List of Archived Posts

2007 Newsgroup Postings (12/05 - 12/16)

folklore indeed
T3 Sues IBM To Break its Mainframe Monopoly
T3 Sues IBM To Break its Mainframe Monopoly
folklore indeed
Remembering the CDC 6600
Public Computers
Open z/Architecture or Not
Public Computers
Open z/Architecture or Not
Open z architecture and Linux questions
Crypto Related Posts
Public Computers
folklore indeed
new 40+ yr old, disruptive technology
What do YOU call the # sign?
Public Computers
Fazing out x86
T3 Sues IBM To Break its Mainframe Monopoly
Folklore references to CP67 at Lincoln Labs
Distributed Computing
folklore indeed
Distributed Computing
What do YOU call the # sign?
T3 Sues IBM To Break its Mainframe Monopoly
What do YOU call the # sign?
What do YOU call the # sign?
T3 Sues IBM To Break its Mainframe Monopoly
What do YOU call the # sign?
What do YOU call the # sign?
Folklore references to CP67 at Lincoln Labs
folklore indeed
Public Computers
What do YOU call the # sign?
What do YOU call the # sign?
25 years: A technology timeline
What do YOU call the # sign?
What do YOU call the # sign?
folklore indeed
Mainframe Funeral
New, 40+ yr old, direction in operating systems
Computer language history
New, 40+ yr old, direction in operating systems
Fazing out x86
What do YOU call the # sign?
Distributed Computing
Folklore references to CP67 at Lincoln Labs
What do YOU call the # sign?
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
The future of PDSs
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
Nike 90 football shoes for sale
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
folklore indeed
Parse/Template Function
New, 40+ yr old, direction in operating systems
folklore indeed
The rise of parallelism (and other computing challenges)
folklore indeed
IBM Floating-point myths
Education ranking
IBM Floating-point myths
Education ranking
IBM mainframe history, was Floating-point myths
Education ranking
IBM mainframe history, was Floating-point myths
IBM Floating-point myths
IBM Floating-point myths
IBM mainframe history, was Floating-point myths
CompUSA to Close after Jan. 1st 2008

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 05 Dec 2007 14:44:30 -0500
cb@df.lth.se (Christian Brunschen) writes:
Interestingly enough, when I use my UK debit card (Visa) in the US, I have to use it as a credit card (i.e., if a cashier has a choice between 'credit' a 'debit' transactions, they have to choose credit').

some of this could be related to the walmart (joined by other merchants) class action antitrust suit against the card associations ...

a few web references:
http://www.transactionworld.com/articles/2003/July/industryTalksBack3.asp
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-22-2003/0001987111&EDATE
http://www.classactionrefund.com/VisaInfo.html
http://www.inrevisacheckmastermoneyantitrustlitigation.com/history.php3

misc. recent posts mentioning class-action anti-trust and/or interchange fees
http://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007i.html#17 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#47 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#59 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#72 Free Checking
http://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007r.html#31 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007r.html#40 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007s.html#64 Is the media letting banks off the hook on payment card security

T3 Sues IBM To Break its Mainframe Monopoly

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 06 Dec 2007 07:13:03 -0500
d10jhm1@US.IBM.COM (Jim Mulder) writes:
But actually it did not take decades, as the original release of MVS/XA in 1982 functionally supported 16-way SMP. Of course there were no such processors at the time (nothing greater than 2-way until the 4-way 3084), but it did run for testing purposes using 16 virtual CPUs on a modified version of VM. Of course, as larger processors were actually built, additional was done (and continues to be done) to address performance/scaling issues.

re:
http://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly

well, sort of.

one of the things to get rapidly to 16-way smp implementation, as well as addressing performance/scaling issues, was to relax standard 370 cache consistency rules (and, in fact, most SMP vendors going to larger numbers of processors have almost always involved how to deal with cache consistency issues).

remember that compare&swap ... misc. posts about smp and/or compare&swap
http://www.garlic.com/~lynn/subtopic.html#smp

was invented by charlie (compare&swap was chosen because CAS are charlie's initials) at the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

and i've mentioned before the original difficulty of getting compare&swap into 370 architecture. Some of the difficulties is why the example of program failure still appears in the compare&swap writeup
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/A.6.1?SHELF=DZ9ZBK03&DT=20040504121320

i've frequently claimed that the 801 risc effort
http://www.garlic.com/~lynn/subtopic.html#801

was attempt to go to the opposite extreme from what went on in FS
http://www.garlic.com/~lynn/submain.html#futuresys

and also claimed the lack of cache consistency in 801 risc was adverse reaction to the heavy performance penalty paid in 370 by its strong cache consistency requirement. in fact, it wasn't until somerset (joint ibm, motorola, apple, et all) for power/pc that there was (risc) work on smp and addressing cache consistency.

in any case, part of doing 16-way smp (and relaxing 370 cache consistency rules) was much more detailed attention paid to every piece of code (because of the associated hardware changes for relaxed cache consistency).

for some more topic drift, in just the 3084 time-frame, both mvs and (standard) vm had effort to go thru all kernel data & storage management and make sure things were cache-line sensitised. the issue was the increased probability that more than one cache might be accessing different data items which happened to overlap in the same cache line (resulting in significant cache line thrashing). The claim at the time was that this effort resulted in 5-10 percent increased system thruput (for 4-way). As the number of independent caches that had to be coordinated, goes up ... the probability increases that there is going to be some kind of cache interference.

T3 Sues IBM To Break its Mainframe Monopoly

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 06 Dec 2007 08:08:08 -0500
re:
http://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#1 T3 Sues IBM To Break its Mainframe Monopoly

for slightly more light-hearted, seasonal reference, old email with mvs/xa tso reference from long ago and far away:
Date: 08/26/82 15:24:21

re: mvs/xa; i've seen it for myself, a 3081 system completely idle except for one MVS/XA tso user. Response time is longer for that single TSO user on the 3081 than for CMS doing same type of stuff on a loaded 3033. MVS/XA is copy of the one that <large internal datacenter> is using for their development work. <the large internal datacenter> has gen'ed the TSO logo screen (in big block letters)

BAH HUMBUG

The only thing slower than the 3081 service processer (5+ seconds to single step one instruction) on the 3081 is possibly MVS/XA TSO. The observation is that TSO is so slow, that you have lots of time to syntax your next input & make sure that there are no mistakes (because if there are ... then things will really be slow).


... snip ... top of post, old email index

somewhat related to post in this thread
http://www.garlic.com/~lynn/2007t.html#40 Why isn't OMVS command integrated with ISPF?

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 06 Dec 2007 11:57:46 -0500
cb@df.lth.se (Christian Brunschen) writes:
And this of course is also precisely the reason why Apple are building Apple Stores like crazy: to reach as many people as possible, make Macs availabel to try and touch and buy on impulse right there, without having to rely on stores & chains which have shown they're not great at selling Macs.

Either way, you certainly can buy Macs in brick-and-mortar shops. The fact that you consider it 'cheating' that Apple themselves own and operate them doesn't change that fact in the slightest; on the contrary, the success of the Apple Stores shows that they, and Apple's retail strategy in general, are working, and what they do is precisely what you claim can't be done: get Macs into people's hands without Windows being involved in any way shape or form.


for some total folklore topic drift ... with some overlap with this thread:
http://www.garlic.com/~lynn/2007t.html#72 Remembering the CDC 6600

long ago and far away ... even before mac was announced, my brother was regional apple rep (claimed to have the largest physical territory in conus). one of the things he figured out was how to dial into corporate dataprocessing to look at manufacturing and delivery schedules ... which at the time, happened to be running on s/38.

sometimes when he was in town ... i would get invited to after work dinners. there were some with mac developers (before mac announcement) that i remember where i was arguing with them about features needed to be supported by mac in order to be succesful.

Remembering the CDC 6600

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Remembering the CDC 6600
Newsgroups: alt.folklore.computers
Date: Thu, 06 Dec 2007 14:21:51 -0500
John Byrns <byrnsj@sbcglobal.net> writes:
That was the rumor at the time. The machine came with a full time on site service engineer and I remember the service engineer for the 1604 I learned on had boxes full of these transistors that he used for component level repair of the logic boards. I have a vague memory of once having had an empty cardboard 1604 transistor box as a souvenir.

in the early 80s there were several hundred "1655" devices obtained for internal datacenters from an outside vendor. these were emulated 2305 fixed head disks for use as paging devices, implemented using memory chips. the folklore was that they used vendor memory chips that had failed tests for processor memory ... defiencies that could be compensated for by an embedded processor during the latency involved in doing block i/o transfers.

Public Computers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Public Computers
Newsgroups: alt.folklore.computers
Date: Thu, 06 Dec 2007 15:03:38 -0500
Morten Reistad <first@last.name> writes:
You get them with Atmel fingerprint scanners too.

part of the aads chipcard patent portfolio (disclaimer: we have no rights/interest)
http://www.garlic.com/~lynn/aadssummary.htm

includes a way to integrate into a single security infrastructure, software, hardware, single & multi-factor authentication; i.e. from 3-factor authentiction model ... misc. 3-factor posts:
http://www.garlic.com/~lynn/subintegrity.html#3factor

.... under something we called parameterised risk management i.e. being able to associate authentication processing integrity levels with specific risk level requirements.

we did do eal4+ evaluation on a specificly designed chip ... i had joked in the 90s about taking a $500 milspec part, doing aggressive cost reduction of 2-3 orders of magnitude while (at the same time) improving the security. part of the issue is that a lot of operations view the area as profit opportunity while we were purely treating the whole infrastructure as cost/expense.

i've complained in the past about not being able to do an eal5+ evaluation. misc. past posts about protection profiles. common critera, and EAL evaluations.
http://www.garlic.com/~lynn/aadsm12.htm#13 anybody seen (EAL5) semi-formal specification for FIPS186-2/x9.62 ecdsa?
http://www.garlic.com/~lynn/aadsm12.htm#14 Challenge to TCPA/Palladium detractors
http://www.garlic.com/~lynn/aadsm18.htm#41 Adding reliability and trust to smartcards
http://www.garlic.com/~lynn/aadsm18.htm#47 Dell to Add Security Chip to PCs
http://www.garlic.com/~lynn/aadsm18.htm#48 Dell to Add Security Chip to PCs
http://www.garlic.com/~lynn/aadsm21.htm#4 Another entry in the internet security hall of shame
http://www.garlic.com/~lynn/aadsm24.htm#23 Use of TPM chip for RNG?
http://www.garlic.com/~lynn/aadsm24.htm#26 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm25.htm#1 Crypto to defend chip IP: snake oil or good idea?
http://www.garlic.com/~lynn/aadsm27.htm#37 The bank fraud blame game
http://www.garlic.com/~lynn/2002c.html#15 Opinion on smartcard security requested
http://www.garlic.com/~lynn/2002h.html#71 history of CMS
http://www.garlic.com/~lynn/2002h.html#84 history of CMS
http://www.garlic.com/~lynn/2002j.html#86 formal fips186-2/x9.62 definition for eal 5/6 evaluation
http://www.garlic.com/~lynn/2002k.html#35 ... certification
http://www.garlic.com/~lynn/2002m.html#44 Beware, Intel to embed digital certificates in Banias
http://www.garlic.com/~lynn/2002m.html#72 Whatever happened to C2 "Orange Book" Windows security?
http://www.garlic.com/~lynn/2003c.html#39 DOD 5200.28-STD capable OS?
http://www.garlic.com/~lynn/2003i.html#35 electronic-ID and key-generation
http://www.garlic.com/~lynn/2003i.html#36 electronic-ID and key-generation
http://www.garlic.com/~lynn/2003k.html#51 Linux gets sensitive government use approval
http://www.garlic.com/~lynn/2003l.html#19 Secure OS Thoughts
http://www.garlic.com/~lynn/2003l.html#64 Can you use ECC to produce digital signatures? It doesn't see
http://www.garlic.com/~lynn/2004i.html#27 New Method for Authenticated Public Key Exchange without Digital Certificates
http://www.garlic.com/~lynn/2004j.html#2 Authenticated Public Key Exchange without Digital Certificates?
http://www.garlic.com/~lynn/2004m.html#41 EAL5
http://www.garlic.com/~lynn/2004m.html#49 EAL5
http://www.garlic.com/~lynn/2004m.html#50 EAL5
http://www.garlic.com/~lynn/2004m.html#53 4GHz is the glass ceiling?
http://www.garlic.com/~lynn/2005b.html#5 Relocating application architecture and compiler support
http://www.garlic.com/~lynn/2006t.html#38 Vulnerability Assessment of a EAL 4 system
http://www.garlic.com/~lynn/2007b.html#30 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007b.html#47 newbie need help (ECC and wireless)
http://www.garlic.com/~lynn/2007l.html#39 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007q.html#34 what does xp do when system is copying

Open z/Architecture or Not

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Open z/Architecture or Not
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 06 Dec 2007 15:43:30 -0500
BShannon@ROCKETSOFTWARE.COM (Bob Shannon) writes:
Sure. The thousands of in-stream usermods that were written prior to XA, and which greatly inhibited subsequent upgrades. I certainly agree that in the early days usermods were written to overcome functional deficiencies in MVS. Some, such as logical swap, were incorporated into MVS. Others, such as the dual master catalog mod at a large US insurance company, proved to be a nightmare to maintain and an even worse nightmare to remove.

cp67 and vm370 were notorious for user modifications ... in part because it shipped not only with full source ... but its whole customer maintenance infrastructure was source based (i.e. each fix shipped as incremental source update file).

in the early 80s there was a study of local vm370 system modifications. internal corporate "local" modifications were as large as the base system ... and the "share" library source changes were approximately equivalent to the internal corporate "local" modifications (in size and function).

part of all this started with unbundling announcement 23jun69
http://www.garlic.com/~lynn/submain.html#unbundle

starting to charge for application software. however, the case was made that kernel code could still be "free" (bundled).

A lot of the structural and functional enhancements that I had done to cp67 as an undergraduate (and was picked up and shipped in the product) was dropped in the morph from cp67 to vm370. However, I had done the port myself ... referenced in this prior post
http://www.garlic.com/~lynn/2007t.html#69 T3 Sues IBM TO Break its Mainframe Monopoly

and this old email
http://www.garlic.com/~lynn/2006v.html#email731212
http://www.garlic.com/~lynn/2006w.html#email750102

I distributed and supported the "CSC/VM" system (mentioned in the above) for a large number of internal datacenters. The product picked up some small pieces of the above as part of VM370 rel3.

However, other pieces were selected to be released as separate "resource manager" product ... and also got chosen to be guinea pig for unbundling/charging for kernel software (which met that i had to spend a lot of time with business people ironing out the policies for kernel software charging).
http://www.garlic.com/~lynn/subtopic.html#fairshare
http://www.garlic.com/~lynn/subtopic.html#wsclock

because of the extensive source oriented culture ... most customers managed to regularly track local source code changes as new releases came out.

However, I know of (at least) one notable exception. Somehow or another, a very early "CSC/VM" system was leaked to AT&T longlines. Over a period of years, they developed a large body of their own source changes ... never bothered to track releases, and migrated it to a number of their own machines. Nearly a decade later, I was tracked down by the AT&T national marketing rep about trying to help get AT&T longlines off this ancient CSC/VM system.

The "OCO-wars" (object code only) in the early 80s were somewhat turbulent.

There had been some number of commercial online timesharing services formed from cp67 and vm370.
http://www.garlic.com/~lynn/submain.html#timeshare

these were somewhat similar to the internal HONE systems that worldwide sales and marketing used
http://www.garlic.com/~lynn/subtopic.html#hone

One of these was Tymshare which in the mid-70s started providing the vmshare online discussion forum to share members. That vmshare forum has now been archived here
http://vm.marist.edu/~vmshare/

included in the forum archives are the OCO-war discussions from the early 80s.

Public Computers

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Public Computers
Newsgroups: alt.folklore.computers
Date: Thu, 06 Dec 2007 16:28:01 -0500
Morten Reistad <first@last.name> writes:
This discussion gave me some new self-insight. All the computer use I have done, from tops20 in 1978 onwards, has been to push the envelope of what is possible with computers. I tend to do what everyone else does 15 years later.

hee, hee, we weren't allowed to bid on nsfnet backbone ... some old email here
http://www.garlic.com/~lynn/lhwemail.html#nsfnet

but a NSF review of backbone (we had running internally) claimed that what we already had running was at least five yrs ahead of all nsfnet backbone bid submissions (to build something new).

other archeological references here
http://www.garlic.com/~lynn/subnetwork.html#nsfnet
and
http://www.garlic.com/~lynn/internet.htm

there is the claim that tcp/ip is the technology basis for modern internet, that nsfnet backbone was the operational basis for the modern internet and cix was the business basis for the modern internet.

there were some stuff that we had running on our backbone that looks to have (finally) shown up in internet2 activity.
http://www.internet2.edu/network/

for totally other topic drift

Internet2 Middleware Initiative
http://middleware.internet2.edu/

somewhat related to this recent (middleware) thread/post
http://www.garlic.com/~lynn/2007t.html#39 important

referencing these posts
http://www.garlic.com/~lynn/99.html#201 Middleware - where did that come from?
http://www.garlic.com/~lynn/99.html#202 Middleware - where did that come from?

which in turn reference these even older posts
http://www.garlic.com/~lynn/96.html#16
http://www.garlic.com/~lynn/96.html#17

Open z/Architecture or Not

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Open z/Architecture or Not
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
To: <ibm-main@bama.ua.edu>
Date: Thu, 06 Dec 2007 17:28:29 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
The "OCO-wars" (object code only) in the early 80s were somewhat turbulent.

re:
http://www.garlic.com/~lynn/2007u.html#6 Open z/Architecture or Not

as before the vmshare archives are at
http://vm.marist.edu/~vmshare/

old vmshare post about the vm source maint infrastructure, originally developed on cp67
http://vm.marist.edu/~vmshare/read?fn=HISTORY&ft=MEMO&line=49

a quicky search for some OCO related posts from archive ...

this is discussion from 93 regarding OCO's 10th b'day:
http://vm.marist.edu/~vmshare/browse?fn=OCO:BDAY&ft=MEMO

OCO Study Handouts from SHARE 72 (Feb89)
http://vm.marist.edu/~vmshare/browse?fn=OCOSTUDY&ft=NOTE

TUCC's MVS/370 to MVS/XA conversion experiences (Jun88)
http://vm.marist.edu/~vmshare/browse?fn=OCOCME&ft=NOTE

VM Program Products which should be distributed with Source Code. (started May80)
http://vm.marist.edu/~vmshare/browse?fn=VMSOURCE&ft=MEMO

old email mentioning vmshare
http://www.garlic.com/~lynn/lhwemail.html#vmshare

... including discussing obtaining monthly copies of all vmshare files for putting up on the HONE system for worldwide sales and marketing
http://www.garlic.com/~lynn/subtopic.html#hone

and other internal systems.

for other drift, one of the things i did during this period was do a rex(x)-implementation replacement for ipcs debugging tool.
http://www.garlic.com/~lynn/submain.html#dumprx

part of the issue was to demonstrate that rex(s) wasn't just another pretty exec language. the objective was to be able to replace the existing ipcs (which was a large body of assembler implemented code) with a

1) rex(x) implementation, 2) that took less than half-time over 3months to implement, 3) had ten times the function and 4) ten times the performance (took some slight of hand)

a side-effect was that if it was decided to replace the existing implementation ... then "source" would have to be shipped for the new ipcs ... regardless of any OCO-policy.

It was never decided to ship the implementation as replacement IPCS ... but it eventually came to be used at effectively all internal datacenters and the majority of PSRs processing customer reported problems.

However, i was approved to give a share presentation on the implementation ... and within a couple months after the presentation, there were a number of similar implementations by various organizations.

Open z architecture and Linux questions

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Open z architecture and Linux questions
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 07 Dec 2007 10:36:16 -0500
wdriscoll@JMESOFTWARE.COM (Wayne Driscoll) writes:
Not really answering either question, but on the topic of Q2, the recent port of Open Solaris to System z was done only under z/VM, with no attempt to get it to run under LPAR mode because of the increased amount of work LPAR mode would have added (paraphrased from the company that did the porting work). Now that the hard part of getting Linux to run in an LPAR has been done, I don't see the need to eliminate it, but it would be interesting to see the percentage of Linux on z usage in LPAR vs z/VM.

long ago and far away, similar arguments were made for both gold/au and aix/370. issue was that field engineering had lots of diagnostic, recording, and recovery requirements for servicing customer machines (EREP, RAS, etc).

the effort to add mainframe EREP/RAS functionality to any of these ports was several times larger than just doing the straight forward port (while vm was able to satisfy the requirement, including for any of its guest operating systems). however, over the yrs, there has been more and more of virtual machine support functionality being moved into LPAR and service processor operation.

slightly related recent post
http://www.garlic.com/~lynn/2007t.html#77 T3 Sues IBM To Break its Mainframe Monopoly

also in this post
http://www.garlic.com/~lynn/2007u.html#8 Open z/Architecture or Not

the reference to various OCO related material from vmshare archives, the reference to "TUCC's MVS/370 to MVS/XA conversion experiences" describes part of the success was having access to SIE and VM/SF information
http://vm.marist.edu/~vmshare/browse?fn=OCOCME&ft=NOTE

... part of difficulty discussion from above ...
The key to gaining performance from the primary guest operating system is the I/O Passthru feature of SIE. This allows the guest system to initiate I/O directly to the I/O subsystem without intervention from VM/SF. The SIE microcode assist is a documented feature, however the portion that supports I/O Passthru is not documented. As a result it took us two months to correct this problem. The problem was extraordinarly difficult to analyze, because the symptoms were noticeable only after the problem occured. We had all of MVS/370's I/O devices in I/O Passthru, including the Memorex 1270 devices. In certain circumstances, such as MVS disabling for 09x wait, VM/SF decided to remove all of the I/O from I/O Passthru. After taking all devices out of I/O passthru, VM/SF will then put them all back in. Performing this function requires that VM/SF perform a Modify Subchannel to each device to accomplish this.

... snip ...

Crypto Related Posts

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Crypto Related Posts
Newsgroups: bit.listserv.ibm-main
To: <ibm-main@bama.ua.edu>
Date: Fri, 07 Dec 2007 13:39:23 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
the x9.59 financial standard approach was then to fix the underlying weakness, lack of strong authentication ... which also then eliminated needing to hide the transaction information from crooks (since the information was useless w/o the proper authentication). some of this is discussed in the posts concerning the naked transaction metaphor
http://www.garlic.com/~lynn/subintegrity.html#payments


re:
http://www.garlic.com/~lynn/2007t.html#61 Re: Crypto Related Posts

some recent related:

Why should merchants keep credit card data?
http://www.networkworld.com/news/2007/121107-dns-attack-could-signal-phishing.html

the proposed approach was raised at least a decade ago ... it addresses harvesting "data-at-rest" in repostories ... but doesn't address the evesdropping and skimming attacks.
http://www.garlic.com/~lynn/subintegrity.html#harvest

previous business process difficulties (with the suggested approach) was availability of online connectivity (giving merchants access to the necessary data for required/mandated business operations). the pervasive growth of internet connectivity has somewhat mitigated those issues.

