List of Archived Posts

2009 Newsgroup Postings (09/14 - 10/01)

Wanted: SHARE Volume I proceedings
IT Story New Standard For EU-Compliant Electronic Signatures
Smart Card Alliance slams end-to-end encryption
Hacker charges also an indictment on PCI, expert says
Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data
OSS's Simple Sabotage Field Manual
OSS's Simple Sabotage Field Manual
Some companies are selling the idea that you can use just a (prox) physical access badge (single factor) for logical access as acceptable
Malware lingers months on infected PCs
Existence of early 360 software ( was Re: Continous Systems Modelling Packa
33 Years In IT/Security/Audit
Banks should share cyber crime information IT PRO
33 Years In IT/Security/Audit
UK issues Turning apology (and about time, too)
UK issues Turning apology (and about time, too)
Mainframe Hall of Fame: Three New Members Added
Mainframe Hall of Fame: Three New Members Added
UK issues Turning apology (and about time, too)
OSS's Simple Sabotage Field Manual
Mainframe Hall of Fame: Three New Members Added
UK issues Turning apology (and about time, too)
UK issues Turning apology (and about time, too)
Blast from the Past - 60 years of cryptography
COBOL Celebrates 50 Years
Status of Arpanet/Internet in 1976?
Status of Arpanet/Internet in 1976?
Signature specification without certificates
Continous Systems Modelling Package
Status of Arpanet/Internet in 1976?
Status of Arpanet/Internet in 1976?
Status of Arpanet/Internet in 1976?
Status of Arpanet/Internet in 1976?
Status of Arpanet/Internet in 1976?
Status of Arpanet/Internet in 1976?
Status of Arpanet/Internet in 1976?
Cybersecurity Today: The Wild, Wild West
The Compliance Spectrum...Reducing PCI DSS Scope
Firms failing to treat card data security seriously
Cybersecurity Today: The Wild, Wild West
Status of Arpanet/Internet in 1976?
DARPA, at least, has a clue (maybe, sometimes)
Follow up
DARPA, at least, has a clue (maybe, sometimes)
Status of Arpanet/Internet in 1976?
Follow up
Status of Arpanet/Internet in 1976?
Follow up
Opinions on the 'Unix Haters' Handbook'
Microprocessors with Definable MIcrocode
Opinions on the 'Unix Haters' Handbook'
Status of Arpanet/Internet in 1976?
Follow up
Security
Long parms...again
Follow up
Hexadecimal Kid - articles from Computerworld wanted
Opinions on the 'Unix Haters' Handbook'
Evolution of Floating Point
Opinions on the 'Unix Haters' Handbook'
Evolution of Floating Point
Hexadecimal Kid - articles from Computerworld wanted
Evolution of Floating Point
Opinions on the 'Unix Haters' Handbook'
Evolution of Floating Point
another item related to ASCII vs. EBCDIC
Evolution of Floating Point
Evolution of Floating Point
Status of Arpanet/Internet in 1976?
Opinions on the 'Unix Haters' Handbook'
Status of Arpanet/Internet in 1976?
Status of Arpanet/Internet in 1976?
Sophisticated cybercrooks cracking bank security efforts
Real-Time Hackers Foil Two-Factor Security
IDCAMS delete with mask
Best IEFACTRT (off topic)

Wanted: SHARE Volume I proceedings

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Wanted: SHARE Volume I proceedings
Newsgroups: bit.listserv.ibm-main
Date: Mon, 14 Sep 2009 09:25:48 -0400
BShannon@ROCKETSOFTWARE.COM (Bob Shannon) writes:
SHARE used to publish two volumes of Proceedings: Volume I was a book containing papers; Volume II was microfiche of everything else. I have started to convert the Volume I Proceedings to PDF. I have Volume I from SHARE 74 (Anaheim, Winter 1990) and SHARE 77 (Chicago, Summer 1991). If you have any other Volume I Proceedings in a file cabinet or in a box in your attic and are willing to donate it (or them), please contact me offline. During conversion to PDF the pages are removed from the binding, so the publication will be trashed during the process. Eventually the PDFs will be made available on a publically-accessible website.

the copyright law changed in '79 ... i have SHARE copyrighted document (LSRAD report) from '79 (after the copyright law change) and have been trying since last jan, to get share permission to put up scan on publicly available site (bitsavers.org ... which has some number of earlier SHARE documents as well as IBM manuals). under the old law ... the copyright would have expired.

post from earlier this year
https://www.garlic.com/~lynn/2009.html#47
https://www.garlic.com/~lynn/2009.html#70

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

IT Story New Standard For EU-Compliant Electronic Signatures

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: IT Story New Standard For EU-Compliant Electronic Signatures
Date: 14 Sep, 2009
Blog: Information Security Network
IT Story New Standard For EU-Compliant Electronic Signatures
http://it.slashdot.org/story/09/09/14/0312229/New-Standard-For-EU-Compliant-Electronic-Signatures

from above:
The standard defines a series of profiles for PAdES -- Advanced Electronic Signatures for PDF documents -- that meet the requirements of the European Directive on a Community framework for electronic signatures (Directive 1999/93/EC).

... snip ...

also

New ETSI standard for EU-compliant electronic signatures
http://www.net-security.org/secworld.php?id=8070

... note ... a decade ago, we had been brought in to help word-smith the cal. state electronic signature legislation. One of the issues was that there was significant lobbying by certain interests to effectively use off-the-shelf digital signature technology.

The lawyers pointed out that off-the-shelf digital signature technology was effectively authentication ... but didn't meet the requirement for "human signature" demonstrating intent, having read, understood, agrees, approves, and/or authorizes.

Conjecture was possible cognitive dissonance (&/or semantic confusion) with the terms "digital signature" and "human signature" both containing the word "signature".

misc. past posts mentioning signatures
https://www.garlic.com/~lynn/subpubkey.html#signature

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Smart Card Alliance slams end-to-end encryption

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Smart Card Alliance slams end-to-end encryption
Date: 14 Sep, 2009
Blog: Information Security Network
somewhat followup
https://www.garlic.com/~lynn/2009m.html#86 Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data

Smart Card Alliance slams end-to-end encryption
http://www.finextra.com/fullstory.asp?id=20488

from above:
The US payments industry should use contactless chip cards along with dynamic cryptograms - rather than end-to-end data encryption - in the fight against fraudsters, according to an industry association.

... snip ...

in the mid-90s, we had been invited to participate in the x9a10 financial standard working group which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments (i.e. all kinds, debit, credit, ach, stored-value; all environments, point-of-sale, internet, face-to-face, unattended, ... aka *ALL*). as mentioned the result was x9.59 financial standard transaction protocol.
https://www.garlic.com/~lynn/x959.html#x959

one of the issues raised in the period was the significant cost of chips being selected for some alternative POS payment specifications ... so an issue was to address what were all the costs. there was also a request from the transit industry to be able to perform secure operation contactless and within the power and elapsed-time requirements of high-traffic transit turnstyle.

part of the cost was addition of "crypto" processor. the issue was that the crypto selected was enormously computationally intensive ... and took significant elapsed time at point-of-sale. the "crypto" processor was to significantly increase the number of circuits ... to effectively perform more of the computations in parallel ... still took a long time ... but also drove up the power requirements (compressing time for power used by all those circuits in smaller time).

an alternative was to change the crypto ... to something with at least equal integrity and security, but significantly lower computational (power & elapsed time) requirements. as previously mention got cost down to something under that of stamp/mailing .... so the next step was looking at paradigm changes to eliminate requirement to mail something.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Hacker charges also an indictment on PCI, expert says

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Hacker charges also an indictment on PCI, expert says
Date: 14 Sep, 2009
Blog: Pament Systems Network
re:
https://www.garlic.com/~lynn/2009l.html#50 Hacker charges also an indictment on PCI, expert says
https://www.garlic.com/~lynn/2009l.html#53 Hacker charges also an indictment on PCI, expert says
https://www.garlic.com/~lynn/2009l.html#61 Hacker charges also an indictment on PCI, expert says
https://www.garlic.com/~lynn/2009l.html#64 Hacker charges also an indictment on PCI, expert says
https://www.garlic.com/~lynn/2009l.html#68 Hacker charges also an indictment on PCI, expert says
https://www.garlic.com/~lynn/2009m.html#4 Hacker charges also an indictment on PCI, expert says
https://www.garlic.com/~lynn/2009m.html#48 Hacker charges also an indictment on PCI, expert says
https://www.garlic.com/~lynn/2009m.html#49 Hacker charges also an indictment on PCI, expert says

There is security proportional to risk ... while it may be impossible to provide one hundred percent security .... but it is possible to eliminate the majority of the existing vulnerabilities and significantly raise the bar ... one scenario is the bar is high enough that the effort to compromise makes it more costly (to the crooks) than the expected (fraudulent) benefit.

many of the existing computer environment vulnerabilities were well understood 15-20 yrs ago ... and the EU FINREAD standard (a decade ago) represented countermeasure to significant percentage of those vulnerabilities.
https://www.garlic.com/~lynn/subintegrity.html#finread

computer environments don't need to have those securities ... I did a lot of work in the area as undergraduate in the 60s ... but didn't hear about some of these customers until much later:
https://web.archive.org/web/20090117083033/http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml

somewhat related thread in this news items ... also archived here:
https://www.garlic.com/~lynn/2009m.html#86 Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data
https://www.garlic.com/~lynn/2009n.html#2 Smart Card Alliance slams end-to-end encryption

I mentioned earlier in this thread that in the mid-90s, there was various presentations at banking conferences regarding big motivation of moving the old-style (consumer) dial-up banking to the internet (eliminate the enormous consumer support costs associated with serial-port devices, large library of software, attempting to have some collection that would work on reasonable set of customer PCs) ... basically offloading a bunch of those costs to ISPs.

