List of Archived Posts

2007 Newsgroup Postings (12/16 - 12/31)

IBM mainframe history, was Floating-point myths
IBM mainframe history, was Floating-point myths
folklore indeed
IBM mainframe history, was Floating-point myths
IBM mainframe history, was Floating-point myths
IPv6 vs Y2K and GOSIP
Ironkey
Faster Chips Are Leaving Programmers in Their Dust
Virtualization still hot, death of antivirus software imminent
What do YOU call the # sign?
About 1 in 5 IBM employees now in India - so what ?
IBM mainframe history, was Floating-point myths
What do YOU call the # sign?
Ageing data centers limiting benefits of new technologies
Faster Chips Are Leaving Programmers in Their Dust
folklore indeed
Education ranking
Amazon's "Simple" Database
Traffic Jam Mystery Solved By Mathematicians
Education ranking
Education ranking
It keeps getting uglier
Faster Chips Are Leaving Programmers in Their Dust
folklore indeed
segmentation or lack thereof
Newsweek article--baby boomers and computers
2007 Year in Review on Mainframes - Interesting
folklore indeed
folklore indeed
folklore indeed
Apple files patent for WGA-style anti-piracy tech
Faster Chips Are Leaving Programmers in Their Dust
MTS memories
Hitachi, Silver Lake in talks about hard drives, sources say
What do YOU call the # sign?
Inside a Modern Malware Distribution System
folklore indeed
Apple files patent for WGA-style anti-piracy tech
Education ranking
Education ranking
IBM mainframe history, was Floating-point myths
IBM mainframe history, was Floating-point myths
Newbie question about db normalization theory: redundant keys OK?
distributed lock manager
Education ranking
Education ranking
folklore indeed
MTS memories
IBM mainframe history, was Floating-point myths
IBM mainframe history, was Floating-point myths
IBM mainframe history, was Floating-point myths
Education ranking
vm folklore, new, 40+ yr old technology
folklore indeed
An old fashioned Christmas
An old fashioned Christmas
An old fashioned Christmas
folklore indeed
folklore indeed
Researcher: Info overload costs economy
Credit Card Details
Apple files patent for WGA-style anti-piracy tech
folklore indeed
An old fashioned Christmas
folklore indeed
folklore indeed
Public Computers
Alexander Graham Bell - Patent Thief?
It keeps getting uglier
Controlling COBOL DDs named SYSOUT
folklore indeed
Education ranking
whats the world going to do when all the baby boomers retire
folklore indeed
folklore indeed
virtual appliance
Why Didn't Digital Catch the Wave?
folklore indeed
folklore indeed
folklore indeed
software preservation volunteers ( was Re: LINC-8 Front Panel Questions)
Tap and faucet and spellcheckers
folklore indeed
Alexander Graham Bell - Patent Thief?
folklore indeed
folklore indeed
folklore indeed
Data Breaches Soar In 2007
Data Breaches Soar In 2007
2007 Roundup: The march of the botnets
folklore indeed
Tap and faucet and spellcheckers
Tap and faucet and spellcheckers
folklore indeed
folklore indeed
folklore indeed
source for VAX programmers
folklore indeed
It keeps getting uglier
It keeps getting uglier
source for VAX programmers
It keeps getting uglier

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch
Date: Sun, 16 Dec 2007 22:34:20 -0500
haynes@alumni.uark.edu (Jim Haynes) writes:
Yes, seems to me a simple base-and-limit register pair as they had already done as an RPQ in the 7090 at MIT for CTSS, and as was standard on the GE-635, would have done wonders for them. And then the memory protection scheme they did implement, with the 4-bit protection keys, seems baroque beyond words.

re:
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007u.html#83 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007u.html#86 IBM mainframe history, was Floating-point myths

there was something like that done (base&bound) in the microcode as part of oldtime emulation support.

one of the engineers on the boeing account used it to port cp67 to 370 before virtual memory was announced (using base&bound to limit virtual machine address space). the problem was that it required one contiguous region ... and because of the still somewhat limited real storage ... the whole area needed to be swapped.

for real storage system ... the 4bit protection keys allowed storage protection on 2k increments for up to 15 concurrent (different) tasks to coexist simultaneously (in the relatively small real storage of the period, 360/30s regularly operated with 32kbyte real storage, i started out on 360/30 with 64kbyte real storage).

this paper from apr64 by amdahl, blaauw, and brooks discusses some of the trade-off decisions in 360 design
http://www.research.ibm.com/journal/rd/082/ibmrd0802C.pdf

there were some number of "interactive" subsystems that evolved under traditional os/360 batch platform that used logical base&bound ... for instance apl\360 and associated workspaces. this contiguous limitation wasn't so bad as long as the workspace size was typically 16kbytes to 32kbytes ... and required swapping the whole workspace to switch between users. however, the small size of the contiguous workspace probably contributed to its storage management and garbage collection implementation ... which had to be completely reworked when the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

ported apl\360 to cms for cms\apl (and operating in potentially 16mbyte paged virtual address space). some past posts mentioning apl &/or some large apl applications
http://www.garlic.com/~lynn/subtopic.html#hone

later in the early 80s, hardware/microcode subset of virtual machine support (hypervisor) used something similar ... with dedicated real storage. Early implementations had two dedicated logical machine areas ... one typically would run a MVS batch system and the other would run virtual machine (software) hypervisor ... and the hardware/microcode would partition the resources for the two "machines".

The maximum number of supported LPARs on mainframe have undergone increases since them. z990 supports up to 30 LPARs
http://www.redbooks.ibm.com/redbooks/pdfs/sg246863.pdf
Z9 Enterprise class supports up to 60 LPARs
http://www-03.ibm.com/systems/z/z9ec/

LPARs have also been adopted to other products lines. This is description of LPARs on 801/RISC power/pc derivative used by AS/400 now supporting up to 254 LPARs
http://www-03.ibm.com/servers/eserver/iseries/lpar/

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Mon, 17 Dec 2007 05:41:15 -0500
Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
Yes, certainly. The multi-track search problems are well known. But the lack of a standard block size led to a whole bunch of problems that people used to today's disks can't imagine. The CKD addressing scheme requires that disk blocks be addressed by their cylinder number, head number and record number within the track i.e. *not* just a relative block number. So even if all of the blocks in "your" application were a fixed size, you had to calculate, via IBM supplied formula or look up in an IBM supplied table how many records of whatever size you used would fit on a track of whatever disk you were using.

re:
http://www.garlic.com/~lynn/2007u.html#86 IBM mainframe history, was Floating-point myths

made all sorts of claims about infrastruction lifetime cost & complexity savings in moving from CKD to FBA as ROI justification for the $26m conversion costs (documentation, training, education, etc) ... but they just wanted to see increased disk sales attributed to CKD to FBA change, as ROI justification.

in mainframe forums there have been references to IBM statements about not introducing any new DASD models with changed geometry/configuration ... the underlaying fixed-block disk technology may go thru all sorts of transitions ... but they will hold the CKD emulation static.

for other topic drift, i had done q&d conversion of gcard ios3270 to html
http://www.garlic.com/~lynn/gcard.html

including oldtime DASD Capacity Formulae
http://www.garlic.com/~lynn/gcard.html#26.3

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Mon, 17 Dec 2007 06:14:59 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
there have been challenge/response dongles if you are doing direct communication with financial institutions ... say online or telephone banking operation ... but not doing retail transaction at a merchant that operates in single round-trip (of existing authorization business process) ... this was somewhat referenced in this post
http://www.garlic.com/~lynn/2007u.html#65 folklore indeed

referencing: is net/internet banking safe?

in the previous thread we mentioned visiting the company that produced the devices and then driving with the owner down to brussels for EU finread meeting ... also referenced in these posts:
http://www.garlic.com/~lynn/2001g.html#57 Q: Internet banking
http://www.garlic.com/~lynn/2001g.html#60 PKI/Digital signature doesn't work
http://www.garlic.com/~lynn/2001g.html#61 PKI/Digital signature doesn't work
http://www.garlic.com/~lynn/2001k.html#55 I-net banking security
http://www.garlic.com/~lynn/2002f.html#55 Security Issues of using Internet Banking
http://www.garlic.com/~lynn/2007n.html#43 Windows Monitor or CUSP?

one of the perspectives is that the challenge/response is a session oriented protocol with the challenge/response appearing as part of setting up the session ... and then individual (unprotected) transactions appearing within the session protections. this works much better if the two processing/responsible parties are doing the direct session (i.e. the online banking scenario, directly between the customer and the customer's financial institution).


re:
http://www.garlic.com/~lynn/2007u.html#67 folklore indeed

from today:

Barclays' PINSentry roll-out marred by technical problems
http://www.theregister.co.uk/2007/12/17/pinsentry/

from above:
Barclays' online customers (both consumers and small business) are required to use the handheld device to generate a one-time passcode that will have to be entered at login and to run some online banking functions, such as setting up payments to new third party accounts. The device will only generate a passcode once the user's bank card has been read, and the PIN code entered. The approach is a refinement of two-factor authentication approaches already in use by some UK banks, such at Lloyds TSB, and more widely by banks in Scandinavia and elsewhere in Europe for some time

... snip ...

in the challenge/response scenario .. the device looks like a small calculator, the person enters the numeric challenge code on the calculator keys and reads out the response from the calculator display ... which is then entered.

part of the issue has always been the integrity of the session environment ... and/or is it necessary to move to transaction level armoring.

as referenced in these posts
http://www.garlic.com/~lynn/2007u.html#71 folklore indeed
http://www.garlic.com/~lynn/2007u.html#76 folklore indeed

the visual keyboard & captcha countermeasures basically assume that the PC has been compromised ... however, nowhere did they get a promise from the attackers ... that the only (compromised PC) attack would be limited to logging (for later replay as part of fraudulent transactions).

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Mon, 17 Dec 2007 07:04:33 -0500
re:
http://www.garlic.com/~lynn/2007u.html#86 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#1 IBM mainframe history, was Floating-point myths

long ago and far way, a multi-track search folktale that appears several times in past ckd (multi-track search) postings
http://www.garlic.com/~lynn/submain.html#dasd

datacenter for large national retailer was having severe performance problems and large number of experts had trooped thru the installation. the had dozen or more regional districts partitioned across several processor complexes in a large (shared) 3330 dasd loosely-coupled complex. they provided a lot of real-time applications down to individual store level. this was all running the commercial, favorite-son operating system.

the performance characteristics as load increased during the day, thruput appeared to almost come to a halt.

they finally got around to bringing me in ... to a class-room with dozen or so tables ... covered with foot high stacks of printed output from various performance & thruput reports. after maybe 45 minutes of leafing thru the reports there seemed to be somewhat anomolous correlation of about six disk i/os/sec (aggregate when manually sumed across all the individual processor complex reports) for a specific disk ... during periods of "bad" thruput. It didn't seem to be extremely out of the ordinary activity rate ... but seem to be highly consistent.

after a little investigation, this particular 3330 contained the main application program library for all stores ... organized in a PDS file-format ... sort of like a sub-file system, with its own PDS directory for all members in the file. It was rather large PDS file with a 3cylinder PDS directory.

When a application program is loaded from a PDS file, first there is a multi-track search of the directory for the specific member ... in this particular case the search took avg of 1.5 cylinders. 3330s have 19 tracks and spin at 3600 rpm ... a single (full cylinder) multi-track search I/O operation was taking 19/60 (.31) seconds. It turns out in this scenario, six I/Os per second represented 100 precent device utilization and was able to perform only 2-3 application program loads per second across all processors in the loosely-coupled configuration (serving a large number of stores for this large national retailer).

This was long after advances in technology (and significant increases in real-storage sizes) would have allowed building/caching the PDS directory in real-storage as well as a large number of the individual application programs.

the previously mentioned CKD complexity ... of dealing with application setup and track size calculation ... tended to be a development issue ... but once done for a specific application ... it was established. The (performance) effects of multi-track search could cascade into affecting system operation of every second of every day.

the operational characteristics of mainframe i/o and channels further aggravated the enormous performance degradation of multi-track searches. because of various (early 60s) design trade-offs ... the search argument was resident in mainframe memory ... and the search operation refetched it for every compare operation for every field encountered as the disk was spinning. that met that the channel path to processor was held busy (as well as the disk controller) for the duration of the operation. typical configuration might have half-dozen (or more) disks shared on a the same controller. The full cylinder multi-track search not only met the device was busy for 19/60 seconds for each operation ... but also the associated controller and channel (locking out any other devices on the same controller and/or channel).

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Mon, 17 Dec 2007 07:36:48 -0500
re:
http://www.garlic.com/~lynn/2007u.html#86 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#1 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#3 IBM mainframe history, was Floating-point myths

another multi-track folklore tale from long ago and far away ... was for a period SJR was running MVS on 168 and VM on 158 in (physically) shared 3330 dasd loosely-coupled configuration (168 has about 3 times processing power of the 158) ... although there were strict guidelines that the drives and controllers were strictly partitioned/allocated for the two systems (i.e. 3330 packs for MVS were never to be mounted on VM "drive").

one morning the computing center started getting angry calls from users that the vm/cms response and thruput had all of a sudden significantly degraded. after a little investigation, it turns out that an operator had recently mounted an "MVS" 3330 pack on a "VM" 3330 drive. The multi-track MVS searches to the "MVS" pack was resulting in significant busy for the associated "VM" controller (resulting in performance service disruption for VM to the VM 3330s on the same controller).

There was a demand that the "MVS" 3330 pack be immediately "moved". The "MVS" operations people refused to do it until end-of-day. So we mounted a "VM" 3330 pack on one of the "MVS" drives and with some specially crafted VM initiated multi-track searches (on a heavily loaded VM 158) managed to severely degrade the MVS (168) service ... and prompting the "MVS" operations people to immediately move all packs.

One of the sporadic claims about generally relatively horrible "TSO" response and thruput ... is that TSO doesn't know to operate w/o the underlying MVS system i.e. some of the inability of TSO to give reasonable service is inherited from characteristics of the underlying MVS system, not necessarily all TSO itself .... aka, as in this particular tale ... it was even possible for MVS to cause CMS service to look bad.

past posts mentioning ckd, multi-track search, dasd, etc
http://www.garlic.com/~lynn/submain.html#dasd

IPv6 vs Y2K and GOSIP

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: IPv6 vs Y2K and GOSIP
Newsgroups: alt.folklore.computers
Date: Mon, 17 Dec 2007 09:41:14 -0500
IPv6 vs. Y2K and GOSIP; IPv6 upgrade has more in common with old GOSIP program than Year 2000 efforts
http://www.networkworld.com/news/2008/010708-virtualization.html

from above:
Y2K spawned congressional hearings, increased federal IT budgets and was well-known among non-techies. The federal government's IPv6 upgrade, on the other hand, is happening quietly behind the scenes with little additional funding or fanfare. The Office of Management and Budget (OMB) has directed all federal agencies to be capable of supporting IPv6 on their network backbones by June 30, 2008.

...

Some long-time industry observers are comparing the federal government's IPv6 mandate to an earlier federal mandate for a now-defunct network technology called GOSIP, or Government Open Systems Interconnection Profile.


... snip ...

and

Top IPv6 guru predicts last-minute switch to protocol; Asks: Do you have enough public IPv4 addresses to sustain you?
http://www.networkworld.com/news/2007/121707-how-feds-are-dropping-the-ball-side-1.html

misc posts mentioning GOSIP:
http://www.garlic.com/~lynn/99.html#114 What is the use of OSI Reference Model?
http://www.garlic.com/~lynn/99.html#115 What is the use of OSI Reference Model?
http://www.garlic.com/~lynn/2000b.html#0 "Mainframe" Usage
http://www.garlic.com/~lynn/2000b.html#79 "Database" term ok for plain files?
http://www.garlic.com/~lynn/2000d.html#16 The author Ronda Hauben fights for our freedom.
http://www.garlic.com/~lynn/2000d.html#43 Al Gore: Inventing the Internet...
http://www.garlic.com/~lynn/2000d.html#63 Is Al Gore The Father of the Internet?
http://www.garlic.com/~lynn/2000d.html#70 When the Internet went private
http://www.garlic.com/~lynn/2001e.html#32 Blame it all on Microsoft
http://www.garlic.com/~lynn/2001i.html#5 YKYGOW...
http://www.garlic.com/~lynn/2001i.html#6 YKYGOW...
http://www.garlic.com/~lynn/2002g.html#21 Why did OSI fail compared with TCP-IP?
http://www.garlic.com/~lynn/2002g.html#30 Why did OSI fail compared with TCP-IP?
http://www.garlic.com/~lynn/2002i.html#15 Al Gore and the Internet
http://www.garlic.com/~lynn/2002m.html#59 The next big things that weren't
http://www.garlic.com/~lynn/2002n.html#42 Help! Good protocol for national ID card?
http://www.garlic.com/~lynn/2003e.html#71 GOSIP
http://www.garlic.com/~lynn/2003e.html#72 GOSIP
http://www.garlic.com/~lynn/2003o.html#68 History of Computer Network Industry
http://www.garlic.com/~lynn/2004c.html#52 Detecting when FIN has arrived
http://www.garlic.com/~lynn/2004e.html#13 were dumb terminals actually so dumb???
http://www.garlic.com/~lynn/2005.html#29 Network databases
http://www.garlic.com/~lynn/2005d.html#11 Cerf and Kahn receive Turing award
http://www.garlic.com/~lynn/2005e.html#39 xml-security vs. native security
http://www.garlic.com/~lynn/2005u.html#53 OSI model and an interview
http://www.garlic.com/~lynn/2006j.html#34 Arpa address
http://www.garlic.com/~lynn/2006k.html#6 Hey! Keep Your Hands Out Of My Abstraction Layer!
http://www.garlic.com/~lynn/2006k.html#45 Hey! Keep Your Hands Out Of My Abstraction Layer!
http://www.garlic.com/~lynn/2006k.html#47 Hey! Keep Your Hands Out Of My Abstraction Layer!
http://www.garlic.com/~lynn/2007.html#43 SSH protocol analyzer
http://www.garlic.com/~lynn/2007c.html#29 Being "Open" (Was: Mainframe vs. "Server")
http://www.garlic.com/~lynn/2007d.html#31 old tapes
http://www.garlic.com/~lynn/2007k.html#44 Why Ping Requires RAW Sockets?
http://www.garlic.com/~lynn/2007m.html#38 OSI abandoned!

and some posts mentioning Y2K
http://www.garlic.com/~lynn/99.html#21 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese Solve Y2K)
http://www.garlic.com/~lynn/99.html#22 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese Solve Y2K)
http://www.garlic.com/~lynn/99.html#23 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese Solve Y2K)
http://www.garlic.com/~lynn/99.html#24 BA Solves Y2K (Was: Re: Chinese Solve Y2K)
http://www.garlic.com/~lynn/99.html#27 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese
http://www.garlic.com/~lynn/99.html#44 Internet and/or ARPANET?
http://www.garlic.com/~lynn/99.html#78 Mainframes Relevant?
http://www.garlic.com/~lynn/99.html#214 Ask about Certification-less Public Key
http://www.garlic.com/~lynn/2000.html#0 2000 = millennium?
http://www.garlic.com/~lynn/2001.html#68 California DMV
http://www.garlic.com/~lynn/2001n.html#74 The demise of compaq
http://www.garlic.com/~lynn/2002.html#30 Younger recruits versus experienced veterans ( was Re: The demise of compa
http://www.garlic.com/~lynn/2002.html#45 VM and/or Linux under OS/390?????
http://www.garlic.com/~lynn/2002j.html#20 MVS on Power (was Re: McKinley Cometh...)
http://www.garlic.com/~lynn/2002k.html#14 NASA MOC (mainframe mission operations computer) being powere d
http://www.garlic.com/~lynn/2002l.html#49 Do any architectures use instruction count instead of timer
http://www.garlic.com/~lynn/2002o.html#28 TPF
http://www.garlic.com/~lynn/2003p.html#21 Sun researchers: Computers do bad math ;)
http://www.garlic.com/~lynn/2003p.html#33 [IBM-MAIN] NY Times editorial on white collar jobs going
http://www.garlic.com/~lynn/2004b.html#2 The SOB that helped IT jobs move to India is dead!
http://www.garlic.com/~lynn/2004e.html#22 Pre-relational, post-relational, 1968 CODASYL "Survey of Data Base Systems"
http://www.garlic.com/~lynn/2004e.html#48 Data Display & Modeling
http://www.garlic.com/~lynn/2004f.html#39 Who said "The Mainframe is dead"?
http://www.garlic.com/~lynn/2004m.html#51 stop worrying about it offshoring - it's doing fine
http://www.garlic.com/~lynn/2004n.html#11 XML: The good, the bad, and the ugly
http://www.garlic.com/~lynn/2004o.html#66 Integer types for 128-bit addressing
http://www.garlic.com/~lynn/2004q.html#8 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2004q.html#13 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005.html#20 I told you ... everybody is going to Dalian,China
http://www.garlic.com/~lynn/2005c.html#6 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005s.html#16 Is a Hurricane about to hit IBM ?
http://www.garlic.com/~lynn/2006b.html#29 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006c.html#33 Military Time?
http://www.garlic.com/~lynn/2006g.html#21 Taxes
http://www.garlic.com/~lynn/2006h.html#49 Mainframe vs. xSeries
http://www.garlic.com/~lynn/2006k.html#50 TSO and more was: PDP-1
http://www.garlic.com/~lynn/2006o.html#9 Pa Tpk spends $30 million for "Duet" system; but benefits are unknown
http://www.garlic.com/~lynn/2006q.html#54 Was FORTRAN buggy?
http://www.garlic.com/~lynn/2006r.html#16 Was FORTRAN buggy?
http://www.garlic.com/~lynn/2006s.html#40 Ranking of non-IBM mainframe builders?
http://www.garlic.com/~lynn/2006u.html#13 Year-end computer bug could ground Shuttle
http://www.garlic.com/~lynn/2006u.html#35 Friday fun - Discovery on the pad and the software's not done
http://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007g.html#39 Wylbur and Paging
http://www.garlic.com/~lynn/2007h.html#10 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007l.html#18 Non-Standard Mainframe Language?
http://www.garlic.com/~lynn/2007n.html#38 Is Parallel Programming Just Too Hard?
http://www.garlic.com/~lynn/2007p.html#31 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#39 India is outsourcing jobs as well
http://www.garlic.com/~lynn/2007r.html#26 The new urgency to fix online privacy
http://www.garlic.com/~lynn/2007r.html#36 Students mostly not ready for math, science college courses
http://www.garlic.com/~lynn/2007t.html#19 Translation of IBM Basic Assembler to C?

Ironkey

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Ironkey
Newsgroups: alt.computer.security
Date: Mon, 17 Dec 2007 11:02:21 -0500
comphelp@toddh.net (Todd H.) writes:
At the end of the day, it's a usb key. It'll be no more secure than any ole usb key used with a strong encryption program (such as PGP or GPG). Whether it's in an easier to use form becomes the question.

But before that can be considered, describe your needs for a usb key. Are you having to use one among several different operating systems?

What I'm curious about them... is the hardware encryption implemented in such a way to make it work cross-platform. If so, it'd be something I'd consider.


part of the issue these days is how to deal with compromised PCs (some numbers are possibly one out of five) ... like trying to eliminate any possibility things like a password would ever be typed at a keyboard ... and picked up by a logger. keeping the file encrypting containing all the passwords helps in the case of stolen laptop ... but that appears to be a radically smaller number than the total number of compromised PCs. encrypted password file doesn't help with loggers that work when the password is actually being used ... and therefor decrypted ... it would be nice to have a single solution that addresses both problems (especially the significantly larger problem).

this has somewhat given rise to the visual keyboards operated by mouse clicks. some discussion in this thread:
http://www.garlic.com/~lynn/2007u.html#76

however, almost immediately after the appearance of such approach, the crooks had loggers that could capture screens and mouse operations. there was then some iterations attempting to obscure the screens ... which is ongoing (loosing) battle. There has been some recent comments that not being able to keep up with the crooks regarding obscuring the screen ... is the doom of secure online sessions.

however, the crooks had never promised that they would only limit what a compromised PC might do to just logging ... long winded discussion here
http://www.garlic.com/~lynn/2007u.html#76

with some other ways a compromised PC might react.

Part of the issue is knowing whether or not any human interaction was actually involved in specific operations (or being simulated by some virus/trojan in a compromised PC). This was studied in the 90s in conjunction with formulating the EU finread terminal standard as countermeasure to numerous possible things that a compromised PC might do.
http://www.garlic.com/~lynn/subintegrity.html#finread

another such approach is the device referenced in this posting
http://www.garlic.com/~lynn/2007v.html#2

which basically air-gaps the device from the PC and operates with challenge/response, the challenge value is read off the screen, typed into the device which produces the response ... which is then typed at the keyboard.

there is still the issue of secure session-oriented operations running in a possibly compromised PC ... as opposed to changing to challenge/response for transaction-oriented operations.

for other topic drift ... misc. posts mentioning 40+ yr old technology attempting to address problems with PCs becoming infected and compromised.
http://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007q.html#64 Virtual Browsers: Disposable Security
http://www.garlic.com/~lynn/2007r.html#47 Translation of IBM Basic Assembler to C?

Faster Chips Are Leaving Programmers in Their Dust

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Faster Chips Are Leaving Programmers in Their Dust
Newsgroups: alt.folklore.computers
Date: Mon, 17 Dec 2007 14:40:46 -0500
on going theme that is being repeated many times:

Faster Chips Are Leaving Programmers in Their Dust
http://developers.slashdot.org/developers/07/12/17/1635200.shtml

from above:
Engineers and computer scientists acknowledge that despite advances in recent decades, the computer industry is still lagging in its ability to write parallel programs. It mirrors what C++ guru and now Microsoft architect Herb Sutter has been saying in articles such as his "The Free Lunch Is Over: A Fundamental Turn Toward Concurrency in Software."

... snip ...

referenced in the above

The Free Lunch Is Over; A Fundamental Turn Toward Concurrency in Software
http://gotw.ca/publications/concurrency-ddj.htm

more lengthy discussion ... from above Conclusion:
If you haven't done so already, now is the time to take a hard look at the design of your application, determine what operations are CPU-sensitive now or are likely to become so soon, and identify how those places could benefit from concurrency. Now is also the time for you and your team to grok concurrent programming's requirements, pitfalls, styles, and idioms.

... snip ...

as before, a basic primitive for over 35yrs has been compare&swap instruction ... misc. posts
http://www.garlic.com/~lynn/subtopic.html#smp

invented by Charlie (compare&swap was chosen because CAS are charlie's initials) at the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

working on fine-grain locking for cp67. The initial attempt to get compare&swap into 370 architecture was rebuffed ... with statements about the favorite son operating system felt that the test&set instruction was perfectly fine for multiprocessor operation. The challenge then was to come up with a non-multiprocessor specific use of compare&swap. Thus was born the example uses for multithreaded applications (not necessarily running on real multiprocessors) to serialize operations (adopted big time by large multi-threaded applications like database systems ... to avoid some of the enormous overhead of performing kernel calls for every such use).

from appendix of current z/architecture principles of operation
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/A.6?SHELF=DZ9ZBK03&DT=20040504121320

multiprogramming is mainframe lingo for multithreaded operation.

Virtualization still hot, death of antivirus software imminent

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Virtualization still hot, death of antivirus software imminent
Newsgroups: alt.folklore.computers
Date: Mon, 17 Dec 2007 17:27:59 -0500
as before the following article talks about the new 40+ yr old technology, but also mentions an old approach to eliminating major mechanism for network originated compromises

Virtualization still hot, death of antivirus software imminent, VC
http://www.networkworld.com/news/2007/121707-crystal-ball-virtualization.html

from above:
Another trend Maeder predicts for 2008 is, at long last, the death of antivirus software and other security products that allow employees to install and download any programs they'd like onto their PCs, and then attempt to weed out the malicious code. Instead, products that protect endpoints by only allowing IT-approved code to be installed will become the norm.