Can mid-market merchants comply with PCI standards?
http://www.networkworld.com/news/2007/120607-why-should-merchants-keep-credit.html

another approach that has been tried is the "one time account numbers" (as an approach to eliminating replay attacks ... aka eliminating being able to use information from previous transactions for fraudulent activity).

Public Computers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Public Computers
Newsgroups: alt.folklore.computers
Date: Fri, 07 Dec 2007 16:16:50 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
we did do eal4+ evaluation on a specificly designed chip ... i had joked in the 90s about taking a $500 milspec part, doing aggressive cost reduction of 2-3 orders of magnitude while (at the same time) improving the security. part of the issue is that a lot of operations view the area as profit opportunity while we were purely treating the whole infrastructure as cost/expense.

re:
http://www.garlic.com/~lynn/2007u.html#5 Public Computers

for even more topic drift
http://www.garlic.com/~lynn/2007t.html#61 Crypto Related Posts
http://www.garlic.com/~lynn/2007u.html#10 Crypto Related Posts

there was quite a bit of work in the 90s on countermeasures for PC-related security threats and vulnerabilities ... a lot of it focused on smartcard oriented hardware tokens (and smartcard readers).

there was extensive work on the EU FINREAD smartcard reader standard regarding countermeasures to most types of PC-related security problems.
http://www.garlic.com/~lynn/subintegrity.html#finread

then there was a disastrous attempted consumer deployment of (financial) smartcards where the resulting significant customer service problems resulted in a wide spread opinion that smartcards (and by implication other forms of hardware tokens) aren't practical in consumer market. some recent discussions:
http://www.garlic.com/~lynn/aadsm27.htm#34 The bank fraud blame game
http://www.garlic.com/~lynn/2007n.html#65 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007t.html#22 'Man in the browser' is new threat to online banking

the aftermath had all sorts of retrenching on various hardware token efforts ... not only in purely consumer market ... but even in commercial environments where there were fears that retrofitting existing PCs might cost hundreds of dollars (per PC) in resolving installation problems.

some investigation of the actual consumer problems turned out to be most were totally related to PC hardware serial port ... the disastrous attempted consumer deployment specifically involving a PC/SC compliant serial port smartcard reader.

the assertion has been that there was institutional knowledge that could have headed off the disastrous attempted smartcard deployment (which also resulted in aborting quite a few other efforts).

In the 80s, there were numerous PC-based dial-up online banking offerings. In the mid-90s there were numerous presentations about major justification for moving to internet online banking was eliminating all the customer support costs related to dial-up serial port modems. One presentation claimed that one online banking service had accumulated something like sixty different serial-port modem device drivers that cost them to support and maintain.

Transition to internet-based infrastructure moved all those dial-up modem support costs to ISPs ... which could amortize it across a much broader range of services. Also with much more pervasive use of dial-up modems, PC builders could justify including built in modems (totally eliminating after market modem installation problems). The signifant hardware serial port issues was also behind the USB activity.

In the wake of the disastrous attempted financial smartcard deployment, there were some attempts to correct specific problems with USB devices. However, the impression was already wide-spread that it was a general hardware token issue ... and not practical in the consumer market (as opposed to a hardware serial port specific issue).

The issue raised here has to do with the smartcard reader (as opposed to the hardware token itself)
http://www.garlic.com/~lynn/aadsm27.htm#38 The bank fraud blame game

In the EU FINREAD scenario, the consumer acquires their own FINREAD complient, stand-alone reader with its own display and input ... that operates independent of the PC it is connected to (and not subject to PC viruses, trojan horses, etc).

The problem shows up in a public environment ... how would a consumer know/trust whether or not any reader or terminal is actually FINREAD-complient, has not been (physically) compromised (at some point) and/or possibly counterfeit? Moving to a public environment, it then requires for an (especially paranoid) end-consumer to provide their own (secure/trusted) display and input device ... which implies (at least) something like a PDA or cellphone.

as mentioned in early AADS chip strawman post (from the 90s)
http://www.garlic.com/~lynn/aadsm2.htm#straw

the chip could either be packaged as an independent hardware token or as embedded chip in any sort of device.

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Fri, 07 Dec 2007 19:41:29 -0500
"Rostyslaw J. Lewyckyj" <urjlew@bellsouth.net> writes:
Once upon a time IBM realized that by catching them young, as students in college, you later had a ready supply of customers who advocated, bought, used IBM computers when they got out into the business world, and into positions of power. Today I received the latest brochure from one of the local technical institutes which listed among others all the computer courses that they offer. Nary a one of then was about using any computer that wasn't an Intel PC chip clone running a (the latest) Microsoft Windows systems and software applications. No mention of Apple, or Sun, or Linux, or Mozilla, Lotus, or other. So how can you expect a new generation of users to learn about all these other goodies.

re:
http://www.garlic.com/~lynn/2007u.html#3 folklore indeed

my brother said that when visiting (usually large institutional) customers, he would fawn over how fantastic their ibm-logo'ed coffee mugs were and would offer to trade an apple mug (or possibly 2-3) for their fantastic ibm mug.

previous mention coffee mugs
http://www.garlic.com/~lynn/2004l.html#46 Shipwrecks

some of the issues about attracting next generation were brought up in the recent thread in bit.listserv.ibm-main (need for low-end offering in educational/hobbiest context):
http://www.garlic.com/~lynn/2007t.html#68 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#69 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#71 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#75 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#77 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#1 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#2 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#6 Open z/Architecture or Not
http://www.garlic.com/~lynn/2007u.html#8 Open z/Architecture or Not
http://www.garlic.com/~lynn/2007u.html#9 Open z architecture and Linux questions

new 40+ yr old, disruptive technology

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: new 40+ yr old, disruptive technology
Newsgroups: alt.folklore.computers
Date: Fri, 07 Dec 2007 20:49:25 -0500
CJT <abujlehc@prodigy.net> writes:
Indeed. That was already being done at U. Mich. when I arrived in 1968.

re:
http://www.garlic.com/~lynn/2007t.html#44 new 40+ yr old, disruptive technology
http://www.garlic.com/~lynn/2007t.html#54 new 40+ yr old, disruptive technology
http://www.garlic.com/~lynn/2007t.html#55 new 40+ yr old, disruptive technology

for other topic drift, old post about my wife being at engineering graduate school in that period
http://www.garlic.com/~lynn/99.html#15 Glass Rooms (was Re: drum memory (was: Re: IBM S/360))

another mentioning
http://www.garlic.com/~lynn/2002l.html#22 Compter Architectures

that she got a job in future system project not long afterwards
http://www.garlic.com/~lynn/submain.html#futuresys

working for one of the people that had earlier been involved in the virtual machine cp40 system at the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

another old reference
http://www.garlic.com/~lynn/99.html#100 Why won't the AS/400 die? Or, It's 1999 why do I have to learn how to use

and another post about running into one of her classmates many yrs later (she was the only female in the class)
http://www.garlic.com/~lynn/2002o.html#68 META: Newsgroup cliques?

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Sat, 08 Dec 2007 09:17:15 -0500
Peter Moylan <peter@DIESPAMMERSDIEpmoylan.org> writes:
I hope it doesn't. I'm using Thunderbird as my newsreader, and each time it hits this thread the processor usage hits 100% for about a minute. (A consequence, no doubt, of the current "now that we have fast processors, good programming style is optional" programming style; but that's a gripe for another forum.) The thread is interesting, no doubt, but I keep wanting to break it just to avoid those delays.

early implementations frequently are non-linear ... they have a list that has to be travelled for every add, delete, query, change.

i saw that in the original cp67 delivered to the univ, dispatch/scheduling overhead grew non-linear as number of users increased.

for other drift ... much, much later, on first encountering unix, i commented about having fixed design flaws back in the 60s, conjecture that cp67 and unix (via multics) shared somewhat common history back to ctss ... aka some number of the ctss people went to the science center on the 4th flr of 545 tech sq and others went to multics on the 5th flr; misc posts mentioning 545 tech sq &/or science center
http://www.garlic.com/~lynn/subtopic.html#545tech

even quite a bit later ... i've mentioned getting called into consult with a small client/server startup that wanted to do payments on their server
http://www.garlic.com/~lynn/subnetwork.html#gateway

they were providing (server) online download for their client product and ran into a similar problem with nonlinear scaleup problem in tcp implementation ... in fact, there was a period in the valley where a large number of servers found that under increasing load, the processors were spending 99percent of the time in non-linear overhead dealing with a list.

The issue was that TCP sessions had been assumed to be long-lived and there would be relatively few sessions concurrently in close condition. This assumption was heavily violated by the client/server protocol that had been implemented ... using TCP layer to achieve a little additional reliability in the transaction oriented protocol. As a result, loaded systems could easily have thousands of entries in the session close management list.

for other drift ... possibly part of the reason that we were called in ... two of the people mentioned in this meeting
http://www.garlic.com/~lynn/95.html#13
http://www.garlic.com/~lynn/96.html#15

when we were doing ha/cmp product
http://www.garlic.com/~lynn/subtopic.html#hacmp
and cluster scaleup ... some old email
http://www.garlic.com/~lynn/lhwemail.html#medusa

... had moved on and were at this small client/server startup responsible for something they called a commerce server ... that would be doing the payment transactions ... and is frequently now referred to as electronic commerce.

a descendent of that small client/server startup organization is now responsible for the email/newsreader client you mentioned.

Public Computers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Public Computers
Newsgroups: alt.folklore.computers
Date: Sat, 08 Dec 2007 13:40:51 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
there was extensive work on the EU FINREAD smartcard reader standard regarding countermeasures to most of types of PC-related security problems.
http://www.garlic.com/~lynn/subintegrity.html#finread


re:
http://www.garlic.com/~lynn/2007u.html#5 Public Computers
http://www.garlic.com/~lynn/2007u.html#11 Public Computers

part of the issue is that some number of the chipcard and hardware token deployments were extremely narrowly focused ... where the chip may have been claimed to totally eliminate all security threats and vulnerabilities ... but in fact, the myopic chip-centric focus could result in actually decreasing overall integrity. this was easily observed with the chipcard work going on in the mid-90s resulting in the yes card vulnerabilities ... and even dating back to deployments in the late-90s:
http://www.garlic.com/~lynn/subintegrity.html#yescard

recent post mentioning spontaneous comment from somebody in the audience listening to yes card description; do you mean they managed to spend billions to prove that chipcards are less secure than magstripe?
http://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#61 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007r.html#34 Is the media letting banks off the hook on payment card security

... work that was going on concurrently when we were doing the AADS chip strawman
http://www.garlic.com/~lynn/x959.html#aads

in the finread terminal case, the chipcard is presumed to be something you have authentication that is difficult to counterfeit and/or spoof. strong authentication is then used to scaffold some other parts of a secure infrastructure. the problem with "dumb" reader attached to PC ... are virus, trojans, keyloggers, etc ... can manipulate the chipcard in the reader w/o knowledge of the associated human.

the finread terminal was to provide trusted display and input that was immune from widely occuring PC compromises. the trusted display would provide a trusted display of every operation. the trusted input/pinpad would be immune from common keyloggers and unable to be simulated by virus and trojans resident on the PC. Authentication operations require something you know PIN-entry to be passed directly to the chipcard.

The PIN-entry (in conjunction with chipcard) then represents multi-factor authentication (the chip something you have and the PIN something you know).

The PIN represents a "secret" ... but not a shared-secret ... some posts that differentiate between "secret" paradigms and shared-secret paradigms.
http://www.garlic.com/~lynn/subintegrity.html#secrets

Part of operation of finread certified terminal was that physical human action was required for every PIN-entry ... and the infrastructure was such that there wouldn't be associated chipcard operation until the correct (human entered) PIN has been provided (countermeasures to PC trojan keyloggers also able to simulate human keyboard entry to valid chipcard as part of fraudulent transactions).

The critical distinction regarding infrastructure requiring human action showed up when we were called in to help wordsmith the cal. state electronic signature legislation and later the federal legislation.
http://www.garlic.com/~lynn/subpubkey.html#signature

Some factions were pushing hard to have digital signatures equivalent to human signatures. The observation was that human signatures require explicit action demonstrating having read, understood, agrees, approves, and/or authorizes.

Digital signatures are purely an indication of something you have authentication ... and are frequently performed w/o any demonstration of corresponding human action demonstrating having read, understood, agrees, approves, and/or authorizes. In some cases it was simply semantic confusion and/or cognitive dissonance because the terms "digital signature" and "human signature" both contain the word "signature".

for some additional topic drift:
http://www.answers.com/topic/cognitive-dissonance?cat=biz-fin

from above:
In general: psychological theory of human behavior. The theory suggests that conflicts between behavior and beliefs create a sense of discomfort, or cognitive dissonance, that the individual subconsciously attempts to eliminate by modifying his or her beliefs. For example, a man who believes in nonviolence may strike someone in anger. The theory states that the man will either modify his beliefs about nonviolence to justify the violent behavior or will believe his action to be something other than violence.

... snip ...

in this application is some believing that if they validate a "digital signature" that it is then equivalent to "human signature" (w/o requiring any additional supporting infrastructure).

Fazing out x86

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Fazing out x86
Newsgroups: comp.arch
Date: Sat, 08 Dec 2007 14:10:26 -0500
Paul Gotch <paulg@at-cantab-dot.net> writes:
Indeed IBMs methadology is heavily based round a standard cell library as much automation as they can get away with. So they trade some performance and power efficency for fewer engineers and faster turnaround time.

Getting a really low power chip requires full custom layout and and tight process. Or something semicustom and not mainstream like
http://www.intrinsity.com/

the headroom you get out of using something like Fast14 does depend critically on exactly how the core was designed to start off with though.


in (at least) the 70s and 80s there were quite a few internal people working on VLSI design tools. I saw some amount doing work with the Los Gatos VLSI group. In fact, the Los Gatos VLSI tools group originally created the corporate pascal compiler in support of their VLSI tool development (which was eventually released as product on both mainframe and RISC).

in the wake of the company going thru its downturn, including going into the red in 1992 ... quite a bit of the internal tool groups were dissolved and transition made to standard vendor tools. during this period, there were some number of people from VSLI tool groups doing technology transfer to outside vendors ... as sort of last task prior to their position being eliminated (some then showed up at as employees of the vendors they had been working with).

In the case of the Los Gatos group ... the bldg was leveled and the land sold off for housing development.

T3 Sues IBM To Break its Mainframe Monopoly

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Sun, 09 Dec 2007 07:19:37 -0500
hancock4 writes:
Many of my employers got non IBM peripherals or auxillary units to save money. They weren't as good but the cash savings were significant.

major justification for launching fs project
http://www.garlic.com/~lynn/submain.html#futuresys

discussed in some detail in this reference (by one of the executives):
http://web.archive.org/web/20110718153549/http://www.ecole.org/Crisis_and_change_1995_1.htm
http://www.ecole.org/en/seances/CM07

from above:
IBM tried to react by launching a major project called the 'Future System' (FS) in the early 1970's. The idea was to get so far ahead that the competition would never be able to keep up, and to have such a high level of integration that it would be impossible for competitors to follow a compatible niche strategy. However, the project failed because the objectives were too ambitious for the available technology. Many of the ideas that were developed were nevertheless adapted for later generations. Once IBM had acknowledged this failure, it launched its 'box strategy', which called for competitiveness with all the different types of compatible sub-systems. But this proved to be difficult because of IBM's cost structure and its R&D spending, and the strategy only resulted in a partial narrowing of the price gap between IBM and its rivals

... snip ...

I had participated having worked on a clone controller as an undergraduate in the 60s (project precipitated because I couldn't quite get the ibm box to do what I wanted) ... misc. past refs
http://www.garlic.com/~lynn/subtopic.html#360pcm

other posts in the thread
http://www.garlic.com/~lynn/2007t.html#68 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#69 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#71 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#75 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#77 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#1 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#2 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#6 Open z/Architecture or Not
http://www.garlic.com/~lynn/2007u.html#8 Open z/Architecture or Not
http://www.garlic.com/~lynn/2007u.html#9 Open z architecture and Linux questions

Folklore references to CP67 at Lincoln Labs

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Folklore references to CP67 at Lincoln Labs
Newsgroups: alt.folklore.computers
Date: Sun, 09 Dec 2007 08:14:00 -0500
a few (out of a large number) lincoln lab folklore from Melinda's paper at
http://www.leeandmelindavarian.com/Melinda/
http://www.leeandmelindavarian.com/Melinda/

footnote on 360/67 SLT instruction
"The 360/67 SLT instruction RPQ was designed at Lincoln by Jack Nolan. He was interested in using it for database list processing. Once it was implemented, IBM found use for it to process lists in the CP nucleus. I don't know if it was ever used by TSS or for any applications program." (J.M. Winett, private communication, 1990.)

... snip ...

footnotes on two cp67 commercial timesharing companies (Arnow was director of computing at Lincoln):
Almost immediately after that, two "spinoff" companies were formed by former employees of Lincoln Lab, Union Carbide, and the IBM Cambridge Scientific Center, to provide commercial services based on CP/CMS. Dick Bayles, Mike Field, Hal Feinleib, and Bob Jay went to the company that became National CSS.

Harit Nanavati, Bob Seawright, Jack Arnow, Frank Belvin, and Jim March went to IDC (Interactive Data Corporation). Although the loss of so many talented people was a blow, the CSC people felt that the success of the two new companies greatly increased the credibility of CP-67


... snip ...

lots of past posts mentioning cp67&vm370 commercial timesharing (including ncss and idc)
http://www.garlic.com/~lynn/submain.html#timeshare

The SLT (or search list) was used in CP67 kernel to search internal kernel storage management tables. It was dropped when CP67 added storage allocation "subpool" logic ... which was orders of magnitude faster than searching lists ... even with hardware instruction. minor recent topic drift mentioning list search overhead:
http://www.garlic.com/~lynn/2007u.html#14 What do YOU call the # sign?

I have an old SHARE Lincoln Labs software contribution document for LLMPS listing Belvin and Winett as authors. Recent folklore reference that MTS implementation was scaffold off LLMPS:
http://www.garlic.com/~lynn/2007t.html#54 new 40+ yr old, disruptive technology

for other topic drift ... an updated "database" hardware instruction support from current principles of operation (trees instead of lists, courtesy of Luther):
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/A.7?SHELF=DZ9ZBK03&DT=20040504121320

back in days working on the original RDBMS/SQL
http://www.garlic.com/~lynn/submain.html#systemr

there were a number of similar efforts on other database organization efforts (that shared some of the same objectives as system/r) that I also got to work on. One of them used some ideas similar to Luther's ... and, in fact, had him in to consult on some of the implementation.

misc. past posts mentioning SLT
http://www.garlic.com/~lynn/2000d.html#47 Charging for time-share CPU time
http://www.garlic.com/~lynn/2001c.html#15 OS/360 (was LINUS for S/390)
http://www.garlic.com/~lynn/2001d.html#23 why the machine word size is in radix 8??
http://www.garlic.com/~lynn/2001d.html#33 Very CISC Instuctions (Was: why the machine word size ...)
http://www.garlic.com/~lynn/2001h.html#71 IBM 9020 FAA/ATC Systems from 1960's
http://www.garlic.com/~lynn/2002.html#14 index searching
http://www.garlic.com/~lynn/2002.html#48 Microcode?
http://www.garlic.com/~lynn/2002f.html#54 WATFOR's Silver Anniversary
http://www.garlic.com/~lynn/2002h.html#87 Atomic operations redux
http://www.garlic.com/~lynn/2003m.html#35 SR 15,15 was: IEFBR14 Problems
http://www.garlic.com/~lynn/2004l.html#17 IBM 3090 : Was (and fek that) : Re: new computer kits
http://www.garlic.com/~lynn/2005b.html#28 Relocating application architecture and compiler support
http://www.garlic.com/~lynn/2005c.html#35 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2006e.html#40 transputers again was: The demise of Commodore
http://www.garlic.com/~lynn/2006j.html#21 virtual memory
http://www.garlic.com/~lynn/2007q.html#15 The SLT Search LisT instruction - Maybe another one for the Wheelers
http://www.garlic.com/~lynn/2007q.html#17 The SLT Search LisT instruction - Maybe another one for the Wheelers

Distributed Computing

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Distributed Computing
Newsgroups: alt.folklore.computers
Date: Sun, 09 Dec 2007 09:28:17 -0500
A lot of vendors that have played in GRID (originally for various high-energy physics labs) have been trying to move the products into other market segments ... finding some early adopters in financial sector.

In the early 90s, there were quite a few projects attempting to re-engineer legacy systems with distributed "killer micros" of the period; large number of major efforts were built that used distributed object oriented technologies. a couple old posts mentioning "killer micros":
http://www.garlic.com/~lynn/2004p.html#12 360 longevity, was RISCs too close to hardware?
http://www.garlic.com/~lynn/2006.html#47 "VAX" Tradename reused !

The problem was that past the toy demo stage ... most found that the distributed object oriented technologies use, resulted in a factor of one hundred fold (or greater) increase in overhead ... vis-a-vis the existing mainframe legacy implementations (totally eliminating anticipated cost-savings and thruput scaleup). There were billions of dollars spent on these failed attempts to re-engineer legacy (mainframe) systems.

One of the areas that such efforts in the financial industry was focused at was the overnight batch window. Across a broad range of "real-time" transactions ... there was actually still a serious bottleneck. In many situations, the "batch applications" from the 60s&70s ... started to see "online" front-ends being built in the 70s&80s. However, these "online" implementations frequently only recorded details ... which were then queued up for final processing in overnight batch. The problems were two-fold, 1) growing businesses were finding that the workload was starting to exceed the capacity thruput of overnight batch window and 2) businesses moving into international operations were forcing the number of hrs for the overnight batch window to decrease.

One of the buzz-words from the early 90s was straight through processing (or STP) ... i.e. transactions would be processed in real-time all the way to completion (rather than being queued for final processing in the overnight batch window).

recent posts mentioning overnight batch window issues:
http://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
http://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?

The newer generation effort is looking at combining several technologies, the physical packaging and management from GRID, virtualization for transparently handling large number of different work items ... and numerous related activities attempting to address efficient distributed scaleup issues.

We had worked on some of this in scaleup ... old email
http://www.garlic.com/~lynn/lhwemail.html#medusa

in our ha/cmp product activities
http://www.garlic.com/~lynn/subtopic.html#hacmp

also in these old postings
http://www.garlic.com/~lynn/95.html#13
http://www.garlic.com/~lynn/96.html#15

One of the holy grails is to achieve significant improvements in distributed computing technologies to get the necessary cost savings and scaleup so that there can actually be a move to straight through processing and eliminate the legacy overnight batch window implementations (and related workload scaleup limitations).

a recent item in this area:

Red Hat Challenges IBM With Open Source Messaging System
http://news.yahoo.com/s/cmp/20071209/tc_cmp/204702773

from above:
Enterprise MRG is a combination of AMQP with real-time operations already in the Linux kernel and grid computing capabilities flowing out of the Condor Project at the University of Wisconsin.
...
AMQP.org established by developers at JPMorgan Chase; contributors include Credit Suisse, Goldman Sachs, GE HP, Shell


... snip ...

it also references this website (which has an SSL certificate problem)

Advanced Message Queuing Protocol
https://jira.amqp.org/confluence/display/AMQP/Advanced+Message+Queuing+Protocol;jsessionid=7D159C65507C768C14D3749ABB864F71

from above:
Contributors

Cisco Systems, Credit Suisse, Deutsche Börse Systems, Envoy Technologies, Inc., Goldman Sachs, IONA Technologies PLC, iMatix Corporation sprl., JPMorgan Chase Bank Inc. N.A, Novell, Rabbit Technologies Ltd., Red Hat, Inc., TWIST Process Innovations ltd, and 29West Inc.