At the same time, the dialup online commerical/cash-management operations were making presentations that they would never move to the internet because of the significant security issues. Some of this was that the PCs grew up from stand-alone &/or at least non-hostile environment and had few countermeasures to the extremely hostile environment being connected to the internet (where everybody is potential advisery).

That security landscape has changed little in the intervening 15 yrs.

Jim and I had worked together in the 70s and he tried to palm off a bunch of stuff on me when he left for tandem.

Jim
https://www.garlic.com/~lynn/2008p.html#27 Father of Financial Dataprocessing

and I did this "Dependability in Real Life" ... for a NASA dependable computing workshop (early part of this decade)
https://web.archive.org/web/20011004023230/http://www.hdcc.cs.cmu.edu/may01/index.html

Then a few years ago, he badgered me into interviewing for chief security architect in redmond ... the interview went on for a few weeks ... but we weren't able to come to agreement ... some recent references:
https://www.garlic.com/~lynn/2009.html#60 The 25 Most Dangerous Programming Errors
https://www.garlic.com/~lynn/2009g.html#18 Top 10 Cybersecurity Threats for 2009, will they cause creation of highly-secure Corporate-wide Intranets?
https://www.garlic.com/~lynn/2009h.html#28 Computer virus strikes US Marshals, FBI affected
https://www.garlic.com/~lynn/2009i.html#22 My Vintage Dream PC
https://www.garlic.com/~lynn/2009l.html#20 Cyber attackers empty business accounts in minutes

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data
Date: 14 Sep, 2009
Blog: Payment Systems Network
re:
https://www.garlic.com/~lynn/2009m.html#86 Voltage SecureData Now Provides Distributed End-to-End Encryption of Sensitive Data
https://www.garlic.com/~lynn/2009n.html#2 Smart Card Alliance slams end-to-end encryption

the x-over comment from the mainframe experts group included reference to this:

Alliance proposes new rules for payments in U.S.
http://www.contactlessnews.com/2009/09/10/alliance-proposes-new-rules-for-payments-in-u-s

but then from earlier today ...

Heartland CEO: Credit card encryption needed
http://www.computerworld.com/s/article/9138008/Heartland_CEO_Credit_card_encryption_needed
Heartland CEO: Credit card encryption needed
http://www.networkworld.com/news/2009/092309-credit-card-standards.html
Heartland CEO: Credit Card Encryption Needed
http://www.pcworld.com/businesscenter/article/171943/heartland_ceo_credit_card_encryption_needed.html

and back to the other side:

Contactless Chip Cards as an Alternative to End-to-End Encryption
http://www.paymentsnews.com/2009/09/smart-card-alliance-suggests-chip-cards-to-deal-with-data-breaches.html

another article from dark reading:

Smart Card Alliance: End-To-End Encryption Won't Stop Credit-Card Fraud
http://www.darkreading.com/database_security/security/encryption/showArticle.jhtml?articleID=220000501

related discussion in information security network:
http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=
http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=
http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=&gid=80784&discussionID=7148147gid=80784http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=&gid=80784&discussionID=7148147discussionID=7148147gid=80784http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=&gid=80784&discussionID=7148147discussionID=7148147gid=80784http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=&gid=80784&discussionID=7148147discussionID=7148147

some of above, also archived here:
https://www.garlic.com/~lynn/2009n.html#7

which references more detailed article:
http://www.smartcardalliance.org/pages/publications-end-to-end-encryption-and-chip-cards-in-the-us-payments-industry

however, I've frequently mentioned that X9.59 financial standard (also) tweaked the paradigm so that the information was made useless to the crooks ... and therefore eliminated the need for end-to-end encryption. Part of the work in x9a10 financial standard working group looking at lots of business processes that required access to information in the transaction. As a result, any *REAL* end-to-end encryption (from the consumer to the consumer's issuing financial institution) would require a large amount of decryption & reencryption, in order to allow normal business processes access to the information. The X9.59 alternative was to assume that the information might be accessed possibly thousands of times ... but eliminate the ability to use the information for fraudulent transactions
https://www.garlic.com/~lynn/x959.html#x959

as an aside ... not only is the smart card alliance discussion similar to what is already defined for x9.59

but also the nacha trials ... rfi response ...
https://www.garlic.com/~lynn/nacharfi.htm
and the results of the NACHA trials (23july2001)
https://web.archive.org/web/20070706004855/http://internetcouncil.nacha.org/News/news.html

as mentioned elsewhere ... in that time frame, there was something of a major deployment failure of a hardware token in consumer market segment ... that tainted all other consumer hardware token activities (in the particular failed deployment, it wasn't actually the hardware token ... but the characteristic of the serial-port card acceptor device that was part of the deployment).

however, out of all this ... there was a standard field definition included as part the international ISO 8583 standard (credit card and debit card networks) for carrying such an authentication value.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

OSS's Simple Sabotage Field Manual

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: OSS's Simple Sabotage Field Manual
Newsgroups: alt.folklore.computers
Date: Mon, 14 Sep 2009 23:19:18 -0400
recent article in financial cryptography pointed to:

OSS's Simple Sabotage Field Manual
https://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/OSS_Simple_Sabotage_Manual.pdf

with some special focus on
https://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html

as noted ... some of this reads like standard corporate manager's manual (or maybe dilbert)
(1) Insist on doing everything through "channels." Never permit short-cuts to be taken in order to, expedite decisions.

(2) Make "speeches." Talk as frequently as possible and at great length. Illustrate your "points" by long anecdotes and accounts of personal experiences. Never hesitate to make a few appropriate "patriotic" comments.

(3) When possible, refer all matters to committees, for "further study and consideration." Attempt to make the committees as large as possible - never less than five.

(4) Bring up irrelevant issues as frequently as possible.

(5) Haggle over precise wordings of communications, minutes, resolutions.

(6) Refer back to matters decided upon at the last meeting and attempt to reopen the question of the advisability of that decision.

(7) Advocate "caution." Be "reasonable" and urge your fellow-conferees to be "reasonable" and avoid haste which might result in embarrassments or difficulties later on.

(8) Be worried about the propriety of any decision -raise the question of whether such action as is contemplated lies within the jurisdiction of the group or whether it might conflict with the policy of some higher echelon.


... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

OSS's Simple Sabotage Field Manual

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: OSS's Simple Sabotage Field Manual
Newsgroups: alt.folklore.computers
Date: Tue, 15 Sep 2009 10:15:28 -0400
Walter Bushell <proto@panix.com> writes:
Both of these come up with bad certificate.

re:
https://www.garlic.com/~lynn/2009n.html#5 OSS's Simple Sabotage Field Manual

CAcert is an organization that issues ssl digital certificates ... but their "root" certificate isn't possibly precluded in your browser. the "error" is actually a message that indicates that the "root" certificate is not one known by your browser (hasn't yet been preloaded into your browser by the browser manufacturer).

this is different error from a situation where a website is claiming to be one URL and is using a certificate for some other URL (incorrect as opposed to unknown).

it is possible to continue and fetch the manual pages ... even if it is an untrusted/unknwon (by your browser) certificate ... should not pose any more threat than doing straight http (as opposed to https).

long ago and far away ... we had been called to consult with small client/server startup that wanted to do payment transactions on their server ... the started had also invented this technology they called SSL they wanted to use. as part of doing this thing that is now commonly called "electronic commerce" ... we had to do some end-to-end walk thru of these new operations called themselves Certification Authorities ...and issueing this things called SSL digital certificates.

somewhat after that we would mention that there were lots of reasons (weaknesses) to refer to the certificates as "comfort" (as opposed to security) ... misc. past posts
https://www.garlic.com/~lynn/subpubkey.html#sslcert

especially with lots of hype about how safe, certificates, should make you feel.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Some companies are selling the idea that you can use just a (prox) physical access badge (single factor) for logical access as acceptable

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Some companies are selling the idea that you can use just a (prox) physical access badge (single factor) for logical access as acceptable
Date: 15 Sep, 2009
Blog: Information Security Network
security proportional to risk .... multi-factor authentication is nominally assumed to be more secure ... based on implicit assumptions that the different factors have independent threats & vulnerabilities. For instance, (two-factor) pin/password is frequently assumed to be countermeasure to lost/stolen badge.

what is probability of lost/stolen badge being used fraudulently as single factor authentication and what is at risk if it happens.

a growing issue is the large proliferation in shared-secret paradigm as an authentication factor (whether multi-factor PIN in conjunction with some sort of physical token ... or single-factor like a password) ... along with implicit assumptions about unique shared-secret for every security domain ... has resulted in people having to memorize large scores of impossible to remember shared-secrets. this is poor human factors since it isn't feasible or sustainable situation ... resulting in situations where people have to write down/record the values.

some studies have found that 1/3rd of multi-factor something you have physical tokens have pin/password written on them. other situations may have the token being carried in a wallet ... which also contains list of pin/passwords; a wallet frequently represents a common lost/stolen item (both the token and the recorded pin/passwords) ... invalidating any implicit assumption about independent vulnerabilities.

slightly related:

Users Prefer Device Fingerprinting to Passwords
http://www.internetnews.com/ec-news/article.php/3839071/Users+Prefer+Device+Fingerprinting+to+Passwords.htm

from above:
Study finds 70 percent of respondents say they'd be willing to have their PCs and mobile devices authenticated by an online merchant before completing a transaction.

... snip ...

Part of the work in the x9a10 financial standard working group on x9.59 financial standard (in the mid-90s had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments) ... some refs
https://www.garlic.com/~lynn/x959.html#x959

was that the same x9.59 standard concurrently support wide variety of one-factor, two-factor and/or even three-factor authentication ... even possibly dynamically changing the factors and/or combination of factors based on transaction value &/or risk (security proportional to risk & parameterised risk management).

correspondingly ... work on the AADS chip strawman (security proportional to risk & parameterised risk management)... was that the same chip would work as single-factor authentication as well as various combinations of two-factor and/or even three-factor authentication.
https://www.garlic.com/~lynn/x959.html#aads

In the 90s, I had semi-facetiously said I would take a $500 milspec part and aggresively cost-reduce it while improving security ... eventually getting close to EPC RFID chip cost (i.e. the RFID chips being targeted to replace UPC bar-codes on grocery store items) w/o sacrificing security.