... snip ...

A recent post mentioning a two-decade version of this:

http://www.garlic.com/~lynn/2007u.html#87 CompUSA to Close after Jan. 1st 2008

one of the references in the above:
http://vm.marist.edu/~vmshare/browse?fn=CHRISTMA&ft=PROB

another recent post mentioning problems related to compromised PCs
http://www.garlic.com/~lynn/2007v.html#6 Ironkey

and other recent posts mentioning compromised PCs
http://www.garlic.com/~lynn/2007u.html#15 Public Computers
http://www.garlic.com/~lynn/2007u.html#68 folklore indeed
http://www.garlic.com/~lynn/2007u.html#76 folklore indeed
http://www.garlic.com/~lynn/2007v.html#2 folklore indeed

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Tue, 18 Dec 2007 09:07:33 -0500
Nick Atty <1-nospam@temporary-address.org.uk> writes:
Speaking as the owner of a narrow boat on the UK canals (for which most of the original post rang true) that is certainly the case here, and rising way above inflation year on year. Partly, of course, because as people discover it is a cheap way of living they increase the demand, and can usually afford to pay more than those of us who are funding it as a leisure activity.

long ago and far away we had a friend who was angling for an assignment to HK, they had worked out that the difference between living on a boat in HK and the cost of living allowance was larger than their salary.

About 1 in 5 IBM employees now in India - so what ?

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: About 1 in 5 IBM employees now in India - so what ?
Newsgroups: bit.listserv.ibm-main
Date: Tue, 18 Dec 2007 09:25:39 -0500
howard.brazee writes:
Nothing wrong with India - but selfishly, I want jobs where I am, even though I have it better off than those who need jobs there.

Of course, in a global economy, you have a lot better chance to sell your wares in countries that you spend money in.


there is also issue that knowledge work is pretty distance insensitve in a global economy ... and knowledge work frequently is one of the highest valued work.

posts on recently published study on educational ranking of different countries
http://www.garlic.com/~lynn/2007u.html#78 Educational ranking
http://www.garlic.com/~lynn/2007u.html#80 Educational ranking

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Tue, 18 Dec 2007 21:20:25 -0500
Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
Using base and bound has nothing to do with virtual memory. What it does allow is easy relocation of programs when they are swapped out and later swapped in. i.e. the OS simply changes the value in the base register when the program is swapped in. This is important for things like time sharing which was implemented before virtual memory. As mentioned, other systems designed at the same time used base and bound and thus had an easier time implementing time sharing in the late 1960s-early 1970s.

re:
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007u.html#83 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007u.html#86 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#0 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#1 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#3 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#4 IBM mainframe history, was Floating-point myths

there were the 360 batch systems which were real memory and the storage protect keys were to separate different applications running in the same real memory (as well as the kernel). some of the underlying hardware had base&bound but wasn't part of 360 architecture ... was used for some of the emulation support.

the flagship timesharing system was to be tss/360 running on 360/67 which had hardware virtual memory in the mid-60s ... although tss/360 ran into implementation and scheduling problems ... which then saw the rise of other virtual memory implementations on the 360/67, like MTS at UofMich and cp67 (which also implemented virtual machines) from the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

there were also early cp67 spin-offs that offered commercial service bureau timesharing starting in the late 60s
http://www.garlic.com/~lynn/submain.html#timeshare

boeing huntsville did do a custom modification of os360 mvt release 13 that made use of the virtual memory on 360/67 ... not for paging ... but purely for storage management. os360 mvt had problem with storage fragmentation with long running applications (and applications needing contiguous range of storage) ... and boeing huntsville machine was supporting a large number of (long running) 2250 graphics application ... and experiencing significant problems with MVT storage fragmentation. the boeing huntsville modifications were purely for rearranging the real storage locations into contiguous ranges (w/o any support for paging operations).

i've commented before that in some cases that there were more cp67 & vm370 timesharing installs than some other companies total customer installations .... however, in the publics minds, these are possible overshadow by the significantly large number of batch machine installs. I've also commented that not only were there significantly larger number of customer batch installations than the customer timesharing installations ... but also the customer timesharing installations were much larger than the number of internal (cp67&vm370) timesharing instllations. One of my hobbies was building, distributed and supporting highly modified cp67 & vm370 for (small percentage of) internal installations.

Partially since the science center was on 4th flr of 545 tech and Multics was on the 5th flr ... i've commented that at one point the small percentage of internal installations that I was distributing to and supporting was as large as the total number of Multics systems in its whole lifetime.

some number of customer installations having large batch operation ... would sometimes attempt to adapt a portion of the computing power for interactive (psuedo timesharing) operation ... even tho the underlying hardware and software had never been intended for that purpose.

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers,uk.rec.sheds
Date: Wed, 19 Dec 2007 06:40:35 -0500
Oleg Lego <rat@atatatat.com> writes:
A few years back, a film called (I think) _War Games_ showed a fellow (the hero, I think) making a telephone call without using a coin, by grounding the metal microphone to some part of the phone (lock, dial finger stop.. not sure). Anyway, a friend was talking about the film, and complained that this was the only thing that was not in accordance with reality. I mentioned that it was one of the few things that was, indeed, real.

past mention of war game trivia
http://www.garlic.com/~lynn/2000d.html#39 Future hacks [was Re: RS/6000 ]
http://www.garlic.com/~lynn/2001m.html#52 Author seeks help - net in 1981
http://www.garlic.com/~lynn/2002b.html#38 "war-dialing" etymology?
http://www.garlic.com/~lynn/2004p.html#40 Computers in movies
http://www.garlic.com/~lynn/2006f.html#7 The Pankian Metaphor

the ferry shots were actually the old steilicom ferry that ran between mainland, mcneil island and anderson island. ferry was later converted to tourist boat that makes the rounds on lake washington ... out of kirkland. one of the "highlights" of the tour is compound of the founder of m'soft.

Ageing data centers limiting benefits of new technologies

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Ageing data centers limiting benefits of new technologies
Newsgroups: alt.folklore.computers
Date: Wed, 19 Dec 2007 07:06:15 -0500
Ageing data centers limiting benefits of new technologies
http://www.cbronline.com/article_news.asp?guid=34872230-5F73-4B11-A4F5-EC4F1967A7DC

an "aging" data center is one that is over four yrs old?

from above:
They were battling to cope with the power and cooling needs of newer technologies such as blade servers and vitualization, but slow to respond to these extra demands on their infrastructure.

... snip ...

besides missing an "r" in virtualization ... within the context of datacenters and blade servers, virtualization is more typically associated with server consolication onto a much smaller number and more compactly packaged (blade) servers (reducing overall power and cooling needs).

also from the article:
More than half those firms building or planning to build data centers expected to consume between one and five megawatts, and almost a quarter thought they would use double that.

... snip ...

maybe the server consolidation activity isn't so much increasing overall power consumption but compacting a large number of servers in geographically diverse locations into single location (and thereby drawing attention to the actual aggregate power demands).

Recent virtualization server consolidation references/posts
http://www.garlic.com/~lynn/2007s.html#0 Marines look for a few less servers, via virtualization
http://www.garlic.com/~lynn/2007s.html#35 Oracle Introduces Oracle VM As It Leaps Into Virtualization
http://www.garlic.com/~lynn/2007s.html#40 ongoing rush to the new, 40+ yr old virtual machine technology
http://www.garlic.com/~lynn/2007s.html#53 ongoing rush to the new, 40+ yr old virtual machine technology
http://www.garlic.com/~lynn/2007t.html#55 new 40+ yr old, disruptive technology

Faster Chips Are Leaving Programmers in Their Dust

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Faster Chips Are Leaving Programmers in Their Dust
Newsgroups: alt.folklore.computers
Date: Wed, 19 Dec 2007 08:34:19 -0500
Quadibloc <jsavard@ecn.ab.ca> writes:
I might also note, of course, that the article was mistitled. It is the inability of chipmakers to make chips that are simply faster, but architecturally the same, by making the transistors faster that is leaving programmers in the dust, because the chipmakers now have to resort to the inferior wretched expedient of multiple cores.

Because it is so difficult to use multiple cores effectively, my architectural conceit dealt with how one could copy ideas from older architectures known for their ability to deal with "heavy lifting" to at least (somewhat) usefully employ additional transistors within a single core.


re:
http://www.garlic.com/~lynn/2007v.html#7 Faster Chips Are Leaving Programmers in Their Dust

there are some additional complexities.

lots of the circuit size shrinkage has resulted in increasing transistors per chip. more transistors per chip can mean enormous increase in chip design complexity, as well as signal latency going through a large number of circuits.

Higher processor rates also exacerbates the relative latency to other parts of system (i.e. as measured in increased processor cycles for some signal ... like to memory).

The latency issue pushes towards some sort of asynchronous/parallel operation. While multiple core represents increased programming complexity ... lots of the other possible asynchronous/parallel paradigms can represent even greater overall complexity.

One of my oft-repeated old-time example is that disk relative system thruput declined by an order of magnitude over a 10-15 yr period starting with the mid-60s ... i.e. disks got maybe five times faster but processors got fifty times faster. The onward march of faster&faster processor speeds resulted in enormous increases in various component relative system latencies (as measured in number of processor cycles) ... first seen with disks ... and then with main storage ... and then even between different circuits on the same chip. All of these required paradigm shifts along with increasing levels of asynchronous behavior and/or other kinds of parallel/overlapped operation.

folklore indeed

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 19 Dec 2007 09:21:17 -0500
Lon Stowell <lon.stowell@comcast.net> writes:
What were the early Unix boxen?

In 1983 at the VMware data center on Hoes Lane in Piscataway, we had some CCI front ends that were hooked to VM mainframes, and the AT&T folks were running 56K links from them to some huge monstrosities running Unix. Thought those were the big Western Electric 3B series boxen, but we weren't encouraged to snoop around them much at the time.


those (VM) systems were possibly some version of the highly modified CSC version of vm that leaked nearly a decade earlier to AT&T longlines.

old email referencing many of the modifications
http://www.garlic.com/~lynn/2006w.html#email750102

recent post in another thread about my hobby of producing and supporting highly modified, custom operating systems
http://www.garlic.com/~lynn/2007v.html#11 IBM mainframe history, was Floating-point myths

it was around 83 when the at&t national marketing rep tracked me down ... asking about helping trying to move the customer off that old vm version ... misc. old post references:
http://www.garlic.com/~lynn/95.html#14 characters
http://www.garlic.com/~lynn/96.html#35 Mainframes & Unix (and TPF)
http://www.garlic.com/~lynn/97.html#15 OSes commerical, history
http://www.garlic.com/~lynn/2000.html#5 IBM XT/370 and AT/370 (was Re: Computer of the century)
http://www.garlic.com/~lynn/2000f.html#60 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
http://www.garlic.com/~lynn/2001f.html#3 Oldest program you've written, and still in use?
http://www.garlic.com/~lynn/2002.html#4 Buffer overflow
http://www.garlic.com/~lynn/2002.html#11 The demise of compaq
http://www.garlic.com/~lynn/2002c.html#11 OS Workloads : Interactive etc
http://www.garlic.com/~lynn/2002i.html#32 IBM was: CDC6600 - just how powerful a machine was it?
http://www.garlic.com/~lynn/2002k.html#66 OT (sort-of) - Does it take math skills to do data processing ?
http://www.garlic.com/~lynn/2002p.html#23 Cost of computing in 1958?
http://www.garlic.com/~lynn/2003.html#17 vax6k.openecs.org rebirth
http://www.garlic.com/~lynn/2003d.html#46 unix
http://www.garlic.com/~lynn/2003k.html#4 1950s AT&T/IBM lack of collaboration?
http://www.garlic.com/~lynn/2004e.html#32 The attack of the killer mainframes
http://www.garlic.com/~lynn/2004m.html#58 Shipwrecks
http://www.garlic.com/~lynn/2005p.html#31 z/VM performance
http://www.garlic.com/~lynn/2006b.html#21 IBM 3090/VM Humor
http://www.garlic.com/~lynn/2007g.html#54 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007g.html#56 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007u.html#6 Open z/Architecture or Not

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Wed, 19 Dec 2007 09:52:27 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
as to separate issue of career and graduate-level programs, there may be some chicken & egg here ... this (education) trend has been going on for at least three decades; so the question then has the jobs moved because of the poor quality education or is the poor quality education because the jobs have moved. the poor education results dating back three decades seems to have predated a lot of the jobs going other places.

re:
http://www.garlic.com/~lynn/2007u.html#78 Education ranking
http://www.garlic.com/~lynn/2007u.html#80 Education ranking
http://www.garlic.com/~lynn/2007u.html#82 Education ranking

a little more topic drift ... from another thread
http://www.garlic.com/~lynn/2007v.html#10 About 1 in 5 IBM employees now in India - so what?

About 1 in 5 IBM Employees Now in India
http://www.redorbit.com/news/technology/1183162/about_1_in_5_ibm_employees_now_in_india/index.html About 1 in 5 IBM employees now in India
http://news.yahoo.com/s/ap/ibm_employees About 1 in 5 IBM Employees Now in India
http://www.physorg.com/news116875153.html
About 1 in 5 IBM employees now in India
http://sify.com/finance/fullstory.php?id=14576360
India home to 1 in 5 IBM employees
http://www.australianit.news.com.au/story/0,24897,22935653-5013040,00.html

Amazon's "Simple" Database

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Amazon's "Simple" Database
Newsgroups: comp.databases.theory,alt.folklore.computers
Date: Wed, 19 Dec 2007 10:55:31 -0500
Sampo Syreeni <decoy@iki.fi> writes:
I'd divide the answer into two. For the original use SGML/XML and related markup languages (like HTML) were meant for, i.e. markup of running text compatible with plain text editors, they still hold quite a lot of value.

i.e. SGML was originally GML before becoming "standard gml" with ISO standard.
http://www.garlic.com/~lynn/submain.html#sgml

GML was invented at the science center in '69
http://www.garlic.com/~lynn/subtopic.html#545tech

(G, M, and L, are the inventors initials, and motivated requirement for acronym with those letters) ... at the time, somewhat targeted at need for use in legal documents.
http://xml.coverpages.org/sgmlhist0.html

science center was also responsible for virtual machine implementation and a lot of timesharing and interactive related applications.

the original documentation formater developed at the science center was called script, used "dot" formating commands ... somewhat similar to earlier implementation done for ctss
https://en.wikipedia.org/wiki/RUNOFF
and
http://mit.edu/Saltzer/www/publications/CC-244.html

aka some of the ctss people went to the science center on 4th flr of 545 tech sq and some went to multics on 5th flr.

the initial "gml" implementation was done by adding gml tag support to script document formater.

cern was also a large virtual machine installation ... using various applications ... including a script clone written by univ. of waterloo. this talks about evolution from sgml into html:
http://infomesh.net/html/history/early/

the first webserver outside of europe was on the virtual machine system at slac (slac and cern shared a lot of software)
http://www.slac.stanford.edu/history/earlyweb/history.shtml

the science center's virtual machine technology was also used at sjr for the original relational/sql implementation
http://www.garlic.com/~lynn/submain.html#systemr

Traffic Jam Mystery Solved By Mathematicians

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Traffic Jam Mystery Solved By Mathematicians
Newsgroups: alt.folklore.computers
Date: Wed, 19 Dec 2007 11:37:13 -0500
and now for something a little bit different

Traffic Jam Mystery Solved By Mathematicians
http://www.sciencedaily.com/releases/2007/12/071219103102.htm

from above:
The team developed a mathematical model to show the impact of unexpected events such as a lorry (tractor trailer) pulling out of its lane on a dual carriageway (divided highway with median between traffic going in opposite directions). Their model revealed that slowing down below a critical speed when reacting to such an event, a driver would force the car behind to slow down further and the next car back to reduce its speed further still.

... snip ...

this is what i've referred to in the past as the accordian effect from brake taping and/or rapid lane changes:
http://www.garlic.com/~lynn/2004c.html#17 If there had been no MS-DOS
http://www.garlic.com/~lynn/2005p.html#4 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2005p.html#7 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2006p.html#5 sorting
http://www.garlic.com/~lynn/2006p.html#12 sorting
http://www.garlic.com/~lynn/2007e.html#34 Is computer history taught now?

as i've commented before ... at certain traffic loading ... even one percent or fewer drivers responsible for such activity (poor/irresponsible driving behavior) ... can dramatic change effective traffic thruput.

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Wed, 19 Dec 2007 12:42:47 -0500
jmfbahciv writes:
Furthermore, they also have to learn that what appears on the screen is not reality. I've run into more than a few people who believed that a widget had been built and worked because they saw it work in an emulation.

re:
http://www.garlic.com/~lynn/2007u.html#78 Education ranking
http://www.garlic.com/~lynn/2007u.html#80 Education ranking
http://www.garlic.com/~lynn/2007u.html#82 Education ranking
http://www.garlic.com/~lynn/2007v.html#16 Education ranking

one might also claim that contributed to the large billions spent in the 90s attempting to implement straight-through processing ... as a solution to the overnight batch window bottleneck ... using distributed object oriented technology in an attempt to power large number of processors in parallel. frequently the toy demos were also accompanied with object oriented gui interfaces.

then the world would fall apart when attempting industrial scaleup ... and finding that the additional added overhead was on the order of 100 times (or more ... greater than two orders of magnitude); totally wiping out any anticipated increased throughput of using large numbers of processors in parallel.

misc. past posts mentioning billions of dollars in write-offs attempting to use (object oriented) distributed computing for straight-through processing as a means of eliminating much of the overnight batch window bottlenecks.
http://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
http://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#20 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#37 folklore indeed
http://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#61 folklore indeed

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Wed, 19 Dec 2007 15:07:50 -0500
House and Senate Slash Science Budget Increases
http://slashdot.org/articles/07/12/19/1632207.shtml

from above:
This comes in spite of the earlier announced presidential initiative to increase funding for basic research to improve the future economic competitiveness of the United States.

... snip ...

the above references:

A Budget Too Small
http://sciencenow.sciencemag.org/cgi/content/full/2007/1218/1

from above:
"In exchange for an arbitrary cap on domestic spending and thousands of earmarks, the Administration and Congress have sacrificed investments in research and education that would help assure our nation's long-term national and economic security,"

... snip ...

there was a comment on the radio yesterday that this year's congressional session has had the lowest attendance of any congress in history ... which may be related to a reference a couple months ago that while the president's public approval rate was low ... the congressional public approval rate was 1/3rd that of the president's.

It keeps getting uglier

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: It keeps getting uglier
Newsgroups: bit.listserv.ibm-main
Date: Wed, 19 Dec 2007 19:36:10 -0500
phil@ISHAM-RESEARCH.FREESERVE.CO.UK (Phil Payne) writes:
Has anyone from the Hercules team read IBM's rather stunning admission (on the above page - paragraph 176) that there is a "confidential version" of the PoP? Their words, not mine.

there has been the (confidential) architecture redbook (distributed in red 3ring binders) ... implemented in (cp67/)CMS script file ... with conditional formating to produce either the "princples of operation" subset ... or the full (confidential) architecture redbook.

for other topic drift ... recent post mentioning cms script, gml, sgml, html, system/r, rdbms ... etc
http://www.garlic.com/~lynn/2007v.html#17 Amazon's "Simple" Database

misc. past postings mentioning architecture redbook
http://www.garlic.com/~lynn/2003f.html#52 ECPS:VM DISPx instructions
http://www.garlic.com/~lynn/2004b.html#57 PLO instruction
http://www.garlic.com/~lynn/2004c.html#6 If the x86 ISA could be redone
http://www.garlic.com/~lynn/2004k.html#45 August 23, 1957
http://www.garlic.com/~lynn/2005b.html#25 360POO
http://www.garlic.com/~lynn/2005i.html#40 Friday question: How far back is PLO instruction supported?
http://www.garlic.com/~lynn/2005j.html#39 A second look at memory access alignment
http://www.garlic.com/~lynn/2005j.html#43 A second look at memory access alignment
http://www.garlic.com/~lynn/2005k.html#1 More on garbage
http://www.garlic.com/~lynn/2005n.html#48 Good System Architecture Sites?
http://www.garlic.com/~lynn/2005p.html#45 HASP/ASP JES/JES2/JES3
http://www.garlic.com/~lynn/2006s.html#53 Is the teaching of non-reentrant HLASM coding practices ever defensible?
http://www.garlic.com/~lynn/2007f.html#7 IBM S/360 series operating systems history
http://www.garlic.com/~lynn/2007i.html#31 Latest Principles of Operation
http://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'
http://www.garlic.com/~lynn/2007u.html#30 folklore indeed

Faster Chips Are Leaving Programmers in Their Dust

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Faster Chips Are Leaving Programmers in Their Dust
Newsgroups: alt.folklore.computers
Date: Wed, 19 Dec 2007 19:49:49 -0500
Computing in a Parallel Universe; Multicore chips could bring about the biggest change in computing since the microprocessor
http://www.americanscientist.org/template/AssetDetail/assetid/56218

from above:
The next computer you bring home, a few years from now, could have hundreds or even thousands of processors. If all goes according to plan, you may notice nothing different about the new machines apart from another boost in performance. Inside, though, coordinating all those separate computational cores is going to require profound changes in the way programs are designed.

... snip ...

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 20 Dec 2007 08:56:38 -0500
kkt <kkt@zipcon.net> writes:
Are you speaking of card catalogs? Wow. My library system ceased filing cards around 1990, and I thought we were a bit slow at the time.

late 60s, univ. got an ONR grant to do library automation project. part of the money went to buy a 2321 datacell. ibm was also in the process of morphing cics from something developed at a customer shop into a product and the library automation project got selected to be one of the betatest sites for the product. i got tasked to help support and debug this cics deployment

wiki cics entry
https://en.wikipedia.org/wiki/CICS

cics history page
http://www.yelavich.com/history/toc.htm
http://web.archive.org/web/20080123061613/http://www.yelavich.com/history/toc.htm

cics as program product
http://www.yelavich.com/history/ev196901.htm
http://web.archive.org/web/20060325095234/http://www.yelavich.com/history/ev196901.htm

above also mentions 23jun69 unbundling announcement
http://www.garlic.com/~lynn/submain.html#unbundle

2321 picture
http://www.columbia.edu/cu/computinghistory/datacell.html

misc. past posts mentioning cics (&/or bdam)
http://www.garlic.com/~lynn/submain.html#cics

segmentation or lack thereof

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: segmentation or lack thereof
Newsgroups: comp.arch,alt.os.development,comp.sys.unisys
Date: Thu, 20 Dec 2007 12:59:35 -0500
Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
When I was taught IBM S/360 assembler, that was the way I was taught to do things like setting a print line to all blanks prior to putting real data into it. You would use the MVC (Move Characters) instruction which would copy a variable length (up to 255 bytes) from source to destination. So doing MVC addr, addr+1, x would copy the first character at addr to the next x characters. We were even told that if we were going to use that a lot on a particular variable, buffer, etc. to precede he variable in storage with a single byte initialized to the "clearing value" to facilitate the operation.

I suspect that this was such a common idiom that IBM probably optimized the microcode for such situations. Can anyone in the know confirm that?


cp67 delivered to the university had a special page of all zeros as part of formating boot volume. when initializing a virtual address space, the tables were set so that all pages pointed to the "zero page". i changed that so that the backing store table indicated "no page" for each page. page fault processing for "no page" then was changed to fill the virtual page location allocated in real memory with zeros by instructions.

As you point out that it was common coding practice on 360 to using overlapping move to clear space. However, studying the 360/67 functional specs. document indicated that it would be faster to fill a whole page with zeros with storing registers ... aka save all registers ... initialize ten or so registers to zero, setup the other registers for BXLE loop and do STM of ten registers of zero at a time.

Old 360 functional characteristic manuals ... giving detailed instruction timing forumulas
http://bitsavers.org/pdf/ibm/360/funcChar/

some of the coding performance trade-offs could be different in different models. 360/67 functional characteristic manuals (including detailed description of virtual memory and segment hardware)
http://bitsavers.org/pdf/ibm/360/funcChar/A27-2719-0_360-67_funcChar.pdf
http://bitsavers.org/pdf/ibm/360/funcChar/GA27-2719-2_360-67_funcChar.pdf

I have some vague recollection that at some stage, some processor implementations looked at overlapping moves for special case processing involving doubleword operation at a time (even tho it was nominally a byte at a time instruction).

For 370, "long instructions" were introduced that had field length in register (instead of encoded in the instruction) ... and could be used for several mbytes. the MVCL instruction also allowed for different source and destination lengths and specifying a "PAD" byte when the source was shorter than destination (source length zero byte and target length was 4k). However, it took some machine generations before there was optimized MVCL microcode for this case that beat the STM loop.

current MVCL long instruction description (given operation in 24-bit, 31-bit, and 64-bit addressing modes):
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/7.5.90?SHELF=DZ9ZBK03&DT=20040504121320

Newsweek article--baby boomers and computers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Newsweek article--baby boomers and computers
Newsgroups: alt.folklore.computers
Date: Thu, 20 Dec 2007 13:57:49 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
aka ... 2nd time in recent history that mortgages threaten to take down citibank. long-winded old post mentioning last time
http://www.garlic.com/~lynn/aepay3.htm#riskm Thread Between Risk Management and Information Security


some GIGO(?) computer modeling related in all this ... below includes comment (and somewhat assuming valid model) that modeling can consume millions in computer power ...

there were some bonds that were supposedly insured and therefor had a higher ranking ... however current round:

Bond insurer defaults threaten big banks
http://money.cnn.com/2007/12/20/news/companies/benner_ACA.fortune/?postversion=2007122011

from above:
These CDOs were not included in previous write downs because, though sullied by bad mortgage debt, they were supposedly insured or hedged by entities like ACA. Now that ACA can't backstop the losses, the credit ratings on those bonds will fall, and result in losses.

... snip ...

computer (modeling) and related to the earlier "new" (computer) risk analysis perspective that prompted citibank to get out of mortgages

How Conventional CDO Analytics Missed the Mark
http://www.bobsguide.com/guide/news/2007/Dec/20/Kamakura_Releases_Study:_How_Conventional_CDO_Analytics_Missed_the_Mark.html

from above:
"Two years ago the Wall Street Journal in a page 1 story pointed out the dangers in relying on the copula approach for CDO valuation, but investors were slow to realize the magnitude of their model risk"

... snip ...

U.S. Mortgage Crisis Rivals S&L Meltdown
http://online.wsj.com/article/SB119724657737318810.html?mod=googlenews_wsj

from above:
Indeed, coming up with a value for a CDO entails analyzing more than 100 separate securities, each of which contains several thousand individual loans -- a feat that, if done on any scale, can require millions of dollars in computing power alone.

... snip ...

Legal battle over complex CDOs
http://www.theaustralian.news.com.au/story/0,25197,22939223-36375,00.html

from above
JP Morgan projects that by the second quarter, $US40 billion to $US50 billion in sub-prime mortgage bonds could be sold by distressed CDOs that decide to liquidate.

... snip ...

A Capital Idea
http://www.fool.com/investing/dividends-income/2007/12/17/a-capital-idea.aspx

from above:
The 8% of American's portfolio invested in commercial mortgage-backed securities (CMBS), collateralized debt obligations (CDOs), and other structured finance investments also deserves extra scrutiny. These assets are the same types making headlines every day; no buyers can be found for them, and their market values are dropping precipitously.

... snip ...