... snip ...

other recent posts mentioning GRID:
http://www.garlic.com/~lynn/2007.html#33 Just another example of mainframe costs
http://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007k.html#22 Another "migration" from the mainframe
http://www.garlic.com/~lynn/2007k.html#23 Another "migration" from the mainframe
http://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#42 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007l.html#63 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#65 mainframe = superserver
http://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
http://www.garlic.com/~lynn/2007r.html#59 Fixing our fraying Internet infrastructure
http://www.garlic.com/~lynn/2007s.html#62 Translation of IBM Basic Assembler to C?

folklore indeed

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sun, 09 Dec 2007 09:56:56 -0500
jmfbahciv writes:
It's impossible. The software people don't have any control over the schedules of the hardware.

modulo some exceptions.

lots of 370 machines were in customer shops by the time they got around to announcing hardware virtual memory for 370s. this required adding virtual memory hardware to all new 370 machines ... but also offering a field hardware upgrade to existing 370 machines in the field.

the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

had worked with endicott to modify cp67 (running on real 360/67) to emulate 370 (including all the virtual memory features ... which differed in many ways from the 360/67 implementation). This was in common operation a year before the first 370 (145) engineering machine with virtual memory was working.

however, the 370/165 engineers were running into some significant difficulties implementing the full 370 virtual memory architecture. In various resolution meetings, they proposed dropping several features from 370 virtual memory architecture ... in order to gain (at least) six months in their schedule. The people from the favorite son operating system in pok could see no problem with dropping the features.

vm370 was already dependent on the new features ... and when they were dropped (the elimination of the features had to be propagated across all machines in the 370 line) ... had to go back and make some revisions with quick&dirty kludge (namely related to shared-segment support).

misc. past posts mentioning 370/165-II implementation problems and gaining six months in delivery schedule by software groups aggreeing that the additional virtual memory architecture features could be dropped/eliminated
http://www.garlic.com/~lynn/95.html#3 What is an IBM 137/148 ???
http://www.garlic.com/~lynn/99.html#7 IBM S/360
http://www.garlic.com/~lynn/99.html#204 Core (word usage) was anti-equipment etc
http://www.garlic.com/~lynn/99.html#209 Core (word usage) was anti-equipment etc
http://www.garlic.com/~lynn/2000d.html#82 "all-out" vs less aggressive designs (was: Re: 36 to 32 bit transition)
http://www.garlic.com/~lynn/2000f.html#55 X86 ultimate CISC? No. (was: Re: "all-out" vs less aggressive designs)
http://www.garlic.com/~lynn/2000f.html#63 TSS ancient history, was X86 ultimate CISC? designs)
http://www.garlic.com/~lynn/2000g.html#15 360/370 instruction cycle time
http://www.garlic.com/~lynn/2000g.html#16 360/370 instruction cycle time
http://www.garlic.com/~lynn/2001.html#63 Are the L1 and L2 caches flushed on a page fault ?
http://www.garlic.com/~lynn/2001b.html#37 John Mashey's greatest hits
http://www.garlic.com/~lynn/2001k.html#8 Minimalist design (was Re: Parity - why even or odd)
http://www.garlic.com/~lynn/2002.html#50 Microcode?
http://www.garlic.com/~lynn/2002g.html#47 Why are Mainframe Computers really still in use at all?
http://www.garlic.com/~lynn/2002m.html#2 Handling variable page sizes?
http://www.garlic.com/~lynn/2002m.html#68 Tweaking old computers?
http://www.garlic.com/~lynn/2002n.html#10 Coherent TLBs
http://www.garlic.com/~lynn/2002n.html#58 IBM S/370-168, 195, and 3033
http://www.garlic.com/~lynn/2003e.html#12 Resolved: There Are No Programs With >32 Bits of Text
http://www.garlic.com/~lynn/2003f.html#56 ECPS:VM DISPx instructions
http://www.garlic.com/~lynn/2003g.html#19 Multiple layers of virtual address translation
http://www.garlic.com/~lynn/2003g.html#20 price ov IBM virtual address box??
http://www.garlic.com/~lynn/2003h.html#37 Does PowerPC 970 has Tagged TLBs (Address Space Identifiers)
http://www.garlic.com/~lynn/2003m.html#37 S/360 undocumented instructions?
http://www.garlic.com/~lynn/2004c.html#6 If the x86 ISA could be redone
http://www.garlic.com/~lynn/2004p.html#8 vm/370 smp support and shared segment protection hack
http://www.garlic.com/~lynn/2005b.html#62 The mid-seventies SHARE survey
http://www.garlic.com/~lynn/2005h.html#10 Exceptions at basic block boundaries
http://www.garlic.com/~lynn/2005h.html#18 Exceptions at basic block boundaries
http://www.garlic.com/~lynn/2005j.html#39 A second look at memory access alignment
http://www.garlic.com/~lynn/2005p.html#45 HASP/ASP JES/JES2/JES3
http://www.garlic.com/~lynn/2006.html#13 VM maclib reference
http://www.garlic.com/~lynn/2006.html#38 Is VIO mandatory?
http://www.garlic.com/~lynn/2006e.html#0 About TLB in lower-level caches
http://www.garlic.com/~lynn/2006e.html#5 About TLB in lower-level caches
http://www.garlic.com/~lynn/2006e.html#12 About TLB in lower-level caches
http://www.garlic.com/~lynn/2006i.html#4 Mainframe vs. xSeries
http://www.garlic.com/~lynn/2006i.html#9 Hadware Support for Protection Bits: what does it really mean?
http://www.garlic.com/~lynn/2006i.html#23 Virtual memory implementation in S/370
http://www.garlic.com/~lynn/2006j.html#5 virtual memory
http://www.garlic.com/~lynn/2006j.html#41 virtual memory
http://www.garlic.com/~lynn/2006l.html#22 Virtual Virtualizers
http://www.garlic.com/~lynn/2006m.html#26 Mainframe Limericks
http://www.garlic.com/~lynn/2006n.html#16 On the 370/165 and the 360/85
http://www.garlic.com/~lynn/2006s.html#61 Is the teaching of non-reentrant HLASM coding practices ever defensible?
http://www.garlic.com/~lynn/2006t.html#1 Is the teaching of non-reentrant HLASM coding practices ever
http://www.garlic.com/~lynn/2006u.html#60 Why these original FORTRAN quirks?
http://www.garlic.com/~lynn/2006y.html#26 moving on
http://www.garlic.com/~lynn/2006y.html#35 The Future of CPUs: What's After Multi-Core?
http://www.garlic.com/~lynn/2007d.html#32 Running OS/390 on z9 BC
http://www.garlic.com/~lynn/2007f.html#7 IBM S/360 series operating systems history
http://www.garlic.com/~lynn/2007g.html#72 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007j.html#43 z/VM usability
http://www.garlic.com/~lynn/2007n.html#35 IBM obsoleting mainframe hardware
http://www.garlic.com/~lynn/2007o.html#41 Virtual Storage implementation
http://www.garlic.com/~lynn/2007o.html#53 Virtual Storage implementation
http://www.garlic.com/~lynn/2007p.html#70 GETMAIN/FREEMAIN and virtual storage backing up
http://www.garlic.com/~lynn/2007p.html#74 GETMAIN/FREEMAIN and virtual storage backing up
http://www.garlic.com/~lynn/2007r.html#62 CSA 'above the bar'
http://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly

Distributed Computing

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Distributed Computing
Newsgroups: alt.folklore.computers
Date: Sun, 09 Dec 2007 11:25:48 -0500
re:
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing

I've posted before about overnight batch window and being called in to look at one such large legacy application.
http://www.garlic.com/~lynn/2006u.html#50 Where can you get a Minor in Mainframe?
http://www.garlic.com/~lynn/2007l.html#20 John W. Backus, 82, Fortran developer, dies

... a 450k-plus line cobol program that ran on large tens of max'ed out mainframe systems (avg. $30m/per) ... this was at the same time the organization was spending a few hundred million on a distributed computing replacement.

it appeared at the time (thru much of the 90s), nobody in the industry was bothering to benchmark the (distributed object-oriented) toy demos and/or doing the related speeds&feeds analysis ... possibly because belief in mantra that a large enuf number of killer micros could overcome any level of inefficienciy ... and/or some of the other organizations on the distributed (object-oriented) computing bandwagon should have already done the speeds&feeds analysis. in fact, large billions went down the drain on these kinds of projects w/o anybody having done the necessary analysis.

In the case of the large 450k-plus line cobol program ... most of its lifetime it had been subject to "hot-spot" analysis ... i.e. sampling instruction location ... and then optimizing the instruction region where the program spent majority of its time. This approach had somewhat hit the wall and was showing little or no further returns.

This is similar to the analysis we did for architecting ECPS ... which used both instruction address smapling as well as time-stamping entry/exit ... old post about ECPS and results of time-stamping study
http://www.garlic.com/~lynn/94.html#21 370 ECPS VM microcode assist

I've mentioned before that the science center also pioneered system modeling and multiple regression analysis for performance work (as well as early work that eventually turned into capacity planning). Lots of past related posts:
http://www.garlic.com/~lynn/submain.html#benchmark

One of the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

system modeling efforts was implemented in APL and (among other things) was deployed on the world-wide sales & marketing (vm-based) HONE system
http://www.garlic.com/~lynn/subtopic.html#hone

as the performance predictor. Sales/Marketing people could input customer configuration and workload profiles ... and ask "what if" questions about what happens when there are configuration and/or workload changes.

A distant descendent of the performance predictor was "sold off" during the corporation downturn period ... recent reference in another context in comp.arch post
http://www.garlic.com/~lynn/2007u.html#16 Fazing out x86

which then was taken and run thru an APL->C translator and the person was using it in a succesful performance consulting business (large enterprise customers ... and not just mainframe). This person had also been hired to look at the large legacy overnight batch window application.

So the final thing that wasn't being done was multiple regression analysis. So I got them to supply me with a whole load of "activity" statistics across a large number of nightly runs on a large number of different machines ... to process. This identified a very fruitful area from which a 15percent performance improvement was gained (a functional area that wasn't obvious from other techniques). While 15percent doesn't seem like a lot ... if it is measured in just the hardware costs of the associated mainframes ... it comes to a couple hundred million.

a few past posts mentioning the activity:
http://www.garlic.com/~lynn/2002l.html#62 Itanium2 performance data from SGI
http://www.garlic.com/~lynn/2005d.html#6 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005k.html#17 More on garbage collection
http://www.garlic.com/~lynn/2005n.html#18 Code density and performance?
http://www.garlic.com/~lynn/2006f.html#22 A very basic question
http://www.garlic.com/~lynn/2006g.html#4 The Pankian Metaphor
http://www.garlic.com/~lynn/2006o.html#23 Strobe equivalents
http://www.garlic.com/~lynn/2006s.html#24 Curiousity: CPU % for COBOL program
http://www.garlic.com/~lynn/2006t.html#28 Why these original FORTRAN quirks?
http://www.garlic.com/~lynn/2006u.html#50 Where can you get a Minor in Mainframe?
http://www.garlic.com/~lynn/2007g.html#71 PAAppViewer3 (AppViewer3)?

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Sun, 09 Dec 2007 14:06:42 -0500
jmfbahciv writes:
Every once in a while I daydream about a pol who suddenly discovered a great leap in popularity because he didn't split his tongue.

cspan writer/book program this morning:

Camelot and the Cultural Revolution: How the Assassination of John F. Kennedy Shattered American Liberalism
http://www.booktv.org/program.aspx?ProgramId=8968&SectionName=&PlayMedia=No

will be repeated next sunday.

some of the statements had to do with the democratic party changing from the party of John Locke ... wiki reference:
https://en.wikipedia.org/wiki/John_Locke

to the party of Hegel ... wiki reference:
https://en.wikipedia.org/wiki/Georg_Wilhelm_Friedrich_Hegel

There were some comments about Jackie and others felt that the shooting should have been the responsibility of the far right dispite there being absolutely no facts to support the feelings (and being at the root of the subsequent conspiracy theories) ... possibly as a way of attempting to make the death more meaningful.

Also some comments about contributing to the rise of appearance over substance.

T3 Sues IBM To Break its Mainframe Monopoly

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
To: <ibm-main@bama.ua.edu>
Date: Sun, 09 Dec 2007 14:44:59 -0500
shmuel+ibm-main@PATRIOT.NET (Shmuel Metz , Seymour J.) writes:

> The only operating systems that are legal to run on Hercules are Linux,
> and MVS 3.8 (I think).

Shirley all of these are legal:

BOS/360
BPS/360
CALL/360
CP/67
DOS/VSE
DOS/360
MTS
OS/VS1
OS/VS2 R1.7 (SVS)
TOS/360
TSS/360
VMF/370

this recent post references
http://www.garlic.com/~lynn/2007u.html#18 Folklore references to CP67 at Lincoln Labs

some (virtual machine) cp67 historical references from Melinda's VM paper at
http://www.leeandmelindavarian.com/Melinda/
http://www.leeandmelindavarian.com/Melinda/

mentioning that very early, two new commercial companies were formed to offer (virtual machine) cp67-based commercial timesharing services
http://www.garlic.com/~lynn/submain.html#timeshare

drawing people heavily from Science Center,
http://www.garlic.com/~lynn/subtopic.html#545tech

Lincoln Labs, and Union Carbide.

It also makes references to MTS folklore having been initially built on top of Lincoln Labs "LLMPS".

There was an OS/360 operators console application called ONLINE/OS that provided CMS-like interactive functionality. It was most frequently used with PCP ... but could also be used on MFT and MVT.

CP67 had a function that could save a "virtual memory" image of a running virtual machine. This was used with CMS to get rapid startup. However, a technique was developed that could also "checkpoint" a virtual memory image of OS/360 ... at point when I/O had been quiesed ... allowing OS/360 "quick start" in a virtual machine (just restore the saved virtual memory image). This could be used in conjunction with restoring a saved image of OS/360 where ONLINE/OS had already been up and running.

old posts mentioning online/os
http://www.garlic.com/~lynn/2001i.html#34 IBM OS Timeline?
http://www.garlic.com/~lynn/2001n.html#45 Valid reference on lunar mission data being unreadable?
http://www.garlic.com/~lynn/2004.html#48 AMD/Linux vs Intel/Microsoft
http://www.garlic.com/~lynn/2004d.html#33 someone looking to donate IBM magazines and stuff
http://www.garlic.com/~lynn/2007b.html#50 Is anyone still running

part of Melinda's paper has appendix mentioning ONLINE/OS was never released outside the company (although I had a copy of it at the university in the 60s, also much of the original work had been done by a person on assignment from Union Carbide) ref:
E.C. Hendricks, C.I. Johnson, R.D. Seawright, and D.B. Tuttle, Introduction to ONLINE/OS and ONLINE/OS User's Guide, IBM Cambridge Scientific Center Reports 320-2036, 320-2037, March, 1969

What do YOU call the # sign?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Sun, 09 Dec 2007 15:45:00 -0500
"Skitt" <skitt99@comcast.net> writes:
When I was a kid, in Latvia, Saturday baths were the norm, but I got more than two inches of water in the tub. Probably around six. First one had to light the in-line heater, though. Our apartment had cold water piped for the tub (with shower), the kitchen sink, and for flushing the toilet (in its own tiny room). What would make most people in the USA shudder is that there were no facilities for washing one's hands after a toilet visit. The up-side of that is that one grew up more resistant to all sorts of bugs, if childhood was survived. There's not much that bothers me now. I have even partaken of the water in Mexico with no bad results.

and now for some latvia computer drift
http://inventions.lza.lv/izg_en.php?id=34

slightly related past posts:
http://www.garlic.com/~lynn/97.html#19 Why Mainframes?
http://www.garlic.com/~lynn/2001k.html#8 Minimalist design (was Re: Parity - why even or odd)
http://www.garlic.com/~lynn/2001k.html#65 SMP idea for the future
http://www.garlic.com/~lynn/2002h.html#21 PowerPC Mainframe
http://www.garlic.com/~lynn/2002l.html#69 The problem with installable operating systems
http://www.garlic.com/~lynn/2003.html#72 Disk drives as commodities. Was Re: Yamhill
http://www.garlic.com/~lynn/2003l.html#31 IBM Manuals from the 1940's and 1950's
http://www.garlic.com/~lynn/2003n.html#29 Architect Mainframe system - books/guidenance
http://www.garlic.com/~lynn/2004q.html#30 High Level Assembler for MVS & VM & VSE
http://www.garlic.com/~lynn/2005.html#21 The Soul of Barb's New Machine (was Re: creat)

What do YOU call the # sign?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Sun, 09 Dec 2007 16:21:05 -0500
re:
http://www.garlic.com/~lynn/2007u.html#24 What do YOU call the # sign?

and for totally unrelated, when i was a kid, we would bath in pool in nearby river on saturdays (at least in the summer) ... used bars of ivory since they floated.

there have been recent news articles speculating that significant higher incidence of asthma among kids from urban environments vis-a-vis children raised in the country ... is that non-urban environment exposes children to variety of environmental conditions that result in improved immune system.

T3 Sues IBM To Break its Mainframe Monopoly

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly
Newsgroups: alt.folklore.computers
Date: Sun, 09 Dec 2007 16:34:26 -0500
John Ahlstrom <AhlstromJK@comcast.net> writes:
My brother was an IBM salesman in the early 60s. He started just before the 360. More than once he and colleagues worked nights to make sure that payrolls got produced or some similar business function got completed when there was a problem with equipment or software. IBM sold service that just happened to run on IBM hardware. Most everyone else sold hardware.

When i was undergraduate, I was hired as full-time employee at Boeing (for the summer, between semesters) as part of helping get BCS going (which was just getting off the ground having been recently created). I had earlier been con'ed into giving a one week, 40hr computer class for BCS technical staff during spring break.

The Boeing folklore was that the Boeing people knew more about 360 announcement than the local IBM sales people did ... and presented the local salesman with an extremely large 360 order shortly after announcement ... and had to explain to the salesman what it was.

Also, the order was so large that it is supposed to have prompted the company's move from straight commission structure to sales quota system (supposedly the straight commission on this order made the salesman the highest paid employee in the corporation, for effectively not having done anything more than being there to accept the order).

misc. recent posts mentioning BCS:
http://www.garlic.com/~lynn/2007f.html#44 Is computer history taught now?
http://www.garlic.com/~lynn/2007f.html#54 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#19 IBM Unionization
http://www.garlic.com/~lynn/2007m.html#60 Scholars needed to build a computer history bibliography

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Sun, 09 Dec 2007 18:08:17 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:

http://www.garlic.com/~lynn/2007u.html#24 What do YOU call the # sign?

and for totally unrelated, when i was a kid, we would bath in pool in nearby river on saturdays (at least in the summer) ... used bars of ivory since they floated.


re:
http://www.garlic.com/~lynn/2007u.html#25 What do YOU call the # sign?

and the outhouse didn't have any water either to flush with or to wash with ... and frequently the paper were pages from a one of two common mail-order catalogues.

old post mentioning going back much later with my own family (and accidently "locking" my daughter in the outhouse)
http://www.garlic.com/~lynn/2007m.html#17 Scholars needed to build a computer history bibliography

repeat from the above post:

or like turning the block of wood on the outhouse door. the door had a spring on it ... but it had a wood block that was nailed to the outside frame ... and turned the block to keep the door from blowing open and help cut down on the flies.

on one trip back with the family ... at one point was out in the outhouse ... and my daughter was waiting outside for me to leave ... she slipped in as i exited ... and automatically i turned the block of wood (locking her in) as the door shut ... w/o even thinking about it consciously. 30-40 mins later ... somebody asked where she was ... and found her inside banging and yelling (couldn't hear her from the house).

What do YOU call the # sign?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Sun, 09 Dec 2007 19:00:15 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
re:
http://www.garlic.com/~lynn/2007u.html#25 What do YOU call the # sign?

and the outhouse didn't have any water either to flush with or to wash with ... and frequently the paper were pages from a one of two common mail-order catalogues.

old post mentioning going back much later with my own family (and accidently "locking" my daughter in the outhouse)
http://www.garlic.com/~lynn/2007m.html#17 Scholars needed to build a computer history bibliography


re:
http://www.garlic.com/~lynn/2007u.html#27 What do YOU call the # sign?

and the follow-on to the above reference post
http://www.garlic.com/~lynn/2007m.html#18 Scholars needed to build a computer history bibliography

has a picture of me at a young age ... just out of view on the left of the picture in the post, was the rain barrel used to collect water for clothes washing.

Folklore references to CP67 at Lincoln Labs

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Folklore references to CP67 at Lincoln Labs
Newsgroups: alt.folklore.computers
Date: Sun, 09 Dec 2007 19:59:09 -0500
"Dave Wade" <g8mqw@yahoo.com> writes:
Any way does CP67 still exist anywhere and is it worth tinkering with Hercules to do 360/67 emulation, or is it lost for ever....

re:
http://www.garlic.com/~lynn/2007u.html#18 Folklore references to CP67 at Lincoln Labs

somewhat related post
http://www.garlic.com/~lynn/2007u.html#23 T3 Sues IBM To Break its Mainframe Monopoly

when i created a cp67 bootable tape for distribution ... some reference in this old email references moving from doing cp67-based internal distributions to vm370-based internal distributions
http://www.garlic.com/~lynn/2006v.html#email731212
http://www.garlic.com/~lynn/2006w.html#email750102

referenced in these recent posts
http://www.garlic.com/~lynn/2007u.html#6 Open z/Architecture or Not

... i would have exectuable kernel image and appended on the tape would be all the files & source needed to recreate the executable kernel image (including the procedures to process the source)

up thru the 80s, i had a few of these old tape images, some even triple replicated in the (same) datacenter library. This was the source for the cp67 multi-level source management provided to Melinda in fall of 85 ... reference from vmshare archive
http://vm.marist.edu/~vmshare/read?fn=HISTORY&ft=MEMO&line=49
in this thread:
http://vm.marist.edu/~vmshare/browse?fn=HISTORY&ft=MEMO

i deny all knowledge related to the 2nd post in the above. However, slightly futher down in the above thread may be familiar names from this n.g.

but shortly after the above reference ... the datacenter went thru some operational difficulties ... where mount requests for "scratch" tapes somewhat randomly pulled tapes from the tape library ... and nearly all my archive tapes with data from the 60s & 70s were wiped out (including my old cp67 archives). some old posts mentioning the trauma:
http://www.garlic.com/~lynn/2003i.html#13 A Dark Day
http://www.garlic.com/~lynn/2003j.html#14 A Dark Day
http://www.garlic.com/~lynn/2003j.html#45 Hand cranking telephones
http://www.garlic.com/~lynn/2003m.html#12 Seven of Nine
http://www.garlic.com/~lynn/2004b.html#59 A POX on you, Dennis Ritchie!!!
http://www.garlic.com/~lynn/2006w.html#42 vmshare

folklore indeed

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Mon, 10 Dec 2007 07:22:26 -0500
jmfbahciv writes:
So, at IBM, hardware and software were allowed to work in parallel. That didn't happen at DEC. I think this was because it was too likely that software would have had to be redone when the real gear showed up. We'ld (at least TOPS-10..I don't know about the miniland) be able to write and have the monitor code working within a few months, if not earlier. So DEC was able to lag software behind the hardware.