The goal, I eventually characterized as removing all the inhibitors to being able to shift from a "institutional centric" paradigm to a person-centric paradigm ... where potentially a person could use the same hardware token for a huge variety of different purposes operating in a wide variety of different ways (i.e. being able to support a person-centric paradigm would embody, at least, security proportional to risk and parameterised risk management).

In enabling person-centric ... the same hardware token would be able to operate as a (single-factor, something you have) for door-entry as well as for higher security physical access ... as well as both low-value and high-value financial transactions ... as well as multitude of other authentication purposes ... operating in a variety of ways.

misc. past posts mentioning 3-factor authentication paradigm
https://www.garlic.com/~lynn/subintegrity.html#3factor

semi-custom chip was a few hundred thousand circuits ... I got it evaluated at EAL4+ ... wanted to go for higher ... but didn't have a crypto profile to evaluate against. first pass at complete custom chip was 40k circuits. Basically chip cost (in volume) is cost of the wafer and number of chips per wafer. In the late 90s, increasingly smaller chips ran into road block because the area for cutting the wafer into individuals chips ... was becoming larger than the total chip area. Next step in getting ever increasing larger number of smaller chips from a wafer was coming up with new wafer cutting technology (to drastically reduce the area lost to the cuts).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Malware lingers months on infected PCs

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Malware lingers months on infected PCs
Date: 15 Sep, 2009
Blog: Computer Security and Forensics
Malware lingers months on infected PCs
http://www.theregister.co.uk/2009/09/15/malware_persistence/

from above:
Resident evil Malware stays around on infected PCs far longer than previously thought, according to the latest research from Trend Micro.... Web threats: Why conventional protection doesn't work

... snip ...

and somewhat related ...

Australian ISPs Asked To Cut Off Malware-Infected PCs
http://it.slashdot.org/story/09/09/15/0429234/Australian-ISPs-Asked-To-Cut-Off-Malware-Infected-PCs
ISPs asked to cut off malware-infected PCs
http://www.itnews.com.au/News/155673,isps-asked-to-cut-off-malware-infected-pcs.aspx

I raised this as an option in 1995. We had been called in to consult with a small client/server startup that wanted to do payment transactions on their server ... and the startup had invented this technology they wanted to use called "SSL" ... the result is now frequently called "electronic commerce". As part of this ... we did some detailed threat and vulnerability studies ... including DOS & DDOS attacks.

We identified ISPs as being able to recognize and cut-off compromised PCs that were spewing spam, involved in DDOS attacks, and/or involved in perpetrating infection/compromise. Push-back was that ISP (at the time) didn't have the capability ... we pointed out that even at the time, ISP could recognize & disable multiple concurrent connects (which wouldn't take that much effort to modify to do some of these other tasks). We conjectured at the time, that the push-back was rather 1) it might only be 99.99% effective and 2) doing something ... but not 100% ... might open them to liability litigation.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Existence of early 360 software ( was Re: Continous Systems Modelling Packa

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Existence of early 360 software ( was Re: Continous Systems  Modelling Packa
Newsgroups: alt.folklore.computers
Date: Wed, 16 Sep 2009 09:20:47 -0400
Calum <com.gmail@scottishwildcat.nospam> writes:
Early 80's gets my vote too... for a brief few years back then, you could buy sub-£100 home computers that came with beautifully-written manuals that gave you a solid grounding in how to program them, not just how to switch them off and on again. Happy days

my brother was regional marketing rep for apple ... he had setup apple II to do terminal emulation into apple hdqtrs AS/400 to access all the manufacturing and delivery schedules.

i was trying to get copies of all vmshare computer conferencing and make them available on internal machines ... especially the world-wide sales & marketing HONE machines. I talked to him about using an apple II at home ... in lieu of my 3101 glass teletype ... to log into tymshare, download all new & changed vmshare activity ... and then upload into internal ibm systems ... for distribution on internal machines. some past pictures of my online home setup (although missing 2741 pictures used in the early 70s)
https://www.garlic.com/~lynn/lhwemail.html#oldpicts

misc. old posts mentioning world-wide sales&marketing hone (one of my hobbies during the 70s and much of the 80s):
https://www.garlic.com/~lynn/subtopic.html#hone

misc. old email referencing terminal emulation
https://www.garlic.com/~lynn/subnetwork.html#emulation

misc. old email mentioning vmshare
https://www.garlic.com/~lynn/lhwemail.html#vmshare

online computer conferencing vmshare archives (back to aug76)
http://vm.marist.edu/~vmshare/

note that while this was all pure "text" ... not really executable code (modulo any "EXEC" stuff) ... so very low probability of introducing virus and malware on the internal network ... still had lots of dealings with legal dept. regarding introducing external comtamination (&/or copyrighted material) into the internal corporation. just part of getting blamed for computer conferencing on the internal network in the lates 70s and early 80s. misc. past posts mentioning internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet

i also got to go to business dinners (before mac was announced) and argue with some of the mac developers.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

33 Years In IT/Security/Audit

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 33 Years In IT/Security/Audit
To: <ibm-main@bama.ua.edu>
Date: Wed, 16 Sep 2009 09:51:40 -0400
UI0037288@TECHMAHINDRA.COM (Umamaheshwar Iyer) writes:
I started mine on a WANG-VS which was user friendly. After the demise of this wonderful machine, I got a chance working on the Mainframe, which was quite tough when working from a user friendly system to a non-user friendly system. Almost 25 Years now!

WANG did period with rebranded rs/6000 (one of the early cases of taking rs/6000 and rebranding ... some people from austin actually left the company and joined WANG) ... mentioned in wang wiki page (june, 1991)
https://en.wikipedia.org/wiki/Wang_Laboratories

for some security related, wang's computer system receives "B3" security rating
http://findarticles.com/p/articles/mi_m0EIN/is_1995_Oct_5/ai_17531523/

for slight other drift, recent post mentioning getting blamed for computer conferencing on the internal network in the late 70s and early 80s (from early 360 software thread in a.f.c)
https://www.garlic.com/~lynn/2009n.html#9

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Banks should share cyber crime information IT PRO

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Banks should share cyber crime information IT PRO
Date: 16 Sep, 2009
Blog: Financial Crime Risk, Fraud and Security
Banks should share cyber crime information IT PRO
http://www.itpro.co.uk/615127/banks-should-share-cyber-crime-information

from above:
Financial institutions in Holland have shared information about cyber crime for years, offering an example to the UK and Europe about how it could and should be done.

... snip ...

One of the big issues at the critical infrastructure protection regarding ISAC (industry information vulnerability, threats, exploit sharing) was whether the information would be subject to FOIA
http://www.isaccouncil.org/
and
http://www.fsisac.com/

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

33 Years In IT/Security/Audit

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 33 Years In IT/Security/Audit
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Wed, 16 Sep 2009 14:00:08 -0400
Steve_Thompson@STERCOMM.COM (Thompson, Steve) writes:
Dr. Wang is no longer with us. And the company, WANG, was taken over by another company and they basically dropped the hardware. Some years ago I was bidding on migrating WANG/VS based entities to z/OS. I understand that there are still a few holdouts in the Government arena.

re:
https://www.garlic.com/~lynn/2009n.html#10 33 Years In IT/Security/Audit

there aren't a lot of stuff that had gotten B3 evaluation ... following claims that wang was the only one ...
http://www.dynamoo.com/orange/summary.htm

in the transition from orange book to common criteria, i had started doing merged security taxonomy & glossary
https://www.garlic.com/~lynn/index.html#glosnote

and some from common criteria was criticizing me for having both orange book and common criteria definitions in the same glossary. i countered with common criteria was to have protection profiles for specific environments that weren't otherwise capable of getting reasonable orange book certification.

this is recent post referencing getting EAL4+ evaluation for a semi-custom chip
https://www.garlic.com/~lynn/2009n.html#7

my complaint was that some others, using similar flavor of the chip, being able to get a higher evaluation. they were able to use "smart card protection profile" ... which has majority of the stuff about being able to load applications on the chip (doesn't actually evaluate what gets loaded to make the chip useful ... just evaluates the chip and the loading processes ... not what is loaded).

my semi-custom chip had whole bunch of the applications in silicon ... including crypto. since it was part of the silicon chip ... it had to be evaluated as part of the basic chip (the other way avoided having to evaluate a useful deployed chip with actual application). the problem was that there wasn't profile for the crypto for higher level evaluation. I would still claim that my base EAL4+ chip was actually more secure chip than those with higher evaluations ... since I had done with the applications and they evaluated w/o actual applications.

not long ago there was presentation on 65 system EAL evaluations ... that claimed 63 had undisclosed/unpublished deviations (i.e. they had unpublished changes to the protection profile being used). In theory, the purpose behind all this is to have apple-to-apple (trusted operation) comparison ... but with majority having various undisclosed deviations ... it is hard to see how they aren't apple-to-oranges.

It turns out I was involved in doing some amount of trusted computing stuff as undergraduate in the 60s ... even if I didn't know it was called that at the time ... and I didn't learn about these guys until much later
https://web.archive.org/web/20090117083033/http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

UK issues Turning apology (and about time, too)

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: UK issues Turning apology (and about time, too)
Newsgroups: alt.folklore.computers
Date: Wed, 16 Sep 2009 15:42:21 -0400
Eric Chomko <pne.chomko@comcast.net> writes:
The number of foreclosures and bank-owned houses for sale now is not normal in the US. The previous administration, in its attempt to boost the slouching economy, made it way too simple for anyone to qualify and buy a home. Too many have defaulted and here we are.

packaging up mortgages as CDOs and selling them off had been done in the S&L crisis. Being able to unload the mortgages eliminated any motivation for the loan originators to care about borrowers qualification or loan quality. The big uptick this time was that (unregulated) loan originators could pay the rating agencies to get triple-A ratings (even tho both the rating agencies and the loan originators knew that the toxic CDOs weren't worth triple-A rating) ... enormously expanding those that would deal in the toxic CDOs. Effectively, the loan originators could unload every loan, fast as they could write them.