Subprime mortgage crisis far from over, "survivors' conference" hears
http://www.iht.com/articles/2007/11/20/bloomberg/bxprime.php

from above:
The so-called Super SIV, a fund set up by banks at the urging of the U.S. Treasury to buy the highest-rated securities, will seek to prevent a meltdown of the 30 investment vehicles globally holding $320 billion as of Oct. 5.

...

Wall Street profits are also plunging in the fourth quarter. Citigroup, the second-largest CDO issuer in the first half of 2007, may post a loss in the final period, according to the average estimate of 23 analysts compiled by Bloomberg News. That is after the bank reported a write-down of as much as $11 billion, which cost Citigroup's chief executive, Charles Prince 3rd, his job.


... snip ...

Citigroup Downgraded to 'Sell' at Goldman Sachs
http://www.bloomberg.com/apps/news?pid=20601213&sid=aQ3tdmOhB_kk

from above:
... the biggest U.S. bank, was lowered to "sell" by a Goldman Sachs Group Inc. analyst who said the lender's writedowns of collateralized debt obligations may total $15 billion over the next two quarters.

... snip ...

other recent posts mentioning old Risk Management post
http://www.garlic.com/~lynn/2007b.html#30 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007b.html#33 security engineering versus information security
http://www.garlic.com/~lynn/2007c.html#11 Decoding the encryption puzzle
http://www.garlic.com/~lynn/2007e.html#24 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007h.html#64 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007h.html#66 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007i.html#12 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#0 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#46 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#75 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#51 IBM Unionization
http://www.garlic.com/~lynn/2007n.html#53 Windows Monitor or CUSP? [was ReJohn W. Backus, 82, Fortran developer, dies]
http://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
http://www.garlic.com/~lynn/2007p.html#50 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying
http://www.garlic.com/~lynn/2007r.html#60 Fixing our fraying Internet infrastructure
http://www.garlic.com/~lynn/2007s.html#1 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007s.html#25 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007s.html#28 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#12 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#15 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#27 'Man in the browser' is new threat to online banking

2007 Year in Review on Mainframes - Interesting

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 2007 Year in Review on Mainframes - Interesting
Newsgroups: bit.listserv.ibm-main
Date: Thu, 20 Dec 2007 15:51:14 -0500
Mike.Conmackie@COMPUWARE.COM (Conmackie, Mike) writes:
And the money I've paid into Social Security all my life will be returned in my retirement with interest !!!!!

ss is pay as you go system ... not a fully funded retirement plan. it is one of the reasons why they are concerned about the ratio of people paying-in to the number supported on retirement. SS historical "ratio" table 1940-2006:
http://www.ssa.gov/history/ratios.html

This can drastically tip with baby boomers moving from paying to collecting. The first baby boomer collects social security
http://abcnews.go.com/WN/LifeStages/story?id=3732745&page=1

there is also some gimmick on how much is paid, it is currently 15.3% ... but for standard salary workers ... the company has to pay half of it over and above the salary ... and then there is the other half deducted from the salary. This is readily seen in tax returns for self-employed workers where they have to pay the full 15.3%. for most purposes, eliminate the facade and have it restructured so the employers paid the full 15.3% before paying salary (theoritically reducing salaries paid correspondingly) ... with it never showing up for individual employees at all.

in past 10-15 yrs there have been some number of companies going under (and/or declared bankruptcy) because their "pay as you go" retirement systems sometimes reached their largest single expense
http://www.skeptically.org/curpol/id7.html
... and federal gov. having to assume the payment
https://en.wikipedia.org/wiki/Pension_Benefit_Guaranty_Corporation

some number of posts related to "unfunded" liabilities growing to largest part of the budget and swamping the federal gov ... even if everything else in the budget is eliminated.
http://www.garlic.com/~lynn/2007j.html#91 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#93 IBM Unionization
http://www.garlic.com/~lynn/2007s.html#1 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#13 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#18 Newsweek article--baby boomers and computers

(federal) comptroller general (appointed in the mid-90s for 15yr term) has been making references that congress for at least the past 50 yrs has been incapable of simple middleschool arithmatic; recent reference:
http://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Fri, 21 Dec 2007 08:45:48 -0500
Lon Stowell <lon.stowell@comcast.net> writes:
Yeah, but the IBM systems evolved from different requirements. If you had to run a network that spanned the continent and buy your expensive not overly high speed leased lines from AT&T, then further multidrop them across multiple sites, even a bean counter would quickly realize that a local editing block mode terminal setting behind a local controller was far cheaper and more user efficient than sending each and every keystroke from Los Angeles to New York and back to display the character was the wrong answer to the wrong question. Then you add in the typical 60 millisecond delay it took to get from Los Angeles to New York..... then another 60 to get back, you could really quickly slow down a high speed typist grade user to an unworkable molasses swamp. Until really good and inexpensive high speed transcontinental networks evolved, it was a true cultural issue to explain to the unix style folks why they would have so much difficulty displacing the mainframes until they rethought the process...

then add in that there are 30,000 to 60,000 terminals ... and two interrupts per char (for full duplex) ... one for incoming character and one for outgoing char ... the required processor cycles for just char. interrupt handling more than swamp the processing.

when i was an undergraduate in the 60s, i got on the wrong side of the communication division with building a clone communication controller
http://www.garlic.com/~lynn/subtopic.html#360pcm

later in the mid-80s, i crossed them again several times ... with hsdt project and "high-speed"
http://www.garlic.com/~lynn/subnetwork.html#hsdt
... recent mention about their idea of "high-speed" and our idea
http://www.garlic.com/~lynn/2007p.html#64 Damn
http://www.garlic.com/~lynn/2007q.html#45 Are there tasks that don't play by WLM's rules

however, in that same time-frame we attempted to deploy a replacement for communication division flagship 37x5 communication controller with some advanced software running in series/1 ... moving to a 801/risc system ... reference to that activity
http://www.garlic.com/~lynn/99.html#63 System/1 ?
http://www.garlic.com/~lynn/99.html#66 System/1 ?
http://www.garlic.com/~lynn/99.html#69 System/1 ?
http://www.garlic.com/~lynn/99.html#70 Series/1 as NCP (was: Re: System/1 ?)

this post has reference to standard customer terminal activity profile from the period
http://www.garlic.com/~lynn/99.html#67 System/1 ?

I then ran the standard customer terminal activity profile thru a "HONE" configurator to obtain 37x5 controller configuration info
http://www.garlic.com/~lynn/subtopic.html#hone

The infrastructure avg. 2700 terminal "messages" a second ... had avg message size of 500 bytes (although highly bi-model; input message size much shorter than output message size) ... aka 500x2700 = 1,350,000 chars/sec. the flag ship operating system interrupt handler can run 5k instructions ... so nearly 7billion instructions/sec ... versus 13.5mips Also, frequently have to configure for peak ... with peak being possibly 2-4 times avg ... say around 30,000mips just for (full-duplex, char) interrupt processing.

this is on par with recent mention of some of the scaling problems encountered in the 90s attempting to address the overnight batch window bottleneck with distributed object oriented implementation:
http://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
http://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
http://www.garlic.com/~lynn/2007t.html#3 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#5 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#37 folklore indeed
http://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#61 folklore indeed
http://www.garlic.com/~lynn/2007v.html#19 Education ranking

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Fri, 21 Dec 2007 08:59:56 -0500
jmfbahciv writes:
I wouldn't have called it multi-processing either but apparently people have changed the meaning of the term.

standard terminology, multiprocessing in the past has referred to multiple processors. multiprogramming and multitasking has referred to multiple programs and multiple tasks.

there may have been some more recent corruption using the term "process" to refer to programs, applications, and/or tasks ... resulting in multiprocessing referring to multiple processes rather than multiple processors. this may have been much more associated with an environment that has no familiarity with multiple processors and therefor didn't need to differentiate.

misc. past posts mentioning smp (symmetric multiprocessing and/or shared memory multiprocessing) and/or compare&swap instruction
http://www.garlic.com/~lynn/subtopic.html#smp

back to the 60s we had differentiation between tightly-coupled multiprocessing and loosely-coupled multiprocessing. tightly-coupled multiprocessing was SMP ... and loosely-coupled multiprocessing ... is cluster type stuff. past posts mentioning my wife being con'ed into going to POK (center of high-end mainframes) to be responsible for loosely-coupled multiprocessing architecture
http://www.garlic.com/~lynn/submain.html#shareddata

which we later followed up with a high-availability cluster multiprocessing product
http://www.garlic.com/~lynn/subtopic.html#hacmp

and work on cluster scaleup
http://www.garlic.com/~lynn/lhwemail.html#medusa

also referenced in these posts
http://www.garlic.com/~lynn/95.html#13
http://www.garlic.com/~lynn/96.html#15

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Fri, 21 Dec 2007 13:43:00 -0500
stanb45@dial.pipex.com (Stan Barr) writes:
Noy just in computing. The other day I was in our local bus station and they'd moved all the bus stops round. There were loads of people going round asking anyone and everyone "Where does <such-and-such> bus stop now?" and there were notices stuck up every 15 feet or so with them all listed.

there was some report after the 1990 census that half of all highschool graduate aged (18yr olds) were functionally illiterate (and things appear to have gone downhill since then).

how 'bout airlines going to "sections" clearly printed on the boarding pass (in large block characters) since quite a few people couldn't figure out what range their seat number was in when the announcement was boarding for all seats greater than some value.

recent posts mentioning functionally illiterate
http://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007i.html#24 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#79 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#31 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#51 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#80 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#85 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#10 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#30 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#34 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#42 IBM Unionization
http://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007o.html#21 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007o.html#22 U.S. Cedes Top Spot in Global IT Competitiveness

Apple files patent for WGA-style anti-piracy tech

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Apple files patent for WGA-style anti-piracy tech
Newsgroups: alt.folklore.computers
Date: Fri, 21 Dec 2007 17:17:17 -0500
Apple files patent for WGA-style anti-piracy tech
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053978

from above:
Patent application 20070288886, titled "Run-Time Code Injection To Perform Checks" and dated Dec. 13, spells out a "digital rights management system" that would "restrict execution of that application to specific hardware platforms."

... snip ...

old email referencing apparent anti-piracy in LISA
http://www.garlic.com/~lynn/2007b.html#email830213

with machine serial number ... in this post
http://www.garlic.com/~lynn/2007b.html#56 old lisa info

current genre is trusted computing module ... couple past posts:
http://www.garlic.com/~lynn/2007c.html#44 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007m.html#20 Patents, Copyrights, Profits, Flex and Hercules

Faster Chips Are Leaving Programmers in Their Dust

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Faster Chips Are Leaving Programmers in Their Dust
Newsgroups: alt.folklore.computers
Date: Fri, 21 Dec 2007 17:29:52 -0500
Quadibloc <jsavard@ecn.ab.ca> writes:
The ideal thing to do, from the programmer's viewpoint, of course, is to have a machine that completes one instruction before going on to the next one, but which does it very quickly.

re:
http://www.garlic.com/~lynn/2007v.html#7 Faster Chips Are Leaving Programmers in Their Dust
http://www.garlic.com/~lynn/2007v.html#14 Faster Chips Are Leaving Programmers in Their Dust
http://www.garlic.com/~lynn/2007v.html#22 Faster Chips Are Leaving Programmers in Their Dust

take all the chips (in addition to the processor proper) for computer

Single-Chip x86 Chipsets Around the Corner?
http://hardware.slashdot.org/hardware/07/12/21/2111234.shtml

from above:
Kontron, a giant among industrial single-board computer vendors, yesterday revealed a credit-card sized board apparently based on a single-chip x86 chipset that clocks to 1.5GHz and supports a gig of RAM.

... snip ...

MTS memories

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: MTS memories
Newsgroups: comp.arch,alt.folklore.computers
Date: Fri, 21 Dec 2007 18:42:01 -0500
"Dave Wade" <g8mqw@yahoo.com> writes:
It was used at Newcastle, and I think latterly at Durham in the UK. Originally it ran on a 1 meg 360/67 at newcastle and it got slow with 40 users. We had a remote line in from Newcastle Poly using an IBM 1130.

cp67 was similar with 768kbyte 360/67 when it was first installed at the university ... that was before i redesigned and rewrote a lot of the code ... however, cp67 on 1mbyte 360/67 at grenoble science center typically would do 35-40 users. recent reference (with their changes)
http://www.garlic.com/~lynn/2007u.html#79 IBM Floating-point myths

newcastle pictures of 360/67:
http://web.archive.org/web/20030813224124/www.cs.ncl.ac.uk/events/anniversaries/40th/images/ibm360_672/index.html

and 370/168 pictures:
http://web.archive.org/web/20031004111307/www.cs.ncl.ac.uk/events/anniversaries/40th/images/ibm370_1682/index.html

followed by amdahl 5860 (mislabled as "c. 1957?")
http://web.archive.org/web/20030823044852/www.cs.ncl.ac.uk/events/anniversaries/40th/images/amdahl2/index.html

Hitachi, Silver Lake in talks about hard drives, sources say

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Hitachi, Silver Lake in talks about hard drives, sources say
Newsgroups: alt.folklore.computers
Date: Sat, 22 Dec 2007 06:49:11 -0500
san jose plant site:

Hitachi, Silver Lake in talks about hard drives, sources say
http://www.news.com/Hitachi%2C-Silver-Lake-in-talks-about-hard-drives%2C-sources-say/2100-1015_3-6223853.html?tag=nefd.top

from above:
Hitachi has not posted a profit in its hard-drive business since buying it from IBM for $2 billion in 2002, as disk drive prices have crumbled.

... snip ...

references older article about the purchase

Hitachi sharpens hard drive efforts
http://www.news.com/Hitachi-sharpens-hard-drive-efforts/2100-1040_3-979196.html?tag=st.nl

from above:
Hitachi Global Storage Technologies was formed at the end of 2002 and is 70 percent owned by Hitachi and 30 percent owned by IBM. The San Jose, Calif.-based company is a subsidiary of Tokyo-based Hitachi, which will pay for the remaining 30 percent over the next three years. IBM had lost more than $500 million over the last two years in the hard drive business, which is notoriously competitive and yields thin margins

... snip ...

old posts about getting to play disk engineer in bldgs. 14&15
http://www.garlic.com/~lynn/subtopic.html#disk

What do YOU call the # sign?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What do YOU call the # sign?
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Sat, 22 Dec 2007 07:27:55 -0500
"Rostyslaw J. Lewyckyj" <urjlew@bellsouth.net> writes:
Is that cost of living allowance + salary < cost of living on a boat in HK?

"cost of living allowance for living in HK" minus "the cost of living on a boat in HK" was greater than their salary

aka
http://www.garlic.com/~lynn/2007v.html#9 What do YOU call the # sing?
long ago and far away we had a friend who was angling for an assignment to HK, they had worked out that the difference between living on a boat in HK and the cost of living allowance was larger than their salary.

....

i.e. difference as in the amount that the two values differed ... not as in explicit order of which value was subtracted.

later (in the states), bought a tugboat and converted to house boat (most everything is thick metal plates ... so remodeling frequently involves a lot of time with blow/cutting toarch).

Inside a Modern Malware Distribution System

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Inside a Modern Malware Distribution System
Newsgroups: alt.folklore.computers
Date: Sat, 22 Dec 2007 07:39:22 -0500
another application of the new 40+ yr old technlogy:

Inside a Modern Malware Distribution System
http://www.eweek.com/article2/0,1895,2239276,00.asp

from above:
Stewart was baffled by the need to track the hard drive serial number but suggests this is being done to provide a unique ID for the infected system and to figure out if a VM (virtual machine) is being used to analyze the malware. This is significant, Stewart said, because anti-virus providers use VM to pick apart malware files in controlled environments.

... snip ...

reference from above:

Pushdo - Analysis of a Modern Malware Distribution System
http://www.secureworks.com/research/threats/pushdo/

from above:
The use of the physical hard drive serial number as a identifier is interesting - it not only provides a unique ID for the infected system, but can also reveal information such as whether the code is running in a virtual machine or not. For instance, a VMware system might return a serial number of "00000000000000000001" or simply "00", which is very easily spotted in a list of serial numbers of major hard drive vendors. This could be a way for the malware author to spy on anti-virus companies using automated tools to monitor the malware download points.

... snip ...

somewhat related reference:
http://www.garlic.com/~lynn/2007v.html#6 Ironkey

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sat, 22 Dec 2007 09:40:51 -0500
Lon Stowell <lon.stowell@comcast.net> writes:
Until really good and inexpensive high speed transcontinental networks evolved, it was a true cultural issue to explain to the unix style folks why they would have so much difficulty displacing the mainframes until they rethought the process...

re:
http://www.garlic.com/~lynn/2007v.html#27 folklore indeed

note also that by the time inexpensive high speed transcontinental networks evolved ... things were moving from "dumb" terminals to terminal emulation on PCs ... some past posts on terminal emulation

some of the early commercial timesharing service bureau offerings were cp67 and/or vm370 spin-offs
http://www.garlic.com/~lynn/submain.html#timeshare

one such commerical timesharing service bureau was Tymshare ... with its vm370-based offering. Tymshare also had Tymnet ..
https://en.wikipedia.org/wiki/Tymnet

from above:
It soon became apparent that the SDS 940 could not keep up with the rapid growth of the network. In 1972, Joseph Rinde joined the Tymnet group and began porting the Supervisor code to the 32-bit Interdata 7/32, as the 8/32 was not yet ready. In 1973, the 8/32 became available, but the performance was disappointing and a crash-effort was made to develop a machine that could run Rinde's Supervisor.

... snip ...

for other topic drift ... i had run into some issues/problems with the standard mainframe telecommunication controller ... which was somewhat behind the univ deciding to build our own (clone) communication controller
http://www.garlic.com/~lynn/subtopic.html#360pcm

which was initially done on Interdata/3 ... which evolved into a combination of Interdata/4 with one or more Interdata/3s (as dedicated line-scanners).

note that the wiki article seems to confuse some of the tymshare/tymnet details and some of the dates ... a tymshare ref:
http://www.cap-lore.com/Tymshare/

from above:
We had installed several machines in Palo Alto when we opened an office in Ingelwood, just north of Los Angeles, where we installed another 940. Customers had to place a phone call to our computer to use it and the long distance charges were significant for some. We developed Tymnet initially to extend our geographic reach.

... snip ...

with this reference:

The Origins of Tymnet
http://www.cap-lore.com/Tymnet/ETH.html

from above:
At that time the phone company (AT&T) was considered a natural monopoly. They held that modems were the sole province of the telco. Tymshare had already produced acoustic couplers that competed with the telco's 103A data sets (data set = modem), but AT&T's lawyers were busy fighting what they considered to be more serious encroachments on their turf.

... snip ...

with this reference
http://www.cap-lore.com/books/Temin.html

The above Tymnet article also references Varian Data Machines.

For other topic drift, Varian was early cp67 installation used internally by engineers. Some of those engineers then moved onto other enterprises in the valley ... propagating virtual machine (by then vm370) use.

back to Tymshare ... Tymshare 2000 Reunion web site
http://www.greentreesystems.com/Tymshare/

Apple files patent for WGA-style anti-piracy tech

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Apple files patent for WGA-style anti-piracy tech
Newsgroups: alt.folklore.computers
Date: Sat, 22 Dec 2007 11:46:43 -0500
Quadibloc <jsavard@ecn.ab.ca> writes:
I'm surprised that a decent dongle wasn't simply built into Macintoshes since the change to the x86. Although I see by the article that the patent claims that even dongles can be circumvented, which I suppose is true enough.

re:
http://www.garlic.com/~lynn/2007v.html#30 Apple files patent for WGA-style anti-piracy tech

just get a machine with TPM (trusted platform module)
https://en.wikipedia.org/wiki/Trusted_Platform_Module

from trusted computing group
https://en.wikipedia.org/wiki/Trusted_Computing_Group

trusted computing group home page
http://news.ft.com/servlet/ContentServer?pagename=FT.com/StoryFT/FullStory
https://www.trustedcomputinggroup.org/home
https://www.trustedcomputinggroup.org/home
https://www.trustedcomputinggroup.org/home

i've mentioned before in the days leading up to PC announce ... did some looking at including some sort of cryptographic, tamper-evident module on the motherboard ... but the technology was significantly more expensive in those days.

there has also been investigation into integrating TPM-like function into standard processor chips.

i've also mentioned in the past giving aads chip strawman talk
http://www.garlic.com/~lynn/x959.html#aads

in the trusted computing track at intel developer's forum ... and needling the trusted computing group (guy running it was in the front row) that over the previous couple yrs that TPM had started to look more like my strawman chip. The quip back from the audience was it was because I didn't have a committee of 200 helping design the chip.

more recent comments about TPM has been that it would be (just) deployed on server machines ... leveraging it to scaffold a secure computing environment.

however here is section for securing mobile devices:
https://www.trustedcomputinggroup.org/groups/mobile

somewhat similar to old aads chip strawman proposal to include chip (and/or build function into processor chip) for PDAs and cellphones.

The drive to use mobile devices for payment transactions would presumably also motivate additional security measures.

recent posts related to the pda/cellphone for secure transactions
http://www.garlic.com/~lynn/2007d.html#12 One Time Identification, a request for comments/testing
http://www.garlic.com/~lynn/2007u.html#11 Public Computers
http://www.garlic.com/~lynn/2007u.html#47 folklore indeed

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Sat, 22 Dec 2007 18:45:54 -0500
Justa Lurker <JustaLurker@att.net> writes:
Kind of close but no cigar.....for example, using Register 2......

BALR 2,0 Load R2 with current address USING *,2 Tell assembler to use R2 as base register when generating code


i have done q&d conversion of gcard ios3270 to html
http://www.garlic.com/~lynn/gcard.html

see calling & savearea convention
http://www.garlic.com/~lynn/gcard.html#50

the example assumes that R15 is already set to entry point ... allowing moving it to standard base register R12 and setting up using.

BALR/branch and link register ... normal calling convention loads entry address into R15 and does a
BALR R14,R15

branching to address in R15 .. while setting R14 to the (return) address following the BALR instruction. Special case is specifying register zero for branch-to address ... doesn't take the branch. current description of branch and link instruction:
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/7.5.8?SHELF=DZ9ZBK03&DT=20040504121320

current hlasm manual
http://publibfp.boulder.ibm.com/cgi-bin/bookmgr/download/asmp1010.pdf

for USING (pg. 80) mentions that the assembler has an implicit using of
USING 0,0

i.e. register zero is used for addresses within 4k of absolute location zero. It also mentions that message ASMA302W is issued when R0 is specified as a base register with a non-zero base address, and message ASMA306W is issued when any register other than R0 is specified as base register with an absolute base address whose range overlaps the assembler's default (0,4095).

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Sat, 22 Dec 2007 19:26:37 -0500
krw <krw@att.bizzzzz> writes:
Atlanta seems to be a hub for call-centers. I would have thought they'd at least go to Indiana. ;-)

at least for large call-center operations, there is actually quite a bit of science ... detailed profile of type of workers ... which then grew into detailed studies of area demographics .... for selecting where to put (new) call-centers.

seems to be little difficult to find lots of (free) details on the web (there are some more pointers to studies that cost) ... somewhat random sample:
http://michiana.marketingpower.com/content25334.php
http://www.bpoindia.org/research/human-issues-in-call-centers.shtml
http://www.ilr.cornell.edu/globalcallcenter/research/india.html
http://www.venturekamloops.com/callcentre/general.htm

IBM mainframe history, was Floating-point myths

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sat, 22 Dec 2007 22:59:41 -0500
Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
What OS/360 did was to to start a batch program, called TSO (Time Sharing Option). The program was loaded into memory for the duration. The data area of the TSO program was divided into several areas which could be used for loading "user" work into. If I remember correctly, we had space for three users in memory simultaneously. TSO itself managed its own memory totally independent of OS and swapped users in and out to its data areas as it saw fit. So the interactive users competed for memory only with other interactive users but that TSO itself, and thus all interactive users competed for CPU time with whatever other batch jobs were running at the time. Once we got beyond a handful of users the interactive response time could often be measured in minutes!

discussion that excessive use of multi-track search contributed significantly to extremely poor TSO response ... i.e. CMS response was significantly better in all sorts of way ... but the effects of multi-track search can lockup a disk control unit in a shared disk environment. this references a situation where there is vm/cms service on 370/158 and mvs/tso service on 370/168 in shared disk environment ... where control units were "dedicated" by operational convention ... when a "MVS" pack was mounted on a drive associated with a "VM" control unit ... the multi-track search lockout immediately started to impact the vm/cms service response:
http://www.garlic.com/~lynn/2007v.html#4 IBM mainframe history, was Floating-point myths

of course ... even if that was corrected ... TSO would still have other significant response issues.

i had done a lot of things as an undergraduate for cp67 dynamic adaptive resource management ... including being able to handle lots of different kinds of mixed-mode operation ... guest virtual machines running batch, cms virtual machines doing various kinds of file & processor intensive operation ... as well as purely interactive ... overall processor operating at 100% utilization and still providing small subsecont trivial interactive response.

a lot of that was dropped in the simplification morph from cp67 to vm370 ... but re-introduced when i shipped my "resource manager".
http://www.garlic.com/~lynn/subtopic.html#fairshare

IBM mainframe history, was Floating-point myths

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sat, 22 Dec 2007 23:45:30 -0500
"Del Cecchi" <delcecchiofthenorth@gmail.com> writes:
And that be why Rochester IBM ran MTMT (Multiple Terminal Monitor Task, a long running batch job). It lived on after we were migrated to ts-slow as stst. I don't know if stst was generally available. I presume MTMT wasn't. It was a Rochester internal developement that doesn't appear to have gotten much press. Wonder why?

there were lots of such things. when i was an undergraudate ... in addition to getting to redo much of cp67 ... including addition tty/ascii terminal support ... the terminal support work included trying to get the mainframe telecommunication controller to do some things it wouldn't do. this somewhat prompted the univ. to start a clone controller project ... four of us got written up as being instrumental in starting clone controller business
http://www.garlic.com/~lynn/subtopic.html#360pcm

i also did a lot of os360 and hasp work. one of the things I did in hasp was writing support for interactive terminals and CRJE type environment ... also implementing an interactive editor with CMS edit syntax (however cms editor was not re-entrant ... so i effectively had to rewrite from scratch because hasp implementation required re-entrant coding conventions). all sorts of posts mentioning hasp and/or later jes2, including jes2 networking
http://www.garlic.com/~lynn/submain.html#hasp

for something a little bit different ... here is description of somebody converting rochester from mvs/tso environment to vm/cms environment (i.e. software development tools, 1978-1981):
http://www.hps.com/~tpg/resume/index.php?file=IBM

the above also mentions working on IBM backbone (1983-1987) which overlaps some of the time of our HSDT project and doing high-speed backbone
http://www.garlic.com/~lynn/subnetwork.html#hsdt

and we shared some code and strategies ... although they were working with 56kbit links (and came up with a gimmick to make mainframes drive full-duplex operation) and we were doing 1.5mbit (and higher speed) full-duplex ... both terrestrial links and also dealing with (synchronous orbit) satellite links.