Otherwise we'ld have to do what you did...drop features. When those features are the features that were supposed to sell the gear, the whole development project is moot.


re:
http://www.garlic.com/~lynn/2007u.html#20 folklore indeed

The "architecture" manual was strongly enforced. That is what allowed lots of groups to work in parallel ... not just hardware and software ... but also all the different hardware groups doing different processor models (at different locations ... in some cases on different continents).

slightly related recent post (mentions the "owner" of the architecture book):
http://www.garlic.com/~lynn/2007u.html#24 What do YOU call the # sign?

Strongly enforcing everybody to follow the rules ... was also the testimony (previously mentioned) that allowed the company to make sure all models implemented the exact same architecture (the 165 example was situation involving large number of people eventually agreeing to something different ... and then also forcing everybody to comply with the change) .. the point of the testimony was that none of the other companies managed to achieve that level of control, providing ibm with a competitive advantage ... recent posts mentioning that testimony
http://www.garlic.com/~lynn/2007m.html#34 IBM 8000 ???
http://www.garlic.com/~lynn/2007n.html#13 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
http://www.garlic.com/~lynn/2007p.html#8 what does xp do when system is copying
http://www.garlic.com/~lynn/2007p.html#9 CA to IBM product swap
http://www.garlic.com/~lynn/2007t.html#63 Remembering the CDC 6600

recent posts mentioning the architecture "redbook"
http://www.garlic.com/~lynn/2007d.html#32 Running OS/390 on z9 BC
http://www.garlic.com/~lynn/2007f.html#7 IBM S/360 series operating systems history
http://www.garlic.com/~lynn/2007i.html#31 Latest Principles of Operation
http://www.garlic.com/~lynn/2007r.html#23 Abend S0C0
http://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'

recent posts mentioning the "811" (i.e. 370-xa) architecture specification:
http://www.garlic.com/~lynn/2007g.html#57 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
http://www.garlic.com/~lynn/2007k.html#28 IBM 360 Model 20 Questions
http://www.garlic.com/~lynn/2007l.html#71 IBM 360 Model 20 Questions
http://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly

Public Computers

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Public Computers
Newsgroups: alt.folklore.computers
Date: Mon, 10 Dec 2007 07:32:49 -0500
Morten Reistad <first@last.name> writes:
Lots of this has performance penalties. Tops20 does. VM does. Mach does. Multics had (can we say 'has' again soon?) a huge overhead.

a lot of VM also shared many characteristics of microkernels ... ala what you find in the much later Mach effort ... which has also been leveraged more recently in various kinds of security efforts related to current generation of virtual machine activity.

the other thing that went on in VM was that with a very focused microkernel-like specification ... it was a lot easier to focus on performance issues and their solution. it was also straight-forward progression to start including virtual machine operation as part of the hardware definition ... activity that started in the 70s.

there are also issues regarding preserving microkernel specification "purity" ... or taking short-cuts ... this has showed up more recently in some microkernel implementations attempting to get networking/tcpip support out of the kernel.

misc. posts mentioning microkernel (and/or virtual machine implementation microkernel):
http://www.garlic.com/~lynn/2005b.html#22 The Mac is like a modern day Betamax
http://www.garlic.com/~lynn/2005c.html#44 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005c.html#56 intel's Vanderpool and virtualization in general
http://www.garlic.com/~lynn/2005c.html#63 intel's Vanderpool and virtualization in general
http://www.garlic.com/~lynn/2005f.html#10 Where should the type information be: in tags and descriptors
http://www.garlic.com/~lynn/2006p.html#10 What part of z/OS is the OS?
http://www.garlic.com/~lynn/2006p.html#11 What part of z/OS is the OS?
http://www.garlic.com/~lynn/2007g.html#70 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007g.html#83 IBM to the PCM market
http://www.garlic.com/~lynn/2007i.html#26 Latest Principles of Operation
http://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
http://www.garlic.com/~lynn/2007l.html#1 The top 10 dead (or dying) computer skills
http://www.garlic.com/~lynn/2007o.html#4 Hypervisors May Replace Operating Systems As King Of The Data Center
http://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Mon, 10 Dec 2007 10:42:46 -0500
jmfbahciv writes:
And not just mud. Was yours embedded in a slab of concrete?

previous posts:
http://www.garlic.com/~lynn/2007u.html#25 What do YOU call the # sign?
http://www.garlic.com/~lynn/2007u.html#27 What do YOU call the # sign?
http://www.garlic.com/~lynn/2007u.html#28 What do YOU call the # sign?

well some barnyard stuff ... over the years ... mud scapper nailed to a timber and latter bolted to concrete block.

there was long haul east/west railroad not too far away ... and every other year or so ... they came thru doing track maintenance. cast-off railroad ties were still usable for lots of functions.

also picked up some other stuff at railroad auction ... my uncle did part-time house moving ... and jacks they used for moving tracks around could be adapted to house moving. i remember lightweight cast aluminum around 60-70 lbs and larger steel jacks around 120 lbs. tamping bar also usable as jack handle and misc. other functions.

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Mon, 10 Dec 2007 10:58:59 -0500
re:
http://www.garlic.com/~lynn/2007t.html#30 What do YOU call the # sign?
http://www.garlic.com/~lynn/2007t.html#32 What do YOU call the # sign?
http://www.garlic.com/~lynn/2007t.html#36 What do YOU call the # sign?

item from today with a number of pros & cons (for xmas lights):

Good, bad and ugly of LEDs
http://www.eetimes.com/news/latest/showArticle.jhtml?articleID=204702684

25 years: A technology timeline

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: 25 years: A technology timeline
Newsgroups: alt.folklore.computers
Date: Mon, 10 Dec 2007 11:06:09 -0500
25 years: A technology timeline
http://www.gcn.com/print/26_30/45516-1.html

from above:

This timeline excludes a few technologies that might seem obvious choices, but they appeared before 1982. The Internet, for instance, was designed in 1974, though it did not open up until the 1980s. Personal digital assistants first appeared in 1975. TCP/IP goes back to the 1970s. Even in a time of accelerated technology advancements, innovations take time to gestate — wikis, which have caught fire in recent years, date to 1995.

... snip ...

and misc references on some of the subjects

rdbms
http://www.garlic.com/~lynn/submain.html#systemr

clusters
http://www.garlic.com/~lynn/lhwemail.html#medusa
and
http://www.garlic.com/~lynn/95.html#13

html and 1st webserver outside europe
http://www.garlic.com/~lynn/2007t.html#40 Why isn't OMVS command integrated with ISPF?

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers,uk.rec.sheds
Date: Mon, 10 Dec 2007 11:46:16 -0500
Esra Sdrawkcab <admin@127.0.0.1> writes:
That bit's been done to death, but have another go ifn you like!

Alright I'll thrw a bit in. I was told, with a lot of sincerity, that is was meant to be HASP and this stood for some arcane IBM thang. But I may have disremembered it.


HASP songbook ... orange cover with image of a "padlock" hasp

quicky search engine turns up a few hasp images here:
http://www.lockingsystems.com/PadlockHasps.htm

HASP for Houston Automated Spooling Program ... developed by ibm'ers on the nasa houston account ... wiki reference
https://en.wikipedia.org/wiki/Houston_Automated_Spooling_Program

Above mentions first HASP meeting was at mar68 SHARE in Houston ... which is also where CP67 was announced. I got to attend the conference ... and went to some number of cp67, os360 as well as HASP meeting i.e. I had been done some amount of work on both os360 and HASP ... cp67 had only been installed at the univ the last week jan68.

misc. past posts mentioning HASP, JES2, and/or JES2 networking
http://www.garlic.com/~lynn/submain.html#hasp

my wife did a stint in the (gburg) JES group ... following FS being killed ... referenced here
http://www.garlic.com/~lynn/2007u.html#13 new 40+ yr old, disruptive technology

which was handling morph of HASP->JES2 and ASP->JES3. One of her efforts was to do detailed analysis of JES2 and JES3 features and come up with definition for integrated product. recent post
http://www.garlic.com/~lynn/2007p.html#12 JES2 or JES3, Which one is older?

She was then con'ed into moving to POK to take responsibility for "loosely-coupled" (mainframe for cluster) architecture. some posts mentioning stint responsible for "loosely-coupled" architecture
http://www.garlic.com/~lynn/submain.html#shareddata

the HASP wiki article has URL for:

Session O441 - The History of HASP and JES2
http://www.redbug.org/dba/sharerpt/share79/o441.html

the above article also has some comments about the FS project that was going on in the early 70s
http://www.garlic.com/~lynn/submain.html#futuresys

The history article also mentions the HASP team moving to Washington where RJE was added and released as HASP version 2.

At the univ., I had started work on adding CRJE support to HASP ... "deleting" the 2780/RJE code ... and inserting 2741&tty terminal support along with adding editor interface that implemented the CMS editor command syntax.

What do YOU call the # sign?

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Mon, 10 Dec 2007 14:57:31 -0500
Peter Duncanson <mail@peterduncanson.net> writes:
As if on cue, a mock-up of a 747 fuselage is offered for sale on ebay.


http://news.uk.msn.com/Article.aspx?cp-documentid=6941912

Jumbo jet fuselage for sale on eBay

Part of a 747 aircraft has been put up for sale on eBay.

The 40ft-long fuselage has been placed on the internet auction site by a design company, which used the mock-up aircraft to create a new line of interiors for global airline Cathay Pacific.


recent post mentioning doing stint at BCS one summer:
http://www.garlic.com/~lynn/2007u.html#26 T3 Sues IBM To Break its Mainframe Monopoly

that summer you could periodically see serial #3 flying over the skys of seattle ... getting FAA certification.

as part of various orientations, I was given a number of tours, ... including 747 interior mockup ... and remember from that tour a comment that 747 would be carrying so many people that it would always be serviced by at least four jetways (because of the people congestion).

was renting a basement apartment from one of the 747 engineers working in everett ... who had some stories on how well the testing was going (at the time, BCS was at corporate hdqtrs just off boeing field).

placing the flight deck above the body of the plane was explaned as also pitching the plane as a "commercial" C5A-competition ... allowed a freight/cargo version where the nose swings open.

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Mon, 10 Dec 2007 16:53:23 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
some of this could be related to the walmart (joined by other merchants) class action antitrust suit against the card associations ...

re:
http://www.garlic.com/~lynn/2007u.html#0 foklore indeed

news item from today on recent Fed Payments Study

PIN Debit And the ACH Among the Big Gainers in Fed Payments Study
http://www.digitaltransactions.net/newsstory.cfm?newsid=1603

from above:
But efforts by merchants, including Wal-Mart, to push lower-cost PIN debit appear to be effectively counteracting that promotion, according to Oliver. Merchants not only are installing more PIN-reading point-of-sale terminals, but they're also employing the practice of "PIN-prompting" in which the terminal automatically asks the customer to enter the PIN when a debit card offering both options is swiped.

... snip ...

above reference is to extensive tv advertisement and other promotions for signature debit being run by the card associations.

actual study is here:
http://www.frbservices.org/Retail/pdf/2007_payments_study.pdf

the study also mentions that the number of ATM cash withdrawals has been descreasing ... but the total value of cash withdrawals has increased. While not mentioned, some of the churn related to ATM fees might play a factor.

for more topic drift ... ATM & ACH settlements are part of the transactions involved in overnight batch window
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#21 Distributed Computing

Mainframe Funeral

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Mainframe Funeral
Newsgroups: alt.folklore.computers
Date: Mon, 10 Dec 2007 17:00:29 -0500
x-over reference from recent post in b.l.i

Manitoba Mainframe Funeral
http://www.cbc.ca/spark/blog/2007/11/manitoba_mainframe_funeral.html

and

In Loving Memory of the Mainframe (aka IMS)
http://umanitoba.ca/mainframe/

from above:
The first mainframe, an IBM 650 was installed in the year 1960 and went through many upgrades and changes to the final hardware of an Amdahl Millennium 1015. In its many forms the mainframe has supported the Student Records systems, Payroll, Human Resources, Finance, Research, student labs, etc.

The mainframe was predeceased by the Huron Object Star database, telephone registration, punch cards, card readers, DT80 terminals connected by the pink wire, and Mantes, the beloved file management system.


... snip ...

for other topic drift ... a couple past references to Huron:
http://www.garlic.com/~lynn/2006t.html#13 VM SPOOL question
http://www.garlic.com/~lynn/2006x.html#2 The Future of CPUs: What's After Multi-Core?

New, 40+ yr old, direction in operating systems

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: New, 40+ yr old, direction in operating systems
Newsgroups: alt.folklore.computers
Date: Mon, 10 Dec 2007 22:04:59 -0500
re:
http://www.garlic.com/~lynn/2007u.html#31 Public Computers

Virtualization is being used for consolidation and management ... but it is also being leveraged for creating virtual appliances (or what we used to call service virtual machines) ... which are also being characterized as light-weight operating systems (both the virtual machine hypervisor as a microkernel as well as the virtual appliance as a different kind of microkernel).

recent article in line about virtualization being leveraged to change nature of operating systems; most recent:

The OS: Fat or thin?; Future of IT: Cloud computing heralds winds of change, but heavy-duty OSes hold their ground
http://www.gcn.com/print/26_30/45537-1.html

from above:
Because virtualization is getting easier, we are starting to see independent software vendors start to package their applications with a dedicated OS. When you buy the software, you actually get the software and a complete operating environment. This practice allows vendors to control the environment, which cuts the cost of supporting different OSes. "So you don't patch the application, you patch the entire unit together," Cathrow said.

... snip ...

also along the lines of this set of posts
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#21 Distributed Computing

other recent articles in the genre:

Red Hat Goes Grid and Real Time with Enterprise MRG Distro
http://www.itjungle.com/breaking/bn101705-story03.html
A Boom Year for Virtualization Management
http://www.gridtoday.com/grid/1934723.html
Red Hat Goes Grid
http://www.enterpriseitplanet.com/networking/news/article.php/3715051
Novell hits at Red Hat's real-time rant
http://community.zdnet.co.uk/blog/0,1000000567,10006694o-2000469549b,00.htm
Linux Jumps to Real Time
http://www.itbusinessedge.com/blogs/atc/?p=270
Future of IT: Cloud computing heralds winds of change but heavy-duty OSes hold their ground
http://www.gcn.com/print/26_30/45537-1.html

recent posts mentioning virtual appliance and/or light-weight operating system (running in virtual machines) are the new (40+ yr old) direction:
http://www.garlic.com/~lynn/2007i.html#36 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
http://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
http://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center
http://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
http://www.garlic.com/~lynn/2007s.html#4 Why do we think virtualization is new?
http://www.garlic.com/~lynn/2007s.html#26 Oracle Introduces Oracle VM As It Leaps Into Virtualization
http://www.garlic.com/~lynn/2007s.html#35 Oracle Introduces Oracle VM As It Leaps Into Virtualization

Computer language history

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Computer language history
Newsgroups: alt.folklore.computers
Date: Tue, 11 Dec 2007 06:49:14 -0500
Justa Lurker <JustaLurker@att.net> writes:
Without a doubt, one of the early classics (1969) on this topic was written by Jean Sammet. It's title is "Programming Languages: History and Fundamentals" published by Prentice-Hall.

Jean was at the Boston Programming Center, 3rd flr, 545 tech sq.
http://www.garlic.com/~lynn/subtopic.html#545tech

as the cp67 group grew and morphed into the vm370 group, it split off from the science center and absorbed the Boston Programming Center on the 3rd flr (later it outgrow the 3rd flr and moved out into the old SBC bldg. in burlington mall ... this was after the legal settlement and SBC became part of CDC).

other past posts mentioning Jean Sammet and Boston Programming Center on the 3rd flr
http://www.garlic.com/~lynn/2000d.html#37 S/360 development burnout?
http://www.garlic.com/~lynn/2000f.html#66 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
http://www.garlic.com/~lynn/2001m.html#47 TSS/360
http://www.garlic.com/~lynn/2002h.html#59 history of CMS
http://www.garlic.com/~lynn/2002j.html#17 CDC6600 - just how powerful a machine was it?
http://www.garlic.com/~lynn/2002o.html#76 (old) list of (old) books
http://www.garlic.com/~lynn/2002o.html#78 Newsgroup cliques?
http://www.garlic.com/~lynn/2003c.html#0 Wanted: Weird Programming Language
http://www.garlic.com/~lynn/2003c.html#1 Wanted: Weird Programming Language
http://www.garlic.com/~lynn/2003k.html#55 S/360 IPL from 7 track tape
http://www.garlic.com/~lynn/2004.html#20 BASIC Language History?
http://www.garlic.com/~lynn/2004d.html#42 REXX still going strong after 25 years
http://www.garlic.com/~lynn/2004m.html#54 Shipwrecks
http://www.garlic.com/~lynn/2005.html#8 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2006j.html#44 virtual memory
http://www.garlic.com/~lynn/2006m.html#21 The very first text editor
http://www.garlic.com/~lynn/2006m.html#28 Mainframe Limericks
http://www.garlic.com/~lynn/2006s.html#1 Info on Compiler System 1 (Univac, Navy)?
http://www.garlic.com/~lynn/2007l.html#58 Scholars needed to build a computer history bibliography

New, 40+ yr old, direction in operating systems

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New, 40+ yr old, direction in operating systems
Newsgroups: alt.folklore.computers
Date: Tue, 11 Dec 2007 07:12:32 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
re:
http://www.garlic.com/~lynn/2007u.html#31 Public Computers

Virtualization is being used for consolidation and management ... but it is also being leveraged for creating virtual appliances (or what we used to call service virtual machines) ... which are also being characterized as light-weight operating systems (both the virtual machine hypervisor as a microkernel as well as the virtual appliance as a different kind of microkernel).


re:
http://www.garlic.com/~lynn/2007u.html#39 New, 40+ yr old, direction in operating systems

relatively trivial example is in this recent post mentioning the port of Open Solaris to mainframe virtual machine
http://www.garlic.com/~lynn/2007u.html#9 Open z architecture and Linux questions

and comments about the difference between a virtual machine port and port to running on native hardware.

a big issue is that native hardware service requirements tend to be fairly robust EREP and RAS. This showed up in the 80s unix ports of Amdahl UTS and also AIX/370. The observation at the time was that adding mainframe quality EREP and RAS to the port was an effort several times larger than the port itself.

It didn't mean that the unix port couldn't be run on the "native" hardware, it just was that it wouldn't have met the customer (and field service maintenance people) EREP & RAS requirements. In the virtual machine environment, the underlying virtual machine hypervisor would provide the underlying sophisticated EREP and RAS functions ... significantly simplifying the port.

Misc. news items:

Sine Nomine Shows Off Solaris on System z
http://www.ldworen.net/fun/osvu.html
OpenSolaris follows Linux to the mainframe
http://www.news.com/8301-13580_3-9826527-39.html
OpenSolaris follows Linux to the mainframe
http://www.zdnetasia.com/news/software/0,39044164,62035048,00.htm

Something similar could be claimed for the unix adaptation to stripped down TSS/370 kernel for internal AT&T use. UNIX api and applications were moved on top of highly modified TSS/370 kernel. Rather than "straight" virtual machine adaptation, squinting, the stripped down TSS/370 kernel could be considered a highly abstract virtual machine layer (leveraging the "bare machine" EREP & RAS support in TSS/370).

misc. past posts mentioning virtual machine EREP/RAS for mainframe unix ports:
http://www.garlic.com/~lynn/2001k.html#18 HP-UX will not be ported to Alpha (no surprise)exit
http://www.garlic.com/~lynn/2001l.html#19 mainframe question
http://www.garlic.com/~lynn/2004q.html#37 A Glimpse into PC Development Philosophy
http://www.garlic.com/~lynn/2005q.html#26 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2005s.html#34 Power5 and Cell, new issue of IBM Journal of R&D
http://www.garlic.com/~lynn/2006b.html#24 Seeking Info on XDS Sigma 7 APL
http://www.garlic.com/~lynn/2006y.html#43 Remote Tape drives
http://www.garlic.com/~lynn/2007.html#38 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007b.html#3 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007m.html#69 Operating systems are old and busted
http://www.garlic.com/~lynn/2007p.html#5 PL/S programming language

Fazing out x86

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Fazing out x86
Newsgroups: comp.arch
Date: Tue, 11 Dec 2007 07:19:31 -0500
"Ken Hagan" <K.Hagan@thermoteknix.co.uk> writes:
I'd *like* Windows and x86-dependence to disappear into a VM running on a well-crafted OS atop some elegant hardware. Someone has already cited the case of the Alpha that could emulate x86 faster than Intel could build x86, and IBM made similar claims for Windows3-on-OS/2, and VmWare make pretty impressive claims about the negligible performance cost of running x86 VMs. Furthermore, since the move to 32-bit applications, the majority of Windows apps have no kernel-level code and far fewer dependencies on undocumented API details than in the bad old days. It is eaier now than ever before to virtualise and emulate the whole platform out of existence. Given that Linux is free and every (?) VM vendor has a free product, I don't see any financial obstacles either.

recent posts in related thread in some of the adaptation of the new, 40+ yr old technology for light-weight operating systems
http://www.garlic.com/~lynn/2007u.html#39 New, 40+ yr old, direction in operating systems
http://www.garlic.com/~lynn/2007u.html#41 New, 40+ yr old, direction in operating systems

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Tue, 11 Dec 2007 07:49:26 -0500
jmfbahciv writes:
Some? You must not have had chickens nor geese walking around.

re:
http://www.garlic.com/~lynn/2007u.html#32 What do YOU call the # sign?

met to be understatement, somewhat facetious

... and cast aluminum jack was about 3ft high and around 70lbs ... so it could take some load ... not as much as the bigger steel jacks ... which were more like 4ft and 120lbs.

lifting a house usually went lifting one-side a foot or so, blocking it and then moving the jacks to the other side and lifting it ... taking the house up sort of seesaw back and forth and moving jacks from one-side to the other. it was awhile before i weighed more than the bigger jacks, carrying it from one side of house to the other.