The no-down, no-documentation, 1% introductory rate, interest only payment ARMs ... became enormously attractive to the speculators ... since the carrying cost was much less than real estate inflation rate in many parts of the country (planning on flipping before the rates adjusted) .... speculators would obtain every one they possible could, the loan originators would write every one they possible could ... and then unload them as triple-A rated toxic CDOs.

Repeal of Glass-Steagall (keeping regulated depository institutions separate from unregulated investment banking) ... as part of bank modernization act ... then had some of the large (regulated) consumer banks with (unregulated) investment banking arms ... buying up the toxic CDOs ... at enormous leverage and carrying them off-balance sheet. These (regulated) banks hadn't necessarily had anything to do with the original mortgages ... but were providing (via unregulated investment banking operationgs) much of the fuel in around about, circuitous manner (skirting traditional regulation ... where regulated depository institutions had previously been making regulated mortgages using deposits as source of funds).

There was big major failing in SEC providing oversite of the rating agencies ... which was major factor in allowing the whole house of cards to operate (unjustified triple-A rating on toxic CDOs, enormously increasing the source funds for unregulated load originators). The repeal of Glass-Steagall allowed large regulated depository institutions to play a major role in these unregulated mortgages ... with their unregulated investment purchasing major amounts of the triple-A rated toxic (mortgage backed) toxic CDOs.

The speculation frenzy ... created the impression that the housing demand was significantly larger than it actually was. The apparent (speculation) spike in demand motivated builders to big uptick in building. When the whole speculation bubble bursts ... there is both deflation in (speculation bubble) prices as well as having to work off the excessive building/inventory. The bursting speculation bubble results in all sorts of other kinds of collateral damage thruout the economy.

Past couple days, there has been a number of articles and news commentary about it being one year since the bubble burst (marked by lehman demise) ... and that financial lobby has spent over $3b on lobbying to prevent any congress from making changes in the basic environment that resulted in the whole mess (some comment at least six financial lobbiests thundering up and down the halls of congress for every congressman). There was snide comment on CPAN this past weekend ... that the $3B is cheap price for the $27T that the financial industry was able to suck out of the infrastructure creating the current financial mess.
Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

a couple of the anniversary articles:

Rogues' Gallery Revisited
http://www.forbes.com/2009/09/08/fuld-cayne-thain-lehman-paulson-pandit-opinions-contributors-charles-gasparino.html
Where are the subprime perp walks?
http://money.cnn.com/2009/09/15/news/subprime.perpwalk.fortune/index.htm?postversion=2009091517