Newbie question about db normalization theory: redundant keys OK?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Newbie question about db normalization theory: redundant keys OK?
Newsgroups: comp.databases.theory
Date: Sat, 22 Dec 2007 23:31:29 -0500
paul c <toledobythesea@ooyah.ac> writes:
In those days, most Cics and some IMS programmmers knew the four necessary conditions for deadlock and avoided at least one of them in their apps. Nowadays that's considered high science. Jim Gray was a smart guy and I hope he's still alive but the fact remains that it seems that he and other concurrency experts chose to ignore the IP. I think Bob B said something quite profound recently, something like "you can't manage data without data". A corollary might be that only mystics can manage without data. Normalization theory started with the IP and caught a following, no coincidence if you ask me. The concurrency theorists carried on with the IMS and other physical ways of thinking and never seemed to get the idea that there might be a logical concurrency model based on the IP (at least as far as I know).

i had worked with jim back in system/r days
http://www.garlic.com/~lynn/submain.html#systemr

when he left for tandem ... he tried to pawn off some of the stuff on me ... a couple old email references
http://www.garlic.com/~lynn/2007.html#email801006
http://www.garlic.com/~lynn/2007.html#email801016

in this post
http://www.garlic.com/~lynn/2007.html#1 "The Elements of Programming Style"

and
http://www.garlic.com/~lynn/2007d.html#email800920

in this post:
http://www.garlic.com/~lynn/2007d.html#17 Jim Gray Is Missing

later when we were doing ha/cmp
http://www.garlic.com/~lynn/subtopic.html#hacmp

and i was working on distributed lock manager and cluster scaleup ... we were working with some of the independent RDBMS vendors that also had implementations running on vax/cluster. they wanted a lock manager api that looked and felt similar to what they had been using in vax/cluster, but they also had a list of several things that they felt could be done a lot better. starting from a (almost) completely clean slate ... i had a lot less baggage to worry about.

distributed lock manager

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: distributed lock manager
Newsgroups: alt.folklore.computers
Date: Sun, 23 Dec 2007 09:25:19 -0500
x-post mentioning some archeological locking
http://www.garlic.com/~lynn/2007v.html#42 Newbie question about db normalization theory: redundant keys OK?

paul c <toledobythesea@ooyah.ac> writes:
In those days, most Cics and some IMS programmmers knew the four necessary conditions for deadlock and avoided at least one of them in their apps. Nowadays that's considered high science. Jim Gray was a smart guy and I hope he's still alive but the fact remains that it seems that he and other concurrency experts chose to ignore the IP. I think Bob B said something quite profound recently, something like "you can't manage data without data". A corollary might be that only mystics can manage without data. Normalization theory started with the IP and caught a following, no coincidence if you ask me. The concurrency theorists carried on with the IMS and other physical ways of thinking and never seemed to get the idea that there might be a logical concurrency model based on the IP (at least as far as I know).

i had worked with jim back in system/r days
http://www.garlic.com/~lynn/submain.html#systemr

when he left for tandem ... he tried to pawn off some of the stuff on me ... a couple old email references
http://www.garlic.com/~lynn/2007.html#email801006
http://www.garlic.com/~lynn/2007.html#email801016

in this post
http://www.garlic.com/~lynn/2007.html#1 "The Elements of Programming Style"

and
http://www.garlic.com/~lynn/2007d.html#email800920

in this post:
http://www.garlic.com/~lynn/2007d.html#17 Jim Gray Is Missing

later when we were doing ha/cmp
http://www.garlic.com/~lynn/subtopic.html#hacmp

and i was working on distributed lock manager and cluster scaleup ... we were working with some of the independent RDBMS vendors that also had implementations running on vax/cluster. they wanted a lock manager api that looked and felt similar to what they had been using in vax/cluster, but they also had a list of several things that they felt could be done a lot better. starting from a (almost) completely clean slate ... i had a lot less baggage to worry about.

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Sun, 23 Dec 2007 09:51:57 -0500
Brian Inglis <Brian.Inglis@SystematicSW.Invalid> writes:
Privacy seems to be the area you're concerned with. Authorization is the term applied to users' right to know. Permission is what is granted to provide the authorization. And authentication is the act of checking without recording.

Chatted with PPoE credit union (retained account for group insurance) manager who now has to have two people working for her, behind separate chinese walls, due to privacy legislation: one who can maintain the client personal info, and one who can maintain the account info, neither can see the other's info; contacting clients about account issues is now a headache for her!


we had co-authored x9.99 financial industry privacy standard ... had to take into account both GLBA and HIPAA. Also looked some at things like EU-DPD ... in anticipation of moving to international/ISO.

somewhat in support of x9.99 activity, we did a privacy specific merged taxonomy & glossary
http://www.garlic.com/~lynn/index.html#glosnote

one of the other areas of concern was independent insurance agents ... since there could be some information leakage issues between lines of business like accident insurance and health/life insurance or health insurance and life insurance.

as i've mentioned before, we ran into some of this when we were called in to help word smith cal state (and later federal) electronic signature legislation.
http://www.garlic.com/~lynn/subpubkey.html#signature

some of the organizations particpating were also involved in various privacy legislation ... and had done some extensive public surveys and studies ... which found the two issues of highest concern:

• identity theft (mostly in terms of account fraud) • denial of service (by gov, institutions, and/or organizations)

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Sun, 23 Dec 2007 09:59:14 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
we had co-authored x9.99 financial industry privacy standard ... had to take into account both GLBA and HIPAA. Also looked some at things like EU-DPD ... in anticipation of moving to international/ISO.

somewhat in support of x9.99 activity, we did a privacy specific merged taxonomy & glossary
http://www.garlic.com/~lynn/index.html#glosnote


re:
http://www.garlic.com/~lynn/2007v.html#44 Education ranking

one of the problems that I had ran into was that the canadian gov. had put up a lot of privacy stuff on the web. however, it seemed that they had contracted it out to some web design/hosting organization which had put copyright notices on every page. at some meetings that the canadian gov. privacy "czar" attended, i asked about this (and getting permission to copy/include information), they hadn't realized the web pages were copyrighted.

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sun, 23 Dec 2007 10:25:34 -0500
Lon Stowell <lon.stowell@comcast.net> writes:
You can lead a horse to documentation, but you cannot make him read it. It is quicker to ask a cow orker, typically one of us few documentation junkies who are amazed at how easy it is to acquire a reputation as a guru simply for providing information on page one of any release note, functional specification, FAPL, or administration manual.

science center had softcopy of documentation from just about the start (mid-60s) on cms ...
http://www.garlic.com/~lynn/subtopic.html#545tech

for formating by cms script command (originally runoff-like "dot" commands and then transition to gml tags).
http://www.garlic.com/~lynn/submain.html#sgml

recent reference to being used for the "redbook" architecture and principles of operation
http://www.garlic.com/~lynn/2007v.html#21 It keeps getting uglier

however, there wasn't a lot of early support for online accessing (modern day html) except in terms of formating the output to the terminal/screen rather than to the printer.

somewhat as an experiement, i had done a replacement for the failure analysis/forenisic application (IPCS ... nearly all originally implemented in assembler) ... implementation done in REXX.
http://www.garlic.com/~lynn/submain.html#dumprx

for the dumprx package, I obtained softcopy of the appropriate "messages and codes" files and created a specially formated online version ... which dumprx could search and display pertinent sections (associated with specific failure/problem).

an application developed mostly for "menu" applications was ios3270 ... but also could be used for selective information display ... an example was gcard ios3270 ... which i've done a rough converstion to html
http://www.garlic.com/~lynn/gcard.html

recent reference to gcard
http://www.garlic.com/~lynn/2007v.html#38 Education ranking

another place that ios3270 was seen was in the service processor for 3090. the 3090 service processor started out as a highly customized version of vm370 release 6 running on a 4331 with the menu screens implemented in ios3270. the 4331s were eventually upgrade to a pair of 4361s.

MTS memories

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: MTS memories
Newsgroups: comp.arch,alt.folklore.computers
Date: Sun, 23 Dec 2007 11:35:45 -0500
Quadibloc <jsavard@ecn.ab.ca> writes:
So I would start, say, with BSD, and then add native ISAM file services, change the file philosophy from stream-oriented to record- oriented. Ah, I only wish I had the spare time!

isam implementation had epitome of CKD dasd trade-off
http://www.garlic.com/~lynn/submain.html#dasd

between use of real storage and i/o resources. some of the filesystem organizations were (flat) single level index located on disk using multi-track search to find the desired entry (conserving real storage but really burning up disk i/o resources). recent post in thread
http://www.garlic.com/~lynn/2007v.html#1 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#3 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#4 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#40 IBM mainframe history, was Floating-point myths

isam implemented multi-level indexes (on disk) with complex channel programs that could traverse the index levels ... by reading information from specific index entries ... that became arguments to subsequent seek/search channel commands (in the channel program) ... aka "self-modifying" channel programs. this would create problems in virtual machine environments that had to copy/create a shadow copy of the applications channel program.

the "physical" record pointers characteristic of "60s" dbms ... were one of the contention points with the system/r (original relational/sql) group
http://www.garlic.com/~lynn/submain.html#systemr

part of the relational paradigm abstracted away the physical record pointers ... significantly reducing manual administration and maintenance (eventually being cached in growing real storage capacities). a couple recent refs:
http://www.garlic.com/~lynn/2007p.html#20 64 gig memory
http://www.garlic.com/~lynn/2007p.html#58 what does xp do when system is copying
http://www.garlic.com/~lynn/2007u.html#86 IBM mainframe history, was Floating-point myths

for a little topic drift ... recent post about dbms (& cluster) serialization & locking
http://www.garlic.com/~lynn/2007v.html#42 Newbie question about db normalization theory: redundant keys OK?
http://www.garlic.com/~lynn/2007v.html#43 distributed lock manager

in the above thread there was some reference to vax/cluster lock implementation which included a lock service outboard in the HSC.

mainframes were doing loosely-coupled ... terminalogy reference
http://www.garlic.com/~lynn/2007v.html#28 folklore indeed

but multi-system coordination/serialization was via a (whole) device "reserve/release" channel command ... which didn't scale well for fine-grain locking. an evolving (mainframe) multi-system loosely-coupled system from the 60s was ACP (airline control program) ... which required much finer grain operation. To support this, a special, custom feature was added to 2314 disk controller ... that supported logical/symbolic locks (providing memory in controller for system defined lock names). This feature was later moved to the next generation 3330 disk controller.

in the late 70s, the HONE system was looking at (cluster) loosely-coupled scaleup and another way of implementing finer-grain i/o locking/serialization.
http://www.garlic.com/~lynn/subtopic.html#hone

and came up with a channel program that simulated the semantics of the processor (tightly coupled multiprocessor) compare&swap instruction
http://www.garlic.com/~lynn/subtopic.html#smp

which used a (CKD) search argument of the record data image presumed out on disk ... if the search matched, the channel program would rewrite the record with an update value ... if the search failed, it would read the current record image. I believe that the JES2/MAS group also looked at what HONE had done.

some past posts mentioning issues with ISAM channel program translation
http://www.garlic.com/~lynn/2007e.html#19 Cycles per ASM instruction
http://www.garlic.com/~lynn/2007f.html#4 ISAM and/or self-modifying channel programs
http://www.garlic.com/~lynn/2007f.html#34 Historical curiosity question
http://www.garlic.com/~lynn/2007h.html#3 21st Century ISA goals?
http://www.garlic.com/~lynn/2007h.html#7 The Mainframe in 10 Year

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sun, 23 Dec 2007 14:31:50 -0500
Quadibloc <jsavard@ecn.ab.ca> writes:
Of course, if one is less ambitious, one can manage time sharing without relocation hardware. Or is the extended memory management on a PDP-8/I, which did time-sharing of a sort under OS/8, a limited form of relocation hardware, since each 4K area was identical to user programs? If so, I guess it's one of your "other solutions".

that effectively was apl\360 implementation ... typically configured with 16k-32k "workspaces" ... apl\360 was loaded as large, long-running application (under os/360). apl\360 then managed its own interactive terminal operations, dispatching/scehduling, swapping workspaces in/out into the number of configured real memory locations.

i claimed that the full workspace swap impacted the design of the storage allocation/management in apl. basically on every assignment, a new location was allocated. when the end of the workspace was reached (and all available storge in the workspace was exhaused), apl would garbage collect ... compacting allocated space to contiguous area and reclaiming unallocated space.

cambridge science center
http://www.garlic.com/~lynn/subtopic.html#545tech

ported apl\360 to (cp67, single user) cms\apl running in virtual memory, paged environment. all the terminal management, dispatching/scheduling, swapping, etc was eliminated from the apl code (instead relying on the underlying cp67 code). the problem was that cms\apl now allowed workspaces as large as the virtual address space (which opened up a whole new class of apl applications rather than the typical toy things that could be implemented in the restricted 16k-32k byte workspaces).

The APL storage allocation & garbage collection strategy would then result in severe (virtual memory) paging characteristics ... since it quickly attempts to use/access the whole virtual memory address space. this implementation had to be changed for cp67/cms implementation to prevent cms\apl from continuously/frequently stomping on every available virtual page as frequently as possible.

as an aside, apl is an interpreted language and the apl\360 implementation could easily store all internal workspace addresses as "displacement" from the workspace origin (dynamically calculating the real address on the fly as needed).

misc. past posts mentioning cms\apl, apl\cms and HONE (an internal, online virtual machine based interactive timesharing service supporting sales and marketing world wide ... majority of the applications implemented in apl)
http://www.garlic.com/~lynn/subtopic.html#hone

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Sun, 23 Dec 2007 19:23:13 -0500
Brian Inglis <Brian.Inglis@SystematicSW.Invalid> writes:
Now usually called the Global Offset Table (GOT) in shared library code.

re:
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point mytes

when the vm370 development group picked up the shared segment extensions that i had done ... old email
http://www.garlic.com/~lynn/2006v.html#email731212
http://www.garlic.com/~lynn/2006w.html#email750102

... and released a small, restricted subset as something called DCSS in release 3 ...they propagated the problem mentioned here

Global Offset Tables
http://bottomupcs.sourceforge.net/csbu/x3633.htm

from above
Every time a new library were added to the system it would require allocation. Someone could potentially be a hog and write a huge library, not leaving enough space for other libraries! And chances are, your program doesn't ever want to use that library anyway.

Thus, if you modify the code of a shared library with a relocation, that code no longer becomes sharable. We've lost the advantage of our shared library.


... snip ...

in the move from 360/67 virtual memory to 370 virtual memory eliminated 32bit option ... leaving only 24bit/16mbyte virtual address spaces.

The small restricted subset in DCSS, effectively created a situation where each defined shared "library" had to have a predefined, unique virtual address (range). Given the 16mbyte virtual address space limit, the total, possible applications (that could be defined as "shared") was significantly larger. As a result, it quickly ran into virtual address conflicts between different potential shared (segment/memory) applications

lots of past posts about effort to build shared segment/library applications that were address/location independent
http://www.garlic.com/~lynn/submain.html#adcon

IBM mainframe history, was Floating-point myths

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM mainframe history, was Floating-point myths
Newsgroups: comp.arch,alt.folklore.computers
Date: Mon, 24 Dec 2007 09:53:40 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
... and released a small, restricted subset as something called DCSS in release 3 ...they propagated the problem mentioned here

Global Offset Tables
http://bottomupcs.sourceforge.net/csbu/x3633.htm


re:
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#49 IBM mainframe history, was Floating-point myths

other part of the discussion ... previous page to the above:
http://bottomupcs.sourceforge.net/csbu/x3544.htm

from above:
Position Independence

In an executable file, the code and data segment is given a specified base address in virtual memory. The executable code is not shared, and each executable gets its own fresh address space. This means that the compiler knows exactly where the data section will be, and can reference it directly.

Libraries have no such guarantee. They can know that their data section will be a specified offset from the base address; but exactly where that base address is can only be known at runtime.

Consequently all libraries must be produced with code that can execute no matter where it is put into memory, known as position independent code (or PIC for short). Note that the data section is still a fixed offset from the code section; but to actually find the address of data the offset needs to be added to the load address.


... snip ...

and as previously mentioned, these posts mention building solutions for position independent code in the early 70s
http://www.garlic.com/~lynn/submain.html#adcon

position independent code wiki reference
https://en.wikipedia.org/wiki/Position_independent_code

above also references for discussion of position independent code and global offset table:
http://www.iecc.com/linker/linker08.html

other references:

Introduction to Position Independent Code
http://www.gentoo.org/proj/en/hardened/pic-guide.xml

Position Independent Code internals
http://www.gentoo.org/proj/en/hardened/pic-internals.xml

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Mon, 24 Dec 2007 11:13:18 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
i have done q&d conversion of gcard ios3270 to html
http://www.garlic.com/~lynn/gcard.html

see calling & savearea convention
http://www.garlic.com/~lynn/gcard.html#50

the example assumes that R15 is already set to entry point ... allowing moving it to standard base register R12 and setting up using.

BALR/branch and link register ... normal calling convention loads entry address into R15 and does a

BALR R14,R15


re:
http://www.garlic.com/~lynn/2007v.html#38 Education ranking

and for some x-over with this thread on position/location independent code:
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#49 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#50 IBM mainframe history, was Floating-point myths

within assembler code
BALR R12,0
USING *,R12


dynamically obtain current location code (in register) and instructed the assembler to generate all (intra-module) instructions with relative displacements to contents of R12.

Location dependency showed up with "relocatable address constants" for moving between routines ... like
L R15,=A(SUBROUTINE)
BALR R14,R15


where "subroutine" is some external symbol in another routine. As part of loading the code, the "loader" resolves "subroutine" to an absolute address (defeating location independency).

So frequently the entry convention was something like


SUBROUTINE DS    0D
STM   R14,R12,12(R13)
LR    R12,R15
           USING SUBROUTINE,R12

above convention frequently could be used w/o having to do a BALR to establish current location (for module addressing).

So one of the things I did in early 70s for location independency was


L    R15,=A(SUBROUTINE-MYENTRY)
AR   R15,R12        ... R12 contains MYENTRY
           BALR R14,R15

the loaders were smart enough to perform address constant resolution involving a number of functions ... like subtraction or displacement between two addresses.

Both SUBROUTINE and MYENTRY would be "loaded" (resolved) into the same shared library code. As the loader was resolving relocation address constants ... it could resolve displacements (which could be either positive or negative ... and would be treated as 32bit signed integer ... even tho actual addressing was explicitly only 24bit). The value "=A(SUBROUTINE-MYENTRY)" then became a relative value and the actual (virtual address space specific) address was obtained by adding the address in register 12.

misc. other postings mentioning dealing with location independent code in the early 70s and traditional 360/370 system address conventions.
http://www.garlic.com/~lynn/submain.html#adcon

vm folklore, new, 40+ yr old technology

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: vm folklore, new, 40+ yr old technology
Date: Tue, 25 Dec 2007 07:52:25 -0500
Newsgroups: bit.listserv.vmesa-l
some recent posts in other venues on the new, 40+ yr old technology
https://financialcryptography.com/mt/archives/000988.html
http://www.garlic.com/~lynn/aadsm27.htm#66 2007: year in review
http://www.garlic.com/~lynn/aadsm28.htm#0 2007: year in review

i've only started work on the technology slightly less than 40yrs ago; last week in jan68, three people from the science center had come out and installed cp67 at the univ.

for other recent folklore thread ... this is series of posts of the precursor to DCSS work; that was converted from cp67 to vm370 ... but only a small subset was released (as part of DCSS) ... many of the features being eliminated (from DCSS product release), including location independent code (shared segments).

some related old email
http://www.garlic.com/~lynn/2006v.html#email731212
http://www.garlic.com/~lynn/2006w.html#email750102

recent discussion of location independent code
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#49 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#50 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#51 Education ranking

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com
Newsgroups: alt.folklore.computers
Date: Tue, 25 Dec 2007 09:10:54 -0800 (PST)
Subject: Re: folklore indeed
On Dec 25, 11:59 Christian Brunschen wrote:
You seem stuck on using the term 'mainframe'. These days, applications are often running distruibuted between different servers both for redundancy, for reusing some servers' services between different applications, and so on. You'd quite frequently run one set of applications on some set of servers, talking perhaps to database servers elsewhere - but the database being used by multiple different sets of application servers all at the same time. Or there may be multiple applications each running on one set of servers, all talking to each other.

Yes, the Client-Server model is in widespread use, and this model was initially developed in a mainframe context. But the client-server model has been developed far beyond the mainframe model. And with powerful computers at various places, you can combine the Client-Server and Peer-to-Peer models.


i contend that mainframe developed terminal emulation model ... and was one of the reasons that accelerated the uptake of PCs (businesses being able to buy PC for about the same price as 327x terminal, get both terminal emulation and some local computing in single desktop footprint), i actually had this argument with the mac developers before mac was announced).
http://www.garlic.com/~lynn/subnetwork.html#emulation

the problem was that as PCs got more powerful ... you saw departmental servers emerging in local area networks ... w/o cumbersome difficulty of having and/or dealing with mainframe datacenter (as alternative to mainframe terminal emulation model). there was some acceleration of the move to outboard servers ... because of the numerous limitations and difficulties of the terminal emulation interface. It was the difficulty of the terminal emulation interface in the mainframe market that significantly contributed to the emergence of client/server outboard of the mainframes and central datacenter.

the communication division had lots of installed equipment supporting the terminal emulation infrastructure and went to great lengths trying to protect/preserve that (customer) install base. We've claimed that "SAA" was part of that strategy ... and when we were out making customer executive presentations on multi-tier networking architecture ... encountered a lot of opposition from the communication division
http://www.garlic.com/~lynn/subnetwork.html#3tier

However, an enormous problem came along later when attempting to adapt those local networking operations to the internet. The local departmental server (business) operations were relatively safe environment with little or no hostile activity ... and as such had little or no countermeasures to attacks. It was relatively straight-forward to move these functional network operations to the internet .... however, it totally ignored the wild-west anarchy and hostile environment represented by the internet.

simple example was the DataHub project that was being done out in the san jose disk division. a lot of implementation and design work went on ... and at some point ... some of the implementation was subcontracted to a group (with some number of people associated with university) in provo under a work-for-hire contract. later, when the corporation decided to terminate the project, the group in provo was allowed to retain their implementation. Not too long later, there was corporation formed in provo that marketed a pc networking offering.

misc. past posts mentioning DataHub project
http://www.garlic.com/~lynn/2007f.html#17 Is computer history taught now?
http://www.garlic.com/~lynn/2007j.html#49 How difficult would it be for a SYSPROG ?
http://www.garlic.com/~lynn/2007n.html#21 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
http://www.garlic.com/~lynn/2007n.html#86 The Unexpected Fact about the First Computer Programmer
http://www.garlic.com/~lynn/2007p.html#35 Newsweek article--baby boomers and computers

i've mentioned that possibly part of our difficulty with the communication division (and out pitching multi-tier networking to customer executives while division was attempting to protect/preserve the terminal emulation market) was that in the early days of SNA ... my wife had co-authored AWP39 ... "peer-to-peer networking architecture", that the communication group seemed to feel was somewhat in competition with what they were doing. misc. past posts mentioning AWP39
http://www.garlic.com/~lynn/2007b.html#9 Mainframe vs. "Server" (Was Just another example of mainframe
http://www.garlic.com/~lynn/2007b.html#48 6400 impact printer
http://www.garlic.com/~lynn/2007d.html#55 Is computer history taugh now?
http://www.garlic.com/~lynn/2007h.html#35 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007h.html#39 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007l.html#62 Friday musings on the future of 3270 applications
http://www.garlic.com/~lynn/2007o.html#72 FICON tape drive?
http://www.garlic.com/~lynn/2007p.html#12 JES2 or JES3, Which one is older?
http://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007q.html#46 Are there tasks that don't play by WLM's rules
http://www.garlic.com/~lynn/2007r.html#10 IBM System/3 & 3277-1

one of my favorite examples of unanticipated difficulty of moving stuff to the internet was when we had been called in to consult with small client/server startup that wanted to do payments on their server.
http://www.garlic.com/~lynn/subnetwork.html#gateway

amoung other things they had this technology they called SSL: that they wanted to use. The "circuit-based" message formats had been translated to tcp/ip and some pilots had been deployed. One memorable situation was a merchant reporting a problem ... and after three hrs of investigation ... the trouble ticket was closed as NTF (no trouble found ... i.e. and/or couldn't identify). This was a situation where the nominal first level problem determination would take five minutes elapsed time in the circuit-based environment.

Somewhat as a result, we spent quite awhile developing a whole set of compensating procedures and corresponding documentation for the internet environment (this was at a time when business critical dataprocessing and service level aggreements were unheard of in the internet environment). In this period ... we would periodically preach that to take a well designed and tested application and move into a "service" typically took 4-10 times the (original development/test) effort ... misc. past references
http://www.garlic.com/~lynn/2007f.html#37 Is computer history taught now?
http://www.garlic.com/~lynn/2007g.html#51 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
http://www.garlic.com/~lynn/2007h.html#78 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007n.html#10 The top 10 dead (or dying) computer skills
http://www.garlic.com/~lynn/2007n.html#76 PSI MIPS
http://www.garlic.com/~lynn/2007n.html#77 PSI MIPS
http://www.garlic.com/~lynn/2007o.html#23 Outsourcing loosing steam?
http://www.garlic.com/~lynn/2007p.html#54 Industry Standard Time To Analyze A Line Of Code

Another example of the poor defenses and countermeasures to anarchy and hostile internet are recent articles claiming possibly one in five machines (connected to the internet) in the world today are compromised ... recent posts mentioning compromises
http://www.garlic.com/~lynn/2007u.html#11 Public Computers
http://www.garlic.com/~lynn/2007u.html#15 Public Computers
http://www.garlic.com/~lynn/2007u.html#47 folklore indeed
http://www.garlic.com/~lynn/2007u.html#58 folklore indeed
http://www.garlic.com/~lynn/2007u.html#59 folklore indeed
http://www.garlic.com/~lynn/2007u.html#68 folklore indeed
http://www.garlic.com/~lynn/2007u.html#76 folklore indeed
http://www.garlic.com/~lynn/2007v.html#2 folklore indeed
http://www.garlic.com/~lynn/2007v.html#6 Ironkey
http://www.garlic.com/~lynn/2007v.html#8 Virtualization still hot, death of antivirus software imminent
http://www.garlic.com/~lynn/aadsm27.htm#66 2007: year in review
http://www.garlic.com/~lynn/aadsm28.htm#0 2007: year in review

An old fashioned Christmas

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: An old fashioned Christmas
Newsgroups: alt.folklore.computers
Date: Tue, 25 Dec 2007 22:50:13 -0500
John Varela <OLDlamps@verizon.net> writes:
The above was created at least 20 years ago for sending greetings over PROFS.

I hope it comes out of this braindead modern news reader in the proper format. Fixed width font required, of course.


i have xmas (rex) exec originally from 1981 that somebody sent (before rexx was released as product) ... if it was 3279, rex>=2.50, and had FSX, it would draw a (simple) tree on the screen using "*" and blink different "*" in different colors ... and below the tree display:

msg1 = center("Best wishes for",msglen)
msg2 = center("a",msglen)
msg3 = center("Happy Holiday Season",msglen)
msg4 = center("and a",msglen)
msg5 = center("Happy, Healthy, and Prosperous",msglen)

.....

attempt to reproduce a little of the effect with <blink> (YMMV):

*
***
            *****
*******
          *********
***********
*************
***************
      *****************
*******************
    *********************
***********************
*************************
***************************
*****************************
|||
             |||
|||
|||

Best wishes for a Happy Holiday Season a Happy, Healthy, and Prosperous

this wasn't the xmas exec (worm) from dec87, mentioned in this post
http://www.garlic.com/~lynn/2007u.html#87 CompUSA to Close after Jan. 1st 2008

i've mentioned before there were some number of issues with PROFS. The PROFS group had taken source of an early, prerelease, limited function VMSG (email client) and wrapped PROFS menus around it ... as the PROFS email function.