Distributed Computing

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Distributed Computing
Newsgroups: alt.folklore.computers
Date: Tue, 11 Dec 2007 11:39:58 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
One of the buzz-words from the early 90s was straight through processing (or STP) ... i.e. transactions would be processed in real-time all the way to completion (rather than being queued for final processing in the overnight batch window).

re:
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#21 Distributed Computing

some quicky search engine use for straight-through processing and/or overnight batch window turns up a few other references (some talking about risk exposure in securities industry of not doing real-time settlement):

Straight Through Processing Publication
http://www.venturefsg.com/article2.htm Straight Through Processing in the Securities Industry -Light at the End of the Tunnel
http://www.soforum.com/library/aba2.shtml Using S.W.I.F.T. To Reduce The Risk - A White Paper For Investment Managers
http://www.soforum.com/library/swift.shtml
Scandal to push systems redesign
http://www.computerworld.com/managementtopics/ebusiness/story/0,10801,71646,00.html
Design strategies for legacy system involvement in SOA solutions
http://www-128.ibm.com/developerworks/webservices/library/ws-soa-legacy/
EP1384180 Accenture european software patent - A method and system for identifying bottlenecks in a securities processing system
http://gauss.ffii.org/PatentView/EP1384180

Folklore references to CP67 at Lincoln Labs

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Folklore references to CP67 at Lincoln Labs
Newsgroups: alt.folklore.computers
Date: Tue, 11 Dec 2007 14:08:53 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
up thru the 80s, i had a few of these old tape images, some even triple replicated in the (same) datacenter library. This was the source for the cp67 multi-level source management provided to Melinda in fall of 85 ... reference from vmshare archive
http://vm.marist.edu/~vmshare/read?fn=HISTORY&ft=MEMO&line=49
in this thread:
http://vm.marist.edu/~vmshare/browse?fn=HISTORY&ft=MEMO


re:
http://www.garlic.com/~lynn/2007u.html#29 Folklore references to CP67 at Lincoln Labs

topic drift, somewhat related to cp67 source management ... one of the people that did some work on it ... mentioned here
http://alum.mit.edu/ne/noteworthy/profiles/mockapetris.html

then can drift to this recent news item

DNS Attack Could Signal Phishing 2.0
http://news.yahoo.com/s/pcworld/20071211/tc_pcworld/140465
DNS Attack Could Signal Phishing 2.0
http://www.pcworld.com/article/id,140465-c,onlinesafety/article.html
DNS attack could signal Phishing 2.0
http://www.networkworld.com/news/2007/121307-microsoft-releases-beta-of-hyper-v.html
DNS attack could signal Phishing 2.0
http://www.infoworld.com/article/07/12/11/DNS-attack-could-signal-Phishing-2.0_1.html

note that one of the original purposes for SSL ... a few related posts here
http://www.garlic.com/~lynn/subpubkey.html#sslcert
and here
http://www.garlic.com/~lynn/subpubkey.html#catch22

... was as countermeasure to some number of integrity issues in DNS (and related exploits).

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Tue, 11 Dec 2007 16:18:37 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
... and cast aluminum jack was about 3ft high and around 70lbs ... so it could take some load ... not as much as the bigger steel jacks ... which were more like 4ft and 120lbs.

lifting a house usually went went lifting one-side a foot or so, blocking it and then moving the jacks to the other side and lifting it ... taking the house up sort of seesaw back and forth and moving jacks from one-side to the other. it was awhile before i weighed more than the bigger jacks, carrying it from one side of house to the other.


trying search engine ...

some discussion of track jacks from google
http://books.google.com/books?id=elg5AAAAMAAJ&pg=PA254&lpg=PA254&dq=railroad+%22track+jack%22&source=web&ots=CLcQ-DGtmz&sig=_ooGtWYgCqfiOq3VfKSGEHk6u7w
another description/picture:
http://books.google.com/books?id=raVyq4jzQQMC&pg=PA217&lpg=PR13&dq=railroad+%22track+jack%22

current product list ... largest 20ton jack weighs 104lbs (about 15lbs less than what i remember)
http://www.tksimplex.com/assets/applets/RATCHET_JACK.pdf

also lists 6' 20lb jack handle

It has 10 ton ratchet jacks, 22B weighing 70lbs with ductile iron housing and "identical" A1022 weighing 42lbs with aluminum housing.

It lists 15ton A1538 ("A" for aluminum housing?) weighing 62lbs ... but it is a utility pole jack.

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 08:11:56 -0500
Morten Reistad <first@last.name> writes:
They are transmitted in the clear, and can be easily intercepted.

Even with a keylogger. Lots of virii have keyloggers. There are even some that live inside the keyboard controller itself, and stores keypresses for later extraction.

At least, with a dongle you are giving them some serious resistance.


and justification for the EU FINREAD standard
http://www.garlic.com/~lynn/subintegrity.html#finread

was that dongle/chipcards could be operated by virus/trojans while connected to PC.

straight password is static something you know authentication, from 3-factor authentication paradigm
http://www.garlic.com/~lynn/subintegrity.html#3factor

and vulnerable to evesdropping/skimming and replay attacks.

dongle/chipcard is something you have authentication ... that in conjunction with a pin/password can provide multi-factor authentication. multi-factor authentication is presumed to provide better security assuming the different factors are subject to independent vulnerabilities..

EU FINREAD standard was to address threats where dongle/chipcard is connected to PC and operated in conjunction with PC display and keyboard ... which have loads of threats/vulnerabilities; aka a virus/trojan can include keylogger, capture PIN-entry (used in conjuction with chipcard/dongle), and then execute transactions against the chipcard/dongle simulating human interaction.

The EU FINREAD standard had a independent device with its own trusted display and keypad, connected to the PC and highly resistent to well-studied PC vulnerabilities ... providing security isoliation of chipcard/dongle from these exploits.

The theory was that the EU FINREAD trusted display would show the transaction (like amount/reason) that the chipcard/dongle was being used for ... and then the human would have to enter correct PIN/password on the independent trusted keypad (in response to that display) ... before the chipcard/dongle operated.

Almost a decard ago, the whole genre of such attachments came into severe disrepute after a disastrous, attempted deployment of a similar kind of device ... that had significant installation and operational problems (as opposed to security issues)

recent post referring to EU FINREAD:
http://www.garlic.com/~lynn/2007t.html#22 'Man in the browser' is new threat to online banking
http://www.garlic.com/~lynn/2007u.html#11 Public Computers
http://www.garlic.com/~lynn/2007u.html#15 Public Computers

The EU FINREAD standard somewhat assumed individually owned PC and individually owned FINREAD terminal. Moving into public environment, there is likelyhood that the terminal is provided and not the person's own private device. As a countermeasure to such terminals being counterfeit and/or compromised, the suggestion is packaging chipcard/dongle with its own private/trusted display/keypad ... as could be done with privately owned cellphone/PDA. somewhat related recent post
http://www.garlic.com/~lynn/aadsm27.htm#38 The bank fraud blame game
http://www.garlic.com/~lynn/2007u.html#5 Public Computers

folklore indeed

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 08:16:21 -0500
Esra Sdrawkcab <admin@127.0.0.1> writes:
This would by why on-line banks (at least the ones in the UK that I deal with) have changed to selecting your pass number digit at a time from a pull-down menu - it's all mouse actions, not keypresses.

re:
http://www.garlic.com/~lynn/2007u.html#57 folklore indeed

enhanced keyloggers that capture mouse actions appeared almost immediately (captured screen and what the mouse actions motion/clicks was doing ... past posts mentioning that such keyloggers appeared almost immediately
http://www.garlic.com/~lynn/aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/2006k.html#15 Passwords for bank sites - change or not?
http://www.garlic.com/~lynn/2006k.html#22 Encryption for Powerpoint?
http://www.garlic.com/~lynn/2006k.html#46 Keylogger resistance

folklore indeed

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 08:21:58 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
re:
http://www.garlic.com/~lynn/2007u.html#57 folklore indeed

enhanced keyloggers that capture mouse actions appeared almost immediately (captured screen and what the mouse actions motion/clicks was doing) ... past posts mentioning that such keyloggers appeared almost immediately
http://www.garlic.com/~lynn/aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/2006k.html#15 Passwords for bank sites - change or not?
http://www.garlic.com/~lynn/2006k.html#22 Encryption for Powerpoint?
http://www.garlic.com/~lynn/2006k.html#46 Keylogger resistance


re:
http://www.garlic.com/~lynn/2007u.html#48 folklore indeed

... oops, finger slip ... that should have been
http://www.garlic.com/~lynn/2007u.html#47 folklore indeed

folklore indeed

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 08:37:26 -0500
Esra Sdrawkcab <admin@127.0.0.1> writes:
This would by why on-line banks (at least the ones in the UK that I deal with) have changed to selecting your pass number digit at a time from a pull-down menu - it's all mouse actions, not keypresses.

re:
http://www.garlic.com/~lynn/2007u.html#47 folklore indeed
http://www.garlic.com/~lynn/2007u.html#48 folklore indeed
http://www.garlic.com/~lynn/2007u.html#49 folklore indeed

one of the recent references cited here
http://www.garlic.com/~lynn/aadsm22.htm#25</a> FraudWatch - Chip&Pin, a new tenner (USD10)

Say Hi to the mouse click capturing Trojan
http://www.theregister.co.uk/2006/03/16/mouse_click_capturing_trojan/

also in these posts
http://www.garlic.com/~lynn/aadsm26.htm#12 Who has a Core Competency in Security?
http://www.garlic.com/~lynn/aadsm27.htm#7 Solution to phishing -- an idea who's time has come?

few references ...

Defeating Image-Based Virtual Keyboards and Phishing Banks
http://blogs.securiteam.com/index.php/archives/678
Hacking Citibank's Virtual Keyboard
http://www.physorg.com/news98193340.html
Defeating Citi-Bank Virtual Keyboard Protection
http://seclists.org/bugtraq/2005/Aug/0088.html

folklore indeed

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 08:56:57 -0500
John Varela <OLDlamps@verizon.net> writes:
That's assuming that whoever is setting the password makes sure no one's looking over the shoulder. Since passwords are set so seldom, that *shouldn't* be a problem. Later, for the more frequent action of entering the password, it should be echoed as ****.

the whole password and shared-secret paradigm is in severe disrepute.
http://www.garlic.com/~lynn/subintegrity.html#secrets

it wasn't so bad 30-40 yrs ago when a person might only have a very few places requiring shared-secret for something you know authentication.

part of the problem is that beginning security 101 ... requires a unique something you know authentication for every unique security domain (as countermeasure to cross-domain attacks; aka say local neighborhood ISP possibly with high-school employees and fortune 50 employer and/or online banking).

the other part is that it now isn't uncommon for an individual to be face with large scores of different environments requiring (unique) shared-secret something you know authentication.

dongle/chipcards have been posed as countermeasure for evesdropping/skimming vulnerabilities and static shared-secrets in conjunction with simple replay attacks.

unfortunately some of the dongle/chipcards deployments have managed to bungle the implementation and also present "static" data authentication ... also vulnerable to skimming/evesdropping and trivially allowing the creation of counterfeit dongle/chipcards ... some recent posts on one such example
http://www.garlic.com/~lynn/subintegrity.html#yescard

for topic drift ... kerberos and radius are the two most widely deployed authentication environments for both the internet and ISPs ... as well as PC systems. some past posts discussing enhancements to eliminate static shared-secret threats/vulnerabilities in these environments
http://www.garlic.com/~lynn/subpubkey.html#kerberos
http://www.garlic.com/~lynn/subpubkey.html#radius

the simple security 101 approach for dongle/chipcard was to have the institution substitute a dongle/chipcard for the password. this somewhat exhibits the institutional-centric myopic approach that gave rise to requiring individuals needing to remember large scores of unique pin/passwords ... except it potentially now requires them to walk around with large scores (or hundreds) of unique dongle/chipcards. This can quickly become as impractical as attempting to remember all the passwords.

i've posted before about infrastructure to enable transition from an institutional-centric paradigm to a person-centric paradigm (allowing a person to limit their unique dongle/chipcards to a very small few).
http://www.garlic.com/~lynn/2007b.html#12 Special characters in passwords was Re: RACF - Password rules
http://www.garlic.com/~lynn/2007b.html#13 special characters in passwords
http://www.garlic.com/~lynn/2007d.html#12 One Time Identification, a request for comments/testing
http://www.garlic.com/~lynn/2007l.html#8 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#9 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#43 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007m.html#27 nouns and adjectives
http://www.garlic.com/~lynn/2007m.html#31 nouns and adjectives
http://www.garlic.com/~lynn/2007s.html#59 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007s.html#62 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007s.html#65 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#8 Translation of IBM Basic Assembler to C?

The future of PDSs

From: lynn@GARLIC.COM (Anne & Lynn Wheeler)
Subject: Re: The future of PDSs
Newsgroups: bit.listserv.ibm-main
Date: 12 Dec 2007 06:47:42 -0800
howard.brazee writes:
IBM created the PDS a long time ago - giving us some conveniences that fit within its OS design. Other computer companies either did not see this advantage or had OS structures that handled it other ways.

Do we use PDSs now because that's what we have been using for decades? Or is it possible to still keep advantages of our OS and go in a different direction?


part of the original PDS design was trading off i/o resource vis-a-vis real-storage resource ... at a time when real storage was extremely constrained. some number of other systems ... especially those that came along later when real storage was a much less constrained resource ... made other kinds of implementation tradeoffs

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 10:08:22 -0500
Esra Sdrawkcab <admin@127.0.0.1> writes:
This would by why on-line banks (at least the ones in the UK that I deal with) have changed to selecting your pass number digit at a time from a pull-down menu - it's all mouse actions, not keypresses.

re:
http://www.garlic.com/~lynn/2007u.html#47 foldklore indeed
http://www.garlic.com/~lynn/2007u.html#48 foldklore indeed
http://www.garlic.com/~lynn/2007u.html#49 foldklore indeed
http://www.garlic.com/~lynn/2007u.html#50 foldklore indeed
http://www.garlic.com/~lynn/2007u.html#51 foldklore indeed

part of the problem has frequently been that the countermeasures are response to specific instance/characteristic, not the underlying threats and vulnerabilities.

there have been a number of articles written on security efforts appearing to be constantly chasing and trying to keep up with the badguys. part of the problem has been attempting to address the problems with a whole gamet of simple point solutions ... w/o doing a detailed thread/vulnerability study and w/o understanding what the fundamental issues are.

a few past posts referring to (failings of) the simple point solution genre:
http://www.garlic.com/~lynn/2005t.html#25 Why does my address appear as part of my name?
http://www.garlic.com/~lynn/2007e.html#12 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007i.html#66 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#67 open source voting
http://www.garlic.com/~lynn/2007k.html#55 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/aadsm27.htm#8 Leadership, the very definition of fraud, and the court of security ideas

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 10:44:13 -0500
cb@mer.df.lth.se (Christian Brunschen) writes:
Actually, it's not. It ensures that even if there is a keypress reader present, they will not be able to deduce the password.

as noted previously ... keyloggers that also handled mouse actions appeared almost immediately
http://www.garlic.com/~lynn/2007u.html#48 folklore indeed
http://www.garlic.com/~lynn/2007u.html#49 folklore indeed
http://www.garlic.com/~lynn/2007u.html#50 folklore indeed
http://www.garlic.com/~lynn/2007u.html#51 folklore indeed
http://www.garlic.com/~lynn/2007u.html#53 folklore indeed

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 10:59:04 -0500
cb@mer.df.lth.se (Christian Brunschen) writes:
Another security feature that is used incombination with the above is that some banks ask only for a _part_ of your password to be entered (again, using mouse action only), usually a fixed number of semi-randomly chosen letters from your password. Why? Because that way, an assailant will not be able to get enough information from looking over your shoulder just once, to be certain to be able to impersonate you. After all, the next time someone tries to log in on your account, they will be asked for a different part of your password - which you will of course have, but an assailant won't.

re:
http://www.garlic.com/~lynn/2007u.html#48 folklore indeed
http://www.garlic.com/~lynn/2007u.html#49 folklore indeed
http://www.garlic.com/~lynn/2007u.html#50 folklore indeed
http://www.garlic.com/~lynn/2007u.html#51 folklore indeed
http://www.garlic.com/~lynn/2007u.html#53 folklore indeed

that just means that keyloggers just have to gather more information

... i.e. the simple-minded point solution was more related to the old-fashion shoulder surfer ... rather than intelligent advisary leveraging automated techniques (some of it might actually be rocket science).

there have been some articles written not only pointing out the constant churn of the simple-minded point solutions trying to keep up with the badguys (as an alternative to detailed study of threats and vulnerabilities) ... but also some of the simple-minded point solutions might be analogous to some of the charaterizing of confiscating fingernail clippers at checkpoints (i.e. something that majority of population could relate to ... even if it didn't actually improve security ... and so it could have been designed purely as something to comfort the public).

there has also been some articles written that a lot of law enforcement has trouble dealing with modern generation of cybercriminals ... since their orientation is towards threats, attacks, vulnerabilities, exploits, etc that are physical oriented (the armed robber).

note that there have also been some number of solutions that claim to counter simple-minded counterfeit websites ... also attempting to gather static information (phishing) for purposes of replay attacks.

however, a form of man-in-the-middle attack ... misc. postings
http://www.garlic.com/~lynn/subintegrity.html#mitmattack

is actually simpler. The "counterfeit" website is purely running a modified version of proxy code ... rather than actually attempting to replicate the real webiste ... aka it creates a session with the end-user and a second session with the real website ... and records the data that it transparently passes back and forth between the two sessions. some recent posts:
http://www.garlic.com/~lynn/2007n.html#5 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007q.html#6 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying
http://www.garlic.com/~lynn/2007r.html#12 How to tell a fake SSL certificate from a real one
http://www.garlic.com/~lynn/2007r.html#18 How to tell a fake SSL certificate from a real one

folklore indeed

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 12:49:51 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
however, a form of man-in-the-middle attack ... misc. postings
http://www.garlic.com/~lynn/subintegrity.html#mitmattack

is actually simpler. The "counterfeit" website is purely running a modified version of proxy code ... rather than actually attempting to replicate the real webiste ... aka it creates a session with the end-user and a second session with the real website ... and records the data that it transparently passes back and forth between the two sessions. some recent posts:
http://www.garlic.com/~lynn/2007n.html#5 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007q.html#6 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying
http://www.garlic.com/~lynn/2007r.html#12 How to tell a fake SSL certificate from a real one
http://www.garlic.com/~lynn/2007r.html#18 How to tell a fake SSL certificate from a real one


re:
http://www.garlic.com/~lynn/2007u.html#55 folklore indeed

the man-in-the-middle proxy attack has been well known for much longer than replicated counterfeit websites ... and is orders of magnitude simpler for the attackers to implement and deploy.

one might be tempted to conjecture that countermeasures for just the replicated counterfeit website exploit ... driving the attackers to a much, much simpler MITM-proxy attack ... is simply a diversion.

for other attack topic drift, diverting/driving clients to ip-addresses for counterfeit websites and/or MITM-proxy ... is also possibly behind the attacks on DNS infrastructure, articles referenced in this recent post
http://www.garlic.com/~lynn/2007u.html#45 Folklore reference to CP67 to Lincoln Labs

another attack vector is recently mentioned man-in-the-browser attacks, i.e. rather than the attackers harvesting/phishing information at some external server, and/or a system installed logger ... the harvesting/skimming/evesdropping is inserted into the client browser.
http://www.garlic.com/~lynn/2007t.html#22 'Man in the browser' is new threat to online banking
http://www.garlic.com/~lynn/2007t.html#27 'Man in the browser' is new threat to online banking
http://www.garlic.com/~lynn/2007t.html#28 'Man in the browser' is new threat to online banking
http://www.garlic.com/~lynn/2007u.html#11 Public Computers
http://www.garlic.com/~lynn/2007u.html#47 folklore indeed

misc. postings on harvesting information for fraudulent purposes (generally static information that can be used in a form of replay-attack):
http://www.garlic.com/~lynn/subintegrity.html#harvest

lots of general posts mentioning threats, vulnerabilities, exploits, fraud, and/or risks
http://www.garlic.com/~lynn/subintegrity.html#fraud

folklore indeed

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 12:53:59 -0500
Walter Bushell <proto@oanix.com> writes:
And the struggle of cat and mouse continues.

or the wonderkid simple point-solutions ... like selling bandaids as treatment for brain tumours ... marches on.
http://www.garlic.com/~lynn/2005t.html#25 Why does my address appear as part of my name?
http://www.garlic.com/~lynn/2007e.html#12 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007i.html#66 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#67 open source voting
http://www.garlic.com/~lynn/2007k.html#55 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/aadsm27.htm#8 Leadership, the very definition of fraud, and the court of security ideas
http://www.garlic.com/~lynn/2007u.html#53 folklore indeed
http://www.garlic.com/~lynn/2007u.html#55 folklore indeed

folklore indeed

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 13:20:02 -0500
Walter Bushell <proto@oanix.com> writes:
Oh, bother it. We may not have any serious businesses in the US or very, very few. IIRC the ATM networks are connected by internet and certainly use passwords to withdraw money.

Passwords for encrypted data is any better. One password and the data walks with Jesus.


ATMs use pin-debit as multi-factor authentication. The pin as a something you know authentication and the magstripe card as something you have authentication ... from 3-factor authentication paradigm
http://www.garlic.com/~lynn/subintegrity.html#3factor where multi-factor authentication is presumed to be more secure because assumptions that the different factors are subject to different threats/vulnerabilities.

this has been cited in various articles that signature-debit has 15 times the fraud rate of pin-debit.

however, there are some common vulnerabilities for pin-debit that have appeared.

The ATM machine has been assumed to be an "armored" end-point which captures both the magstripe and the PIN information and strongly encrypts the information before passing it own (so, in theory, there should be relatively little difference between the transaction flowing over private VAN or thru the internet).

However, ATM "overlays", compromised ATM machines, and/or counterfeit ATM machines date back possibly two decades. These are where the attackers have skimmers that can harvest both the magstripe information and the PIN-information at the end-point (before being encrypted and transmitted). Then the attackers can produce counterfeit cards with the replicated magstripe information ... potentially with the recorded PIN embossed on the card (as part of the counterfeiting operation).

The other approach with the growing use of signature-debit ... the same debit card is usable for both PIN-debit operations as well as signature-debit operations. The attackers might capture just the magstripe information (at a real ATM machine) w/o the PIN ... and produce a counterfeit card that is used in signature-debit operations (not requiring the PIN-entry).

A decade ago there were stories about leveraging the internet to transmit skimmed information to the opposite of the planet where counterfeit cards would be on the streets within minutes.

lots of past posts mentioning threats, vulnerabilities, exploits, fraud, and risks:
http://www.garlic.com/~lynn/subintegrity.html#fraud

there was recent tv program investigating identity theft ... although this is of the account fraud variety. the investigation was working with one of the card companies and had created bogus cards/accounts. they then offered the account details (presumably from fraudulent skimming) for sale on "underground" chatrooms.

