment standard that required every transaction to be authenticated.
http://www.garlic.com/~lynn/x959.html#x959

In the x9.59 standards document, it shows how this can be done with ec/dsa digital signature on every transaction and validated with a public key on file with the authorizing financial instituation (w/o requiring any digital certificate, the on-file public key making digital certificates redundant and superfluous).

part of the detailed vulnerability study found that there were actually much larger exploits of the transaction logs stored at various end points (and required for quite a few backroom business processes related to payment transactions) than were ever happening with evesdropping on transmitted transactions. so part of x9.59 financial standard (as part of the requirements given the x9a10 financial standard working group to preserve the integrity of the financial infrastructure for all retail payments) ... was to eliminate all the exploits ... not just the replay attacks from evesdropping attacks ... but also replay attacks resulting from harvesting things like transaction logs. the other issue was there have been studies that something upwards of 70percent of account fraud involves insiders (who have valid, required access to the information).

so part of the solution in x9.59 financial standard was to make evesdropping and/or havesting of previous transaction useless for performing fraudulent transactions ... i.e. even if attackers obtained the information (regardless of the means), it wouldn't be useful for doing things like various kinds of replay attacks or other fraudulent transactions. x9.59 didn't do anything about preventing unauthorized access to the information ... it just made it so that whatever kind of access there was ... the information couldn't be used by crooks to perform fraudulent transactions.

as part of the mutual authentication work for the original SSL, we came to realize that the digital certificates were redundent and superfluous (setting up long live encrypted sessions between the webservers and the payment gateway) ... because they both had to have registered information (including public key) of the entities that they were dealing with.

this was further highlighted when x9a10 working group looked as some of the other payment efforts going on at the same time that were oriented towards including digital certificates as part of a public key and digital signature operation.

one of the issues was that x.509 identity digital certificates from the early 90s were starting to become overloaded with personal information. by the mid-90s, numerous institutions had started to realize this represented significant liability and privacy problems ... and had regressed to something they called relying-party-only certificates
http://www.garlic.com/~lynn/subpubkey.html#rpo

these involved only including some sort of account number and/or other kind of database record locator (say userid) in the digital certificate ... and all the required information was onfile (and not being repeatedly sprayed all over the world in digital certificates). However, it is trivial to show that part of registration process that preceeds generating the digital certificate, the person's public key is also place on-file. As a result, it is then trivial to demonstrate that the digital certificate becomes redundant and superfluous.

The other part ... at least as far as payment transactions were concerned ... for even the reduced relying-party-only digital certificate processing (i.e. appending digital certificates to typical payment transaction) ... increased the payload (and typical processing) overhead by two orders of magnitude
http://www.garlic.com/~lynn/subpubkey.html#bloat

not only were the digital certificates redundant and superfluous ... but in the typical payment transaction operation, they represented a 100-fold increase in payload and processing overhead.

the x9 financial standards group did make some effort to look at the (redundant and superfluous) digital certificate enormous payload bloat in payment transactons with a standard project for compressed digital certificates (possible objective of reducing the enormous payload bloat from 100 times to possibly only 3-10 times).

one of the suggestions for compressed digital certificates was to eliminate all fields that were the same across all the digital certificates. my suggestions was doing information compression ... i.e. eliminate all fields that were already on-file with issuing relying-party. I was then able to show that all fields would be already on-file and therefor all fields could be eliminated. Rather than having a certificate-less infrastructure
http://www.garlic.com/~lynn/subpubkey.html#certless

there would be a transition to issuing zero-byte digital certificates ... and that all transactions would always have zero-byte digital certificates appended.

i.e. the redundant and superfluous nature of the digital certificates were futher reinforced (at least in payment transactions) by their enormous (two orders of magnitude) payload and processing bloat.

Value of SSL client certificates?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Value of SSL client certificates?
Newsgroups: sci.crypt,comp.security.misc
Date: Thu, 25 Oct 2007 07:00:34 -0400
Paul Rubin <http://phr.cx@NOSPAM.invalid> writes:
Oh yes, that would do it, I guess. Typically in SSL one just checks the validity of the signature on a certificate. That means the attacker could present a legitimate client certificate (from an illicit or hijacked account) to the server while opening a session logging in under the phished account. Using the certificate serial number to identify the account (assuming one trusts the CA to keep them unique) is one obvious fix that avoids messing with the actual public keys. I guess one should always do this.

re:
http://www.garlic.com/~lynn/2007q.html#72 Value of SSL client certificates?

... see the yes card scenario ... where they refer to "static data" authentication ... basically the digital certificate w/o the individual digital signature (which has been referred to as "active data")
http://www.garlic.com/~lynn/subintegrity.html#yescard

some of this (again) is related to the enormous processing and payload bloat associated with digital certificates (at least in the payment transaction scenario)

part of the issue is whether there is session level authentication ... but actual transactions still remain vulnerable (potentially requiring enormous amounts of encryption and other security measures to try and hide the vulnerable transactions)... discussed in these postings on the "naked transaction" metaphor
http://www.garlic.com/~lynn/subintegrity.html#payment




previous, next, index - home