When the original VMSG author raised some issues, including offering a much more comprehensive version of VMSG, the PROFS group denied everything (there was even various kinds of threats). It was then pointed out to the PROFS group, that every VMSG email sent (including all sent PROFS email) carried the VMSG author's initials in an email control header field.

misc. past posts mentioning PROFS & VMSG:
http://www.garlic.com/~lynn/2007b.html#14 Just another example of mainframe costs
http://www.garlic.com/~lynn/2007b.html#31 IBMLink 2000 Finding ESO levels
http://www.garlic.com/~lynn/2007b.html#32 IBMLink 2000 Finding ESO levels
http://www.garlic.com/~lynn/2007d.html#17 Jim Gray Is Missing
http://www.garlic.com/~lynn/2007e.html#4 The Genealogy of the IBM PC
http://www.garlic.com/~lynn/2007f.html#13 Why is switch to DSL so traumatic?
http://www.garlic.com/~lynn/2007j.html#50 Using rexx to send an email
http://www.garlic.com/~lynn/2007p.html#29 Newsweek article--baby boomers and computers

An old fashioned Christmas

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: An old fashioned Christmas
Newsgroups: alt.folklore.computers
Date: Wed, 26 Dec 2007 06:58:50 -0500
Justa Lurker <JustaLurker@att.net> writes:
No disrespect meant, but did people really care about stuff like that [e.g., someone's initials in a protocol header field] ? Seems awfully petty to me. Human nature being what it is, I can believe it of course....but was it the worker bees who made a fuss over it or some pointy-headed IBM boss ?

re:
http://www.garlic.com/~lynn/2007v.html#54 An old fashioned Christmas

no, people in the PROFS group had claimed that they had written the VMSG code (even corporate awards based on the claim) and even tried to get the real VMSG author fired (aka the threat reference in the post) ... so that their claim wouldn't be disputed. The real VMSG author's initials in every PROFS email was supporting evidence as to the "real" author and helped blunt the efforts attempting to fire the author (not getting fired was a big deal to the author).

misc past posts mentioning PROFS and VMSG
http://www.garlic.com/~lynn/2000c.html#46 Does the word "mainframe" still have a meaning?
http://www.garlic.com/~lynn/2001k.html#35 Newbie TOPS-10 7.03 question
http://www.garlic.com/~lynn/2001k.html#39 Newbie TOPS-10 7.03 question
http://www.garlic.com/~lynn/2001k.html#40 Newbie TOPS-10 7.03 question
http://www.garlic.com/~lynn/2002h.html#58 history of CMS
http://www.garlic.com/~lynn/2002h.html#64 history of CMS
http://www.garlic.com/~lynn/2002p.html#34 VSE (Was: Re: Refusal to change was Re: LE and COBOL)
http://www.garlic.com/~lynn/2003b.html#45 hyperblock drift, was filesystem structure (long warning)
http://www.garlic.com/~lynn/2003j.html#56 Goodbye PROFS
http://www.garlic.com/~lynn/2004p.html#13 Mainframe Virus ????
http://www.garlic.com/~lynn/2005t.html#43 FULIST
http://www.garlic.com/~lynn/2006n.html#23 sorting was: The System/360 Model 20 Wasn't As Bad As All That
http://www.garlic.com/~lynn/2007f.html#13 Why is switch to DSL so traumatic?
http://www.garlic.com/~lynn/2007p.html#29 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007v.html#54 An old fashioned Christmas

An old fashioned Christmas

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: An old fashioned Christmas
Newsgroups: alt.folklore.computers
Date: Wed, 26 Dec 2007 08:03:53 -0500
re:
http://www.garlic.com/~lynn/2007v.html#55 An old fashioned Christmas

and now for something a little different, i've modified the archived copy of the previous post attempting to approx. the effect of the original exec ... using html blink
http://www.garlic.com/~lynn/2007v.html#54 An old fashioned Christmas

folklore indeed

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 26 Dec 2007 08:47:44 -0500
jmfbahciv writes:
Yup. It still does. That's why groups will want to isolate their [I'll call it] data from the rest of the world. In many cases, this will be contractual or a matter of national security. It's the same thing that was happening in the early 70s when kids started using TTYs to call up the university computer center. <snip>

re:
http://www.garlic.com/~lynn/2007v.html#53 folklore indeed

a little discussion here of virtualization and virtual machine security in that period:
https://financialcryptography.com/mt/archives/000988.html
http://www.garlic.com/~lynn/aadsm27.htm#66 2007: year in review
http://www.garlic.com/~lynn/aadsm28.htm#0 2007: year in review

and
http://web.archive.org/web/20090117083033/http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml

the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

had quite a few non-employees accessing the cp67 system from the surrounding colleges/univs in the boston/cambridge area. I've mentioned before this causing some amount of security concerns.

one of the issues was that the science center had ported apl\360 to cms (cms\apl) and opened up the apl workspace size (from typical apl\360 of 16k or possibly 32k bytes) to virtual address space size ... recent reference:
http://www.garlic.com/~lynn/2007v.html#0 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#48 IBM mainframe history, was Floating-point myths

allowing something more than simple toy (apl) applications. during this period, apl was frequently used for modeling work and/or business applications that today are implemented using spreadsheets.

the larger workspace sizes attracted some of the business planning people from corporate hdqtrs in armonk. they started doing corporate business modeling ... using the cambridge system by terminals remotely from armonk. they also shipped to cambridge, tapes containing the highest sensitive/valued corporate customer information for processing in their models. having students from local area and the most senstive corporate information on the same system concurrently required some level of security.

another situation was the work on simulating 370 virtual machines (and 370 virtual memory) using the cambridge cp67 system ... before 370 virtual memory had been announced to customers (and was supposedly another closely guarded corporate secret) ... and/or even before there was 370 hardware supporting virtual memory. The 370 virtual machine capability supporting 370 virtual memory was up and operational a year before the first engineering 370 (370/145 in endicott) with virtual memory support was operational. again there was some security issues regarding local students and other non-employees accessing the cambridge cp67 system concurrently while all this other stuff was going on.

... countdown topic drift ... a month to go before it has been 40yrs since three people from the science center came out to install cp67 at the univ (last week in jan68).

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 26 Dec 2007 10:55:38 -0500
Morten Reistad <first@last.name> writes:
I just wish we could tell her some good news from the other side of this time tunnel. That computing is a commodity now, and that the view from the sidelines is a pretty inaccurate one.

If you run a BMW-designed engine, you _are_ running Linux. Multiple copies, actually.


a lot of the automobile business is commodities ... with nearly all the profit coming off the financial services end (i.e. loans) ... there have been jokes about the cars just an excuse to sell the loans ... past ref:
http://www.garlic.com/~lynn/2007i.html#62 John W. Backus, 82, Fortran developer, dies

of course, some amount of the loan business is coming into disrepute with all the problems in various credit instruments
http://www.garlic.com/~lynn/2007v.html#25 Newsweek article--baby boomers and computers

BMW picked up one of the Utah ILCs for their loan business; past post:
http://www.garlic.com/~lynn/2007i.html#42 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#47 John W. Backus, 82, Fortran developer, dies

a reference ... listing some of utah ILCs (including BMW):
http://www.dfi.state.ut.us/IBSlist.htm

nominally w/o a national bank ... in order to do loans ... a separate institution would have to be chartered in every state. ILCs opened up being able to offer loans nationally w/o having to form 50 separate institutions. some discussion:
http://uba.affiniscape.com/displaycommon.cfm?an=24
http://uba.affiniscape.com/displaycommon.cfm?an=1&subarticlenbr=134

Researcher: Info overload costs economy

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Researcher: Info overload costs economy
Newsgroups: alt.folklore.computers
Date: Wed, 26 Dec 2007 11:48:35 -0500
Researcher: Info overload costs economy
http://news.yahoo.com/s/ap/20071226/ap_on_hi_te/techbit_information_overload

from above:
Workers get disoriented every time they stop what they are doing to reply to an e-mail or answer a follow-up phone call because they didn't reply within minutes. Spira said workers can spend 10 to 20 times the length of the original interruption trying to get back on track.

... snip ...

in the late 70s and early 80s ... we used the asynchronous interrupt overhead argument (from phone calls) as justification for email ... i.e. email didn't require interrupting what you were doing (way before little things like sound alerts for arriving email) ... of course it was also contributed to working offshift and weekends (again to avoid the various interrupts that typically occur during prime shift).

for more email drift ... various old email mostly from 20-30 yrs ago
http://www.garlic.com/~lynn/lhwemail.html

and old posts referring to cmc (computer mediated communication), including posts mentioning company paying a researcher to study how i communicated (they sat in the back of my office for nine months, taking notes on how i communicated, face-to-face, telephone, email, instant messages, etc ... they were provided copies of all my incoming/outgoing email and instant messages) ... material was also used for stanford phd thesis and some subsequent papers and books:
http://www.garlic.com/~lynn/subnetwork.html#cmc

Credit Card Details

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Credit Card Details
Newsgroups: microsoft.public.security
Date: Wed, 26 Dec 2007 12:21:21 -0500
"Griff" <griffithsj_520@hotmail.com> writes:
If sensitive information (such as a credit card) has to be saved to a database then there is a duty of care to protect this information.

If the data is saved in plain text, then there is a concern that a hacker gaining access to the server will therefore gain access to the credit card data.

One option is therefore to encrypt it. This means that the data is stored on the server in an encrypted format. However, at some stage, the software will legitimately need to decrypt the data in order to use this information. To achieve this, it has to have access to the key to decrypt the information. If the software has access to this decryption key then surely so will any hacker. It would be equivalent to buying a secure safe and hanging the keys next to it.

There must be a more secure implementation - could someone describe it>


in the x9a10 financial standard working group for the x9.59 standard ... it eliminated information from previous financial transactions as a vulnerability.
http://www.garlic.com/~lynn/x959.html#x959

the current situation places diametrically opposing requirements on the credit card information ... 1) it has to be readily available for large number of different business processes (not just the initial transaction) and 2) because the same information can be used by crooks for fraudulent transactions ... the information has to be kept confidential and never divulged. this is source of our periodic comments in the past that even if the planet was buried under miles of encryption ... it still wouldn't prevent information leakage.

we had been called into consult with small client/server startup that wanted to do payments on their server ... they had this technology called SSL they wanted to use ... and it is now frequently referred to as electronic commerce
http://www.garlic.com/~lynn/subnetwork.html#gateway

one of the issues was that the application of SSL was only able to hide the transaction information while it was being transmitted thru the internet ... and didn't do anything to address the major points of exploits.

we were then dragged into working in the x9a10 financial standard working group which in the mid-90s had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments.

Apple files patent for WGA-style anti-piracy tech

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Apple files patent for WGA-style anti-piracy tech
Newsgroups: alt.folklore.computers
Date: Wed, 26 Dec 2007 14:17:39 -0500
Apple's Antipiracy Patent Similar To Microsoft's WGA
http://www.informationweek.com/news/showArticle.jhtml?articleID=205601557

from above:
The application, titled "Run-Time Code Injection To Perform Checks," describes a DRM system that validates the authenticity of the software maker's products.

... snip ...

re:
http://www.garlic.com/~lynn/2007v.html#30 Apple files patent for WGA-style anti-piracy tech
http://www.garlic.com/~lynn/2007v.html#37 Apple files patent for WGA-style anti-piracy tech

i've mentioned before about in the early 80s looking at putting some sort of crypto, tamper-evident chip on PC motherboard as piracy countermeasure.

old email referencing conjecturing that something similar was being planned for LISA
http://www.garlic.com/~lynn/2007b.html#email830213

in the later 80s, applications (installed on hard disk) would check for specially encoded floppy disk (in drive) as an anti-piracy measure.

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Wed, 26 Dec 2007 14:47:58 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
some of this could be related to the walmart (joined by other merchants) class action antitrust suit against the card associations ...

re:
http://www.garlic.com/~lynn/2007u.html#0 folklore indeed

latest round:

EU set to rule MasterCard interchange fees illegal next week - sources
http://money.cnn.com/news/newsfeeds/articles/newstex/AFX-0013-21665460.htm Regulators about to rule on interchange -watch this closely
http://www.finextra.com/community/fullblog.aspx?id=799
EC orders MasterCard to drop interchange fee structure
http://www.finextra.com/fullstory.asp?id=17879
European Commission Moves Against MasterCard Interchange Fees
http://www.paymentsnews.com/2007/12/european-commis.html
MasterCard Europe to Challenge European Commission Decision
http://www.paymentsnews.com/2007/12/mastercard-euro.html
MasterCard appeals to consumers over interchange ruling
http://www.finextra.com/fullstory.asp?id=17887
NRF Says U.S. Should Follow European Ruling re: Interchange Fees
http://www.paymentsnews.com/2007/12/nrf-says-us-sho.html

and ..

NRF Says U.S. Should Follow European Ruling Ordering MasterCard to Withdraw Hidden Credit Card Fee
http://www.nrf.com/modules.php?name=News&op=viewlive&sp_id=440

from above ...
"European authorities say MasterCard is double dipping in Europe, and that's exactly what we think both MasterCard and Visa are doing here in the U.S.," NRF Senior Vice President and General Counsel Mallory Duncan said. "Visa and MasterCard are charging billions of dollars directly to consumers for all the fees that show up on their monthly statements, then they turn around and charge billions more from the hidden credit card fees they force merchants to include in the price of merchandise."

... snip ...

other recent posts mentioning interchange fees:
http://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#56 old lisa info
http://www.garlic.com/~lynn/2007b.html#64 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#24 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#38 IBM System z9
http://www.garlic.com/~lynn/2007g.html#43 Wylbur and CRBE
http://www.garlic.com/~lynn/2007g.html#57 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
http://www.garlic.com/~lynn/2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007i.html#17 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#32 ANN: Microsoft goes Open Source
http://www.garlic.com/~lynn/2007i.html#47 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#59 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#72 Free Checking
http://www.garlic.com/~lynn/2007j.html#66 Help settle a job title/role debate
http://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007m.html#24 Does socket represent an interface between ... ?
http://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use
http://www.garlic.com/~lynn/2007p.html#43 what does xp do when system is copying
http://www.garlic.com/~lynn/2007r.html#31 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007r.html#40 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007s.html#64 Is the media letting banks off the hook on payment card security

An old fashioned Christmas

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: An old fashioned Christmas
Newsgroups: alt.folklore.computers
Date: Wed, 26 Dec 2007 18:52:49 -0500
re:
http://www.garlic.com/~lynn/2007v.html#54 An old fashioned Christmas
http://www.garlic.com/~lynn/2007v.html#55 An old fashioned Christmas
http://www.garlic.com/~lynn/2007v.html#56 An old fashioned Christmas

they could obfuscate the issue of authorship and complain to his management that the person was interfering with a legitimate product.

a flavor of the situation Jim also mentioned
http://www.garlic.com/~lynn/2007d.html#email800920

referenced in this post
http://www.garlic.com/~lynn/2007d.html#17 Jim Gray Is Missing

as mentioned in numerous of the previously referenced postings regarding VMSG ... after the sequence of incidents ... the VMSG source was then restricted to three people (other than the author), including the person that happened to have sent me the xmas exec (mentioned in the original post) and me ... limiting people with vmsg source also mentioned here
http://www.garlic.com/~lynn/2002j.html#4 HONE, ****, misc

something similar (but different) happened to Theo Alkema involving FULIST, BROWSE, and IOS3270 ... some reference here
http://www.garlic.com/~lynn/2001f.html#8 Theo Alkema
http://www.garlic.com/~lynn/2001f.html#9 Theo Alkema
http://www.garlic.com/~lynn/2001f.html#21 Theo Alkema

for some topic drift, above mentions working with FULIST, BROWSE, and IOS3270, not only to place in shared segment ... but also change the code so it was location independent ... in this recent thread:
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#49 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#50 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#51 Education ranking
http://www.garlic.com/~lynn/2007v.html#52 vm folklore, new, 40+ yr old technology

for even more topic drift, it also mentions CKD CCW sequence used by HONE
http://www.garlic.com/~lynn/subtopic.html#hone
to implement compare&swap semantics and single system image ... mentioned in this thread:
http://www.garlic.com/~lynn/2007v.html#47 MTS memories

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 27 Dec 2007 13:43:52 -0500
Steve O'Hara-Smith <steveo@eircom.net> writes:
Probably not though - the whole business has changed scale dramatically.

re:
http://www.garlic.com/~lynn/2007v.html#53 folklore indeed
http://www.garlic.com/~lynn/2007v.html#57 folklore indeed

when we were called in to consult with small client/server startup that wanted to do payments on their server
http://www.garlic.com/~lynn/subnetwork.html#gateway

and then later working on x9a10 financial standards working group on x9.59
http://www.garlic.com/~lynn/x959.html#x959

which in the mid-90s had been given the requirement to preserve the integrity of the financial infrastructure for ALL retail payments

... we actually were required to design speeds&feeds for peak period activity during peak season processing for ALL retail payments ... not just debit, not just credit, not just internet, not just stored-value, and not just atm ... ALL whereever they might originate anywhere in the world ... looking at complete end-to-end provisioning.

now scale-up end-to-end provisioning isn't just speeds&feeds as soemwhat referenced in this post ... with respect to compensating procedures:
http://www.garlic.com/~lynn/2007v.html#53 folklore indeed

for a little folklore ... we had dealt some with a webhosting operation who had mentioned that they had ten electronic commerce sites that all had more hits per month than the number one website listed in the popular monthly top sites of hits/month (the explanation was that they had no need to participate in such popularity publicity) ... old reference (mentions a number of things including large webhosting operation):
http://www.garlic.com/~lynn/aadsm15.htm#2 Is cryptography where security took the wrong branch?

for little more topic drift, these are posts looking at some of the other efforts from the 90s ... looking at how they were much more toy demos ... and inability to scaleup to handling ALL world-wide retail payments
http://www.garlic.com/~lynn/subpubkey.html#bloat

part of this is background from our ha/cmp product
http://www.garlic.com/~lynn/subtopic.html#hacmp

not only being able to address things like five-nines availability and disaster survivability
http://www.garlic.com/~lynn/submain.html#available

but also massive scaleup ... mentioned in these old emails about scaleup work in ha/cmp project
http://www.garlic.com/~lynn/lhwemail.html#medusa

or in these referenced posts
http://www.garlic.com/~lynn/95.html#13
http://www.garlic.com/~lynn/96.html#15

the "toy demo" characteristic of much activity in the 90s is also mentioned in these recent threads regarding straight-through processing solutions for addressing overnight batch window bottleneck that is characteristics of numerous financial transaction infrastructures:
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#37 folklore indeed
http://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#61 folklore indeed
http://www.garlic.com/~lynn/2007v.html#19 Education ranking
http://www.garlic.com/~lynn/2007v.html#27 folklore indeed

with respect to internet-specific ... from the view-point of the toy demo crowd ... we tended to seriously over provision ... since they usually didn't have any serious background in commercial, industrial strength dataprocessing and associated speeds&feeds.

we had one instance where a very large operation wanted to put up a large scale internet facility and the executive had directed that it would be done using NT-based platforms. we had done the speeds&feeds and NT didn't even come close to meeting the expected activity. Convincing their employees took a little time ... but then they elected me to make the presentation to their executive. Before I actually had to follow-thru, middle management decided to "manage" the situation by stating that internet activity would be controlled in such a way that it never exceeded the thruput capacity of the NT-platforms (and NT-based technology improvements would be matched by increases in internet activity).

a small topic drift mentioned here ... looking at small contribution to addressing a particular overnight batch window bottleneck involving large cobol application running on 40+ max. configured mainframes (CECs) ... around $30m per.
http://www.garlic.com/~lynn/2007f.html#47 Is computer history taught now?
http://www.garlic.com/~lynn/2007f.html#48 Is computer history taught now?
http://www.garlic.com/~lynn/2007l.html#20 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007n.html#67 least structured statement in a computer language. And the winner
http://www.garlic.com/~lynn/2007u.html#21 Distributed Computing

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Thu, 27 Dec 2007 16:10:29 -0500
John T Maguire <maine.photographerATgmail.com> writes:
Macs have only had pre-emptive multitasking since 2001, that's not decades...

sort of depends on how the semantics are applied ... the technology that apple moved to, MACH ... had been done in the 80s at CMU.

we watched some of this because of corporate funding that went on at both MIT and CMU ... and getting visits to review activities ... misc past references:
http://www.garlic.com/~lynn/2000e.html#27 OCF, PC/SC and GOP
http://www.garlic.com/~lynn/2001.html#44 Options for Delivering Mainframe Reports to Outside Organizat ions
http://www.garlic.com/~lynn/2001.html#49 Options for Delivering Mainframe Reports to Outside Organizat ions
http://www.garlic.com/~lynn/2001b.html#81 36-bit MIME types, PDP-10 FTP
http://www.garlic.com/~lynn/2001f.html#11 Climate, US, Japan & supers query
http://www.garlic.com/~lynn/2001f.html#22 Early AIX including AIX/370
http://www.garlic.com/~lynn/2001f.html#59 JFSes: are they really needed?
http://www.garlic.com/~lynn/2001g.html#66 [OT] Root Beer (was YKYBHTLW....)
http://www.garlic.com/~lynn/2004n.html#9 RISCs too close to hardware?
http://www.garlic.com/~lynn/2004n.html#19 RISCs too close to hardware?
http://www.garlic.com/~lynn/2005c.html#44 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2005d.html#20 shared memory programming on distributed memory model?
http://www.garlic.com/~lynn/2005j.html#13 Performance and Capacity Planning
http://www.garlic.com/~lynn/2005j.html#26 IBM Plugs Big Iron to the College Crowd
http://www.garlic.com/~lynn/2005q.html#14 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2005r.html#43 Numa-Q Information
http://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
http://www.garlic.com/~lynn/2006c.html#11 Mainframe Jobs Going Away
http://www.garlic.com/~lynn/2006c.html#42 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006c.html#43 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006h.html#56 The Pankian Metaphor
http://www.garlic.com/~lynn/2006l.html#43 One or two CPUs - the pros & cons
http://www.garlic.com/~lynn/2006m.html#0 Mainframe Linux Mythbusting
http://www.garlic.com/~lynn/2006m.html#14 The AN/FSQ-31 Did Exist?!
http://www.garlic.com/~lynn/2006q.html#24 "25th Anniversary of the Personal Computer"
http://www.garlic.com/~lynn/2007d.html#14 Unix magic poster
http://www.garlic.com/~lynn/2007d.html#16 "The Elements of Programming Style"
http://www.garlic.com/~lynn/2007g.html#70 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007i.html#26 Latest Principles of Operation
http://www.garlic.com/~lynn/2007l.html#1 The top 10 dead (or dying) computer skills
http://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database

Public Computers

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Public Computers
Newsgroups: alt.folklore.computers
Date: Thu, 27 Dec 2007 18:46:24 -0500
Morten Reistad <first@last.name> writes:
You get them with Atmel fingerprint scanners too.

past posts in this (sub?) thread:
http://www.garlic.com/~lynn/2007u.html#5 Public Computers
http://www.garlic.com/~lynn/2007u.html#7 Public Computers
http://www.garlic.com/~lynn/2007u.html#11 Public Computers
http://www.garlic.com/~lynn/2007u.html#15 Public Computers
http://www.garlic.com/~lynn/2007u.html#31 Public Computers

recent news:

NIST gives nod to on-card biometric matching
http://www.gcn.com/online/vol1_no1/45580-1.html
Match-on-card has gained new interest from NIST for FIPS201 and TWIC
http://www.secureidnews.com/news/2007/12/27/matchoncard-has-gained-new-interest-from-nist-for-fips201-and-twic/

we had done some work on this a couple yrs ago:
http://www.garlic.com/~lynn/2002n.html#25 Help! Good protocol for national ID card?
http://www.garlic.com/~lynn/2002o.html#62 Certificate Authority: Industry vs. Government
http://www.garlic.com/~lynn/2004b.html#28 Methods of Authentication on a Corporate

one of the issues discovered fairly early was that various electronic authentication cards weren't working as well as expected in non-white-collar and external/outside work environments especially harsh weather conditions.

Alexander Graham Bell - Patent Thief?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Alexander Graham Bell - Patent Thief?
Newsgroups: alt.folklore.computers
Date: Fri, 28 Dec 2007 04:34:40 -0500
fundamental principles of the American way of life

Alexander Graham Bell, Patent Thief? - Telecom patent fights as old as the telephone itself...
http://www.dslreports.com/shownews/Alexander-Graham-Bell-Patent-Thief-90521
Alexander Graham Bell - Patent Thief?
http://science.slashdot.org/science/07/12/27/1342258.shtml
Technology: Bell Stole Phone Ideas, New Book Claims
http://www.technewsworld.com/story/60945.html
Book claims Bell copied telephone invention
http://www.zdnetasia.com/news/communications/0,39044192,62035894,00.htm
New Book Accuses Alexander Graham Bell Of Stealing Phone Idea
http://www.allheadlinenews.com/articles/7009553270
"The Telephone Gambit" - Chasing Alexander Graham Bell's Secret
http://www.imperialvalleynews.com/index.php?option=com_content&task=view&id=586&Itemid=1

It keeps getting uglier

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: It keeps getting uglier
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 28 Dec 2007 04:50:01 -0500
jbaker314@COMPORIUM.NET (John P. Baker) writes:
The Diagnose instruction has been documented in every Principles of Operation manual issued for the S/360 architecture and for all subsequent superseding architectures, and in every case, has specifically stated that the functions performed by the Diagnose instruction are not published, but may impact any and all aspects of system operation, and if invoked by a user application built without access to that unpublished documentation, may negatively impact the proper functioning of the machine, requiring a Power On Reset and/or the assistance of a Hardware Support Engineer to bring the system back into proper working order.

re:
http://www.garlic.com/~lynn/2007v.html#21 It keeps getting uglier

it also says that the operation of the diagnose may be model dependent.

less than a month since it has been 40yrs since I was introduced to (virtual machine) cp67 system ... three people came out to the university from cambridge science center
http://www.garlic.com/~lynn/subtopic.html#545tech

to install cp67. while an undergraduate I did a lot of rework and optimization of the cp67 kernel. i had also done a lot of work on os/360 optimization ... for the workload at the univ. i gave a presentation at the fall68 share meeting in Atlantic City on some of that work ... part of that presentation
http://www.garlic.com/~lynn/94.html#18 CP/67 & OS MFT14

one of the other things i did was develop a fast-path ccw translation for cms disk i/o when running in a virtual machine (original cms was implemented to be able to run on bare 360/40). I did this by defining a new channel program op-code for disk read/writes ... which acted as an immediate operation ... held the virtual SIO "busy" until the operation had completed and then presented CC=1, CSW STORED.