They then used a stopwatch to clock the time between the time the account information was transmitted/sold and the time that the card company started seeing transactions on the account. You "saw" fraudulent transactions starting within 90 seconds, originating from a totally different continent and the fraudulent transactions continued from multiple locations around the world.

for other drift, past posts mentioning signature debit
http://www.garlic.com/~lynn/aadsm22.htm#22 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm26.htm#6 Citibank e-mail looks phishy
http://www.garlic.com/~lynn/aadsm27.htm#40 a fraud is a sale, Re: The bank fraud blame game
http://www.garlic.com/~lynn/2004i.html#18 New Method for Authenticated Public Key Exchange without Digital Certificates
http://www.garlic.com/~lynn/2005u.html#14 AMD to leave x86 behind?
http://www.garlic.com/~lynn/2005u.html#16 AMD to leave x86 behind?
http://www.garlic.com/~lynn/2006e.html#4 When *not* to sign an e-mail message?
http://www.garlic.com/~lynn/2006e.html#21 Debit Cards HACKED now
http://www.garlic.com/~lynn/2006e.html#24 Debit Cards HACKED now
http://www.garlic.com/~lynn/2006u.html#48 New attacks on the financial PIN processing
http://www.garlic.com/~lynn/2006v.html#1 New attacks on the financial PIN processing
http://www.garlic.com/~lynn/2007.html#0 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#64 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007i.html#51 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#59 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#15 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#60 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007k.html#12 IBM Unionization
http://www.garlic.com/~lynn/2007o.html#29 EZPass: Yes, Big Brother IS Watching You!
http://www.garlic.com/~lynn/2007r.html#34 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007r.html#40 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007s.html#64 Is the media letting banks off the hook on payment card security

folklore indeed

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 13:51:48 -0500
cb@mer.df.lth.se (Christian Brunschen) writes:
... which is another reason why the technique of only using a part of the password is useful in conjunction with this, as it requires multiple logins to be capured before the full password has been revealed.

However, it does exclude from usefulness those keyloggers that are connected between keyboard and computer, and thus don't have access to the screen.

As always, there is a constantly ongoing battle between those who want a connection to be secure, and those who want to break into such a connection for their own nefarious purposes.


re:
http://www.garlic.com/~lynn/2007u.html#54 folklore indeed

however, as noted, just need to gather a little bit more information
http://www.garlic.com/~lynn/2007u.html#55 folklore indeed

either via enhanced loggers installed in the client system, mitm-proxies seeing all the traffic going in both ways, and/or the newer references to compromise of the client browser.
http://www.garlic.com/~lynn/2007u.html#56 folklore indeed

at the core is long recognized vulnerability in shared-secret paradigm. one can consider this from two, completely different dimensions.

1) the enormous number and kinds of replay attacks associated with harvesting/skimming/evesdropping static authentication information

2) enormous number and kinds of threats and vulnerabilities associated with requiring a unique (static, shared-secret) something you know authentication for every unique security domain (i.e. the simple minded security 101 approach common at least 3-4 decades ago assuming there was one and only one security domain that users participated in).

there have been other approaches attempting to convert a static shared-secret into dynamic and non-repeated exchange ... as well as enabling the same shared-secret to be used in multiple different domains (leveraging the dynamic and non-repeated exchange to use different/unique process for different/unique security domains).

one such is one-time-password approach that is now an internet standard RFC2289.

from my rfc index
http://www.garlic.com/~lynn/rfcietff.htm

and select Term (term->RFC#) in the RFCs listed by section. Then select "OTP" in the Acronym fastpath section:
one-time password (OTP)
see also password
4793 4226 2444 2289 2243 1938 1760


clicking on the RFC number brings up the rfc summary in the lower frame:
2289 S
A One-Time Password System, Haller N., Metz C., Nesser P., Straw M., 1998/02/26 (25pp) (.txt=56495) (STD-61) (Obsoletes 1938) (Refs 1320, 1321, 1704, 1760, 1825, 1826, 1827) (Ref'ed By 2444, 2808, 3552, 3631, 3748, 3888, 4764, 4793, 4949) (ONE-PASS)


and (as always), clicking on the ".txt=nnn" field (in the summary) retrieves the actual RFC.

some past posts discussing threats/vulnerabitilies/weakness in the standard:
http://www.garlic.com/~lynn/aadsm19.htm#37 expanding a password into many keys
http://www.garlic.com/~lynn/aadsm20.htm#24 [Clips] Escaping Password Purgatory
http://www.garlic.com/~lynn/aadsm21.htm#7 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
http://www.garlic.com/~lynn/aadsm25.htm#45 hashes on restricted domains: random functions or permutations?
http://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003n.html#1 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003n.html#2 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003n.html#3 public key vs passwd authentication?
http://www.garlic.com/~lynn/2004b.html#45 Foiling Replay Attacks
http://www.garlic.com/~lynn/2005i.html#50 XOR passphrase with a constant
http://www.garlic.com/~lynn/2005l.html#8 derive key from password
http://www.garlic.com/~lynn/2005o.html#0 The Chinese MD5 attack
http://www.garlic.com/~lynn/2006k.html#28 Hashes and Passwords
http://www.garlic.com/~lynn/2006u.html#4 ssh - password control or key control?

folklore indeed

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 14:06:22 -0500
Walter Bushell <proto@oanix.com> writes:
That kind of study takes time and money and then has to be implemented across the entire system. Not what you expect from a group that depended on the card to just say "YES" and implemented it such that the card was never asked a question to which the expected answer was "NO". For example, give the card ten PIN numbers with the location of the true PIN a (pseudo) random variable.

re:
http://www.garlic.com/~lynn/2007u.html#53 folklore indeed

I'm not talking about having to do such a study ... just have enuf industry awareness that such studies had already been done.

most of the detailed vulnerability and threat studies have been well understood for possibly two decades (or more). for instance a lot of the detailed understanding prompted the EU FINREAD standard at least a decade ago.
http://www.garlic.com/~lynn/subintegrity.html#finread

one might conjecture that some of the problems are (again) point solutions by people with extremely narrow and myopic view ... not even bothering to investigate whether it had been studied.

The yes card scenario
http://www.garlic.com/~lynn/subintegrity.html#yescard

might be considered a situation where people with extremely chip-centric myopic view worked on designing a solution to lost/stolen (magstripe) card w/o any inkling that skimming attacks had been going on for well over a decade ... and their solution, while addressing lost/stolen card vulnerability, significantly exacerbated the skimming attack vulnerability (i.e. they saw a card ... but they had absolutely no inkling or concept of the environment that a card was used in).

I'm not sure if security has a similar folklore saying to (university) computer science undergoes a complete mind-wipe every five years. a few past references:
http://www.garlic.com/~lynn/aadsm5.htm#asrn4 assurance, X9.59, etc
http://www.garlic.com/~lynn/2001f.html#6 Oldest program you've written, and still in use?
http://www.garlic.com/~lynn/2004l.html#58 Specifying all biz rules in relational data

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 14:22:33 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
I'm not sure if security has a similar folklore saying to (university) computer science undergoes a complete mind-wipe every five years. a few past references:
http://www.garlic.com/~lynn/aadsm5.htm#asrn4 assurance, X9.59, etc
http://www.garlic.com/~lynn/2001f.html#6 Oldest program you've written, and still in use?
http://www.garlic.com/~lynn/2004l.html#58 Specifying all biz rules in relational data


re:
http://www.garlic.com/~lynn/2007u.html#60 folklore indeed

the computer science periodic complete mind-wipe might be considered behind the billions dumped down the drain in the 90s on various unsuccesful projects ... including the efforts to use distributed object oriented to address the overnight batch window and straight-through processing opportunities:
http://www.garlic.com/~lynn/2007t.html#3 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#5 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#37 folklore indeed
http://www.garlic.com/~lynn/2007u.html#44 Distributed Computing

folklore indeed

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 14:35:44 -0500
re:
http://www.garlic.com/~lynn/2007u.html#60 folklore indeed
http://www.garlic.com/~lynn/2007u.html#61 folklore indeed

oh, another possible contribution to the simple point-solution orientation is focus on finding and/or exploiting (specific) vulnerabilities.

i've mentioned before that we had held a mini-conference at our house about CS security graduate programs. a major issue discussed was the prevalent focus by students on garnering bragging rights from finding/exploiting a vulnerability
http://www.garlic.com/~lynn/aadsm27.htm#2 Threatwatch: Still searching for the economic MITM
http://www.garlic.com/~lynn/2002c.html#35 TOPS-10 logins (Was Re: HP-2000F - want to know more about it)
http://www.garlic.com/~lynn/2005c.html#26 [Lit.] Buffer overruns

there was little or no social standing for designing, implementing and deploying an infrastructure that had no security vulnerabilities ... so comprehensive solutions effectively become an item of non-interest.

it could be claimed that the focus on finding/exploiting specific vulnerabilities would reinforce a narrow, focused "point" mentality ... leading to a simple-minded point solution culture.

folklore indeed

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 14:51:33 -0500
re:
http://www.garlic.com/~lynn/2007u.html#60 folklore indeed
http://www.garlic.com/~lynn/2007u.html#61 folklore indeed
http://www.garlic.com/~lynn/2007u.html#62 folklore indeed

another hypothetical speculation is a comprehensive improvement in security might decimate the associated revenue flow related to security, threats, vulnerabilities, etc (simple minded, point solution related revenue flow could be structured to continue for nearly forever).

this might be considered related to relative recent reference to nothing succeeds quite like failure
http://www.garlic.com/~lynn/aadsm26.htm#59 On cleaning up the security mess: escaping the self-perpetuating trap of Fraud?
http://www.garlic.com/~lynn/aadsm27.htm#8 Leadership, the very definition of fraud, and the court of security ideas
http://www.garlic.com/~lynn/2007h.html#29 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007l.html#46 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
http://www.garlic.com/~lynn/2007q.html#62 Fixing our fraying Internet infrastructure

from risk digest article
http://catless.ncl.ac.uk/Risks/24.62.html
Nothing succeeds like failure
http://catless.ncl.ac.uk/Risks/24.62.html#subj2

or this theme

Bad Security Driving Out the Good
http://it.slashdot.org/it/07/04/19/140245.shtml

Nike 90 football shoes for sale

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Nike 90 football shoes for sale
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 17:25:02 -0500
John Varela <OLDlamps@verizon.net> writes:
I had a co-worker who had been drafted and sent to Monerrey to learn Farsi. He spent the rest of his service in Germany listening to Iranian radio broadcasts and reading Iranian newspapers. I'm not sure when that would have been; probably in the '50s but maybe the '60s.

old post/story reference to coffee cups and DLI
http://www.garlic.com/~lynn/2004l.html#46 Shipwrecks

above post also overlaps this other subthread:
http://www.garlic.com/~lynn/2007u.html#12 folklore indeed

somewhat related post here:
http://www.garlic.com/~lynn/2006r.html#48 cold war again

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 19:48:55 -0500
Esra Sdrawkcab <admin@127.0.0.1> writes:
This would by why on-line banks (at least the ones in the UK that I deal with) have changed to selecting your pass number digit at a time from a pull-down menu - it's all mouse actions, not keypresses.

re:
http://www.garlic.com/~lynn/2007u.html#47 folklore indeed
http://www.garlic.com/~lynn/2007u.html#48 folklore indeed
http://www.garlic.com/~lynn/2007u.html#49 folklore indeed
http://www.garlic.com/~lynn/2007u.html#50 folklore indeed
http://www.garlic.com/~lynn/2007u.html#51 folklore indeed
http://www.garlic.com/~lynn/2007u.html#53 folklore indeed
http://www.garlic.com/~lynn/2007u.html#55 folklore indeed
http://www.garlic.com/~lynn/2007u.html#56 folklore indeed
http://www.garlic.com/~lynn/2007u.html#58 folklore indeed

article from today:

Is internet banking safe?
http://www.smh.com.au/news/security/is-internet-banking-safe/2007/12/12/1197135470454.html
Is internet banking safe?
http://www.theage.com.au/news/security/is-internet-banking-safe/2007/12/12/1197135470454.html?s_cid=rss_technology

reminiscent of this old thread ...

http://www.garlic.com/~lynn/aepay7.htm#netbank net banking, is it safe?? ... power to the consumer
http://www.garlic.com/~lynn/aepay7.htm#netbank2 net banking, is it safe?? ... security proportional to risk
http://www.garlic.com/~lynn/2001h.html#53 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#58 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#61 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#62 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#64 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#68 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#70 Net banking, is it safe???
http://www.garlic.com/~lynn/2001h.html#75 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#9 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#10 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#16 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#25 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#35 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#36 Net banking, is it safe???

folklore indeed

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 12 Dec 2007 22:01:15 -0500
"Charlie Gibbs" <cgibbs@kltpzyxm.invalid> writes:
I've been starting to see sites which, as part of their authentication routines, ask you to type a code number which they display, surrounded and overlaid by a lot of visual noise designed to foil OCR routines. The fact that a keylogger can see what you type wouldn't do much good, because a new code is generated randomly each time.

Perhaps this could be combined with the above techniques.


there is a difference between server presenting a randomly generated CAPTCHA and having human respond with what they see ... and say a visually obscured keyboard and have users do mouse clicks to select password letters/numbers.

CAPTCHA: Telling Humans and Computers Apart Automatically
http://www.captcha.net/

CAPTCHA
https://en.wikipedia.org/wiki/Captcha

from above:
The term CAPTCHA was coined in 2000 by Luis von Ahn, Manuel Blum, Nicholas J. Hopper (all of Carnegie Mellon University), and John Langford (then of IBM). A common type of CAPTCHA requires that the user type the letters of a distorted image, sometimes with the addition of an obscured sequence of letters or digits that appears on the screen.

... snip ...

reference in above ...

Breaking CAPTCHAs Without Using OCR
http://www.puremango.co.uk/cm_breaking_captcha_115.php

quicky use of search engine for captcha breaking
Breaking a Visual CAPTCHA
http://www.cs.sfu.ca/~mori/research/gimpy/
PWNtcha - captcha decoder
http://sam.zoy.org/pwntcha/
CAPTCHA Breaking Game
http://ha.ckers.org/blog/20070613/captcha-breaking-game/
How to Break/Crack online CAPTCHA
http://hoozi.wordpress.com/2007/10/24/how-to-breakcrack-online-captcha/


folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 13 Dec 2007 08:56:44 -0500
Morten Reistad <first@last.name> writes:
Filling in credit card numbers over the net also has some security holes the size of barn doors. The biggest security hole is actually the pc right in front of you.

What _does_ help is dongles that give out one-time passwords.

The ones that are popular here has a 12-digit keyboard and an 8-digit display. They require presonal pin codes to start.

They can generate time-based one-time codes, and they can answer challenges.

"Enter 15238669 into pin code calculator. Key in the response here."

If you are to put trust in a device, you must have complete control over it. You don't have that with a pc.


we got involved with the x9a10 financial standard working group that in the mid-90s had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments (i.e. ALL, internet, point-of-sale, credit, debit, ach, stored-value, face-to-face, non-face-to-face, i.e. ALL). the result was x9.59 standard
http://www.garlic.com/~lynn/x959.html#x959

part of the x9.59 was eliminating the account number as major vulnerability (useless to the attackers for performing fraudulent transactions).

detailed threat and vulnerability studies showed (that in the existing infrastructure) the account number having diametrically opposing requirements

1) essentially as a kind of authentication ... it was required to be kept confidential and never exposed/divulged to anybody

2) as part of numerous business processes, it has to be available in numerous places (for processing) over extended period of time.

this is related to the periodic comment that even if the planet was buried under miles of (information hiding) encryption, it still wouldn't prevent information leakage (x9.59 instead of attempting to prevent such leakage, eliminating such leakage as a threat and vulnerability).

part of this is discussed in postings on the "naked transaction" metaphor
http://www.garlic.com/~lynn/subintegrity.html#payments

some of the point solutions attempt authentication and encryption for limited part of the operation ... but doesn't provide end-to-end coverage.

there have been challenge/response dongles if you are doing direct communication with financial institutions ... say online or telephone banking operation ... but not doing retail transaction at a merchant that operates in single round-trip (of existing authorization business process) ... this was somewhat referenced in this post
http://www.garlic.com/~lynn/2007u.html#65 folklore indeed

referencing: is net/internet banking safe?

in the previous thread we mentioned visiting the company that produced the devices and then driving with the owner down to brussels for EU finread meeting ... also referenced in these posts:
http://www.garlic.com/~lynn/2001g.html#57 Q: Internet banking
http://www.garlic.com/~lynn/2001g.html#60 PKI/Digital signature doesn't work
http://www.garlic.com/~lynn/2001g.html#61 PKI/Digital signature doesn't work
http://www.garlic.com/~lynn/2001k.html#55 I-net banking security
http://www.garlic.com/~lynn/2002f.html#55 Security Issues of using Internet Banking
http://www.garlic.com/~lynn/2007n.html#43 Windows Monitor or CUSP?

one of the perspectives is that the challenge/response is a session oriented protocol with the challenge/response appearing as part of setting up the session ... and then individual (unprotected) transactions appearing within the session protections. this works much better if the two processing/responsible parties are doing the direct session (i.e. the online banking scenario, directly between the customer and the customer's financial institution).

as mentioned in the posts regarding the "naked transaction" metaphor, this still leaves the actual transaction vulnerable ... outside of that specific session ... and doesn't protect transactions that don't have directly connected sessions between the customer and the customer's financial institution.

from this viewpoint, x9.59 is a transaction oriented protocol ... that provides protection and authentication for the actual transaction ... providing integrity and security regardless of where or how the transaction operates; that means it works while the transaction is being sent directly to the bank, being sent to a merchant, sitting in a merchant transaction log (as part of other mandated business processes) ... or possibly hundreds of other circumstances. It also satisfies the existing merchant business process that has a retail transaction flowing in a single round trip (potentially from customer thru merchant to merchant acquiring processor, to card association, to customer issuing processor and back).

another approach to eliminating some of the account number as a vulnerability (replay attacks after skimming/harvesting/evesdropping) ... however w/o directly/also protecting the existing transaction ... is the one-time account number scenario. the customer carries a list of unique, one-time account numbers. when they are to perform a transaction, they supply an unused account number for every transaction. recent reference to one-time account number. recent posts mentioning one-time account number implementations:
http://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#15 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007g.html#19 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007h.html#36 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007j.html#3 John W. Backus, 82, Fortran developer, dies

folklore indeed

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 13 Dec 2007 09:17:07 -0500
cb@mer.df.lth.se (Christian Brunschen) writes:
But what you seem to be saying is that removing one avenue of attack (keystroke interception) is stupid because other avenues of attack are avaiable instead. In this case, the attack path that replaces eystroke interception is one that has a higher bar to entry. To me this means that the attacker now has to do more work than before to try to catch my passwords. In what way is this stupid? And please, reply with a reasoned argument rather than your usual 'Sigh!' folloed by a brief comment that doesn't actually explain anything.

the issue is has the bar noticeably moved?

if 95% of the deployed harvesting/skimming technologies are software ... and 5% of the techniques are external hardware dongles that sit between the keyboard and the PC (requiring somebody to have physically compromised the PC and then potentially physically return to retrieve the information)... then using some other method for pin/password entry, will eliminate the external hardware keyboard dongles from capturing the pin/password.

given a choice of deploying a simple-minded point solution that only addresses a very small percentage of the existing exploits ... or deploying a much more general purpose solution that addresses all exploits ... is it cost effective to deploy the simple-minded point solution?

recent posts mentioning the simple-minded point solution approach
http://www.garlic.com/~lynn/2007e.html#12 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007i.html#66 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#67 open source voting
http://www.garlic.com/~lynn/2007k.html#55 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007u.html#53 folklore indeed
http://www.garlic.com/~lynn/2007u.html#55 folklore indeed
http://www.garlic.com/~lynn/2007u.html#57 folklore indeed
http://www.garlic.com/~lynn/2007u.html#62 folklore indeed
http://www.garlic.com/~lynn/2007u.html#63 folklore indeed
http://www.garlic.com/~lynn/2007u.html#67 folklore indeed

folklore indeed

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 13 Dec 2007 09:39:18 -0500
re:
http://www.garlic.com/~lynn/2007u.html#68 folklore indeed

the other analogy that i've sometimes used is putting all your valuables behind a 6' thick bank vault door installed in the middle of a field ... no walls, no ceilings, no floor. again, the issue is whether or not the bar has actually, effectively moved ... or are the security experts attempting to focus all the attention on all the security characteristics of the bank vault door, attempting to distract attention from the fact that there is no actual accompanying bank vault.

past post referencing the bank vault door
http://www.garlic.com/~lynn/aadsm20.htm#28 solving the wrong problem
http://www.garlic.com/~lynn/aadsm20.htm#42 Another entry in the internet security hall of shame
http://www.garlic.com/~lynn/2002l.html#12 IEEE article on intelligence and security
http://www.garlic.com/~lynn/2003h.html#26 HELP, Vulnerability in Debit PIN Encryption security, possibly
http://www.garlic.com/~lynn/2003n.html#10 Cracking SSL
http://www.garlic.com/~lynn/2006c.html#35 X.509 and ssh

this is also related to reference to nothing succeeds quite like failure
http://www.garlic.com/~lynn/2007u.html#63 folklore indeed

and schneier's reference to bad security driving out the good

Bad Security Driving Out the Good
http://it.slashdot.org/it/07/04/19/140245.shtml
How Security Companies Sucker Us With Lemons
http://www.wired.com/politics/security/commentary/securitymatters/2007/04/securitymatters_0419?currentPage=all

folklore indeed

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 13 Dec 2007 10:14:05 -0500
cb@mer.df.lth.se (Christian Brunschen) writes:
It all depends on the cost and gain involved. I think that in this particular case, the gain is sufficiently big and the cost sufficiently small that it is a something that may be worth implementing.

It also depends, of course, on the relative costs and benefits of other possible solutions. For instance, if one is in the process of switching to a system with a separate crypto-card, but wishes to improve security in the mean time, then this is possibly a worthwhile step; likewise if the cost of introducing such crypto-cards is prohibitive at the moment.


the claim is that loggers handling mouse strokes appeared nearly immediately after the introduction of mouse stroke approach was introduced. so the cost to the attackers appears to have been extremely trivial.

by comparison, the infrastructure costs are enormous with the introduction of each change; institutional development and deployment, end-users effort to install and be retrained (lots of times, the cost/effort for end-users of changes/retraining are effectively ignored)

the costs of cryptocards are nearly negligable. the price of introducing cryptocards have been significant ... especially some of the recently referenced failed aborted deployments (in large part not having a significant broad understanding of all the implications and issues related to consumer deployments).

part of this are some institutions viewing cryptocards as a profit item rather than a cost item. we attempted to highlight this in the mid-90s when we claimed we were going to take a $500 milspec (cryptocard) part and aggresively cost-reduce it by 2-3 orders of magnitude while at the same time increasing its integrity.
http://www.garlic.com/~lynn/x959.html#aads

one of the brick walls we ran into temporarily was cost of the chips (in volumes) is basically the yield from wafers (fixed cost per wafer). we had so aggresively size reduced the chip ... that more wafer surface area was going to slicing&dicing the chips ... than the chips themselves. It turns out this was also one of the issues facing (UPC) RFID chips ... and eventually there was a solution that drastically reduced the wafer surface area needed to slice&dice the wafer ... allowing the number of (small) chips per wafer to dramatically increase (effectively allowing nearly another order of magnitude increase in chips per wafer, effectively a corresponding order of magnitude reduction in per-chip costs).

part of this was, because rather than starting with a crypto card as a solution, and then attempting to force fit into business processes (which frequently has been the case, i.e. start with the answer and attempt to force fit it into some problem) ... we started with the business process requirements and used that to drive our (new) chip design.

the challenge then isn't the chip cost themselves ... but the whole rest of the infrastructure traditionally used to get a chip to the end consumer.

part of our solution was looking at the chip being integrated into some other existing deployment (making the chip deployment cost, the actual cost of the chip itself ... leverage other deployments that were going on anyway). then we showed how some number of these other deployment processes might be eliminated by adding a chip to the infrastructure.