misc. past posts mentioning rating agencies & triple-A ratings on toxic CDOs, Lehman having marginal chance of surviving playing long/short mismatch (even if they hadn't been dealing in toxic CDOs), repeal of glass-steagall, etc:
https://www.garlic.com/~lynn/2008.html#66 As Expected, Ford Falls From 2nd Place in U.S. Sales
https://www.garlic.com/~lynn/2008b.html#12 Computer Science Education: Where Are the Software Engineers of Tomorrow?
https://www.garlic.com/~lynn/2008b.html#75 Toyota Sales for 2007 May Surpass GM
https://www.garlic.com/~lynn/2008c.html#11 Toyota Sales for 2007 May Surpass GM
https://www.garlic.com/~lynn/2008c.html#87 Toyota Sales for 2007 May Surpass GM
https://www.garlic.com/~lynn/2008d.html#85 Toyota Sales for 2007 May Surpass GM
https://www.garlic.com/~lynn/2008e.html#42 Banks failing to manage IT risk - study
https://www.garlic.com/~lynn/2008e.html#59 independent appraisers
https://www.garlic.com/~lynn/2008e.html#70 independent appraisers
https://www.garlic.com/~lynn/2008f.html#1 independent appraisers
https://www.garlic.com/~lynn/2008f.html#13 independent appraisers
https://www.garlic.com/~lynn/2008f.html#17 independent appraisers
https://www.garlic.com/~lynn/2008f.html#43 independent appraisers
https://www.garlic.com/~lynn/2008f.html#46 independent appraisers
https://www.garlic.com/~lynn/2008f.html#51 independent appraisers
https://www.garlic.com/~lynn/2008f.html#53 independent appraisers
https://www.garlic.com/~lynn/2008f.html#71 Bush - place in history
https://www.garlic.com/~lynn/2008f.html#73 Bush - place in history
https://www.garlic.com/~lynn/2008f.html#75 Bush - place in history
https://www.garlic.com/~lynn/2008f.html#77 Bush - place in history
https://www.garlic.com/~lynn/2008f.html#79 Bush - place in history
https://www.garlic.com/~lynn/2008f.html#94 Bush - place in history
https://www.garlic.com/~lynn/2008f.html#96 Bush - place in history
https://www.garlic.com/~lynn/2008f.html#97 Bush - place in history
https://www.garlic.com/~lynn/2008g.html#2 Bush - place in history
https://www.garlic.com/~lynn/2008g.html#4 CDOs subverting Boyd's OODA-loop
https://www.garlic.com/~lynn/2008g.html#16 independent appraisers
https://www.garlic.com/~lynn/2008g.html#32 independent appraisers
https://www.garlic.com/~lynn/2008g.html#44 Fixing finance
https://www.garlic.com/~lynn/2008g.html#51 IBM CEO's remuneration last year ?
https://www.garlic.com/~lynn/2008g.html#52 IBM CEO's remuneration last year ?
https://www.garlic.com/~lynn/2008g.html#57 Credit crisis could cost nearly $1 trillion, IMF predicts
https://www.garlic.com/~lynn/2008g.html#59 Credit crisis could cost nearly $1 trillion, IMF predicts
https://www.garlic.com/~lynn/2008g.html#62 Credit crisis could cost nearly $1 trillion, IMF predicts
https://www.garlic.com/~lynn/2008g.html#64 independent appraisers
https://www.garlic.com/~lynn/2008g.html#66 independent appraisers
https://www.garlic.com/~lynn/2008g.html#67 independent appraisers
https://www.garlic.com/~lynn/2008h.html#1 subprime write-down sweepstakes
https://www.garlic.com/~lynn/2008h.html#28 subprime write-down sweepstakes
https://www.garlic.com/~lynn/2008h.html#32 subprime write-down sweepstakes
https://www.garlic.com/~lynn/2008h.html#48 subprime write-down sweepstakes
https://www.garlic.com/~lynn/2008h.html#49 subprime write-down sweepstakes
https://www.garlic.com/~lynn/2008h.html#89 Credit Crisis Timeline
https://www.garlic.com/~lynn/2008h.html#90 subprime write-down sweepstakes
https://www.garlic.com/~lynn/2008i.html#4 A Merit based system of reward -Does anybody (or any executive) really want to be judged on merit?
https://www.garlic.com/~lynn/2008i.html#30 subprime write-down sweepstakes
https://www.garlic.com/~lynn/2008i.html#64 Is the credit crunch a short term aberation
https://www.garlic.com/~lynn/2008i.html#77 Do you think the change in bankrupcy laws has exacerbated the problems in the housing market leading more people into forclosure?
https://www.garlic.com/~lynn/2008i.html#104 dollar coins
https://www.garlic.com/~lynn/2008j.html#3 dollar coins
https://www.garlic.com/~lynn/2008j.html#9 dollar coins
https://www.garlic.com/~lynn/2008j.html#12 To: Graymouse -- Ireland and the EU, What in the H... is all this about?
https://www.garlic.com/~lynn/2008j.html#18 dollar coins
https://www.garlic.com/~lynn/2008j.html#22 dollar coins
https://www.garlic.com/~lynn/2008j.html#23 dollar coins
https://www.garlic.com/~lynn/2008j.html#38 dollar coins
https://www.garlic.com/~lynn/2008j.html#40 dollar coins
https://www.garlic.com/~lynn/2008j.html#46 dollar coins
https://www.garlic.com/~lynn/2008j.html#48 dollar coins
https://www.garlic.com/~lynn/2008j.html#64 lack of information accuracy
https://www.garlic.com/~lynn/2008j.html#66 lack of information accuracy
https://www.garlic.com/~lynn/2008j.html#68 lack of information accuracy
https://www.garlic.com/~lynn/2008j.html#69 lack of information accuracy
https://www.garlic.com/~lynn/2008j.html#71 lack of information accuracy
https://www.garlic.com/~lynn/2008k.html#6 dollar coins
https://www.garlic.com/~lynn/2008k.html#10 Why do Banks lend poorly in the sub-prime market? Because they are not in Banking!
https://www.garlic.com/~lynn/2008k.html#11 dollar coins
https://www.garlic.com/~lynn/2008k.html#12 dollar coins
https://www.garlic.com/~lynn/2008k.html#13 dollar coins
https://www.garlic.com/~lynn/2008k.html#14 dollar coins
https://www.garlic.com/~lynn/2008k.html#16 dollar coins
https://www.garlic.com/~lynn/2008k.html#19 dollar coins
https://www.garlic.com/~lynn/2008k.html#20 IBM's 2Q2008 Earnings
https://www.garlic.com/~lynn/2008k.html#23 dollar coins
https://www.garlic.com/~lynn/2008k.html#27 dollar coins
https://www.garlic.com/~lynn/2008k.html#28 dollar coins
https://www.garlic.com/~lynn/2008k.html#33 dollar coins
https://www.garlic.com/~lynn/2008k.html#36 dollar coins
https://www.garlic.com/~lynn/2008k.html#41 dollar coins
https://www.garlic.com/~lynn/2008l.html#42 dollar coins
https://www.garlic.com/~lynn/2008l.html#44 dollar coins
https://www.garlic.com/~lynn/2008l.html#67 dollar coins
https://www.garlic.com/~lynn/2008l.html#70 dollar coins
https://www.garlic.com/~lynn/2008m.html#12 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#15 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#16 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#26 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#73 Blinkylights
https://www.garlic.com/~lynn/2008m.html#76 When risks go south: FM&FM to be nationalized
https://www.garlic.com/~lynn/2008m.html#80 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#91 Blinkylights
https://www.garlic.com/~lynn/2008m.html#92 Blinkylights
https://www.garlic.com/~lynn/2008m.html#95 Blinkylights
https://www.garlic.com/~lynn/2008m.html#96 Blinkylights
https://www.garlic.com/~lynn/2008m.html#99 Blinkylights
https://www.garlic.com/~lynn/2008n.html#3 Blinkylights
https://www.garlic.com/~lynn/2008n.html#12 Blinkylights
https://www.garlic.com/~lynn/2008n.html#14 Blinkylights
https://www.garlic.com/~lynn/2008n.html#19 Blinkylights
https://www.garlic.com/~lynn/2008n.html#21 Michigan industry
https://www.garlic.com/~lynn/2008n.html#23 Michigan industry
https://www.garlic.com/~lynn/2008n.html#24 Blinkylights
https://www.garlic.com/~lynn/2008n.html#25 Blinkylights
https://www.garlic.com/~lynn/2008n.html#33 Blinkylights
https://www.garlic.com/~lynn/2008n.html#37 Success has many fathers, but failure has the US taxpayer
https://www.garlic.com/~lynn/2008n.html#40 Success has many fathers, but failure has the US taxpayer
https://www.garlic.com/~lynn/2008n.html#42 Blinkylights
https://www.garlic.com/~lynn/2008n.html#44 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#49 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#74 Why can't we analyze the risks involved in mortgage-backed securities?
https://www.garlic.com/~lynn/2008n.html#78 Isn't it the Federal Reserve role to oversee the banking system??
https://www.garlic.com/~lynn/2008n.html#88 Blinkylights
https://www.garlic.com/~lynn/2008n.html#94 Blinkylights
https://www.garlic.com/~lynn/2008n.html#95 Blinkylights
https://www.garlic.com/~lynn/2008n.html#99 Blinkylights
https://www.garlic.com/~lynn/2008o.html#12 The human plague
https://www.garlic.com/~lynn/2008o.html#15 Financial Crisis - the result of uncontrolled Innovation?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#19 What's your view of current global financial / economical situation?
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#37 The human plague
https://www.garlic.com/~lynn/2008o.html#39 The human plague
https://www.garlic.com/~lynn/2008o.html#42 The human plague
https://www.garlic.com/~lynn/2008o.html#43 The human plague
https://www.garlic.com/~lynn/2008o.html#44 The human plague
https://www.garlic.com/~lynn/2008o.html#45 The human plague
https://www.garlic.com/~lynn/2008o.html#51 Why are some banks failing, and others aren't?
https://www.garlic.com/~lynn/2008o.html#52 Why is sub-prime crisis of America called the sub-prime crisis?
https://www.garlic.com/~lynn/2008o.html#62 Would anyone like to draw a diagram of effects or similar for the current "credit crisis"?
https://www.garlic.com/~lynn/2008o.html#65 Can the financial meltdown be used to motivate sustainable development in order to achieve sustainable growth and desired sustainability?
https://www.garlic.com/~lynn/2008o.html#68 Blinkenlights
https://www.garlic.com/~lynn/2008o.html#71 Why is sub-prime crisis of America called the sub-prime crisis?
https://www.garlic.com/~lynn/2008o.html#74 Would anyone like to draw a diagram of effects or similar for the current "credit crisis"?
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#78 Who murdered the financial system?
https://www.garlic.com/~lynn/2008o.html#80 Can we blame one person for the financial meltdown?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
https://www.garlic.com/~lynn/2008p.html#3 Blinkenlights
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#9 Do you believe a global financial regulation is possible?
https://www.garlic.com/~lynn/2008p.html#47 In Modeling Risk, the Human Factor Was Left Out
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008p.html#77 Tell me why the taxpayer should be saving GM and Chrysler (and Ford) managers & shareholders at this stage of the game?
https://www.garlic.com/~lynn/2008q.html#10 realtors (and GM, too!)
https://www.garlic.com/~lynn/2008q.html#11 Blinkenlights
https://www.garlic.com/~lynn/2008q.html#12 Blinkenlights
https://www.garlic.com/~lynn/2008q.html#19 Collateralized debt obligations (CDOs)
https://www.garlic.com/~lynn/2008q.html#20 How is Subprime crisis impacting other Industries?
https://www.garlic.com/~lynn/2008q.html#26 Blinkenlights
https://www.garlic.com/~lynn/2008q.html#28 Blinkenlights
https://www.garlic.com/~lynn/2008q.html#32 I was wondering what types of frauds the audience think will increase?
https://www.garlic.com/~lynn/2008q.html#49 Have not the following principles been practically disproven, once and for all, by the current global financial meltdown?
https://www.garlic.com/~lynn/2008q.html#50 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008q.html#57 Blinkenlights
https://www.garlic.com/~lynn/2008q.html#58 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008q.html#66 Blinkenlights
https://www.garlic.com/~lynn/2008q.html#68 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008q.html#69 if you are an powerful financial regulator , how would you have stopped the credit crunch?
https://www.garlic.com/~lynn/2008r.html#4 Basel Committee outlines plans to strengthen Basel II
https://www.garlic.com/~lynn/2008r.html#10 Blinkylights
https://www.garlic.com/~lynn/2008r.html#35 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#58 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008r.html#67 What is securitization and why are people wary of it ?
https://www.garlic.com/~lynn/2008s.html#8 Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#20 Five great technological revolutions
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#24 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#30 How reliable are the credit rating companies? Who is over seeing them?
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?
https://www.garlic.com/~lynn/2008s.html#59 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#70 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2009.html#14 What are the challenges in risk analytics post financial crisis?
https://www.garlic.com/~lynn/2009.html#15 What are the challenges in risk analytics post financial crisis?