I got some grief from the people at the science center since i was violating the 360 principles of operation. however, it was a useful performance improvement ... and so it was explained to me that I could "use" the diagnose instruction ... since the diagnose instruction was defined as being model dependent ... and for CP67 ... an artificial virtual machine 360 model could be defined where the diagnose instruction acted as defined by CP67 (w/o violating the principles of operation).

misc. past posts mentioning model dependent diagnose instruction:
http://www.garlic.com/~lynn/96.html#23 Old IBM's
http://www.garlic.com/~lynn/2001b.html#32 z900 and Virtual Machine Theory
http://www.garlic.com/~lynn/2002d.html#31 2 questions: diag 68 and calling convention
http://www.garlic.com/~lynn/2002h.html#62 history of CMS
http://www.garlic.com/~lynn/2003.html#60 MIDAS
http://www.garlic.com/~lynn/2003k.html#52 dissassembled code
http://www.garlic.com/~lynn/2003m.html#36 S/360 undocumented instructions?
http://www.garlic.com/~lynn/2003p.html#9 virtual-machine theory
http://www.garlic.com/~lynn/2004.html#8 virtual-machine theory
http://www.garlic.com/~lynn/2004d.html#66 System/360 40 years old today
http://www.garlic.com/~lynn/2004q.html#72 IUCV in VM/CMS
http://www.garlic.com/~lynn/2005b.html#23 360 DIAGNOSE
http://www.garlic.com/~lynn/2005j.html#54 Q ALLOC PAGE vs. CP Q ALLOC vs ESAMAP
http://www.garlic.com/~lynn/2007f.html#33 Historical curiosity question
http://www.garlic.com/~lynn/2007p.html#72 A question for the Wheelers - Diagnose instruction

Controlling COBOL DDs named SYSOUT

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Controlling COBOL DDs named SYSOUT
Newsgroups: alt.folklore.computers
Date: Fri, 28 Dec 2007 05:04:38 -0500
edgould1948@COMCAST.NET (Ed Gould) writes:
Ted,

Good story. I think most have had similar stories. I definitely can identify with the records contain item. Somewhere in the dark past a fellow sysprog wrote a program to find those types of *STUPID* errors in the source. It worked when source was kept in a PDS but could not touch Panvalet. There was (IS?) an option in Pan to create a PDS from Panvalet and I actually found 23 programs that did that. We got that changed in the programs (after some political grief) and the production cycle dropped by 2 hours. The programmers took the credit, another political gaff. The management turned around and said they didn't need a new CPU so 6 months go by and again we are hitting the "window" (options market doesn't open if we don't get done by the window and we get fined big time) I dive back in and find even more of the damn of the records contains programs. This time I play the cards so I bypass my management and talk with the CEO. It took 25 minutes of explaining what the problem was and he goes ballistic and he calls the VPs' in and reads them the riot act and by gosh that is what it took. This time we got the pats on the back and $$ as a bonus. I did not like how the bonus's were divvied up but did not say anything. Politics again trumps all.

Ed


a little of the overnight batch window from mainframe newsgroup/mailing-list.

there is actually a couple recent threads that have been going on ... frequently touching on experiences improving batch performance in order to stay within the overnight batch window.

recent posts mentioning overnight batch window ...
http://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
http://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#20 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#37 folklore indeed
http://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#61 folklore indeed
http://www.garlic.com/~lynn/2007v.html#19 Education ranking
http://www.garlic.com/~lynn/2007v.html#27 folklore indeed
http://www.garlic.com/~lynn/2007v.html#64 folklore indeed

folklore indeed

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Fri, 28 Dec 2007 08:58:25 -0500
jmfbahciv writes:
Yet mompops are supposed to be more sophisticated than TJMax. That's what I'm getting told by the peanut gallery :-).

and our theme ... dating back before attempting to do a paradigm change with x9.59 financial standard
http://www.garlic.com/~lynn/x959.html#x959

in the x9a10 financial standard working group that in the mid-90s had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments.

sort of our periodic quip that (with the current paradigm), the planet could be buried under miles of (information hiding) encryption and still not prevent information leakage.
http://www.garlic.com/~lynn/aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
http://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
http://www.garlic.com/~lynn/aadsm24.htm#38 Interesting bit of a quote
http://www.garlic.com/~lynn/aadsm24.htm#48 more on FBI plans new Net-tapping push
http://www.garlic.com/~lynn/aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
http://www.garlic.com/~lynn/aadsm26.htm#8 What is the point of encrypting information that is publicly visible?
http://www.garlic.com/~lynn/aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
http://www.garlic.com/~lynn/2005u.html#3 PGP Lame question
http://www.garlic.com/~lynn/2005v.html#2 ABN Tape - Found
http://www.garlic.com/~lynn/2006c.html#35 X.509 and ssh
http://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
http://www.garlic.com/~lynn/2006h.html#15 Security
http://www.garlic.com/~lynn/2006o.html#37 the personal data theft pandemic continues
http://www.garlic.com/~lynn/2006p.html#8 SSL, Apache 2 and RSA key sizes
http://www.garlic.com/~lynn/2006t.html#40 Encryption and authentication
http://www.garlic.com/~lynn/2006u.html#43 New attacks on the financial PIN processing
http://www.garlic.com/~lynn/2006v.html#2 New attacks on the financial PIN processing
http://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that increases password security
http://www.garlic.com/~lynn/2006y.html#25 "The Elements of Programming Style"
http://www.garlic.com/~lynn/2007b.html#8 Special characters in passwords was Re: RACF - Password rules
http://www.garlic.com/~lynn/2007b.html#20 How many 36-bit Unix ports in the old days?
http://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#33 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#53 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
http://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007i.html#65 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007k.html#76 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007n.html#85 PCI Compliance - Encryption of all non-console administrative access
http://www.garlic.com/~lynn/2007o.html#28 EZPass: Yes, Big Brother IS Watching You!
http://www.garlic.com/~lynn/2007r.html#21 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007r.html#24 How to tell a fake SSL certificate from a real one
http://www.garlic.com/~lynn/2007s.html#16 The new urgency to fix online privacy
http://www.garlic.com/~lynn/2007v.html#60 Credit Card Details

Education ranking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Education ranking
Newsgroups: alt.folklore.computers
Date: Sat, 29 Dec 2007 08:39:21 -0500
jmfbahciv writes:
He does have to veto bad law. There was a blurb on the news yesterday that one of the bills he vetoed had an ammendment that would have destoryed Iraq's banking system. I didn't understand why and, of course, the news isn't about to try to explain.

i just caught one bit on radio ... which said one provision buried deep in a bill, allowed anybody to bring (US) legal action for activities done by previous (Iraqi) regimes ... which can include freezing of (current) financial accounts and assets.

quicky web search turned up numerous news references including:
http://www.msnbc.msn.com/id/22423352/

from above:
Although the provision is not directed at Iraq, the White House said it feared that the bill would allow plaintiffs seeking redress for Saddam Hussein-era acts of terrorism to freeze Iraq's assets, potentially tying up billions of dollars, and allow plaintiffs to refile lawsuits against Iraq that had already been dismissed. The administration said the provision would "unacceptably interfere" with the political and economic progress in Iraq by potentially imposing a "financially devastating hardship" on the country.

... snip ...

previous post
http://www.garlic.com/~lynn/2007v.html#20 Education ranking

mentioning some report that this congress has had the lowest attendence of any congress on record .... implying some correlation with how much legislation they've been able to come up with (although in some quarters that might be considered quite a good thing).

whats the world going to do when all the baby boomers retire

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: whats the world going to do when all the baby boomers retire
Newsgroups: alt.folklore.computers
Date: Sat, 29 Dec 2007 09:08:15 -0500
another article in the theme about what happens when all the baby boomers retire

Avantec Delivers New Solution to Manpower Shortages in the Mining Industry
http://www.arnnet.com.au/index.php/id;100834834

this is similar to articles on declining oil production in part because of not starting new oil production projects because they don't figure that enough baby boomers will be around to finish the projects.
http://www.garlic.com/~lynn/2007q.html#42 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007s.html#32 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007s.html#63 Newsweek article--baby boomers and computers

this also comes up in a lot of the complex legacy systems responsible for lots of fundamental core processing. when the toy demo projects repeatedly failed (billions spent in the 90s) to replace these legacy operations ... there has been increasing concern about the dwindling supply of baby boomers to maintain and feed them (and ongoing tweaking needed for all the stuff run in the overnight batch windows). misc. past posts:
http://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
http://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
http://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#37 folklore indeed
http://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
http://www.garlic.com/~lynn/2007u.html#61 folklore indeed
http://www.garlic.com/~lynn/2007v.html#19 Education ranking
http://www.garlic.com/~lynn/2007v.html#27 folklore indeed
http://www.garlic.com/~lynn/2007v.html#64 folklore indeed
http://www.garlic.com/~lynn/2007v.html#69 Controlling COBOL DDs named SYSOUT

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sat, 29 Dec 2007 09:20:46 -0500
pechter@pechter.dyndns.org (William Pechter) writes:
Actually the mainframe is now smaller than some multi-cpu server PC's I've seen... We've got a 5 year old S/390 which is smaller in size than the old 11/34 mini's were and smaller than some PC server Citrix boxes I've had to rack up in rack mounts...

early to mid 85, when the multi-chip 370s started appearing ... i put together a proposal for large number of boards populating racks ... and even being able to intermix (early 32-bit 801) RISC and 370 boards in the same rack.
http://www.garlic.com/~lynn/2004m.html#17 mainframe and microprocessor
http://www.garlic.com/~lynn/2006n.html#37 History: How did Forth get its stacks?
http://www.garlic.com/~lynn/2007c.html#14 How many 36-bit Unix ports in the old days?

big problem was how to handle the large amount of heat being generated by (relatively) high density of electronics in the space.

similar issues showed up in the later (all 801 RISC) high density rack proposal
http://www.garlic.com/~lynn/lhwemail.html#medusa

and
http://www.garlic.com/~lynn/95.html#13

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sat, 29 Dec 2007 12:05:11 -0500
Dave Garland <dave.garland@wizinfo.com> writes:
What some of us are saying is some stuff (e.g. web hosting) should be farmed out to specialists rather than attempted by Mompop. The fact that specialists screw up is not the point, Mompop will screw up faster and worse.

webhosting is just another from of outsourcing ... which goes on in all sorts of industries ... recent post
http://www.garlic.com/~lynn/2007v.html#64 folklore indeed

note a lot of internet-related stuff is about how identity fraud and account fraud are external attackers ... and/or how the defenders missed something.

however, predating wide-spread internet use and continuing thru the current internet period ... the studies have indicated that upwards of 70percent of fraud have involved insiders.

with respect to account fraud, we've frequently pointed out that the fundamental problem isn't the lack of protection for information ... it is that the information has diametrically opposing requirements 1) that it be readily available and widely used for a large number of different business processes and 2) that it must be kept confidential and never divuleged .... aka account numbers are akin to passwords which mean that they never are made public ... including repeatedly pulling a card, with the information on it, out of your wallet in public places.

this is the comment about even if the planet was buried under miles of (information hiding) encryption, there would still be information leakage ... combination of majority of fraud involving insiders and information repeatedly having to be presented and procssed by those insiders. This situation is also characterized as intrinsic in dual-use placed on account number ... being required extensively in numerous standard business processes ... and as a type of something you know shared-secret authentication.

Case studies frequently point out that in dual-use scenarios with diametrically opposing requirements ... that enormous opportunities for fraud can occur.

one of the other conjectures of why the press has focused on the external attackers ... is that there is lots of interests promoting the use of these payment instruments ... however, it would be counter productive to point at that much of the fraud opportunity is proportional to the use of the payment instruments (because of the enormous insider threat and the dual-use characteristic) ... which might result in reduced use by the public.

and as repeatedly pointed out before ... one of the major characteristics of the work in the x9a10 financial standard working group ... was for x9.59
http://www.garlic.com/~lynn/x959.html#x959

to eliminate the dual-use characteristic of the current infrastructure.

Dual-use characteristic of the current infrastructure enormously complicates being able to have effective and adequate end-to-end countermeasures to the fraud. This is also discussed from slightly different view point in the threads on the "naked" transaction metaphor
http://www.garlic.com/~lynn/subintegrity.html#payments

misc. past post mentioning insiders and fraud studies
http://www.garlic.com/~lynn/aadsmore.htm#2527b RFC 2527 Physical Security Controls Question
http://www.garlic.com/~lynn/aadsm5.htm#asrn4 assurance, X9.59, etc
http://www.garlic.com/~lynn/aadsm6.htm#websecure merchant web server security
http://www.garlic.com/~lynn/aadsm6.htm#pcards The end of P-Cards?
http://www.garlic.com/~lynn/aadsm6.htm#pcards2 The end of P-Cards? (addenda)
http://www.garlic.com/~lynn/aepay7.htm#netbank2 net banking, is it safe?? ... security proportional to risk
http://www.garlic.com/~lynn/aadsm7.htm#auth Who or what to authenticate?
http://www.garlic.com/~lynn/aadsm7.htm#auth2 Who or what to authenticate? (addenda)
http://www.garlic.com/~lynn/aadsm7.htm#rhose4 Rubber hose attack
http://www.garlic.com/~lynn/aadsm7.htm#rhose15 when a fraud is a sale, Re: Rubber hose attack
http://www.garlic.com/~lynn/aepay11.htm#37 Who's afraid of Mallory Wolf?
http://www.garlic.com/~lynn/aadsm11.htm#10 Federated Identity Management: Sorting out the possibilities
http://www.garlic.com/~lynn/aadsm12.htm#6 NEWS: 3D-Secure and Passport
http://www.garlic.com/~lynn/aadsm12.htm#58 Time to ID Identity-Theft Solutions
http://www.garlic.com/~lynn/aadsm14.htm#1 Who's afraid of Mallory Wolf?
http://www.garlic.com/~lynn/aadsm14.htm#4 Who's afraid of Mallory Wolf?
http://www.garlic.com/~lynn/aadsm14.htm#28 Maybe It's Snake Oil All the Way Down
http://www.garlic.com/~lynn/aadsm16.htm#13 The PAIN mnemonic
http://www.garlic.com/~lynn/aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
http://www.garlic.com/~lynn/aadsm17.htm#25 Single Identity. Was: PKI International Consortium
http://www.garlic.com/~lynn/aadsm17.htm#38 Study: ID theft usually an inside job
http://www.garlic.com/~lynn/aadsm17.htm#39 The future of security
http://www.garlic.com/~lynn/aadsm17.htm#47 authentication and authorization ... addenda
http://www.garlic.com/~lynn/aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)
http://www.garlic.com/~lynn/aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming
http://www.garlic.com/~lynn/aadsm18.htm#6 dual-use digital signature vulnerability
http://www.garlic.com/~lynn/aadsm18.htm#18 Any TLS server key compromises?
http://www.garlic.com/~lynn/aadsm18.htm#29 EMV cards as identity cards
http://www.garlic.com/~lynn/aadsm19.htm#17 What happened with the session fixation bug?
http://www.garlic.com/~lynn/aadsm19.htm#19 "SSL stops credit card sniffing" is a correlation/causality myth
http://www.garlic.com/~lynn/aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
http://www.garlic.com/~lynn/aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
http://www.garlic.com/~lynn/aadsm22.htm#26 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#27 Meccano Trojans coming to a desktop near you
http://www.garlic.com/~lynn/aadsm22.htm#33 Meccano Trojans coming to a desktop near you
http://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
http://www.garlic.com/~lynn/aadsm23.htm#0 Separation of Roles - an example
http://www.garlic.com/~lynn/aadsm23.htm#9 PGP "master keys"
http://www.garlic.com/~lynn/aadsm23.htm#10 PGP "master keys"
http://www.garlic.com/~lynn/aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
http://www.garlic.com/~lynn/aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
http://www.garlic.com/~lynn/aadsm24.htm#7 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm24.htm#10 Naked Payments IV - let's all go naked
http://www.garlic.com/~lynn/aadsm24.htm#36 Interesting bit of a quote
http://www.garlic.com/~lynn/aadsm24.htm#48 more on FBI plans new Net-tapping push
http://www.garlic.com/~lynn/aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
http://www.garlic.com/~lynn/aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
http://www.garlic.com/~lynn/aadsm26.htm#7 Citibank e-mail looks phishy
http://www.garlic.com/~lynn/aadsm26.htm#11 What is the point of encrypting information that is publicly visible?
http://www.garlic.com/~lynn/aadsm26.htm#27 man in the middle, SSL ... addenda
http://www.garlic.com/~lynn/aadsm27.htm#31 The bank fraud blame game
http://www.garlic.com/~lynn/aadsm27.htm#52 more on firing your MBA-less CSO
http://www.garlic.com/~lynn/aadsm27.htm#53 Doom and Gloom spreads, security revisionism suggests "H6.5: Be an adept!"
http://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks
http://www.garlic.com/~lynn/2001c.html#45 PKI and Non-repudiation practicalities
http://www.garlic.com/~lynn/2001c.html#54 PKI and Non-repudiation practicalities
http://www.garlic.com/~lynn/2001g.html#38 distributed authentication
http://www.garlic.com/~lynn/2001h.html#61 Net banking, is it safe???
http://www.garlic.com/~lynn/2001i.html#56 E-commerce security????
http://www.garlic.com/~lynn/2001j.html#54 Does "Strong Security" Mean Anything?
http://www.garlic.com/~lynn/2002e.html#18 Opinion on smartcard security requested
http://www.garlic.com/~lynn/2002f.html#35 Security and e-commerce
http://www.garlic.com/~lynn/2002j.html#14 Symmetric-Key Credit Card Protocol on Web Site
http://www.garlic.com/~lynn/2002j.html#40 Beginner question on Security
http://www.garlic.com/~lynn/2002m.html#46 Encryption algorithm for stored data
http://www.garlic.com/~lynn/2003g.html#26 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
http://www.garlic.com/~lynn/2004f.html#31 MITM attacks
http://www.garlic.com/~lynn/2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
http://www.garlic.com/~lynn/2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceritificates
http://www.garlic.com/~lynn/2004j.html#15 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004j.html#37 Vintage computers are better than modern crap !
http://www.garlic.com/~lynn/2004k.html#21 Vintage computers are better than modern crap !
http://www.garlic.com/~lynn/2005g.html#33 Good passwords and security priorities
http://www.garlic.com/~lynn/2005g.html#37 MVS secure configuration standard
http://www.garlic.com/~lynn/2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
http://www.garlic.com/~lynn/2005i.html#11 Revoking the Root
http://www.garlic.com/~lynn/2005j.html#52 Banks
http://www.garlic.com/~lynn/2005k.html#1 More on garbage
http://www.garlic.com/~lynn/2005k.html#55 Encryption Everywhere? (Was: Re: Ho boy! Another big one!)
http://www.garlic.com/~lynn/2005l.html#35 More Phishing scams, still no SSL being used
http://www.garlic.com/~lynn/2005l.html#36 More Phishing scams, still no SSL being used
http://www.garlic.com/~lynn/2005o.html#2 X509 digital certificate for offline solution
http://www.garlic.com/~lynn/2005v.html#2 ABN Tape - Found
http://www.garlic.com/~lynn/2006c.html#31 Worried about your online privacy?
http://www.garlic.com/~lynn/2006c.html#35 X.509 and ssh
http://www.garlic.com/~lynn/2006d.html#26 Caller ID "spoofing"
http://www.garlic.com/~lynn/2006d.html#28 Caller ID "spoofing"
http://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
http://www.garlic.com/~lynn/2006e.html#44 Does the Data Protection Act of 2005 Make Sense
http://www.garlic.com/~lynn/2006h.html#15 Security
http://www.garlic.com/~lynn/2006h.html#26 Security
http://www.garlic.com/~lynn/2006k.html#4 Passwords for bank sites - change or not?
http://www.garlic.com/~lynn/2006k.html#16 Value of an old IBM PS/2 CL57 SX Laptop
http://www.garlic.com/~lynn/2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
http://www.garlic.com/~lynn/2006k.html#33 Password Complexity
http://www.garlic.com/~lynn/2006p.html#9 New airline security measures in Europe
http://www.garlic.com/~lynn/2006p.html#18 19,000 Accounts Compromised
http://www.garlic.com/~lynn/2006p.html#32 OT - hand-held security
http://www.garlic.com/~lynn/2006s.html#10 Why not 2048 or 4096 bit RSA key issuance?
http://www.garlic.com/~lynn/2006u.html#40 New attacks on the financial PIN processing
http://www.garlic.com/~lynn/2006u.html#43 New attacks on the financial PIN processing
http://www.garlic.com/~lynn/2006v.html#2 New attacks on the financial PIN processing
http://www.garlic.com/~lynn/2006v.html#42 On sci.crypt: New attacks on the financial PIN processing
http://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that increases password security
http://www.garlic.com/~lynn/2006w.html#4 Patent buster for a method that increases password security
http://www.garlic.com/~lynn/2006x.html#14 IBM ATM machines
http://www.garlic.com/~lynn/2007.html#42 The logic of privacy
http://www.garlic.com/~lynn/2007b.html#8 Special characters in passwords was Re: RACF - Password rules
http://www.garlic.com/~lynn/2007b.html#13 special characters in passwords
http://www.garlic.com/~lynn/2007b.html#33 security engineering versus information security
http://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#11 Decoding the encryption puzzle
http://www.garlic.com/~lynn/2007c.html#32 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#35 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#43 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#62 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007i.html#28 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#65 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#0 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007n.html#85 PCI Compliance - Encryption of all non-console administrative access
http://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
http://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
http://www.garlic.com/~lynn/2007q.html#72 Value of SSL client certificates?
http://www.garlic.com/~lynn/2007t.html#20 UK Retail Giant Breached by Insider

virtual appliance

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: virtual appliance
Newsgroups: bit.listserv.ibm-main
Date: Sat, 29 Dec 2007 15:34:33 -0500
dboyes@SINENOMINE.NET (David Boyes) writes:
Put bluntly, see my other note on using CMSDDR. Getting a 1 pack VM system up on the Flex box works MUCH better, CMSDDR understands CMS file structure so you can just pass images of the volumes over, and as long as you resre the entire volumes, z/OS won't even know it happened.

Useful note: when you FTP the CMSDDR output files between the VM system on the Flex box and the new system, use TYPE E, MODE B before you do the PUT or GET in the FTP session. This tells the FTP server on the other end to preserve character set and file parameters, so you won't have to worry about it.

Also, keep in mind that your Flex system can create AWSTAPE format files, and that CMS has a AWSTAPE pipe stage that can feed that to CMS utilities. If you're worried about licensing for VM on the Flex box, I think VM/370 (which IBM does not complain about usage) will run CMSDDR.

I'll have to look into creating a IPLable system image for people in your situation. Shouldn't be too hard.


... for other topic drift ... in current virtualization genre there is a lot being made of virtual appliance ... somewhat akin to what we use to call service virtual machines .... but also gaining a lot of cross-over with a system image that can be quickly and trivially deployed ... usually for very specific purposes. In the security genre, such images can also trivially go poof (and any compromises, possibly because of an internet connection, evaporates at the same time).

Why Didn't Digital Catch the Wave?

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Why Didn't Digital Catch the Wave?
Newsgroups: alt.folklore.computers
Date: Sat, 29 Dec 2007 16:22:36 -0500
jsavard@excxn.aNOSPAMb.cdn.invalid (John Savard) writes:
The technology wasn't there in 1981 to put a PDP-11 on a single chip and start shipping it - with a *high-end* Digital operating system, FORTRAN and APL as well as BASIC - and say, here's a *real* computer. One that could do everything Linux on a 386 without enough memory to run the X Window System could have done, but better.

So the Professional 350 was too little, too late. But it *was* too late.

If DEC had wanted to be a player in the microcomputer era, it would have had to have started earlier.


in lots of past posts in numerous threads ... i've contended that a lot of ibm/pc made "critical" mass because business could essentially buy one for about the same price as 327x terminal and do both terminal emulation and local computing
http://www.garlic.com/~lynn/subnetwork.html#emulation

and therefor it was effectively a no-brainer financial business decision for sales of large number of such machines into commercial market.

a big issue in that market was reaching critical mass ... attracting buyers because their were lots of stuff that could be done with it and a lot of machines attracting software developers to create lots of applications for the machines ... which eventually became snowball effect.

it wasn't just the corporate name that attracted all the application developers ... it was the number of machines. it also wasn't just the corporate name that attracted all the (early) business purchases ... since a separate personal computer purchase would have required incremental financial justification ... while switching from an already financially justified terminal purchase to a personal computer ... was frequently a no-brainer.

recent post with some discussion of number of machines
http://www.garlic.com/~lynn/2007n.html#0 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM

the above references a webpage that gave personal computer market share, 1975-2004 ... which appears to have disappeared.

the way back machine still has the webpage ... but w/o images/graphs
http://web.archive.org/web/20070528014237/http://www.wowdailynews.com/pegasus/total_share.html

but there is reference to article at ars technica

Total share: 30 years of personal computer market share figures
http://arstechnica.com/articles/culture/total-share.ars

and has graph of personal computer sales 1975-1980
http://arstechnica.com/articles/culture/total-share.ars/3

and graph from 1980 to 1984 ... with the only serious competitor to PC in number of sales was commodore 64
http://arstechnica.com/articles/culture/total-share.ars/4

and then from 1984 to 1987 the ibm pc (and clones) starting to completely swamp
http://arstechnica.com/articles/culture/total-share.ars/5

in much the same way that the application developers were producing for the large install base ... the machine clone makers also started to move into the market segment also. conjecture might include larger profit margin in the PC market segment (vis-a-vis commodore 64) as contributing motivation for clone makers (higher premium/value in the commercial business market).

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sat, 29 Dec 2007 19:19:58 -0500
krw <krw@att.bizzzzz> writes:
Doesn't it? Mom-n-pop don't deal with it at all, though Walmart certainly does.

level (and costs) for PCI compliance is related to size of institution; misc. web references:

PCI compliance costs often underestimated, study finds
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1265353,00.html
PCI Data Security Standard
http://searchsecurity.techtarget.com/topics/0,295493,sid14_tax303586,00.html
Are there any references that discuss the cost of PCI DSS compliance?
http://searchsecurity.techtarget.com/expert/KnowledgebaseAnswer/0,289625,sid14_gci1285601_tax303586,00.html?bucket=ETA&topic=303586

and

Firms seeking PCI compliance face dilemma
http://www.scmagazineus.com/Firms-seeking-PCI-compliance-face-dilemma/article/34709/

from above:

The price for the average quality web application vulnerability assessment ranges from about five thousand to fifteen thousand dollars per website. According to PCI-DSS, assessments need to be performed four times a year. All of the sudden, the same merchant that started out paying a few hundred to thousands of dollars faces tens of thousands per website in additional costs.

... snip ...

and little drift ... recent repeat of x9.59 financial standard protocol objectives in crypto mailing list
http://www.garlic.com/~lynn/aadsm28.htm#1

Merchants Not Storing Credit Card Data
http://www.schneier.com/blog/archives/2007/10/merchants_not_s.html

referencing this article:

Retailers look to exorcise credit-card data
http://www.securityfocus.com/news/11491

recent (also crypto mailing list) post also referencing NRF position
http://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks

the x9.59 financial standard approach was to eliminate the usefulness of the information to the crooks ... whereever it might appear and/or be located (complete end-to-end coverage). Eliminating business processes that require merchants to keep the information, is just a piecemeal solution (i.e. the information still represents an attractive target for crooks).

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 09:07:46 -0500
rpl <plinnane3@yahoo.com.invalid> writes:
if you do add-customer or transactions with a new CC# number (ie: not a reference to a CC# already on record) then you've got data that should *not* be on a "known bad" media (such as your garden-variety internet-connected device) and that needs to be taken offline, immediately.

who/what's TJMax ?


recent related post on some of the issues
http://www.garlic.com/~lynn/aadsm28.htm#1
http://www.garlic.com/~lynn/2007v.html#77 folklore indeed

a few posts from earlier this year
http://www.garlic.com/~lynn/2007b.html#62 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#27 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#37 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#53 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#5 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#2 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#68 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007g.html#10 Record Credit card heist...TJM
http://www.garlic.com/~lynn/2007g.html#15 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007g.html#19 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007g.html#30 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007g.html#53 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007h.html#36 sizeof() was: The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007h.html#58 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007h.html#63 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007i.html#53 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#64 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#65 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#15 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007l.html#39 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007l.html#48 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
http://www.garlic.com/~lynn/2007o.html#5 The Unexpected Fact about the First Computer Programmer
http://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
http://www.garlic.com/~lynn/2007r.html#21 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007r.html#26 The new urgency to fix online privacy
http://www.garlic.com/~lynn/2007r.html#31 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007r.html#32 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007s.html#51 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007s.html#55 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007s.html#64 Is the media letting banks off the hook on payment card security
http://www.garlic.com/~lynn/2007t.html#6 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007u.html#67 folklore indeed
http://www.garlic.com/~lynn/2007v.html#62 folklore indeed
http://www.garlic.com/~lynn/2007v.html#70 folklore indeed

folklore indeed

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 09:15:34 -0500
Steve O'Hara-Smith <steveo@eircom.net> writes:
This is true - but the entry point costs are way beyond Mom-n-pop levels.

re:
http://www.garlic.com/~lynn/2007v.html#77 folklore indeed

as also referred to in the same post ... i.e. quote from the same post:

Firms seeking PCI compliance face dilemma
http://www.scmagazineus.com/Firms-seeking-PCI-compliance-face-dilemma/article/34709/

from above:
The price for the average quality web application vulnerability assessment ranges from about five thousand to fifteen thousand dollars per website. According to PCI-DSS, assessments need to be performed four times a year. All of the sudden, the same merchant that started out paying a few hundred to thousands of dollars faces tens of thousands per website in additional costs.