The infrastructure costs of any deployment is a couple orders of magnitude larger than a single chip cost. The incremental cost of adding a chip to an existing deployment then can become negligible. Leveraging the presence of the chip to eliminate some additional infrastructure deployments ... can result in overall infrastructure cost savings many orders of times larger than the cost of the chip.

As mentioned in the discussion of past failed deployment ... was (at least) a couple hundred million was dumped on an effort for a independent deployment ... when it failed the whole thing then had to be written off.

recent discussions of past failed deployment attempts:
http://www.garlic.com/~lynn/aadsm27.htm#38 The bank fraud blame game
http://www.garlic.com/~lynn/aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
http://www.garlic.com/~lynn/aadsm27.htm#52 more on firing your MBA-less CSO
http://www.garlic.com/~lynn/2007n.html#54 Windows Monitor or CUSP?
http://www.garlic.com/~lynn/2007n.html#63 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007n.html#75 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007n.html#78 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007u.html#11 Public Computers
http://www.garlic.com/~lynn/2007u.html#47 folklore indeed

folklore indeed

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 13 Dec 2007 13:34:27 -0500
re:
http://www.garlic.com/~lynn/2007u.html#68 folklore indeed
http://www.garlic.com/~lynn/2007u.html#69 folklore indeed

another item from today ...

Botnet-controlled Trojan robbing online bank customers
http://www.networkworld.com/news/2007/121707-crystal-ball-virtualization.html

from above:
If the attacker succeeds in getting the Trojan malware onto the victim's computer, he can piggyback on a session of online banking without even having to use the victim's name and password. The infected computer communicates back to the Trojan's command-and-controller exactly which bank the victim has an account with. It then automatically feeds code that tells the Trojan how to mimic actual online transactions with a particular bank to do wire transfers or bill payments

... snip ...

i.e. an inherent vulnerability of a "session" oriented paradigm ... also mentioned in the naked transaction metaphor posts
http://www.garlic.com/~lynn/subintegrity.html#payments

and one of the things recognized in the 90s as part of the specification for the finread terminal (countermeasure to trojan/virus fraudulent transactions once online banking session had been established)
http://www.garlic.com/~lynn/subintegrity.html#finread

Parse/Template Function

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Parse/Template Function
Newsgroups: comp.lang.rexx,alt.folklore.computers
Date: Thu, 13 Dec 2007 15:13:15 -0500
Gary Scott <garylscott@sbcglobal.net> writes:
I thought IBM OCL was the "output control language" used for the APA 6670 printer. Acronyms, argh.

6670 APA was code named sherpa ... old email discussing sherpa (eventually adding postscript support):
http://www.garlic.com/~lynn/2006p.html#email820304
in this post
http://www.garlic.com/~lynn/2006p.html#44 Materiel and graft

misc. other archeological references mentioning the project:
http://www.garlic.com/~lynn/2005f.html#48 1403 printers
http://www.garlic.com/~lynn/2006p.html#49 Materiel and graft
http://www.garlic.com/~lynn/2006q.html#1 Materiel and graft

New, 40+ yr old, direction in operating systems

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New, 40+ yr old, direction in operating systems
Newsgroups: alt.folklore.computers
Date: Thu, 13 Dec 2007 15:20:10 -0500
re:
http://www.garlic.com/~lynn/2007u.html#39 New, 40+ yr old, direction in operating systems
http://www.garlic.com/~lynn/2007u.html#41 New, 40+ yr old, direction in operating systems

more mention of 40+ yr old technology ...

Virtualisation provides utilisation and IT efficiency boost
http://www.computerweekly.com/Articles/2007/12/13/228594/virtualisation-provides-utilisation-and-it-efficiency.htm
New online service for more efficient virtualisation product purchase
http://www.computerweekly.com/Articles/2007/12/13/228596/new-online-service-for-more-efficient-virtualisation-product-purchase.htm
Virtualization for consumers? Cisco sees it down the road
http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=hardware&articleId=9052901&taxonomyId=12amp;articleId=9052901&taxonomyId=12
Virtualization On Itanium: Intel Enables Choice And Flexibility
http://www.datastorageconnection.com/content/news/article.asp?DocID=%7B1C8B0E0E-37DC-49CD-A211-A5D026CCCDC3%7D&Bucket=Current+Headlines&VNETCOOKIE=NO
Server virtualization for SMBs by Regan Technologies
http://research.pcpro.co.uk/detail/RES/1197478114_789.html?src=pcpro
SAP supports VMware ESX Server in production
http://www.mcsolutions.co.uk/article/12453/SAP-supports-VMware-ESX-Server-in-production-.aspx
Oracle VM a sign of the times
http://searchoracle.techtarget.com/originalContent/0,289142,sid41_gci1286084,00.html
VMware Adds Partners
http://www.byteandswitch.com/document.asp?doc_id=141185&WT.svl=wire1_6
Virtualization OK for Apple Leopard Server
http://www.dabcc.com/article.aspx?id=6682
Microsoft releases Windows Server Virtualization test
http://www.betanews.com/article/Another_big_beta_Microsoft_releases_Windows_Server_Virtualization_test/1197566153
Microsoft releases beta of Hyper-V virtualization technology
http://www.networkworld.com/news/2007/121307-zbot-trojan-robbing-banks.html
Microsoft Releases Virtualization Beta
http://www.eweek.com/article2/0,1895,2233957,00.asp
Microsoft to release Hyper-V virtualization beta
http://blogs.zdnet.com/microsoft/?p=1043
Microsoft releases beta of Hyper-V virtualization technology
http://www.infoworld.com/article/07/12/13/Microsoft-releases-beta-of-Hyper-V-virtualization-technology_1.html
Microsoft Unwraps Virtualization Surprise
http://money.cnn.com/news/newsfeeds/articles/prnewswire/AQTH03913122007-1.htm
VMware competition nears; Microsoft ships Hyper-V beta
http://servervirtualization.blogs.techtarget.com/2007/12/13/vmware-competition-nears-microsoft-ships-hyper-v-beta/
Microsoft starts public test of rival to VMware
http://www.reuters.com/article/technologyNews/idUSN1352724420071213
Microsoft Launches Hyper-V Beta
http://www.thewhir.com/marketwatch/121307_Microsoft_Launches_Hyper-V_Beta.cfm
Microsoft's hypervisor beta arrives early
http://www.news.com/8301-13860_3-9833445-56.html
Microsoft's hypervisor beta arrives early
http://www.news.com/beyond-binary/8301-13860_3-9833445-56.html
Server - Hyper-V Beta: More Microsoft Gifting
http://www.microsoft-watch.com/content/server/hyper-v_beta_more_microsoft_gifting.html
Microsoft Windows Server 2008 Enterprise with Hyper-V
http://fileforum.betanews.com/detail/Microsoft_Windows_Server_2008_Enterprise_with_HyperV/1196885352/2

folklore indeed

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 13 Dec 2007 23:43:02 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
i.e. an inherent vulnerability of a "sesssion" oriented paradigm ... also mentioned in the naked transaction metaphor posts
http://www.garlic.com/~lynn/subintegrity.html#payments

and one of the things recognized in the 90s as part of the specification for the finread terminal (countermeasure to trojan/virus fraudulent transactions once online banking session had been established)
http://www.garlic.com/~lynn/subintegrity.html#finread


re:
http://www.garlic.com/~lynn/2007u.html#71 folklore indeed

a couple more articles in the same genre ... i.e. it has been known for a long time that virus/trojans can do more than log/evesdrop and forward the harvesting information. part of finread was not only using it for session authentication ... but also individual transaction authentication (as countermeasure to trojan/virus initiated operations).

Sophisticated Trojan loots business bank accounts
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053018

from above:
A variant of the Prg Banking malware, the new Trojan has stolen hundreds of thousands from accounts at some of the biggest banks in the U.S., the U.K., Spain and Italy, said Jackson. "This is not widespread, but it is very dangerous. They've already stolen more than $200,000 from the accounts we've monitored, but this has really flown under the radar."

... snip ...

New Trojan Attacks Clients At Four Worldwide Banks
http://www.crn.com/security/204803106

from above:
To avoid the bank's fraud alerts, the Trojan simulates keystrokes and visits all of the bank's Web pages in order, as an actual banking client would do while conducting a financial transaction. The malware also allows for changes if the hackers need to designate a new account number for the stolen revenue, without having to completely reconfigure the Prg Trojan.

... snip ...

and some other articles on compromising of PCs.

Rise of the rootkits
http://www.vnunet.com/vnunet/news/2205752/rise-rootkits
One in Five PCs Infected With Rootkits
http://www.pcworld.com/article/id,140538/article.html

The rise of parallelism (and other computing challenges)

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: The rise of parallelism (and other computing challenges)
Newsgroups: alt.folklore.computers
Date: Fri, 14 Dec 2007 21:44:40 -0500
The rise of parallelism (and other computing challenges)
http://www.isgtw.org/?pid=1000812

from above:
The ILLIAC IV supercomputer led its field in 1966 as a parallel computing machine. This computer was only ever quarter finished, but took eleven years to build at nearly four times the original estimated cost.

... snip ...

misc. recent parallel related posts/thread
http://www.garlic.com/~lynn/2007l.html#24 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#26 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#38 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#60 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007l.html#63 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#13 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#14 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#19 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#22 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#26 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#29 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#37 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#39 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#49 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#51 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#52 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#54 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#58 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#59 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#61 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#1 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#3 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#6 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#25 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#28 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#38 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007n.html#39 Is Parallel Programming Just Too Hard?

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sat, 15 Dec 2007 11:58:49 -0500
cb@mer.df.lth.se (Christian Brunschen) writes:
It also depends, of course, on the relative costs and benefits of other possible solutions. For instance, if one is in the process of switching to a system with a separate crypto-card, but wishes to improve security in the mean time, then this is possibly a worthwhile step; likewise if the cost of introducing such crypto-cards is prohibitive at the moment.

re:
http://www.garlic.com/~lynn/2007u.html#68 folklore indeed
http://www.garlic.com/~lynn/2007u.html#70 folklore indeed

for a little more topic drift ... this post
http://www.garlic.com/~lynn/aadsm27.htm#65 MITM spotted in Tor
in thread on new MITM
https://financialcryptography.com/mt/archives/000987.html

mentioning that obviously the visual keyboard with mouse clicks is a countermeasure to a presumably compromised PC. the issue then, where is it mandated that virus/trojan (in compromised PC) is limited only to keylogging ... as mentioned here
http://www.garlic.com/~lynn/2007u.html#74 folklore indeed

where voila, a compromised PC is doing something more than keylogging.

at least back to the mid-90s, the issue of compromised PC was studied in detail ... one of the countermeasures (from the 90s) was the EU finread standard
http://www.garlic.com/~lynn/subintegrity.html#finread

it was targeted at both strong authentication for both sessions and transactions (as part of the related chipcard) ... but features were added to the finread terminal as countermeasures to a broad range of things that assumed could be associated with compromised PC. the details of the transaction/operation were presented in a (trusted) terminal display and human action was required in the form of pin-entry in the (trusted) pinpad. this not only eliminated the phishing/harvesting/logging exploits by a virus/trojan (in a compromised PC) but also a virus/trojan performing operations (requiring authentication) w/o the person's knowledge .... aka the things that a compromised PC might perform and the necessary countermeasures have been well understood for at least a decade.

the value of cryptocards introduction is particularly prohibative when the fully loaded deployment costs are significantly larger than the actual card costs ... including end-user training ... and the deployment is a disaster and has to be completely written off and start again from nearly scratch.

i've posted a number of times that a number of well thot out countermeasures, were well on their way to be deployed, when the whole thing came to a screeching halt because of a particularly disastrous, aborted deployment attempt.
http://www.garlic.com/~lynn/2007n.html#54 Windows Monitor or CUSP?
http://www.garlic.com/~lynn/2007n.html#63 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007n.html#75 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007n.html#78 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007u.html#11 Public Computers
http://www.garlic.com/~lynn/2007u.html#47 folklore indeed
http://www.garlic.com/~lynn/2007u.html#70 folklore indeed

somewhat related to factors mentioned
http://www.garlic.com/~lynn/2007u.html#70 folklore indeed

for even more topic drift an old writeup on not only reducing the incremental chip related cost to as close to zero as possible ... but actually leveraging the chip to reduce the current infrastructure cost by several orders larger than the incremental chip cost (for a significant overall infrastructure savings)

we've looked at minimum circuits to do sha+ecdsa ... which is on the order of a few 10k circuits. take that and add it to a upc-rfid like core ... and you are nearly on the rfid cost curve ... but supporting (digital signature) dynamic data .... in lieu of easily spoofed static data ... not like what was done in the YES CARD scenario
http://www.garlic.com/~lynn/subintegrity.html#yescard

it can do the operation in small fraction of second ... requires somewhat more power than standard upc-rfid chip ... but is easily within the iso 14443 specification.

say for a few cents per ... you add them to the magstripe gift/stored-value cards found at supermarket checkout counters.
http://www.garlic.com/~lynn/x959.html#aads

using x9.59 financial standard,
http://www.garlic.com/~lynn/x959.html#x959

it is now possible to leverage such a chipcard not only to improve the integrity of stored-value transactions but leverage the same card for use with every point-of-sale (magstripe) transaction the consumer performs. there have been lots of statements made that all the "new" point-of-sale chipcard-enabled terminals ... are program downloadable ... which would support the claim that it would be trivially possible to upgrade all existing chipcard-enabled point-of-sale terminals to support x9.59 transactions (for all kinds of transaction that might be possible at point-of-sale terminal).

with a USB adapter for less than a couple dollars, the consumer could also use the same chipcard with their PC for every authentication operation ... including converting all electronic commerce transactions to x9.59.

long ago and far away ... kerberos was being done at MIT project athena ... and used shared-secret password methodology. Project Athena was underwritten by two corporations which would periodically send teams in to review the projects. My wife and I were one such team that periodically went in to review project athena projects (including kerberos).

later pk-init specified a certificate-less digital signature (including possibly ecdsa) authentication operation (for kerberos) ... and some intense lobbying eventually also added certificate-based digital signature operation to the specification. in any case, the same chip ... not only the same kind of chip, but the same exact card that consumer obtained at the supermarket checkout line ... might be used for pk-init kerberos authentication. kerberos is also one of the main authentication infrastructures in the world today. misc. past posts mentioning kerberos and/or pk-init
http://www.garlic.com/~lynn/subpubkey.html#kerberos

my IETF RFC index
http://www.garlic.com/~lynn/rfcietff.htm

select Term (term->RFC#) in the RFCs listed by section and then scroll down to
kerberos
see also authentication , generic security service , security
5021 4757 4752 4559 4557 4556 4537 4430 4402 4121 4120 3962 3961 3244 3129 2942 2712 2623 1964 1510 1411


selecting an RFC numbers brings up that RFC summary in the lower frame. Selecting the ".txt=nnnn" field retrieves the actual RFC.

the other major authentication infrastructure in the world today is RADIUS. RADIUS had been a proprietary protocol developed by a modem router box vendor. For instance, some number of the modem pools that were used by the oldstyle online banking (dialing directly into modem pools at the financial institutions) were controlled by such boxes and used RADIUS for authentication (I actually configured and help deploy one such installation). The vendor was eventually bought by a much larger corporation and the protocol donated to IETF for internet standard. Its use evolved to be used by almost everybody operating dail-in modem pools (including all the ISPs around the world) ... and then was also leveraged for lots of other authentication operations within the same institution.

my IETF RFC index
http://www.garlic.com/~lynn/rfcietff.htm

select Term (term->RFC#) in the RFCs listed by section and then select RADIUS in the Acronym fastpath section:
remote authentication dial in user service (RADIUS )
see also authentication , network access server , network services
5030 4849 4818 4679 4675 4673 4672 4671 4670 4669 4668 4590 4372 4014 3580 3579 3576 3575 3162 2882 2869 2868 2867 2866 2865 2809 2621 2620 2619 2618 2548 2139 2138 2059 2058


it then is also straight-forward to have a RADIUS deployment that supports pk-init kind of challenge/response authentication (including be able to use the same chip that might be deployed in a supermarket gift card) ... supported concurrently with several other authentication methods, and specific authentication method specifiable on a per account basis.
http://www.garlic.com/~lynn/subpubkey.html#radius

The same RADIUS authentication infrastructure has also been leverage by a lot of web-services operation ... so it then becomes trivial increment for them to also support such a supermarket deployed gift card.

So for a trivial incremental cost, it would be possible to add (& widely deploy) an extremely high integrity something you have authentication chip (/cryptocard) ... that the consumer might be able to use across a broad range of different applications needing stronger authentication (all point-of-sale transactions, all internet transactions, all session authentication operations, etc).

This can also be treated as trivial example of parameterised risk management ... requiring the authentication integrity strength to be proportional to what is at risk (treating any transition from password to chip ... or other technology, on purely an account by account basis).

We've even proposed a way of leveraging such an environment to radically simplify SSL/TLS protocol chatter. The effort started out being targeted at stateless, transaction operation ... but the protocol chatter significantly increased the overhead for simple transactions. The recent approaches have been trying to amortize the SSL/TLS protocol chatter over a much larger number of operations (as an approach to reducing overall infrastructure overhead). This other approach could bring the chatter down so that it was much more acceptable for transaction operation.

As frequently noted before, a primary use of SSL/TLS in the world today is hiding account numbers in electronic commerce transactions ... misc. references
http://www.garlic.com/~lynn/subnetwork.html#gateway
and
http://www.garlic.com/~lynn/subpubkey.html#sslcert

However, a transition to x9.59 financial standard protocol for electronic commerce transactions, eliminates any need to hide the account numbers ... and therefor eliminating one of the primary justifications/uses for SSL/TLS.

Eliminating the need to hide account numbers also does away with the current activities spending enormous amounts and enormous efforts trying to improve the hiding of account numbers ... again this circumstance is somewhat an attribute of the "naked transaction" metaphor discussed in these posts
http://www.garlic.com/~lynn/subintegrity.html#payments

a problem is that this (described AADS chip strawman) is a pure infrastructure cost-based approach ... as opposed to more frequently profit oriented approach. A side effect of profit oriented solutions ... typically include making solution appear as complex/complicated as possible, in support of justifying the price (and therefor the profit margin).

IBM Floating-point myths

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sat, 15 Dec 2007 16:31:51 -0500
nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
Not all that much. The Ferranti Atlas used 24, and that was earlier. But IBM weren't very good at noticing what happened this side of the pond.

here is this quote about the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

justifying its virtual memory/virtual machine project:
What was most significant was that the commitment to virtual memory was backed with no successful experience. A system of that period that had implemented virtual memory was the Ferranti Atlas computer, and that was known not to be working well. What was frightening is that nobody who was setting this virtual memory direction at IBM knew why Atlas didn't work

... snip ...

found in melinda's historical document
http://www.leeandmelindavarian.com/Melinda/
http://www.leeandmelindavarian.com/Melinda/

another item from the above:
Creasy had decided to build CP-40 while riding on the MTA. "I launched the effort between Xmas 1964 and year's end, after making the decision while on an MTA bus from Arlington to Cambridge. It was a Tuesday, I believe." (R.J. Creasy, private communication, 1989.)

... snip ...

the original implementation, cp40 was on a specially modified 360/40 with virtual memory hardware. this morphed into cp67 when 360/67 (with virtual memory) became generally available. the 360/67 supported both 24bit and 32bit (virtual) addressing modes.

the folklore is that the science center got budget from the company by telling them that it was going to be spent on a graphical interface project ... to avoid/sidestep the political consequences of raising awareness that the science center would be trampling on some other organizations turf (doing some virtual memory related stuff).

i then significantly redid lots of the cp67 virtual memory implementation when i was an undergraduate ... after cp67 had been installed at the univ., last week jan68 ... some related posts
http://www.garlic.com/~lynn/subtopic.html#wsclock

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Education ranking
Newsgroups: alt.folklore.computers
Date: Sat, 15 Dec 2007 18:47:07 -0500
just heard part of news broadcast about 2006 survey of 15yr olds in 39(?) industrial countries. US ranked 25th(?) in science and 35th(?) in math.

doing web news search (stories seems to be what subcollection of countries are used to calculate how low the US ranks)

This article says it was 15yr olds in 57 countries and Finnish pupils top PISA study
http://www.norden.org/webb/news/news.asp?id=7441&lang=6

US Students fall short in Math and Science ... but it talks about 30 developed nations
http://www.edweek.org/ew/articles/2007/12/04/14pisa_web.h27.html

The Real Test the U.S. Keeps Flunking
http://www.tcf.org/list.asp?type=NC&pubid=1752

New report ranks U.S. teens 29th in science worldwide
http://axcessnews.com/index.php/articles/show/id/13282

a few earlier posts on this subject:
http://www.garlic.com/~lynn/2007g.html#6 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007g.html#29 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007g.html#31 Wylbur and Paging
http://www.garlic.com/~lynn/2007g.html#34 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007g.html#35 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007g.html#52 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007g.html#68 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007h.html#42 Experts: Education key to U.S. competitiveness
http://www.garlic.com/~lynn/2007i.html#13 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007j.html#31 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#33 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#51 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#52 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#58 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#85 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#88 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#13 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#24 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#30 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#34 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#42 IBM Unionization
http://www.garlic.com/~lynn/2007l.html#5 IBM Unionization
http://www.garlic.com/~lynn/2007l.html#14 Superconductors and computing
http://www.garlic.com/~lynn/2007l.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007n.html#31 IBM obsoleting mainframe hardware
http://www.garlic.com/~lynn/2007n.html#34 IBM obsoleting mainframe hardware
http://www.garlic.com/~lynn/2007o.html#20 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007o.html#21 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007o.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007o.html#31 EZPass: Yes, Big Brother IS Watching You!
http://www.garlic.com/~lynn/2007o.html#33 EZPass: Yes, Big Brother IS Watching You!
http://www.garlic.com/~lynn/2007o.html#62 Horrid thought about Politics, President Bush, and Democrats
http://www.garlic.com/~lynn/2007p.html#14 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#15 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007p.html#18 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007p.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#25 Horrid thought about Politics, President Bush, and Democrats
http://www.garlic.com/~lynn/2007p.html#32 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007s.html#22 America Competes spreads funds out
http://www.garlic.com/~lynn/2007s.html#36 Oracle Introduces Oracle VM As It Leaps Into Virtualization
http://www.garlic.com/~lynn/2007t.html#15 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#18 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#43 Newsweek article--baby boomers and computers

IBM Floating-point myths

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sat, 15 Dec 2007 19:26:57 -0500
nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
Eh? When was that? The Ferranti Atlas worked extremely well, and the Titan at Cambridge (effectively an Atlas) delivered a general purpose (interactive) service in the mid-1960s that no production IBM system could match until a decade later. Some dozens of users logged on, plus batch work, and users allowed to compile and debug interactively.