https://www.garlic.com/~lynn/2009.html#21 Banks to embrace virtualisation in 2009: survey
https://www.garlic.com/~lynn/2009.html#31 Banks to embrace virtualisation in 2009: survey
https://www.garlic.com/~lynn/2009.html#32 What are the challenges in risk analytics post financial crisis?
https://www.garlic.com/~lynn/2009.html#42 Lets play Blame Game...?
https://www.garlic.com/~lynn/2009.html#52 The Credit Crunch: Why it happened?
https://www.garlic.com/~lynn/2009.html#58 HONEY I LOVE YOU, but please cut the cards
https://www.garlic.com/~lynn/2009.html#63 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#73 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#74 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#77 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#79 The Credit Crunch: Why it happened?
https://www.garlic.com/~lynn/2009.html#80 Are reckless risks a natural fallout of "excessive" executive compensation ?
https://www.garlic.com/~lynn/2009.html#84 what was the idea behind Citigroup's splitting up into two different divisions? what does this do for citigroup?
https://www.garlic.com/~lynn/2009b.html#1 Are Both The U.S. & UK on the brink of debt disaster?
https://www.garlic.com/~lynn/2009b.html#23 BarCampBank - informal finance rantathon in London
https://www.garlic.com/~lynn/2009b.html#25 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
https://www.garlic.com/~lynn/2009b.html#37 A great article was posted in another BI group: "To H*** with Business Intelligence: 40 Percent of Execs Trust Gut"
https://www.garlic.com/~lynn/2009b.html#48 The blame game is on : A blow to the Audit/Accounting Industry or a lesson learned ???
https://www.garlic.com/~lynn/2009b.html#49 US disaster, debts and bad financial management
https://www.garlic.com/~lynn/2009b.html#51 Will the Draft Bill floated in Congress yesterday to restrict trading of naked Credit Default Swaps help or aggravate?
https://www.garlic.com/~lynn/2009b.html#52 What has the Global Financial Crisis taught the Nations, it's Governments and Decision Makers, and how should they apply that knowledge to manage risks differently in the future?
https://www.garlic.com/~lynn/2009b.html#53 Credit & Risk Management ... go Simple ?
https://www.garlic.com/~lynn/2009b.html#54 In your opinion, which facts caused the global crise situation?
https://www.garlic.com/~lynn/2009b.html#57 Credit & Risk Management ... go Simple ?
https://www.garlic.com/~lynn/2009b.html#58 OCR scans of old documents
https://www.garlic.com/~lynn/2009b.html#59 As bonuses...why breed greed, when others are in dire need?
https://www.garlic.com/~lynn/2009b.html#60 OCR scans of old documents
https://www.garlic.com/~lynn/2009b.html#73 What can we learn from the meltdown?
https://www.garlic.com/~lynn/2009b.html#78 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009b.html#79 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009b.html#80 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#0 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009c.html#1 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009c.html#6 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#8 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#10 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#11 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#16 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#18 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#20 Decision Making or Instinctive Steering?
https://www.garlic.com/~lynn/2009c.html#29 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#32 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#36 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#38 People to Blame for the Financial Crisis
https://www.garlic.com/~lynn/2009c.html#39 'WHO IS RESPONSIBLE FOR THE GLOBAL MELTDOWN'
https://www.garlic.com/~lynn/2009c.html#42 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#46 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#51 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#53 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#55 Who will give Citigroup the KNOCKOUT blow?
https://www.garlic.com/~lynn/2009c.html#61 Accounting for the "greed factor"
https://www.garlic.com/~lynn/2009c.html#65 is it possible that ALL banks will be nationalized?
https://www.garlic.com/~lynn/2009c.html#67 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009d.html#0 PNC Financial to pay CEO $3 million stock bonus
https://www.garlic.com/~lynn/2009d.html#7 Are Ctibank's services and products so vital to global economy than no other banks can substitute it?
https://www.garlic.com/~lynn/2009d.html#10 Who will Survive AIG or Derivative Counterparty Risk?
https://www.garlic.com/~lynn/2009d.html#16 The Formula That Killed Wall Street
https://www.garlic.com/~lynn/2009d.html#18 HSBC is expected to announce a profit, which is good, what did they do differently?
https://www.garlic.com/~lynn/2009d.html#22 Is it time to put banking executives on trial?
https://www.garlic.com/~lynn/2009d.html#28 I need insight on the Stock Market
https://www.garlic.com/~lynn/2009d.html#37 NEW SEC (Enforcement) MANUAL, A welcome addition
https://www.garlic.com/~lynn/2009d.html#42 Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
https://www.garlic.com/~lynn/2009d.html#46 Bernanke Says Regulators Must Protect Against Systemic Risks
https://www.garlic.com/~lynn/2009d.html#61 Quiz: Evaluate your level of Spreadsheet risk
https://www.garlic.com/~lynn/2009d.html#62 Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?
https://www.garlic.com/~lynn/2009d.html#63 Do bonuses foster unethical conduct?
https://www.garlic.com/~lynn/2009d.html#73 Should Glass-Steagall be reinstated?
https://www.garlic.com/~lynn/2009d.html#74 Why is everyone talking about AIG bonuses of millions and keeping their mouth shut on billions sent to foreign banks?
https://www.garlic.com/~lynn/2009d.html#77 Who first mentioned Credit Crunch?
https://www.garlic.com/~lynn/2009e.html#0 What is swap in the financial market?
https://www.garlic.com/~lynn/2009e.html#8 The background reasons of Credit Crunch
https://www.garlic.com/~lynn/2009e.html#13 Should we fear and hate derivatives?
https://www.garlic.com/~lynn/2009e.html#15 The background reasons of Credit Crunch
https://www.garlic.com/~lynn/2009e.html#23 Should FDIC or the Federal Reserve Bank have the authority to shut down and take over non-bank financial institutions like AIG?
https://www.garlic.com/~lynn/2009e.html#30 Timeline: 40 years of OS milestones
https://www.garlic.com/~lynn/2009e.html#35 Architectural Diversity
https://www.garlic.com/~lynn/2009e.html#36 Architectural Diversity
https://www.garlic.com/~lynn/2009e.html#37 How do you see ethics playing a role in your organizations current or past?
https://www.garlic.com/~lynn/2009e.html#40 Architectural Diversity
https://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
https://www.garlic.com/~lynn/2009e.html#59 Tesco to open 30 "bank branches" this year
https://www.garlic.com/~lynn/2009e.html#70 When did "client server" become part of the language?
https://www.garlic.com/~lynn/2009e.html#79 Are the "brightest minds in finance" finally onto something?
https://www.garlic.com/~lynn/2009f.html#2 CEO pay sinks - Wall Street Journal/Hay Group survey results just released
https://www.garlic.com/~lynn/2009f.html#27 US banking Changes- TARP Proposl
https://www.garlic.com/~lynn/2009f.html#29 What is the real basis for business mess we are facing today?
https://www.garlic.com/~lynn/2009f.html#31 What is the real basis for business mess we are facing today?
https://www.garlic.com/~lynn/2009f.html#35 US banking Changes- TARP Proposl
https://www.garlic.com/~lynn/2009f.html#38 On whom or what would you place the blame for the sub-prime crisis?
https://www.garlic.com/~lynn/2009f.html#41 On whom or what would you place the blame for the sub-prime crisis?
https://www.garlic.com/~lynn/2009f.html#43 On whom or what would you place the blame for the sub-prime crisis?
https://www.garlic.com/~lynn/2009f.html#46 Who moved my payment?
https://www.garlic.com/~lynn/2009f.html#47 TARP Disbursements Through April 10th
https://www.garlic.com/~lynn/2009f.html#49 Is the current downturn cyclic or systemic?
https://www.garlic.com/~lynn/2009f.html#51 On whom or what would you place the blame for the sub-prime crisis?
https://www.garlic.com/~lynn/2009f.html#53 What every taxpayer should know about what caused the current Financial Crisis
https://www.garlic.com/~lynn/2009f.html#56 What's your personal confidence level concerning financial market recovery?
https://www.garlic.com/~lynn/2009f.html#65 Just posted third article about toxic assets in a series on the current financial crisis
https://www.garlic.com/~lynn/2009g.html#1 Future of Financial Mathematics?
https://www.garlic.com/~lynn/2009g.html#3 Do the current Banking Results in the US hide a grim truth?
https://www.garlic.com/~lynn/2009g.html#5 Do the current Banking Results in the US hide a grim truth?
https://www.garlic.com/~lynn/2009g.html#7 Just posted third article about toxic assets in a series on the current financial crisis
https://www.garlic.com/~lynn/2009g.html#27 Flawed Credit Ratings Reap Profits as Regulators Fail Investors
https://www.garlic.com/~lynn/2009g.html#31 OODA-loop obfuscation
https://www.garlic.com/~lynn/2009g.html#33 Treating the Web As an Archive
https://www.garlic.com/~lynn/2009g.html#34 Board Visibility Into The Business
https://www.garlic.com/~lynn/2009g.html#37 Future of Financial Mathematics?
https://www.garlic.com/~lynn/2009g.html#52 Future of Financial Mathematics?
https://www.garlic.com/~lynn/2009g.html#53 We Can't Subsidize the Banks Forever
https://www.garlic.com/~lynn/2009g.html#61 Prosecute Bank Execs
https://www.garlic.com/~lynn/2009g.html#76 Undoing 2000 Commodity Futures Modernization Act
https://www.garlic.com/~lynn/2009h.html#3 Consumer Credit Crunch and Banking Writeoffs
https://www.garlic.com/~lynn/2009h.html#10 China's yuan 'set to usurp US dollar' as world's reserve currency
https://www.garlic.com/~lynn/2009h.html#17 REGULATOR ROLE IN THE LIGHT OF RECENT FINANCIAL SCANDALS
https://www.garlic.com/~lynn/2009h.html#22 China's yuan 'set to usurp US dollar' as world's reserve currency
https://www.garlic.com/~lynn/2009h.html#25 The Paradox of Economic Recovery
https://www.garlic.com/~lynn/2009h.html#29 Analysing risk, especially credit risk in Banks, which was a major reason for the current crisis
https://www.garlic.com/~lynn/2009h.html#40 Analysing risk, especially credit risk in Banks, which was a major reason for the current crisis
https://www.garlic.com/~lynn/2009i.html#1 IBM to Build Europe, Asia 'Smart Infrastructure'
https://www.garlic.com/~lynn/2009i.html#13 64 Cores -- IBM is showing a prototype already
https://www.garlic.com/~lynn/2009i.html#23 Why are z/OS people reluctant to use z/OS UNIX? (Are settlements a good argument for overnight batch COBOL ?)
https://www.garlic.com/~lynn/2009i.html#40 64 Cores -- IBM is showing a prototype already
https://www.garlic.com/~lynn/2009i.html#44 64 Cores -- IBM is showing a prototype already
https://www.garlic.com/~lynn/2009i.html#49 What's your personal confidence level concerning financial market recovery?
https://www.garlic.com/~lynn/2009i.html#54 64 Cores -- IBM is showing a prototype already
https://www.garlic.com/~lynn/2009i.html#57 In the USA "financial regulator seeks power to curb excess speculation."
https://www.garlic.com/~lynn/2009i.html#60 In the USA "financial regulator seeks power to curb excess speculation."
https://www.garlic.com/~lynn/2009i.html#74 Administration calls for financial system overhaul
https://www.garlic.com/~lynn/2009i.html#77 Financial Regulatory Reform - elimination of loophole allowing special purpose institutions outside Bank Holding Company (BHC) oversigh
https://www.garlic.com/~lynn/2009j.html#1 Is it possible to have an alternative payment system without riding on the Card Network platforms?
https://www.garlic.com/~lynn/2009j.html#12 IBM identity manager goes big on role control
https://www.garlic.com/~lynn/2009j.html#21 The Big Takeover
https://www.garlic.com/~lynn/2009j.html#35 what is mortgage-backed securities?
https://www.garlic.com/~lynn/2009j.html#36 Average Comp This Year At Top Firm Estimated At $700,000
https://www.garlic.com/~lynn/2009j.html#69 64 Cores -- IBM is showing a prototype already
https://www.garlic.com/~lynn/2009k.html#2 Big Bonuses At Goldman Should Be Applauded, Not Criticized
https://www.garlic.com/~lynn/2009l.html#5 Internal fraud isn't new, but it's news
https://www.garlic.com/~lynn/2009m.html#89 Audits V: Why did this happen to us ;-(