... snip ...

i.e. costs that start out at a few hundred ... now balloon all out of control with compliance costs of tens of thousands.

recent post in crypto mailing list
http://www.garlic.com/~lynn/aadsm28.htm#1

mentioning that part of x9.59 financial standard
http://www.garlic.com/~lynn/x959.html#x959

effectively eliminates most of the compliance overhead ... by eliminating the need to have all the countermeasures for information leakage and breaches, since the information leak/breach is no longer a threat (information may still leak/breach, but is no longer useful to crooks).

software preservation volunteers ( was Re: LINC-8 Front Panel Questions)

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: software preservation volunteers ( was Re: LINC-8 Front Panel Questions)
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 09:23:36 -0500
Peter Flass <Peter_Flass@Yahoo.com> writes:
Depending on the formats I would be surprised if any 370 stuff couldn't be read by current software. This *is* IBM, after all. Of course this assumes that the tapes themselves can be read.

somewhat related, recent post in mainframe mailing list about possibly building effectively vm370 virtual appliance for such purposes
http://www.garlic.com/~lynn/2007v.html#75 virtual appliance

Tap and faucet and spellcheckers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Tap and faucet and spellcheckers
Newsgroups: alt.usage.english,alt.folklore.computers,uk.rec.sheds
Date: Sun, 30 Dec 2007 09:48:53 -0500
Peter Flass <Peter_Flass@Yahoo.com> writes:
This is sort-of true, except that "legacy" systems are still being enhanced and extended. All of our web backend stuff is COBOL, with lots of programs generating HTML output, just like we have lots of stuff that generates SCRIPT output.

is that SCRIPT output as in GML? i.e. GML was invented at the science center
http://www.garlic.com/~lynn/subtopic.html#545tech
in '69
http://www.garlic.com/~lynn/submain.html#sgml

SCRIPT was the CMS document formating developed a few yrs earlier ... but using runoff dot-like commands ... and then gml tag formating support was added.

later CERN adapted a script-clone sgml processing into html
http://infomesh.net/html/history/early/

recent post referencing the some of the failed disasters of the 90s, spending billions attempting to replace some of these legacy systems in part attempting to eliminate the overnight batch window bottlenecks ... with distributed computing straight-through processing.

in any event, there is ongoing tweaking efforts keeping legacy processing within the overnight batch window ... recent reference ... a x-over from mainframe mailing list ... this time mentioning options market doesn't open until legacy overnight batch window has completed
http://www.garlic.com/~lynn/2007v.html#69 Controllering COBOL DDs named SYSOUT

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 10:48:45 -0500
Peter Flass <Peter_Flass@Yahoo.com> writes:
One of the problems I see is that there's apparently not enough error-recovery in current media. When a CD goes, it's totally unreadable. Analog media degrade, but they ususlly don't disintegrate. Old newspapers and photos may be brittle, but they're usually quite usable even when some percentage is gone completely.

one of the things we got involved with in our hsdt project
http://www.garlic.com/~lynn/subnetwork.html#hsdt

was forward error correcting. part of the issue was all links leaving corporate premise had to be encrypted ... and loss of sync took extra recovery time ... especially with the satellite links (geosync orbit).

we had an engineer on the project, who was claimed to be one of the five best satellite RF engineers in the world ... and had been grad. student of Reeds (and undergraduate at MIT ... and claimed my wife's father was his favorite teacher) ... for other drift, listed as co-author of one of following papers:
http://commsci.usc.edu/faculty/reed-bio.html

in any case, we were also doing some work with Cyclotomics, which was producing reed-solomon foward-error-correcting hardware. they were also heavily involved in cdrom standard. they were later bought up by kodak ... somewhat related to their effort in optical disks.

oblique reference:
http://viterbi.usc.edu/news/news/2004/2004_11_12_jpl.htm

from above:
And for billions of people, Reed-Solomon codes are part of everyday life: they are inscribed into every single compact disc and DVD sold in the world. (A real-world tip here from Reed's graduate student Gregory Dubney: when you clean your CDs, don't wipe in a circle, as that will erase the Reed-Solomon codes over time and actually make the skipping worse. Clean the CDs by wiping towards the center.)

... snip ...

misc. past posts mentioning cyclotomics, berlekamp, and/or reed-solomon:
http://www.garlic.com/~lynn/2000c.html#38 Does the word "mainframe" still have a meaning?
http://www.garlic.com/~lynn/2001.html#1 4M pages are a bad idea (was Re: AMD 64bit Hammer CPU and VM)
http://www.garlic.com/~lynn/2001b.html#80 Disks size growing while disk count shrinking = bad performance
http://www.garlic.com/~lynn/2001k.html#71 Encryption + Error Correction
http://www.garlic.com/~lynn/2002p.html#53 Free Desktop Cyber emulation on PC before Christmas
http://www.garlic.com/~lynn/2003e.html#27 shirts
http://www.garlic.com/~lynn/2003h.html#3 Calculations involing very large decimals
http://www.garlic.com/~lynn/2003j.html#73 1950s AT&T/IBM lack of collaboration?
http://www.garlic.com/~lynn/2004f.html#37 Why doesn't Infiniband supports RDMA multicast
http://www.garlic.com/~lynn/2004h.html#11 Mainframes (etc.)
http://www.garlic.com/~lynn/2004o.html#43 360 longevity, was RISCs too close to hardware?
http://www.garlic.com/~lynn/2005k.html#25 The 8008
http://www.garlic.com/~lynn/2005n.html#27 Data communications over telegraph circuits
http://www.garlic.com/~lynn/2005r.html#52 Go-Back-N protocol?
http://www.garlic.com/~lynn/2005t.html#50 non ECC
http://www.garlic.com/~lynn/2006u.html#44 waiting for acknowledgements
http://www.garlic.com/~lynn/2006u.html#45 waiting for acknowledgements
http://www.garlic.com/~lynn/2007.html#29 Just another example of mainframe costs
http://www.garlic.com/~lynn/2007j.html#4 Even worse than UNIX
http://www.garlic.com/~lynn/2007p.html#62 Damn
http://www.garlic.com/~lynn/93.html#28 Log Structured filesystems -- think twice
http://www.garlic.com/~lynn/99.html#115 What is the use of OSI Reference Model?
http://www.garlic.com/~lynn/99.html#210 AES cyphers leak information like sieves

Alexander Graham Bell - Patent Thief?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Alexander Graham Bell - Patent Thief?
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 11:33:59 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
fundamental principles of the American way of life

Alexander Graham Bell, Patent Thief? - Telecom patent fights as old as the telephone itself...
http://www.dslreports.com/shownews/Alexander-Graham-Bell-Patent-Thief-90521
Alexander Graham Bell - Patent Thief?
http://science.slashdot.org/science/07/12/27/1342258.shtml
Technology: Bell Stole Phone Ideas, New Book Claims
http://www.technewsworld.com/story/60945.html Book claims Bell copied telephone invention
http://www.zdnetasia.com/news/communications/0,39044192,62035894,00.htm
New Book Accuses Alexander Graham Bell Of Stealing Phone Idea
http://www.allheadlinenews.com/articles/7009553270
"The Telephone Gambit" - Chasing Alexander Graham Bell's Secret
http://www.imperialvalleynews.com/index.php?option=com_content&task=view&id=586&Itemid=1


re:
http://www.garlic.com/~lynn/2007v.html#67 Alexander Graham Bell - Patent Thief?

when my wife read Stephenson's Cryptonomicon, she was somewhat surprised that similar theme played such prominent role.

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 11:44:12 -0500
Frank McCoy <mccoyf@millcomm.com> writes:
This, BTW, isn't just the SOM for CD and DVD media; it became the standard for hard-drives over a decade ago. Even S.M.A.R.T. hides the retries and recoveries until the drive is practically smoke.

re:
http://www.garlic.com/~lynn/2007v.html#82 folklore indeed

posts with recent studies of disk reliabiilty
http://www.garlic.com/~lynn/2007h.html#13 Question on DASD Hardware
http://www.garlic.com/~lynn/2007j.html#40 Disc Drives

folklore indeed

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 12:08:23 -0500
Steve O'Hara-Smith <steveo@eircom.net> writes:
If Mom-n-pop set up to process credit cards online themselves then they do *have* to deal with it and do it properly in order to be allowed to do so in order to get and keep their merchant account. It will not be much easier or cheaper for them to ensure the necessary security than it is for Walmart which is why it is insane for Mom-n-pop to do so.

re:
http://www.garlic.com/~lynn/2007v.html#77 folklore indeed
http://www.garlic.com/~lynn/2007v.html#79 folklore indeed

as mentioned in the above, the costs for operating a ecommerce site can balloon from a couple hundred to tens of thousands (annually just for compliance testing, presumably cost of implementing the compliant processes are over and above).

while x9.59 eliminates almost all of the requirement (having eliminated the threat from information leak/breach)
http://www.garlic.com/~lynn/x959.html#x959

then NRF is raising the issue that (w/o x9.59) then the paradigm needs to be otherwise changed so that retailers no longer need to retain the information as part of required business processes

such paradigm change would still leave leak/breach vulnerabilities at other points ... mentioned in this thread on naked transaction metaphor
http://www.garlic.com/~lynn/subintegrity.html#payments

re:
http://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks

referenced in the above:

Customer Service: Consumer Confidence at Stake in Retail, Credit Card Industry Clash
http://www.ecommercetimes.com/story/59670.html
Retailer PCI Rebellion: 'No More Storing Credit Card Numbers'
http://www.darkreading.com/document.asp?doc_id=135602
Retailers Fighting To No Longer Store Credit Data
http://it.slashdot.org/it/07/10/05/192250.shtml
Retail group takes a swipe at PCI
http://www.infoworld.com/article/07/10/05/Retail-group-takes-a-swipe-at-PCI_1.html
Retailers Challenge the Networks' Card-Data Storage Requirements
http://www.digitaltransactions.net/newsstory.cfm?newsid=1536
NRF to Credit Card Companies: Stop Forcing Retailers to Store Credit Card Data
http://www.nrf.com/modules.php?name=News&op=viewlive&sp_id=380
Retail group takes a swipe at PCI, puts card companies 'on notice'
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9040958&taxonomyId=17
Rethinking the Assumptions Behind PCI-DSS
http://www.paymentsnews.com/2007/10/rethinking-the-.html
PCI Is Here: Keeping the barbarians outside the cyber gates
http://www.practicalecommerce.com/articles/580/Caveat-Vendor-PCI-Is-Here/
Retailers, Credit Card Industry Clash
http://www.physorg.com/news111253284.html

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 14:03:46 -0500
Steve O'Hara-Smith <steveo@eircom.net> writes:
If Mom-n-pop set up to process credit cards online themselves then they do *have* to deal with it and do it properly in order to be allowed to do so in order to get and keep their merchant account. It will not be much easier or cheaper for them to ensure the necessary security than it is for Walmart which is why it is insane for Mom-n-pop to do so.

re:
http://www.garlic.com/~lynn/2007v.html#77 folklore indeed
http://www.garlic.com/~lynn/2007v.html#78 folklore indeed
http://www.garlic.com/~lynn/2007v.html#79 folklore indeed
http://www.garlic.com/~lynn/2007v.html#85 folklore indeed

the other way we analyzed the problem in the x9a10 financial standard working group
http://www.garlic.com/~lynn/x959.html

was that the crooks can afford to outspend the merchant possibly 100:1

merchant may clear $2 on each card transaction ... and out of that may be able to afford $.1 (ten cents) on fraud countermeasures.

in the current infrastructure, crooks may be able to take an avg. of $1000 per compromised account.

say a merchant does 1000/transactions a year and can afford to spend $100/year on fraud countermeasures. That is way below the tens of thousands per year.

say a merchant does 10000/transactions a year and can afford to spend $1000/year on fraud countermeasures, that is still way below the tens of thousands of per year.

it isn't until a merchant is doing something like 100,000 transactions/year that it can possibly start to consider some of the required countermeasures. However, the tens of thousands per year is for entry merchants ... by the time they are at 100,000 transactions, compliance has gone up.

so a merchant doing 100,000 transactions a year may be able to afford $10,000/annum on fraud countermeasures. However, crooks may expect to get as much as $10m with a breach ... so they may consider it perfectly worthwhile to spend $1m for the breach.

everybody may consider that larger merchants (in terms of doing large number of transactions) can spend more on countermeasures ... but the fundamental problem in the current paradigm is that the transaction log file is worth possibly 1000 times (three orders of magnitude) more to the crooks than it does to the merchants ... and that regardless of the merchant size ... the crooks can easily justify to completely overwhelm any set of countermeasures (since the objective is worth significantly more to the crooks than to the merchants).

this is related to the oft repeated theme of security proportional to risk. the actual risk is the cost of the compromise to the account owner and is somewhat related to the value of the compromise to the crooks. the current paradigm has the amount of risk represented by the transaction file ... orders of magnitude larger than the value of that transaction file to the merchant (and what merchants can reasonably afford to pay for fraud countermeasures).
http://www.garlic.com/~lynn/aepay7.htm#netbank2 net banking, is it safe?? ... security proportional to risk
http://www.garlic.com/~lynn/aepay10.htm#20 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/aepay12.htm#8 Know your security onions (or security proportional to risk)
http://www.garlic.com/~lynn/2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#9 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#11 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#24 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#25 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#28 Security Proportional to Risk (was: IBM Mainframe at home)

some recent posts mentioning the issue that crooks can easily afford to outspend merchants by possibly as much as 100:1 with the current paradigm:
http://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
http://www.garlic.com/~lynn/aadsm26.htm#58 Our security sucks. Why can't we change? What's wrong with us?
http://www.garlic.com/~lynn/aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
http://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
http://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007i.html#64 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#15 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#39 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007l.html#48 My Dream PC -- Chip-Based

Data Breaches Soar In 2007

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Data Breaches Soar In 2007
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 14:41:51 -0500
Data Breaches Soar in 2007
http://money.cnn.com/news/newsfeeds/articles/apwire/77ed8eb2ed03127dc4893ecdfc16fd0b.htm

from above:
Another group, Attrition.org, estimates more than 162 million records compromised through Dec. 21 _ both in the U.S. and overseas, unlike the other group's U.S.-only list. Attrition reported 49 million last year.

... snip ...

Current paradigm, crooks can afford to possibly outspend the defenders by 100:1 .... i.e. in the current paradigm, the value of the records to the crooks far exceeds the value of the records to the defenders.
http://www.garlic.com/~lynn/2007v.html#86 folklore indeed

The scenario for x9.59 financial standard protocol was to make the records worthless to the crooks:
http://www.garlic.com/~lynn/x959.html#x959

... past posts mentioning security proportional to risk:
http://www.garlic.com/~lynn/aadsm10.htm#cfppki13 CFP: PKI research workshop
http://www.garlic.com/~lynn/aadsm11.htm#45 Web site exposes credit card fraud
http://www.garlic.com/~lynn/aadsm12.htm#14 Challenge to TCPA/Palladium detractors
http://www.garlic.com/~lynn/aadsm12.htm#15 Challenge to TCPA/Palladium detractors
http://www.garlic.com/~lynn/aadsm12.htm#18 Overcoming the potential downside of TCPA
http://www.garlic.com/~lynn/aadsm14.htm#1 Who's afraid of Mallory Wolf?
http://www.garlic.com/~lynn/aadsm14.htm#4 Who's afraid of Mallory Wolf?
http://www.garlic.com/~lynn/aadsm14.htm#28 Maybe It's Snake Oil All the Way Down
http://www.garlic.com/~lynn/aadsm14.htm#33 An attack on paypal
http://www.garlic.com/~lynn/aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
http://www.garlic.com/~lynn/aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
http://www.garlic.com/~lynn/aadsm17.htm#2 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
http://www.garlic.com/~lynn/aadsm17.htm#32 visa cards violated, BofA reissuing after hack attack
http://www.garlic.com/~lynn/aadsm17.htm#46 authentication and authorization (was: Question on the state of the security industry)
http://www.garlic.com/~lynn/aadsm17.htm#47 authentication and authorization ... addenda
http://www.garlic.com/~lynn/aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming
http://www.garlic.com/~lynn/aadsm18.htm#6 dual-use digital signature vulnerability
http://www.garlic.com/~lynn/aadsm18.htm#35 Credit card leaks continue at a furious pace
http://www.garlic.com/~lynn/aadsm18.htm#45 Banks Test ID Device for Online Security
http://www.garlic.com/~lynn/aadsm19.htm#15 Loss Expectancy in NPV calculations
http://www.garlic.com/~lynn/aadsm19.htm#25 Digital signatures have a big problem with meaning
http://www.garlic.com/~lynn/aadsm19.htm#45 payment system fraud, etc
http://www.garlic.com/~lynn/aadsm19.htm#47 the limits of crypto and authentication
http://www.garlic.com/~lynn/aadsm20.htm#12 the limits of crypto and authentication
http://www.garlic.com/~lynn/aadsm21.htm#18 'Virtual Card' Offers Online Security Blanket
http://www.garlic.com/~lynn/aadsm21.htm#27 X.509 / PKI, PGP, and IBE Secure Email Technologies
http://www.garlic.com/~lynn/aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
http://www.garlic.com/~lynn/aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
http://www.garlic.com/~lynn/aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
http://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
http://www.garlic.com/~lynn/aadsm23.htm#9 PGP "master keys"
http://www.garlic.com/~lynn/aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
http://www.garlic.com/~lynn/aadsm23.htm#31 JIBC April 2006 - "Security Revisionism"
http://www.garlic.com/~lynn/aadsm23.htm#54 Status of SRP
http://www.garlic.com/~lynn/aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
http://www.garlic.com/~lynn/aadsm24.htm#6 Securely handling credit card transactions earns Blackboard kudos
http://www.garlic.com/~lynn/aadsm24.htm#38 Interesting bit of a quote
http://www.garlic.com/~lynn/aadsm24.htm#46 More Brittle Security -- Agriculture
http://www.garlic.com/~lynn/aadsm25.htm#2 Crypto to defend chip IP: snake oil or good idea?
http://www.garlic.com/~lynn/aadsm25.htm#21 Identity v. anonymity -- that is not the question
http://www.garlic.com/~lynn/aadsm25.htm#24 DDA cards may address the UK Chip&Pin woes
http://www.garlic.com/~lynn/aadsm25.htm#33 Mozilla moves on security
http://www.garlic.com/~lynn/aadsm25.htm#34 Mozilla moves on security
http://www.garlic.com/~lynn/aadsm25.htm#39 How the Classical Scholars dropped security from the canon of Computer Science
http://www.garlic.com/~lynn/aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
http://www.garlic.com/~lynn/aadsm26.htm#6 Citibank e-mail looks phishy
http://www.garlic.com/~lynn/aadsm26.htm#11 What is the point of encrypting information that is publicly visible?
http://www.garlic.com/~lynn/aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
http://www.garlic.com/~lynn/aadsm26.htm#25 EV - what was the reason, again?
http://www.garlic.com/~lynn/aadsm26.htm#54 What to do about responsible disclosure?
http://www.garlic.com/~lynn/aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
http://www.garlic.com/~lynn/2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#9 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#11 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#24 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#25 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002d.html#28 Security Proportional to Risk (was: IBM Mainframe at home)
http://www.garlic.com/~lynn/2002f.html#23 Computers in Science Fiction
http://www.garlic.com/~lynn/2002i.html#72 A Lesson In Security
http://www.garlic.com/~lynn/2002j.html#14 Symmetric-Key Credit Card Protocol on Web Site
http://www.garlic.com/~lynn/2002j.html#63 SSL integrity guarantees in abscense of client certificates
http://www.garlic.com/~lynn/2002l.html#11 IEEE article on intelligence and security
http://www.garlic.com/~lynn/2002l.html#12 IEEE article on intelligence and security
http://www.garlic.com/~lynn/2002l.html#35 Cryptography
http://www.garlic.com/~lynn/2002m.html#14 fingerprint authentication
http://www.garlic.com/~lynn/2002m.html#19 A new e-commerce security proposal
http://www.garlic.com/~lynn/2002n.html#20 Help! Good protocol for national ID card?
http://www.garlic.com/~lynn/2002n.html#25 Help! Good protocol for national ID card?
http://www.garlic.com/~lynn/2002n.html#26 Help! Good protocol for national ID card?
http://www.garlic.com/~lynn/2002o.html#67 smartcard+fingerprint
http://www.garlic.com/~lynn/2003l.html#64 Can you use ECC to produce digital signatures? It doesn't see
http://www.garlic.com/~lynn/2003m.html#11 AES-128 good enough for medical data?
http://www.garlic.com/~lynn/2003m.html#51 public key vs passwd authentication?
http://www.garlic.com/~lynn/2003o.html#46 What 'NSA'?
http://www.garlic.com/~lynn/2004.html#29 passwords
http://www.garlic.com/~lynn/2004b.html#39 SSL certificates
http://www.garlic.com/~lynn/2004b.html#48 Automating secure transactions
http://www.garlic.com/~lynn/2004f.html#8 racf
http://www.garlic.com/~lynn/2004f.html#36 MITM attacks
http://www.garlic.com/~lynn/2004j.html#0 New Method for Authenticated Public Key Exchange without Digital Certificates
http://www.garlic.com/~lynn/2004j.html#15 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
http://www.garlic.com/~lynn/2004l.html#40 "Perfect" or "Provable" security both crypto and non-crypto?
http://www.garlic.com/~lynn/2004m.html#9 REVIEW: "Biometrics for Network Security", Paul Reid
http://www.garlic.com/~lynn/2004m.html#28 Shipwrecks
http://www.garlic.com/~lynn/2005f.html#60 Where should the type information be: in tags and descriptors
http://www.garlic.com/~lynn/2005g.html#51 Security via hardware?
http://www.garlic.com/~lynn/2005g.html#54 Security via hardware?
http://www.garlic.com/~lynn/2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
http://www.garlic.com/~lynn/2005i.html#22 technical question about fingerprint usbkey
http://www.garlic.com/~lynn/2005j.html#53 Banks
http://www.garlic.com/~lynn/2005k.html#23 More on garbage
http://www.garlic.com/~lynn/2005l.html#22 The Worth of Verisign's Brand
http://www.garlic.com/~lynn/2005l.html#35 More Phishing scams, still no SSL being used
http://www.garlic.com/~lynn/2005l.html#36 More Phishing scams, still no SSL being used
http://www.garlic.com/~lynn/2005o.html#2 X509 digital certificate for offline solution
http://www.garlic.com/~lynn/2005p.html#6 Innovative password security
http://www.garlic.com/~lynn/2005p.html#24 Hi-tech no panacea for ID theft woes
http://www.garlic.com/~lynn/2005t.html#32 RSA SecurID product
http://www.garlic.com/~lynn/2005t.html#34 RSA SecurID product
http://www.garlic.com/~lynn/2005u.html#33 PGP Lame question
http://www.garlic.com/~lynn/2005v.html#4 ABN Tape - Found
http://www.garlic.com/~lynn/2006c.html#34 X.509 and ssh
http://www.garlic.com/~lynn/2006d.html#26 Caller ID "spoofing"
http://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
http://www.garlic.com/~lynn/2006e.html#44 Does the Data Protection Act of 2005 Make Sense
http://www.garlic.com/~lynn/2006h.html#15 Security
http://www.garlic.com/~lynn/2006k.html#4 Passwords for bank sites - change or not?
http://www.garlic.com/~lynn/2006k.html#16 Value of an old IBM PS/2 CL57 SX Laptop
http://www.garlic.com/~lynn/2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
http://www.garlic.com/~lynn/2006o.html#20 Gen 2 EPC Protocol Approved as ISO 18000-6C
http://www.garlic.com/~lynn/2006o.html#35 the personal data theft pandemic continues
http://www.garlic.com/~lynn/2006p.html#18 19,000 Accounts Compromised
http://www.garlic.com/~lynn/2006q.html#36 Was FORTRAN buggy?
http://www.garlic.com/~lynn/2006s.html#4 Why not 2048 or 4096 bit RSA key issuance?
http://www.garlic.com/~lynn/2006s.html#5 Why not 2048 or 4096 bit RSA key issuance?
http://www.garlic.com/~lynn/2006t.html#5 Are there more stupid people in IT than there used to be?
http://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that increases password security
http://www.garlic.com/~lynn/2007b.html#33 security engineering versus information security
http://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#8 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#9 Decoding the encryption puzzle
http://www.garlic.com/~lynn/2007c.html#11 Decoding the encryption puzzle
http://www.garlic.com/~lynn/2007c.html#37 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#40 Point-of-Sale security
http://www.garlic.com/~lynn/2007c.html#44 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#2 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#31 Is that secure : <form action="https" from a local HTML page ?
http://www.garlic.com/~lynn/2007f.html#36 Silly beginner questions
http://www.garlic.com/~lynn/2007f.html#68 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
http://www.garlic.com/~lynn/2007j.html#15 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007l.html#40 My Dream PC -- Chip-Based

Data Breaches Soar In 2007

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Data Breaches Soar In 2007
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 14:55:26 -0500
re:
http://www.garlic.com/~lynn/2007v.html#87 Data Breaches Soar In 2007

some more ...