Some of that was software, which is the problem we had when moving to an IBM 370/165, but the lack of virtual memory hardware made the latter system very hard to use for the above purpose.


re:
http://www.garlic.com/~lynn/2007u.html#77 IBM Floating-point myths

I have no direct knowledge ... just that quote from Melinda's paper from early science center justification from doing virtual memory, virtual machine work.
http://www.leeandmelindavarian.com/Melinda/
http://www.leeandmelindavarian.com/Melinda/

with a little bit of work, I easily got cp67 to 35-40 users on 360/67 doing mix-mode edit, compile, execute workload with subsecond response ... at a time when tss/360 (the corporate strategic virtual memory effort) on the same hardware couldn't get subsecond response running four users doing effectively same workload mix.

with a little bit more work, i got it to 75-80 users on 360/67 getting subsecond response.

Grenoble science center had 1mbyte (about 155 pageable pages after fixed memory requirements) 360/67 and did a modified cp67 for the "working set" dispatcher. Cambridge science center had 768kbyte (104 pageable pages after fixed memory requirements) 360/67 (i.e. Grenoble configuration had 50percent more real storage for paging than Cambridge System).

Cambridge with 80 users got about the same response and thruput as Grenoble with 35 users (both configurations running similar workload mix).

CP67 was "officially" announce at the spring 68 SHARE meeting in Houston and customers commingly ran 35-40 users. Some number of stuff that I had done as undergraduate had been incorporated and shipped in the product. Some other stuff didn't ship until vm370 timeframe when my resource manager was released
http://www.garlic.com/~lynn/subtopic.html#fairshare

however, there was a fairly close apples-to-apples comparison between the system running in Cambridge (modulo not having as much hardware) and the one running in Grenoble ... except Grenoble's "working set dispatcher" couldn't achieve the peek workload thruput as the Cambridge system (mainly because of the limitations of the working set dispatcher despite running on system with more resources).

misc past posts mentioning Cambridge/Grenoble comparisons
http://www.garlic.com/~lynn/2006b.html#4 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006d.html#0 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006e.html#7 About TLB in lower-level caches
http://www.garlic.com/~lynn/2006e.html#37 The Pankian Metaphor
http://www.garlic.com/~lynn/2006f.html#0 using 3390 mod-9s
http://www.garlic.com/~lynn/2006i.html#31 virtual memory
http://www.garlic.com/~lynn/2006i.html#36 virtual memory
http://www.garlic.com/~lynn/2006i.html#37 virtual memory
http://www.garlic.com/~lynn/2006i.html#42 virtual memory
http://www.garlic.com/~lynn/2006j.html#1 virtual memory
http://www.garlic.com/~lynn/2006j.html#17 virtual memory
http://www.garlic.com/~lynn/2006j.html#25 virtual memory
http://www.garlic.com/~lynn/2006l.html#14 virtual memory
http://www.garlic.com/~lynn/2006o.html#11 Article on Painted Post, NY
http://www.garlic.com/~lynn/2006q.html#19 virtual memory
http://www.garlic.com/~lynn/2006q.html#21 virtual memory
http://www.garlic.com/~lynn/2006r.html#34 REAL memory column in SDSF
http://www.garlic.com/~lynn/2006u.html#50 Where can you get a Minor in Mainframe?
http://www.garlic.com/~lynn/2006w.html#46 The Future of CPUs: What's After Multi-Core?
http://www.garlic.com/~lynn/2007i.html#15 when was MMU virtualization first considered practical?
http://www.garlic.com/~lynn/2007m.html#60 Scholars needed to build a computer history bibliography
http://www.garlic.com/~lynn/2007s.html#5 Poster of computer hardware events?

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Sat, 15 Dec 2007 19:36:53 -0500
Justa Lurker <JustaLurker@att.net> writes:
If science & engineering in USA offered good career possibilities, then youngsters would be interested in pursuing those options.

Instead, what few jobs remain are largely intended for contract workers. Scientists and engineers are the new migrant labor, and are treated accordingly. Why invest all that time and money in graduate-level rigorous programs when you can (presumably) party your way through school and be a finance man ?


re:
http://www.garlic.com/~lynn/2007u.html#78 Education ranking

this particular study is 15yr olds ... so doesn't involve any career, college, university or graduate programs ... just basic knowledge that every public school graduate should know (in past posts there were reference to states that were suspending requirements for 12th grade highschool grauduates needing to meet 7th grade math proficiency).

as to separate issue of career and graduate-level programs, there may be some chicken & egg here ... this (education) trend has been going on for at least three decades; so the question then has the jobs moved because of the poor quality education or is the poor quality education because the jobs have moved. the poor education results dating back three decades seems to have predated a lot of the jobs going other places.

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sun, 16 Dec 2007 10:46:00 -0500
Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
2. The lack of relocation hardware (not necessarily virtual memory - there were other solutions), that made programs essentially impossible to move. This made swapping of programs almost useless as they had to come back to the same physical location as they left, and made the introduction of time sharing a real nightmare. (I tried to use TSO - it really was an *option* on s S/360 and it was *ugly*)

re:
http://www.garlic.com/~lynn/2007u.html#77 IBM Floating-point myths
http://www.garlic.com/~lynn/2007u.html#79 IBM Floating-point myths

there was a separate issue with os/360 system convention ... as opposed to 360 hardware.

os/360 system convention was that program images on disk had something called "relocatable address constants" ... and as part of fetching the program image into memory (real or virtual) ... the "relocatable address constants" would be swizzeled to absolute address.

contrast this with tss/360 ... built for virtual memory 360/67 machine ... had their "relocatable address constants" as separate structures from the program image. this allowed the same program image to appear at different locations in different virtual address spaces ... with the "relocatable address constant" structure adjusted appropriately for a specific image (as previously mentioned, tss/360 got lots of other things wrong ... including lots of thruput/performance)

As os/360 added virtual memory support and morphed into MVS ... it maintained its "relocatable adcon" implementation. This required that as part of program loading, the loader had to run thru the (uniquely loaded) program image and finding and modifying all the (somewhat randomly distributed) relocatable adcons. This resulted in heavy initialization for program loading (prefetching and modifying all the virtual pages containing relocatable adcons). It also precluded any program loader implementation that could leverage page-mapped filesystem and/or easily sharing common program image across multiple virtual address space (i.e. say by leverage segmentation hardware).

CMS (cambridge monitor system, later conversational monitor system) was developed at the science center, originally with cp40, and then moving along with the morph of cp40 to cp67 and then to vm370. It could be consider similar to the genre of virtual appliance activity associated with current day virtualization activity.

CMS provided os/360 compatibility simulation that was heavily used to run os/360 applications and programs ... and suffered the same overhead of hitting and modifying every program image virtual pages containing the (somewhat randomly distributed) relocatable adcons. CMS did have a feature to save a fixed-address program image (after all the relocatable adcons had been swizzled) ... and then do "fast" program reload.

In the early 70s, I had implemented a CMS (virtual memory) paged-mapped filesystem ... some old references
http://www.garlic.com/~lynn/submain.html#mmap

and leveraged the virtual memory segment hardware to support page-mapped "loading" of common program image (or any file) shared across multiple different (CMS) virtual address spaces ... even the same image appearing at different addresses in different virtual address spaces.

However, the (os/360) relocatable address constant convention gave me fits, i had the choice between page-mapped loading program image

1) before the relocatable adcons had been swizzled ... the swizzling would modify the image and preclude it being shared across multiple virtual spaces

2) after the relocatable adcons had been swizzled ... the images could be shared ... but were forced to appear at the same address in every virtual address space.

So I developed a relative address hack ... redoing some amount of program source so I could page-map load common program image (across multiple virtual address space) and allow it to be loaded at whatever free address/segment was available in any virtual address space. Lots of past post mentioning difficulty of doing relative address hack (despite any limitations in the underlying hardware)
http://www.garlic.com/~lynn/submain.html#adcon

for other topic drift ... there were some number of companies spun off in the cp67 and early vm370 timeframe to offer (virtual machine based) commercial timesharing
http://www.garlic.com/~lynn/submain.html#timeshare

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Sun, 16 Dec 2007 11:00:10 -0500
Morten Reistad <first@last.name> writes:
The US will have an engineering squeeze when a sufficient number of the late sixties/early senevties alumni go into retirement. Those who were out of college in 1975, one of the last really stellar years for engineers, were 25-27 years old then, and are 57-60 this year. The 10 year older group are 67-70 this year.

I sense the consultancy heat building up, we even see recruitment efforts over here.


re:
http://www.garlic.com/~lynn/2007u.html#78 Education ranking
http://www.garlic.com/~lynn/2007u.html#80 Education ranking

this has already been mentioned as one of the reasons why there has been cutback in oil exploration/drilling projects
http://www.garlic.com/~lynn/2007q.html#42 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007s.html#63 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#43 Newsweek article--baby boomers and computers

as well as other major business risks with the boomer exodus
http://www.garlic.com/~lynn/2007s.html#32 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#1 Newsweek article--baby boomers and computers

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sun, 16 Dec 2007 11:23:28 -0500
Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
In general, many of these fall into the category of not hiding enough of the physical machine from the users so that they could/had to know too much which limited what could be done in the future.

re:
http://www.garlic.com/~lynn/2007u.html#77 IBM Floating-point myths
http://www.garlic.com/~lynn/2007u.html#79 IBM Floating-point myths
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, IBM Floating-point myths

one of the more complicated areas is I/O ... and the mainframe I/O "channel programs". The I/O channels execute "channel programs" using real addresses.

cp67, to provide virtual machine simulation had to intercept I/O activation, and scan the associated virtual machine's channel program, create a shadow copy of it, fetch each specified virtual page and fix in real memory (until the i/o operation has completed) ... and then activate the shadow copy channel program for execution.

OS/360 had a convention where applications built "real" channel programs (mostly done by called library routines) which were then passed to the OS/360 kernel for activation. In the transition of OS/360 to a virtual memory environment (when hardware became generally available on 370s), it had to 1) build virtual address space tables, 2) handle page faults and paging operations, and 3) translate the passed application channel programs ... in manner similar to that described for cp67.

in fact, the initial os/360 virtual memory implementation ... borrowed the channel program translation code (CCWTRANS) from cp67.

These days if you have MVS running in a VM virtual machine, MVS will translate the application's channel program, activating the translated copy/shadow channel program; VM hypervisor will then intercept the activation and perform the translation all over again.

Early on, CP67 provided custom hypervisor interfaces ... several of which were tailored to CMS operation to reduce virtual machine emulation overhead. I had done a flavor of one while an undergradate to drastically cut down on the (translation) overhead associated with doing CMS file i/o operations. However, this retained the virtual->real address translation metaphor (although the pathlength to scan, copy, and translate was drastically reduced).

I completely eliminated that overhead in the early 70s, when i did a hypervisor API that supported page-mapped filesystem operations
http://www.garlic.com/~lynn/submain.html#mmap

also mentioned in this previous post
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, IBM Floating-point myths

I/O continues to be one of the major issues in virtual machine implementations.

IBM Floating-point myths

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sun, 16 Dec 2007 11:49:49 -0500
YANSWBVCG <daf@puf2.localhost.comcast.net> writes:
The virtual memory system for the IBM 370/167 was designed at the University of Michigan. MTS was the first timesharing system based upon the 370/167. It did not work well initially, but developed into a quite usable system.

re:
http://www.garlic.com/~lynn/2007u.html#77 IBM Floating-point myths
http://www.garlic.com/~lynn/2007u.html#79 IBM Floating-point myths
http://www.garlic.com/~lynn/2007u.html#81 IBM Floating-point myths
http://www.garlic.com/~lynn/2007u.html#83 IBM Floating-point myths

virtual memory system was designed for 360/67 ... a lot of it in response to project mac. you can read more about it in melinda's virtual machine history ... which contains a lot of early history leading up to 360 virtual memory
http://www.leeandmelindavarian.com/Melinda/
http://www.leeandmelindavarian.com/Melinda/

the "official" product for 360/67 was tss/360 and was sold to a lot of universities. when tss/360 ran into all sort of implementation and schedule problems ... lots of places started looking around for alternatives .. including Univ. of Michigan, developing MTS for 360/67. 360 was replaced by 370 ... but initially announced and shipped to customers w/o virtual memory capability ... later virtual memory was announced for all 370s ... and Michigan morphed MTS from 360/67 to 370 virtual memory (replacing 360/67 with 370/168).

starting prior to 360/67 being announced and marketing to customers (including several univ), the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

had been involved in the Project MAC bid ... and then questioned what was being done for 360/67 and tss/360 (i.e. part of the motivation behind the reference to Atlas in prior post).

this also prompted the science center to modify a 360/40 with virtual memory hardware and create cp40 ... which later morphed into cp67 when standard 360/67 with virtual memory became available.

some recent posts in other threads mentioning MTS and UofM
http://www.garlic.com/~lynn/2007t.html#54 new 40+ yr old, disruptive technology
http://www.garlic.com/~lynn/2007u.html#13 new 40+ yr old, disruptive technology
http://www.garlic.com/~lynn/2007u.html#18 Folklore references to CP67 at Lincoln Labs
http://www.garlic.com/~lynn/2007u.html#23 T3 Sues IBM To Break its Mainframe Monopoly

IBM Floating-point myths

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sun, 16 Dec 2007 12:26:29 -0500
re:
http://www.garlic.com/~lynn/2007u.html#84 IBM Floating-point myths

some pictures of the MTS 360/67
http://www.eecis.udel.edu/~mills/gallery/gallery8.html

umich.edu use to have quite a few webpages on MTS and its history, from a 1996 article that went 404 ... but somebody had apparently cloned the pages and put them up ... but those went 404 also.

however, the wayback machine is your friend (although it doesn't have the images)
http://web.archive.org/web/20050408065420/http://www.itd.umich.edu/~doc/Digest/0596/index.html
http://web.archive.org/web/20050212073715/http://www.itd.umich.edu/~doc/Digest/0596/feat01.html
http://web.archive.org/web/20050822212817/http://www.itd.umich.edu/~doc/Digest/0596/feat02.html
http://web.archive.org/web/20050403221053/http://www.itd.umich.edu/~doc/Digest/0596/feat03.html

from the above pages:
MTS Begins as Experiment

While waiting for the Model 65M to arrive, Computing Center personnel were able to perform their early timesharing experiments using an IBM Model 360/50 that was funded by the ConComp Project. Headed by Computing Center associate director Frank Westervelt with funding from ARPA (Advanced Research Projects Agency of the U.S. Department of Defense), the ConComp Project was investigating "conversational computing."

The timesharing experiment began as a "half-page of code on the kitchen table." By combining this new code with a version of a small multi-programming system (LLMPS) from MIT Lincoln Laboratories--which was modified and became the U-M Multi-Programming System (UMMPS)--MTS architects Mike Alexander and Don Boettner were able to create a prototype timesharing system.

This was the earliest incarnation of MTS, which Alexander and Boettner intended as "a throw-away system that we worked on while we waited for TSS to become available."

IBM's TimeSharing System

With requests for over 100 new machines, now called the System/360 Model 67, IBM realized there was a market for timesharing, and it agreed to develop the software as well as build the machine. However, development work on IBM's TimeSharing System (TSS) took longer than anticipated and, therefore, was not yet available when the Model 67 arrived at the Computing Center in 1967.

The ball was now in U-M's court to decide whether to return the Model 67 and select another main-frame or to create an interim system to use until TSS was ready. The Computing Center staff members decided to continue their own experiments with timesharing and moved their development work from the Model 50 to the Model 67.


... snip ...

note that in the above, MTS timesharing work started with a 360/50 w/o virtual memory (and LLMPs from Lincoln Labs).

some more from the above pages:
Undeterred by this pronouncement, the Computing Center launched a major development effort to enhance the capabilities of MTS. According to Alexander, "We developed MTS because we didn't know it was impossible." Five months later, in May 1967, MTS was released to the campus.

... snip ...

cambridge morphed cp40 to cp67 when they were finally able to get a 360/67 machine (they were very low priority, machines would go to tss/360 development and customers before they would be made available to other internal locations). The cp67 morph was installed at Lincoln Labs 67 during 1967 and installed at the univ (where i was undergraudate) the last week jan68.

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sun, 16 Dec 2007 15:13:25 -0500
Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
5. I have spoken before of the issues with doing true variable length records on disk drives. Everyone, including, I believe, IBM's older machines used fixed length records. Again, The whole CKD mess still haunts IBM today where it has to be emulated on fixed length record drives.

CKD also has a different problem than its support of variable length records.

cp40/cp67/vm370 for virtual memory paging, formated (and treated) the (CKD) disks as if they were fixed block.

CMS ... possibly some of its heritage back to CTSS & 7094 ... had a filesystem that formated (and treated) the (CKD) disks as if they were fixed block.

however, CKD support search & multi-track search operations. An operating system (OS/360) could design a filesystem where it could offload i/o programs that searched for the desired file or record (say, as opposed to keeping the information cached in real storage). This could be seen as IO/real-storage implementation trade-off from the early 60s were there was much more (relatively) abundant system I/O capacity and real-storage was extremely constrained.

in this time-frame, the multi-track search overhead ... in terms of scarce i/o resources ... was becoming a major resource hog and bottleneck ... however, the use of multi-track search had become ingrained in the standard os/360 descendents. misc. past posts
http://www.garlic.com/~lynn/submain.html#dasd

i've frequently commented starting at least in the mid-70s that resource trade-off was starting to change ... relative system i/o capacity was becoming much more of a bottleneck and relative system real storage had become much more abundant. As a result, lots of infrastructures was starting to leverage the relatively "abundant" real storage to compensate for the increasingly i/o bottleneck (like high level indexes and caching).

One place this change can be seen is with RDBMS. The original relational/sql implementation done by research in bldg. 28 ... was having skirmishes with the 60s "physical database" people in bldg. 90 (ten miles south). The 60s database people were claiming that system/r doubled the physical disk space (for the indexes) and significantly increased the i/o (as well as serializing) access. The rdbms faction countered that the relational metaphor abstracted the direct record pointer (used in the 60s) implementation ... eliminating significant administrative and application development overhead associated with exposed/direct record pointer management.

going into the 80s, the disk cost-per-byte (continued) declining ... significantly mitigating the cost overhead of the (relational) indexes. also, the continued increase in (relatively abundant) real storage allowed implementations to cache the relational indexes ... significantly cutting down the I/O overhead and serialization dealing with indexes.

some number of past posts about system/r, its morphing into sql/ds and db2 as well as other rdbms related posts
http://www.garlic.com/~lynn/submain.html#systemr

i've mentioned in the past, that at one point i was claiming that relative disk system thruput had declined by an order of magnitude over a period of approx. 15 yrs ... and some disk division executive asked their performance group to refute the claims. After serveral weeks, they effectively came back and said that I had slightly understated the case.

in some of these old posts about that assertion, I point at that the increase in CMS user workload (between cp67 on 360/67 and vm370 on 3081) is basically proportional to the increase in I/O thruput ... not increase in either processor or real-storage. Since processor thruput increased by an order of magnitude more than disk i/o increased, the relative system disk i/o thruput declined by an order of magnitude.
http://www.garlic.com/~lynn/93.html#31 Big I/O or Kicking the Mainframe out the Door
http://www.garlic.com/~lynn/94.html#43 Bloat, elegance, simplicity and other irrelevant concepts
http://www.garlic.com/~lynn/94.html#55 How Do the Old Mainframes Compare to Today's Micros?
http://www.garlic.com/~lynn/95.html#10 Virtual Memory (A return to the past?)
http://www.garlic.com/~lynn/98.html#46 The god old days(???)
http://www.garlic.com/~lynn/99.html#4 IBM S/360
http://www.garlic.com/~lynn/2001d.html#66 Pentium 4 Prefetch engine?
http://www.garlic.com/~lynn/2001f.html#62 any 70's era supercomputers that ran as slow as today's supercomputers?
http://www.garlic.com/~lynn/2001l.html#40 MVS History (all parts)
http://www.garlic.com/~lynn/2001l.html#61 MVS History (all parts)
http://www.garlic.com/~lynn/2001m.html#23 Smallest Storage Capacity Hard Disk?
http://www.garlic.com/~lynn/2002.html#5 index searching
http://www.garlic.com/~lynn/2002b.html#11 Microcode? (& index searching)
http://www.garlic.com/~lynn/2002b.html#20 index searching
http://www.garlic.com/~lynn/2002e.html#8 What are some impressive page rates?

during some of this period i was getting to play disk engineer in bldg. 14&15
http://www.garlic.com/~lynn/subtopic.html#disk

and the disk division had introduced a family of "fixed block architecture" disks. vm370 and some of the other corporate operating systems easily adapted to supporting the devices. However, the high-end favorite son operating system wasn't able ... not so much because of fixed-block vis-a-vis variable-length ... but because the multi-track search operation no longer existed.

I discussed this in some detail with their filesystem people. The claimed that even if i provided them with fully integrated and tested code supporting fixed-block-architecture (FBA) devices, it would still cost $26m in documentation, training, education, etc. to ship the support to customers. I need to show that customers would buy enuf extra disks (because of the feature) to show a significant ROI justifying the $26m. The counter argument at the time, was that the customers would effectively change from buying CKD disks to buying FBA disks ... w/o actually increasing the amount of purchases. This discounted all the lifetime savings and simplifications from moving to FBA infrastructure.

CompUSA to Close after Jan. 1st 2008

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: CompUSA to Close after Jan. 1st 2008
Newsgroups: alt.folklore.computers
Date: Sun, 16 Dec 2007 16:03:59 -0500
AZ Nomad <aznomad.2@PremoveOBthisOX.COM> writes:
No the problem is that microsoft has totally failed to incorporate 1960's technology and protect the OS from its users. It was microsoft that made email and web browsing dangerous. If somebody went back to 1990 and told me that you can have your system destroyed by opening an email, I would not have been able to even fathom it.

we had looked at the characteristic on the internal network
http://www.garlic.com/~lynn/subnetwork.html#internalnet

more than a decade earlier and established rules to avoid the problem.

however, an instance of one such rapidly spreading implementation did appear on bitnet
http://www.garlic.com/~lynn/subnetwork.html#bitnet

some of which did leak over into the internal network ... the xmas exec even predated the morris worm.

past reference
http://www.garlic.com/~lynn/2004p.html#13 Mainframe Virus ????
past reference from vmshare archive (almost exactly two decade anniversary, 10dec87)
http://vm.marist.edu/~vmshare/browse?fn=CHRISTMA&ft=PROB
reference (from joe morris) in risk digest archive (21dec87)
http://catless.ncl.ac.uk/Risks/5.81.html#subj1

by comparison, the morris worm was a year later:
https://en.wikipedia.org/wiki/Morris_worm

the basic vulnerability was allowing executable command scripts/execs to be loaded from arriving network traffic.

now at the jan96 mdf at moscone ... while internet was mentioned frequently ... the theme appeared to be "protecting your investment" ... i.e. all the basic/VB technology that had evolved for stand-alone environment and private/departmental networking would be carried forward into the internet environment ... promoting extensive VB applications that evolved in the private/departmental networking environment to be extended to the internet environment ... w/o also dealing with the significant threat/vulnerability differences between the private/departmental networking environments and the wide-open, hostile anarchy of the internet.

misc. past posts mentioning "protect your investment" theme
http://www.garlic.com/~lynn/2004k.html#32 Frontiernet insists on being my firewall
http://www.garlic.com/~lynn/2004l.html#51 Specifying all biz rules in relational data
http://www.garlic.com/~lynn/2007s.html#18 Oddly good news week: Google announces a Caps library for Javascript




previous, next, index - home