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

UK issues Turning apology (and about time, too)

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: UK issues Turning apology (and about time, too)
Newsgroups: alt.folklore.computers
Date: Wed, 16 Sep 2009 21:01:22 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
a couple of the anniversary articles:

Rogues' Gallery Revisited
http://www.forbes.com/2009/09/08/fuld-cayne-thain-lehman-paulson-pandit-opinions-contributors-charles-gasparino.html
Where are the subprime perp walks?
http://money.cnn.com/2009/09/15/news/subprime.perpwalk.fortune/index.htm?postversion=2009091517


re:
https://www.garlic.com/~lynn/2009n.html#13 UK issues Turning apology (and about time, too)

a few more ..

Financial reforms stalled as Congress returns
http://www.reuters.com/article/ousivMolt/idUSTRE5872CZ20090908
Financial reforms stalled as U.S. Congress returns
http://in.biz.yahoo.com/090908/137/bau5mx.html
Missing Lehman Lesson of Shakeout Means Too Big Banks May Fail
http://www.bloomberg.com/apps/news?pid=20601213
http://www.bloomberg.com/apps/news?pid=20601170&sid=aX8D5utKFuGA
Sleep-At-Night-Money Lost in Lehman Lesson Missing $63 Billion
http://www.bloomberg.com/apps/news?pid=20601170
http://www.bloomberg.com/apps/news?pid=20601170&sid=aLhi.S5xkemY
Lehman Monday Morning Lesson Lost With Obama Regulator-in-Chief
http://www.bloomberg.com/apps/news?pid=20601170
http://www.bloomberg.com/apps/news?pid=20601170&sid=aUTh4YMmI6QE

from above:
He was in a corner office overlooking the White House at the Treasury Department the next morning, telling Geithner that behemoths such as Citigroup Inc. and Bank of America Corp. were a menace, he said.

... snip ...

a little search engine use ... from year ago ...

Obama blames lobbyists, politicians for financial crisis
http://www.cnn.com/2008/POLITICS/09/22/campaign.wrap/index.html
Lobbyists for Financial Institutions Swarming All Over the Bailout Bill
http://www.nytimes.com/2008/09/27/business/27lobbyists.html?fta=y
Much blame for financial crisis aimed at Congresses past and present
http://articles.latimes.com/2008/oct/06/business/fi-blame6
Financial Crisis: A Mirror Image of MLM
http://www.falseprofits.com/files/44cfa9c9ee6944ee640541ebc34dbe2a-7.html

from last spring ...

STUDY SHOWS WALL ST. LOBBYISTS SHAPED DEREGULATION BEHIND CRISIS
http://www.albionmonitor.com/0902a/copyright/wallstderegulation.html
Financial sector spent $5 billion lobbying DC last decade: Report
http://www.marketwatch.com/story/financial-sector-spent-5-bln-lobbying-dc
Top Senate Democrat: bankers "own" the U.S. Congress
http://www.salon.com/opinion/greenwald/2009/04/30/ownership/
Sen. Durbin: Bankers 'Own' Congress
http://www.dollarsandsense.org/blog/2009/04/sen-durbin-bankers-own-congress.html $5 Billion in Lobbying for 12 Corrupt Deals Caused the Multi-Trillion Dollar Financial Meltdown
http://www.alternet.org/workplace/130683/5_billion_in_lobbying_for_12_corrupt_deals_caused_the_multi-trillion_dollar_financial_meltdown/

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Mainframe Hall of Fame: Three New Members Added

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mainframe Hall of Fame: Three New Members Added
Newsgroups: bit.listserv.ibm-main
Date: Wed, 16 Sep 2009 22:17:00 -0400
BShannon@ROCKETSOFTWARE.COM (Bob Shannon) writes:
But IIRC, the primary designer was Jack Gelb with assistance from Ed Duray.

... from long ago and far away, kick-off DSAB ... (one of your referenced names with email address at STLVM23 was listed in cc list):

Date: 1 July 1985, 13:28:50 EDT
From: <redacted>
To: <redacted>
cc: <redacted>

Subject: DSAB management meeting minutes

The schedule stated that the Architecture document will be sent for approval on July 1, 1986 with interim checkpoints. Board meetings are scheduled for this year; the weeks of July 22, August 26, October 21, November 18, December 16.

Both <redacted> and <redacted> stated that a July 1986 date for DSA is acceptable from a VM/XA Release 3 and Jupiter view points, and their products could take appropriate steps to conform to the DSA.


... snip ... top of post, old email index

STL (since renamed SVL) had started moving vm/4341 systems into conferencing rooms and supply rooms on every floor of the different "towers" ... effectively form of departmental computing (giving rise to the ever increasing number of STLVM* networking nodes on the internal network).

screenshot of vm logo screen ... part of special project I did for stl datacenter & ims development group
https://www.garlic.com/~lynn/vmhyper.jpg

3270 logo screen shot

some STL/SVL views:
http://www.ajnordley.com/IBM/Air/SVL/

the above article mentions the interior couryard between the towers and above "one of the largest computer machine rooms west of the Mississippi". it also mentions flooding of roads ... but when STL first open, the computer room was also getting flooded.

On the other hand ... I had done a stint working at BCS ... and I thot the renton datacenter was much larger.

trivia question: what was going to be the original name for STL??? ... it was changed at the last minute, a week before it was due to open

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Mainframe Hall of Fame: Three New Members Added

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mainframe Hall of Fame: Three New Members Added
To: <ibm-main@bama.ua.edu>
Date: Thu, 17 Sep 2009 07:38:28 -0400
crashlurks@GMAIL.COM (Chris Craddock) writes:
Coyote something. That was the original postal area name. For some reason I guess it was considered "un-pc" at the time.

re:
https://www.garlic.com/~lynn/2009n.html#15 Mainframe Hall of Fame: Three New Members Added

closet post office; (also) the range of hills behind the lab ... look at the images on the reference ... demarks south san jose and "coyote valley".
http://www.ajnordley.com/IBM/Air/SVL/

some coyote valley associiation had lobbied the state that the original 101 new/expansion would only be four lanes thru "coyote valley" ... so it changed from six lanes to four lanes at cochran av ... resulting in enormous traffic jam during the morning rush hour going north ... and also changed from six lanes to four lanes in south san jose (about at hiway 85 merge) resulting in enormous traffic jam going south in the evening.

it was common at the time to name lab. for closest post office ... when there wasn't any other designation.

that wasn't the problem. however, I happened to be in Washington DC with the kids during spring break (the week before scheduled opening of STL). There were a number of demonstrations on the steps of the capital by "coyote", a san francisco working lady's association.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

UK issues Turning apology (and about time, too)

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: UK issues Turning apology (and about time, too)
Newsgroups: alt.folklore.computers
Date: Thu, 17 Sep 2009 08:35:30 -0400
jmfbahciv <jmfbahciv@aol> writes:
Sigh! That wasn't the President who did that. It was Congress and I thought that bill was passed long before Bush was in office.

re:
https://www.garlic.com/~lynn/2009n.html#13 UK issues Turning apology (and about time, too)
https://www.garlic.com/~lynn/2009n.html#14 UK issues Turning apology (and about time, too)

it wasn't the buyers qualifications ... it was unregulated loan originators ... that weren't worried about buyer's qualifications at all ... getting access to enormous source of funds.

the thing in the middle that enabled the whole thing was rating agencies giving triple-A ratings to (mortgage backed) toxic CDOs (without that enabling ... rather than tens of trillions in funds ... there would possibly been barely hundreds of millions available to unregulated mortgage originators). SEC was inactive during the period ... even w/o other oversight authority ... there was additional burden placed on SEC with regard to the rating agencies in Sarbanes-Oxley.

regulated depository institutions got into trouble with having huge amounts of such toxic CDOs ... because 1999 repeal of Glass-Steagall allowed the regulated depository institutions to have unregulated investment banking operations buying things and carrying them offbook (end of last year there was something about the four largest regulated depository institutions having something like five trillion in toxic CDOs being carried off book ... courtesy of their unregulated investment banking operations).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

OSS's Simple Sabotage Field Manual

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: OSS's Simple Sabotage Field Manual
Newsgroups: alt.folklore.computers
Date: Thu, 17 Sep 2009 16:25:32 -0400
Alexander Schreiber <als@usenet.thangorodrim.de> writes:
Not quite. Firefox has become rather strict in what it accepts. In this particular case, Firefox doesn't have the signing authority in its list of know signing authorities and therefore considers it invalid.

It will also complain about thing self-signed certificates and so on.

No, this is not exactly helpful behaviour.


re:
https://www.garlic.com/~lynn/2009n.html#5 OSS's Simple Sabotage Field Manual
https://www.garlic.com/~lynn/2009n.html#6 OSS's Simple Sabotage Field Manual

... it is possible to use the same URL w/o the "s" (aka just plain
http:).
http://svn.cacert.org/CAcert/CAcert_Inc/Board/oss/oss_sabotage.html

i've been using the reference about the whole certificate infrastructure being "comfort" operations (way too many holes to be considered "secure" operations ... just enuf of a facade to make people feel comfortable about the mechanism). misc. past ssl digital certificate posts
https://www.garlic.com/~lynn/subpubkey.html#sslcerts

in various security & browser venues ... there have been lots of discussions about what should browser interface actually do. there have been cases where blatently incorrect certificates have resulted in simple error messages that users become accustomed to ignoring.

current firefox it is possible to click "I understand the risks", then click "add exception", then click "get certificate", then click "view", then uncheck "permanently store this exception" (i.e. only do it temporarily), and then click "confirm security exception".

it doesn't actually add the root certificate to list of trusted ... it does temporarily accept the particular SSL certificate for the current browser invokation.

while I have no evidence that the document is a spoof ... the contents appear to so closely resemble standard corporate behavior ... I have a little difficulty believing it is actually from 44 ... and not some current corporate manual.

CA cert home page:
http://www.cacert.org/

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Mainframe Hall of Fame: Three New Members Added

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mainframe Hall of Fame: Three New Members Added
To: <ibm-main@bama.ua.edu>
Date: Thu, 17 Sep 2009 17:01:26 -0400
Mike.Myers@PCMH.COM (Mike Myers) writes:
I recall it being called Coyote Canyon on one of my trips out there.

re:
https://www.garlic.com/~lynn/2009n.html#15 Mainframe Hall of Fame: Three New Members Added
https://www.garlic.com/~lynn/2009n.html#16 Mainframe Hall of Fame: Three New Members Added

previously referenced URL with pictures and blurb about "silicon valley lab"
http://www.ajnordley.com/IBM/Air/SVL/

also from above:
Formerly known as "Santa Teresa Lab" (STL), IBM's SVL, nestled in the country side just south of the foot hills at the north end of the Coyote Valley in south San Jose, employs 1,300 people, and is where much of the software for IBM systems is developed.