Reports of data breaches reached new heights in 2007
http://www.usatoday.com/tech/news/computersecurity/2007-12-30-data_N.htm

and Securing financial transactions a high priority for 2007?????:
http://www.garlic.com/~lynn/2006y.html#7 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2006y.html#8 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007.html#0 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007.html#5 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007.html#6 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007.html#28 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#61 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#62 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007b.html#64 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#8 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#15 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#17 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#22 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#26 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#27 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#28 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#30 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#31 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#32 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#33 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#35 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#36 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#37 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#39 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#43 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#44 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#46 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#51 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#52 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007c.html#53 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#0 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#5 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#11 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#26 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#68 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007d.html#70 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#2 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#12 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#23 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#24 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#28 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#29 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#58 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#61 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#62 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007e.html#65 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#8 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#58 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#68 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#72 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007g.html#8 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007h.html#48 Securing financial transactions a high priority for 2007
http://www.garlic.com/~lynn/2007h.html#51 Securing financial transactions a high priority for 2007

2007 Roundup: The march of the botnets

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: 2007 Roundup: The march of the botnets
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 16:00:07 -0500
2007 Roundup: The march of the botnets
http://www.vnunet.com/vnunet/news/2206172/botnets-branded-worst-security

recent posts mentioning botnets:
http://www.garlic.com/~lynn/aadsm27.htm#65 MITM spotted in Tor
http://www.garlic.com/~lynn/aadsm28.htm#2 Death of antivirus software imminent
http://www.garlic.com/~lynn/2007l.html#42 My Dream PC -- Chip-Based
http://www.garlic.com/~lynn/2007o.html#7 Hypervisors May Replace Operating Systems As King Of The Data Center
http://www.garlic.com/~lynn/2007o.html#16 Hypervisors May Replace Operating Systems As King Of The Data Center
http://www.garlic.com/~lynn/2007q.html#6 what does xp do when system is copying
http://www.garlic.com/~lynn/2007u.html#71 folklore indeed
http://www.garlic.com/~lynn/2007u.html#74 folklore indeed
http://www.garlic.com/~lynn/2007v.html#35 Inside a Modern Malware Distribution System

a couple other recent botnet news items:

Storm, Nugache lead dangerous new botnet barrage
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1286808,00.html
Botnet-controlled Trojan robbing online bank customers
http://www.networkworld.com/news/2007/121307-zbot-trojan-robbing-banks.htm
Inside a Modern Malware Distribution System
http://www.eweek.com/article2/0,1895,2239276,00.asp
Criminals Using Botnet To Attack iPhone Buyers
http://www.informationweek.com/news/showArticle.jhtml?articleID=201400215
Storm Botnet Driving PDF Spam
http://www.securitypronews.com/news/securitynews/spn-45-20070713StormBotnetDrivingPDFSpam.html
Why we're losing the botnet battle
http://www.networkworld.com/news/2007/072507-why-were-losing-the-botnet.html
ISPs may not be doing enough about botnets
http://arstechnica.com/news.ars/post/20070731-isps-may-not-be-doing-enough-about-botnets.html
Invasion of Botnets, Trojans, Worms Malware - DA issues fraud alert
http://www.thecherrycreeknews.com/content/view/1603/2/

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Sun, 30 Dec 2007 16:06:14 -0500
rpl <plinnane3@yahoo.com.invalid> writes:
gotcha, but I still maintain the problem is that the intermediate (vendors) have no intrinsic "need to know" a cc-number and therefore no "need to keep secure". Data heists are the symptom, not the disease.

see the related recent post on merchants want the payment specifications changed that require them to keep all the information ... as part of the existing paradigm and required business processes:
http://www.garlic.com/~lynn/2007v.html#85 folklore indeed

and the security proportional to risk analysis ... where the crooks can afford to outspend the merchants by possibly 100:1 ...
http://www.garlic.com/~lynn/2007v.html#86 folklore indeed

and related data breaches
http://www.garlic.com/~lynn/2007v.html#87 Data Breaches Soar In 2007
http://www.garlic.com/~lynn/2007v.html#88 Data Breaches Soar In 2007

Tap and faucet and spellcheckers

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Tap and faucet and spellcheckers
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Sun, 30 Dec 2007 16:55:21 -0500
Peter Moylan <peter@DIESPAMMERSDIEpmoylan.org> writes:
Yet another word that's not portable between countries. EFTPOS is so well-known in Australia that it's ready for lower-casing, like "radar". It hadn't occurred to me that it has different names in different English-speaking countries.

and hot off tomorrow's press:

VeriFone Buys Aussie EFTPOS Services Firm
http://www.epaynews.com/index.cgi?survey=&ref=browse&f=view&id=1199047594837043222&block=

from above:
Like their counterparts around the world, Australian acquirers are facing mandates to comply with global security standards such as PCI DSS (Payments Cards Industry Data Security Standard) and EMV. They are also required to comply with local standards from APCA (Australian Payments Clearing Association). VeriFone says its portfolio of systems and peripherals has received APCA certification.

... snip ...

some recent posts mentioning PCI
http://www.garlic.com/~lynn/2007v.html#70 folklore indeed
http://www.garlic.com/~lynn/2007v.html#74 folklore indeed
http://www.garlic.com/~lynn/2007v.html#77 folklore indeed
http://www.garlic.com/~lynn/2007v.html#79 folklore indeed
http://www.garlic.com/~lynn/2007v.html#85 folklore indeed

for little more drift, comments about current paradigm where attackers can outspend defenders by possibly 100:1 (and security proportional to risk)
http://www.garlic.com/~lynn/2007v.html#86 folklore indeed
http://www.garlic.com/~lynn/2007v.html#87 Data Breaches Soar In 2007

and for other topic drift ... recent post
http://www.garlic.com/~lynn/aadsm28.htm#3 Why Security Modelling doesn't work -- the OODA-loop of today's battle

in financial cryptography blog
https://financialcryptography.com/mt/archives/000991.html

which then drifts even further into OODA-loops and John Boyd
http://www.garlic.com/~lynn/subboyd.html#boyd

Tap and faucet and spellcheckers

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Tap and faucet and spellcheckers
Newsgroups: alt.usage.english,alt.folklore.computers
Date: Sun, 30 Dec 2007 20:03:47 -0500
krw <krw@att.bizzzzz> writes:
What's a "long time"? They're nowhere near par now, but even in the '70s they weren't all that rare. My lab partner most of the way through school was female and of the nine or so that started work about the same time as I did, in '74, one was female (and black). I remember my father talking about one dippy female in the '50s (when they were very rare) trying to pull a cartridge fuse with two hands. She didn't have a back pocket. ;-)

a few references to my wife being the only female in engineering grad school
http://www.garlic.com/~lynn/2002o.html#68 META: Newsgroup cliques?
http://www.garlic.com/~lynn/2005d.html#75 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2007u.html#13 new 40+ yr old, disruptive technology

she had a couple other jobs before joining ibm ... but then got to work for somebody heading up part of FS
http://www.garlic.com/~lynn/submain.html#futuresys

then did a stint in the gburg JES group before being con'ed into going to pok to be responsible for loosely-coupled architecture
http://www.garlic.com/~lynn/submain.html#shareddata

folklore indeed

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Mon, 31 Dec 2007 09:00:23 -0500
re:
http://www.garlic.com/~lynn/2007v.html#77 folklore indeed
http://www.garlic.com/~lynn/2007v.html#79 folklore indeed

the issue is that PCI-DSS is requirement by the card associations as part of enabling merchant for accepting payment card transactions (regardless of what computer it runs on) ... moving the processing to a different computer doesn't eliminate the PCI-DSS requirements. PCI-DSS compliance becomes a requirement for merchant being enabled/allowed to accept payment transactions (regardless of where the processing runs).

one of the motivations behind x9.59 financial standard
http://www.garlic.com/~lynn/x959.html#x959

changing the paradigm was that the current infrastructure ... somewhat discussed in the *naked transaction metaphor* threads/posts:
http://www.garlic.com/~lynn/subintegrity.html#payments

... can mean that the attackers can afford to outspend the defenders by possibly 100:1
http://www.garlic.com/~lynn/2007v.html#86 folklore indeed
http://www.garlic.com/~lynn/2007v.html#87 Data Breaches
http://www.garlic.com/~lynn/2007v.html#88 Data Breaches
http://www.garlic.com/~lynn/2007v.html#90 folklore indeed
http://www.garlic.com/~lynn/2007v.html#91 Tap and faucet and spellcheckers

another tactic is changing the required business processes to eliminate merchants having to retain data for such a long period
http://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks

this doesn't eliminate the underlying fundamental problem with the current paradigm ... the transactions still remain attractive targets for attackers in numerous other places.

the x9.59 financial standard approach was to totally eliminate the usefullness of the information to the attackers (rather than simply eliminating one of the places that the attackers could harvest the information).

folklore indeed

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Mon, 31 Dec 2007 10:50:23 -0500
rpl <plinnane3@yahoo.com.invalid> writes:
cc-co's give a system unique "confirmation code" for cc purchases (?, it's been ages since I dealt with cc's and haven't looked at EFT except for some of Lynn's notes).

Given a "confirmation code" that guarantees payment as much as a cc#, a Merchanter has no intrinsic use for CC#, except for getting a handle on a customer for good/badwill tracking & marketing purposes.


there was suggestion that something like this could be done more than a decade or so ago. the theory was that charge-backs and disputes would come in with this code. however, the practice was that merchants would get charge-backs and disputes referencing account number and some approx. date/time ... old adage that in theory there is no difference between theory and practice ....

there are institutional regulations regarding how long merchants need to keep information around in order to handle/process things like disputes and charge-backs.

these posts make reference banks becoming responsible for maintaining all the data (with implication that there is some online mechanism for merchants to access the information ... creating a different kind of vulnerability ... since the numbers are that up to seventy percent of all breaches involve insiders)
http://www.garlic.com/~lynn/aadsm27.htm#60 Retailers push data responsibilities back to banks
http://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
http://www.garlic.com/~lynn/2007v.html#74 folklore indeed
http://www.garlic.com/~lynn/2007v.html#77 folklore indeed
http://www.garlic.com/~lynn/2007v.html#85 folklore indeed
http://www.garlic.com/~lynn/2007v.html#93 folklore indeed

however, that doesn't actually change the fundamental vulnerability characteristic of the information and it being highly subject to compromise ... whereever it might occur ... i.e. the naked transaction metaphor
http://www.garlic.com/~lynn/subintegrity.html#payments

the fundamental issue was that crooks can use the information from previous transactions for generating new, fraudulent transactions. this characteristic is also behind the attackers/crooks being able to outspend the defenders/merchants by possibly 100:1 (the information, regardless of all the places it may occur and how the crooks come up with means for skimming/harvesting/breaches, is extremely valuable to the crooks).
http://www.garlic.com/~lynn/2007v.html#86 folklore indeed
http://www.garlic.com/~lynn/2007v.html#87 Data Breaches Soar In 2007
http://www.garlic.com/~lynn/2007v.html#90 folklore indeed
http://www.garlic.com/~lynn/2007v.html#91 Tap and faucet and spellcheckers
http://www.garlic.com/~lynn/2007v.html#93 folklore indeed

this is also part of what we addressed in the x9a10 financial standard working group for the x9.59 financial standard
http://www.garlic.com/~lynn/x959.html#x959

in making the information useless to crooks. it did nothing about countermeasures for crooks accessing the information ... it just eliminated any value of the information to the crooks (meaning that they could no longer use the information for generating fraudulent transactions).

in the mid-90s, the x9a10 financial standard working group was given the requirement to preserve the integrity of the financial infrastructure for ALL retail payments. this required detailed end-to-end investigation ALL threats and vulnerabilities ... for ALL possible kinds of retail payments.

another characteristic of X9.59 was making it privacy agnostic. In the mid-90s, when the x9a10 financial standard working group effort on x9.59 was goinng on, the EU had made some reference to the EU-DPD and making electronic payments at point-of-sale as anonymous as cash. This was taken as removing the name from payment cards (embossed plastic and magstripe) ... and eliminating any requirement for cross-checking that name against other forms of identification. recent post discussing privacy agnostic characteristic
http://www.garlic.com/~lynn/aadsm28.htm#1

misc. other posts discussing x9.59 privacy issues
http://www.garlic.com/~lynn/subpubkey.html#privacy

for other topic drift ... i had also co-authored financial industry x9.99 financial privacy standard. somewhat in support of these i had put together a privacy merged glossary and taxonomy
http://www.garlic.com/~lynn/index.html#glosnotes

as part of x9.99 we had to look at things like HIPAA and GLBA as well as EU-DPD.

folklore indeed

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Mon, 31 Dec 2007 11:53:10 -0500
rpl <plinnane3@yahoo.com.invalid> writes:
cc-co's give a system unique "confirmation code" for cc purchases (?, it's been ages since I dealt with cc's and haven't looked at EFT except for some of Lynn's notes).

Given a "confirmation code" that guarantees payment as much as a cc#, a Merchanter has no intrinsic use for CC#, except for getting a handle on a customer for good/badwill tracking & marketing purposes.


re:
http://www.garlic.com/~lynn/2007v.html#94 folklore indeed

there is a funny story 4-5 yrs ago about large national retail merchant, they figured out that keeping all the information for handling disputes/chargeback was costing more than if they automatically paid all disputes/chargebacks ... and was looking at eliminating keeping all the information (i.e. card associates only require that the information be retained if the merchant is planning on doing anything but automatically paying out on dispute/chargeback).

somebody then raised the question of what would the public start doing if it was found out that the merchant was not keeping the information (and automatically paying all disputes/chargebacks).

recent article that significant precentage of public practices fraud.

Self-Service Cheats Cost Retailers GLB200m
http://www.epaynews.com/index.cgi?survey=&ref=browse&f=view&id=1199047308837043222&block=

this particular was grocery chain ... which are notorious for having 1-3 percent profit margins ...

seven percent admitted to failing to scan items at self-service checkout, nine percent admitted to shoplifting and 8 percent admitted to "grazing" (eating food off the shelves while shopping and not paying for it).

another reference here:
http://ukpress.google.com/article/ALeqM5gvcnA3H-lY1QtezHvWBDAKGPkNnQ

lots of posts about fraud, threats, vulnerabilities, exploits and risks
http://www.garlic.com/~lynn/subintegrity.html#fraud

source for VAX programmers

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: source for VAX programmers
Newsgroups: alt.folklore.computers,alt.sys.pdp10
Date: Mon, 31 Dec 2007 15:39:10 -0500
Al Kossow <aek@spies.com> writes:
Melinda Varian's history of CMS
http://www.leeandmelindavarian.com/Melinda/25paper.pdf

notes that there was a large layoff of IBM programmers in the mid 70's as they transferred CMS development to NY.

I had heard that there was a large influx of IBM influence in the mid 70's at DEC. Was this one of the sources?


the actual situation was that in the wake of cancelling future system project
http://www.garlic.com/~lynn/submain.html#futuresys

there were mad rush to try and get stuff back into the 370 product pipeline. the favorite son operating system group in POK managed to convince the corporation that it needed all of the vm370/cms developers up in burlington mall ... in order to make the mvs/xa schedule; aka kill/terminate the vm370/cms product and transfer everybody from the burlington development group to POK to support mvs/xa development.

quite a few of the people in the burlington group didn't leave the area ... and got jobs at various places like dec, prime, etc. some number showed up in the vms group.

endicott (mid-range) did manage to salvage the vm370/cms product mission, but effectively had to reconstitute a group from scratch.

... aka, the cp67/cms development group split off from the science center
http://www.garlic.com/~lynn/subtopic.html#545tech

and growing rapidly (in part working on the morph of cp67 to vm370) took over (absorbed) the boston programming center on the 3rd flr (545 tech sq). it also fairly quickly outgrew the space on the 3rd flr ... and moved out to the old SBC (which had been transferred to cdc) vacant bldg. in burlington mall.

the news about shutting down the burlington group and move to pok was to be sprung at the various last minute (possibly hoping to minimize time people had to find alternatives) ... however the information leaked out a couple months early. there then was a concerted witch hunt attempting to identify the source of the leak.

the future system distraction ... and then mad rush to try and get stuff back into the product pipeline created the opportunity for a lot of stuff that i had been doing to be picked up and shipped in vm370 product (some of which i had even done as undergraduate for cp67 but dropped in the morph from cp67 to vm370).

during the heyday of FS, i continued to do 360/370 work ... and even made some less than flattering references to FS work ... including drawing similarties to the effort with a cult film that had been playing down in central sq). some old email references to moving lots of work from cp67 to vm370
http://www.garlic.com/~lynn/2006v.html#email731212
http://www.garlic.com/~lynn/2006w.html#email750102

some amount of kernel restructuring and small subset of other work was picked up for vm370 release 3 (including feature referred to as DCSS) ... some recent posts.
http://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#49 IBM mainframe history, was Floating-point myths
http://www.garlic.com/~lynn/2007v.html#50 IBM mainframe history, was Floating-point myths

then it was decided to package a bunch of my other stuff as an independent product offering ... and a bunch of other stuff that i had done as undergraduate for cp67 was released on vm370
http://www.garlic.com/~lynn/subtopic.html#fairshare
http://www.garlic.com/~lynn/subtopic.html#wsclock

misc. past posts mentioning burlington mall group
http://www.garlic.com/~lynn/94.html#2 Schedulers
http://www.garlic.com/~lynn/98.html#7 DOS is Stolen!
http://www.garlic.com/~lynn/99.html#179 S/360 history
http://www.garlic.com/~lynn/2000b.html#54 Multics dual-page-size scheme
http://www.garlic.com/~lynn/2000b.html#55 Multics dual-page-size scheme
http://www.garlic.com/~lynn/2001m.html#47 TSS/360
http://www.garlic.com/~lynn/2001m.html#49 TSS/360
http://www.garlic.com/~lynn/2001n.html#67 Hercules etc. IBM not just missing a great opportunity...
http://www.garlic.com/~lynn/2002e.html#27 moving on
http://www.garlic.com/~lynn/2002h.html#34 Computers in Science Fiction
http://www.garlic.com/~lynn/2002h.html#59 history of CMS
http://www.garlic.com/~lynn/2002j.html#17 CDC6600 - just how powerful a machine was it?
http://www.garlic.com/~lynn/2002m.html#9 DOS history question
http://www.garlic.com/~lynn/2002o.html#78 Newsgroup cliques?
http://www.garlic.com/~lynn/2002p.html#14 Multics on emulated systems?
http://www.garlic.com/~lynn/2003c.html#0 Wanted: Weird Programming Language
http://www.garlic.com/~lynn/2003d.html#8 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
http://www.garlic.com/~lynn/2003f.html#53 Alpha performance, why?
http://www.garlic.com/~lynn/2003g.html#22 303x, idals, dat, disk head settle, and other rambling folklore
http://www.garlic.com/~lynn/2003h.html#34 chad... the unknown story
http://www.garlic.com/~lynn/2003k.html#0 VSPC
http://www.garlic.com/~lynn/2003k.html#55 S/360 IPL from 7 track tape
http://www.garlic.com/~lynn/2004.html#20 BASIC Language History?
http://www.garlic.com/~lynn/2004.html#32 BASIC Language History?
http://www.garlic.com/~lynn/2004c.html#47 IBM 360 memory
http://www.garlic.com/~lynn/2004d.html#42 REXX still going strong after 25 years
http://www.garlic.com/~lynn/2004e.html#37 command line switches [Re: [REALLY OT!] Overuse of symbolic
http://www.garlic.com/~lynn/2004g.html#24 |d|i|g|i|t|a|l| questions
http://www.garlic.com/~lynn/2004g.html#35 network history (repeat, google may have gotten confused?)
http://www.garlic.com/~lynn/2004g.html#38 Infiniband - practicalities for small clusters
http://www.garlic.com/~lynn/2004k.html#23 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of
http://www.garlic.com/~lynn/2004m.html#6 a history question
http://www.garlic.com/~lynn/2004m.html#54 Shipwrecks
http://www.garlic.com/~lynn/2004n.html#7 RISCs too close to hardware?
http://www.garlic.com/~lynn/2004q.html#72 IUCV in VM/CMS
http://www.garlic.com/~lynn/2005f.html#58 Where should the type information be: in tags and descriptors
http://www.garlic.com/~lynn/2005h.html#37 Software for IBM 360/30
http://www.garlic.com/~lynn/2005j.html#25 IBM Plugs Big Iron to the College Crowd
http://www.garlic.com/~lynn/2005j.html#54 Q ALLOC PAGE vs. CP Q ALLOC vs ESAMAP
http://www.garlic.com/~lynn/2005p.html#0 Article: The True Value of Mainframe Security
http://www.garlic.com/~lynn/2005q.html#12 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2005q.html#14 What ever happened to Tandem and NonStop OS ?
http://www.garlic.com/~lynn/2005s.html#35 Filemode 7-9?
http://www.garlic.com/~lynn/2005s.html#36 Filemode 7-9?
http://www.garlic.com/~lynn/2006b.html#18 {SPAM?} Re: Expanded Storage
http://www.garlic.com/~lynn/2006j.html#44 virtual memory
http://www.garlic.com/~lynn/2006l.html#25 Mainframe Linux Mythbusting (Was: Using Java in batch on z/OS?)
http://www.garlic.com/~lynn/2006m.html#21 The very first text editor
http://www.garlic.com/~lynn/2006m.html#25 Mainframe Limericks
http://www.garlic.com/~lynn/2006m.html#28 Mainframe Limericks
http://www.garlic.com/~lynn/2006o.html#51 The Fate of VM - was: Re: Baby MVS???
http://www.garlic.com/~lynn/2006r.html#41 Very slow booting and running and brain-dead OS's?
http://www.garlic.com/~lynn/2006s.html#1 Info on Compiler System 1 (Univac, Navy)?
http://www.garlic.com/~lynn/2006u.html#28 Assembler question
http://www.garlic.com/~lynn/2007f.html#25 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007f.html#28 The Perfect Computer - 36 bits?
http://www.garlic.com/~lynn/2007g.html#39 Wylbur and Paging
http://www.garlic.com/~lynn/2007l.html#58 Scholars needed to build a computer history bibliography
http://www.garlic.com/~lynn/2007m.html#66 Off Topic But Concept should be Known To All
http://www.garlic.com/~lynn/2007p.html#29 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#35 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007q.html#0 A question for the Wheelers - Diagnose instruction
http://www.garlic.com/~lynn/2007s.html#33 Age of IBM VM
http://www.garlic.com/~lynn/2007s.html#36 Oracle Introduces Oracle VM As It Leaps Into Virtualization
http://www.garlic.com/~lynn/2007t.html#68 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#40 Computer language history

folklore indeed

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: folklore indeed
Newsgroups: alt.folklore.computers
Date: Mon, 31 Dec 2007 15:57:10 -0500
re:
http://www.garlic.com/~lynn/2007v.html#77 folklore indeed
http://www.garlic.com/~lynn/2007v.html#79 folklore indeed
http://www.garlic.com/~lynn/2007v.html#93 folklore indeed

it usually wasn't too hard to get across the concept behind security proportional to risk ... however, the frequent kneejerk response was that (in retail payment arena) it was proportional to the size of the merchant business. you can somewhat see that it the rampup related to some of the current payment security procedure requirements.

the enormous disconnect in the current paradigm ... aka naked transaction metaphor
http://www.garlic.com/~lynn/subintegrity.html#payments

is that the skim/breach risk is only slightly correlated with merchant business. merchant business can be somewhat related to the number of transactions ... and therefor related to the number of payment accounts. however, the actual risk is pretty much independent to the amount of those transactions and especially any merchant profit on the transactions ... the actual risk is related to the credit limit and account balance for the associated accounts ... and has nothing at all to do with the merchant.

every once and awhile, we would see an "aha" moment come across somebodies face ... when somebody realizes the actual size of the risk ... and it can be almost totally unrelated to the merchant.

however, this is behind the claim that the attackers can afford to outspend as much as 100:1 more than the defenders
http://www.garlic.com/~lynn/2007v.html#86 folklore indeed
http://www.garlic.com/~lynn/2007v.html#87 Data Breaches Soar In 2007
http://www.garlic.com/~lynn/2007v.html#90 folklore indeed
http://www.garlic.com/~lynn/2007v.html#91 Tap and faucet and spellcheckers
http://www.garlic.com/~lynn/2007v.html#93 folklore indeed
http://www.garlic.com/~lynn/2007v.html#94 folklore indeed

It keeps getting uglier

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: It keeps getting uglier
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Mon, 31 Dec 2007 16:52:23 -0500
edgould1948@COMCAST.NET (Ed Gould) writes:
To refresh my memory was the 370 the first public machine that used the HSB? My memory says yes but as we have seen the POPS and FUNC manual are indeed different. There were quite a few machines I had no exposure to like the 44 and the 67 and the (1)95 among others

360/85 was first machine with cache.

this web page has some number of ibm product announcements
httpp://ed-thelen.org/comp-hist/IBM-ProdAnn/index.html

including the 360/85
http://ed-thelen.org/comp-hist/IBM-ProdAnn/360-85.pdf

It keeps getting uglier

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: It keeps getting uglier
Newsgroups: bit.listserv.ibm-main
Date: Mon, 31 Dec 2007 16:43:16 -0500
edgould1948@COMCAST.NET (Ed Gould) writes:
Its been at least 30 years I will yield to your memory. I just remember it giving me a blow by blow description on the format of the instructions and how it worked plus timings. If it was another manual, fine.

360/30 functional characteristics ... see if this is what you remember
http://bitsavers.org/pdf/ibm/360/funcChar/GA24-3231-7_360-30_funcChar.pdf

This has directory for -0, -6, and -7 360 Principles of Operation
http://bitsavers.org/pdf/ibm/360/poo/

past posts in thread:
http://www.garlic.com/~lynn/2007v.html#21 It keeps getting uglier
http://www.garlic.com/~lynn/2007v.html#68 It keeps getting uglier

for other drift, directory of some 360 FE manuals
http://bitsavers.org/pdf/ibm/360/fe/

source for VAX programmers

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: source for VAX programmers
Newsgroups: alt.folklore.computers,alt.sys.pdp10
Date: Mon, 31 Dec 2007 20:26:10 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
quite a few of the people in the burlington group didn't leave the area ... and got jobs at various places like dec, prime, etc. some number showed up in the vms group.

re:
http://www.garlic.com/~lynn/2007v.html#96 source for VAX programmers

there was a joke about the head of POK (aka center of ibm mainframe land) being a major contributor to VMS.

It keeps getting uglier

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: It keeps getting uglier
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Mon, 31 Dec 2007 20:57:58 -0500
doug@BKASSOCIATES.NET (Doug Fuerst) writes:
How do you figure that reverse engineering is an acceptable method of R&D or design? Reverse engineering is an easy way to replicate a design. Since the company creating the product, in this case IBM, spent millions developing the machine, they would be entitled to some exclusivity. How fair is it for every competitor to reverse engineer their machines to mimic the IBM box, and not compensate IBM for that? At least MOBO manufacturers use different chipsets and moderately different designs. I don't believe they are reverse engineering Intel boards, nor is AMD reverse engineering Core Duo's.

clone controller business was supposedly primary motivation for the future system project ... lots of past posts
http://www.garlic.com/~lynn/submain.html#futuresys

i've posted before about being undergraduate and trying to get the 2702 communication controller to do some stuff and it turned out it couldn't ... which was somewhat motivation for the univ. to start a clone controller project ... reverse engineering the ibm channel interface and building a channel interface card for Interdata/3 ... programmed to emulate 2702. this was written up blaming four of us for some part of the clone controller business
http://www.garlic.com/~lynn/subtopic.html#360pcm

article from former corporate executive ... including some number of comments about future system project
http://web.archive.org/web/20110718153549/http://www.ecole.org/Crisis_and_change_1995_1.htm
http://www.ecole.org/en/seances/CM07

including the following:
IBM tried to react by launching a major project called the 'Future System' (FS) in the early 1970's. The idea was to get so far ahead that the competition would never be able to keep up, and to have such a high level of integration that it would be impossible for competitors to follow a compatible niche strategy. However, the project failed because the objectives were too ambitious for the available technology. Many of the ideas that were developed were nevertheless adapted for later generations. Once IBM had acknowledged this failure, it launched its 'box strategy', which called for competitiveness with all the different types of compatible sub-systems. But this proved to be difficult because of IBM's cost structure and its R&D spending, and the strategy only resulted in a partial narrowing of the price gap between IBM and its rivals

... snip ...

above also referenced here
http://www.garlic.com/~lynn/2007u.html#17 T3 Sues IBM To Break its Mainframe Monopoly

there was recent question about some number of people departing and going to work on vax/vms ... which led to joke about head of POK having been a major contributor to VMS ... long winded story involving termination of Future System project and mad rush to get stuff back into the 370 product pipeline:
http://www.garlic.com/~lynn/2007v.html#96 source for VAX programmers
http://www.garlic.com/~lynn/2007v.html#100 source for VAX programmers

there is some case to be made that the Future System distraction and letting the 370 product pipeline dry up contributed to giving the processor clones a foothold in the market.

past reference to amdahl giving a talk at mit in the early 70s that may be at least partially construed as referring to this ... recent reference
http://www.garlic.com/~lynn/2007t.html#68 T3 Sues IBM To Break its Mainframe Monopoly

and other parts of postings in that thread:
http://www.garlic.com/~lynn/2007t.html#69 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#71 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007t.html#77 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#1 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#2 T3 Sues IBM To Break its Mainframe Monopoly




previous, next, index - home