... snip ...

wiki page
https://en.wikipedia.org/wiki/Coyote_Valley

when tandem growth was at its height, they took option on the open field on the other side of santa teresa blvd (north of bailey ave) ... to build a large campus type location ... and then things took a downturn and it never happened. both tandem and apple had plans in the 70s moving major operations into coyote valley.
http://lomaprieta.sierraclub.org/lp0103_Disasters.html

from above:
• Coyote Valley in south San Jose (still being waged by the chapter). In 1983 the San Jose City Council approved a 548-acre industrial park for Tandem Computers, which, the LP reported, "in effect, opens up the entire 5,000-acre Coyote Valley for development." (The Tandem facility was not built.)

... snip ...

apple and others had plans at various times in expanding into coyote valley.
http://www.sanjoseca.gov/coyotevalley/index.html

article from March 1999:
http://findarticles.com/p/articles/mi_hb5553/is_199903/ai_n22390270/

from above:
Mar. 3 -- Sixteen years after former Silicon Valley up-and-comers such as Tandem Computers Inc., Verbatim Corp. and Apple Computer Inc. said they were headed to San Jose's Coyote Valley, Cisco Systems Inc. on Tuesday formally announced its intention to do likewise.

... snip ...

slightly related tandem drift ... past post mentioning celebration for Jim Gray last year:
https://www.garlic.com/~lynn/2008p.html#27 Father of Financial Dataprocessing

When Jim left for Tandem ... Jim wanted me to take over some number of his activities at IBM ... including things like consulting with the IMS group and interfacing to early relational database customers (some references in the above post, including references to old email from the period). A recent post discussing some of the subject
https://www.garlic.com/~lynn/2009n.html#3 Hacker charges also an indictment on PCI, expert says

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

UK issues Turning apology (and about time, too)

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: UK issues Turning apology (and about time, too)
Newsgroups: alt.folklore.computers
Date: Fri, 18 Sep 2009 08:50:21 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
the thing in the middle that enabled the whole thing was rating agencies giving triple-A ratings to (mortgage backed) toxic CDOs (without that enabling ... rather than tens of trillions in funds ... there would possibly been barely hundreds of millions available to unregulated mortgage originators). SEC was inactive during the period ... even w/o other oversight authority ... there was additional burden placed on SEC with regard to the rating agencies in Sarbanes-Oxley.

re:
https://www.garlic.com/~lynn/2009n.html#13 UK issues Turning apology (and about time, too)
https://www.garlic.com/~lynn/2009n.html#14 UK issues Turning apology (and about time, too)
https://www.garlic.com/~lynn/2009n.html#17 UK issues Turning apology (and about time, too)

from today ..

SEC proposes flash ban; takes aim at credit rating agencies
http://www.finextra.com/fullstory.asp?id=20514

from above:
Separately, the watchdog has voted to bolster oversight of credit ratings agencies. The move is designed to reduce conflicts of interest at the firms, which have been criticized for contributing to the subprime mortgage crisis and subsequent financial meltdown.

... snip ...

congress had hearings on the rating agencies a year ago ... where several testified that the rating agencies were "selling" triple-A ratings (on toxic CDOs), even when both the rating agencies and the sellers knew the things weren't worth triple-A ratings. Testimony said that the seeds for this was sown in the early 70s when the rating agencies switched from the buyers paying for the ratings to the sellers paying for the ratings (opening things up for conflict of interest).

It is not clear that there is any substantive change.

misc. posts mentioning that interactive data bought "pricing services" division from rating agencies in the early 70s (about the time they switched from buyers paying for the ratings to the sellers paying for the ratings). disclaimer ... i interviewed with interactive data in the late 60s (but didn't join) ... they were one of the online interactive (virtual machine) cp67 time-sharing services formed ... and quickly moved up the value chain offering financial information on the service. Nearly a year ago, there was some news reference about gov. involving interactive data in helping evaluate toxic CDOs (this was when treasury lobbied congress for TARP funds using justification that the money would all go to buying toxic CDOs, there have been recent references, that treasury never used TARP funds for purpose that they were appropriated for)

https://www.garlic.com/~lynn/2009.html#21 Banks to embrace virtualisation in 2009: survey
https://www.garlic.com/~lynn/2009.html#31 Banks to embrace virtualisation in 2009: survey
https://www.garlic.com/~lynn/2009.html#32 What are the challenges in risk analytics post financial crisis?
https://www.garlic.com/~lynn/2009.html#42 Lets play Blame Game...?
https://www.garlic.com/~lynn/2009.html#52 The Credit Crunch: Why it happened?
https://www.garlic.com/~lynn/2009.html#77 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#79 The Credit Crunch: Why it happened?
https://www.garlic.com/~lynn/2009b.html#38 A great article was posted in another BI group: "To H*** with Business Intelligence: 40 Percent of Execs Trust Gut"
https://www.garlic.com/~lynn/2009b.html#49 US disaster, debts and bad financial management
https://www.garlic.com/~lynn/2009b.html#53 Credit & Risk Management ... go Simple ?
https://www.garlic.com/~lynn/2009b.html#78 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#1 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009e.html#15 The background reasons of Credit Crunch
https://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
https://www.garlic.com/~lynn/2009e.html#70 When did "client server" become part of the language?
https://www.garlic.com/~lynn/2009f.html#41 On whom or what would you place the blame for the sub-prime crisis?
https://www.garlic.com/~lynn/2009f.html#49 Is the current downturn cyclic or systemic?
https://www.garlic.com/~lynn/2009h.html#40 Analysing risk, especially credit risk in Banks, which was a major reason for the current crisis

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

UK issues Turning apology (and about time, too)

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: UK issues Turning apology (and about time, too)
Newsgroups: alt.folklore.computers
Date: Fri, 18 Sep 2009 09:38:04 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
interactive data in helping evaluate some of the toxic CDOs (this was when treasury lobbied congress for TARP funds using justification that the money would all go to buying toxic CDOs, there have been recent reference, that treasury never used TARP for purpose that they were appropriated for)

re:
https://www.garlic.com/~lynn/2009n.html#13 UK issues Turning apology (and about time, too)
https://www.garlic.com/~lynn/2009n.html#14 UK issues Turning apology (and about time, too)
https://www.garlic.com/~lynn/2009n.html#17 UK issues Turning apology (and about time, too)
https://www.garlic.com/~lynn/2009n.html#20 UK issues Turning apology (and about time, too)

... of course, less than trillion in TARP would hardly make a dent in possibly $27T in toxic CDOs. one of the issues was that there were a a couple thousand people executing extremely risky transactions (w/o regard to the institution or systemic risk or the threat to the country's or world economy), purely for personal beneift ... compensation/bonus was possibly some percent of the size of the (immediate) transaction w/o any consideration for consequences of such transactions.
Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

a few old posts mentioning TARP
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008s.html#32 How Should The Government Spend The $700 Billion?
https://www.garlic.com/~lynn/2008s.html#33 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#41 Executive pay: time for a trim?
https://www.garlic.com/~lynn/2009.html#73 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#80 Are reckless risks a natural fallout of "excessive" executive compensation ?
https://www.garlic.com/~lynn/2009b.html#25 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
https://www.garlic.com/~lynn/2009b.html#30 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
https://www.garlic.com/~lynn/2009b.html#35 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
https://www.garlic.com/~lynn/2009b.html#41 The subject is authoritarian tendencies in corporate management, and how they are related to political culture
https://www.garlic.com/~lynn/2009b.html#45 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
https://www.garlic.com/~lynn/2009b.html#49 US disaster, debts and bad financial management
https://www.garlic.com/~lynn/2009b.html#57 Credit & Risk Management ... go Simple ?
https://www.garlic.com/~lynn/2009b.html#59 As bonuses...why breed greed, when others are in dire need?
https://www.garlic.com/~lynn/2009c.html#10 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#11 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#16 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009d.html#73 Should Glass-Steagall be reinstated?

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Blast from the Past - 60 years of cryptography

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Blast from the Past - 60 years of cryptography
Newsgroups: alt.folklore.computers
Date: Mon, 21 Sep 2009 09:32:13 -0400
SLIDESHOW: CIO Blast from the Past - 60 years of cryptography 2009 marks 60 years of computer cryptography and CIO takes a tour of the history of secure communication


http://www.cio.com.au/article/319119/slideshow_cio_blast_from_past_-_60_years_cryptography

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

COBOL Celebrates 50 Years

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: COBOL Celebrates 50 Years
Newsgroups: alt.folklore.computers
Date: Mon, 21 Sep 2009 09:37:16 -0400
COBOL turns 50 - a-z of programming languages, COBOL, programming
http://www.computerworld.com.au/article/319269/cobol_turns_50
COBOL Celebrates 50 Years
http://developers.slashdot.org/story/09/09/21/1214224/COBOL-Celebrates-50-Years

from above:

"The language used to power most of the world's ATMs, COBOL, is turning 50."

... snip ...

slightly related

https://www.garlic.com/~lynn/2008p.html#27 Father of Financial Dataprocessing

recent posts mentioning above:
https://www.garlic.com/~lynn/2009l.html#20 Cyber attackers empty business accounts in minutes
https://www.garlic.com/~lynn/2009l.html#29 IBM launches integrated mainframe packages for payments, data warehousing and SOA
https://www.garlic.com/~lynn/2009l.html#57 IBM halves mainframe Linux engine prices
https://www.garlic.com/~lynn/2009l.html#64 Hacker charges also an indictment on PCI, expert says
https://www.garlic.com/~lynn/2009m.html#78 ATMs by the Numbers
https://www.garlic.com/~lynn/2009n.html#3 Hacker charges also an indictment on PCI, expert says
https://www.garlic.com/~lynn/2009n.html#19 Mainframe Hall of Fame: Three New Members Added

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Mon, 21 Sep 2009 17:30:50 -0400
hancock4 writes:
Would anyone know how far development progressed in 1976? Was it common for a university computer to be connected to the network in 1976? If so, were the connections still experimental or were they developed enough that routine traffic flowed freely?

(I checked Wiki but nothing specific.)

Thanks.


the need for IMPs & gov. approval was inhibitor.

there is whole series of RFCs looking at the week-by-week transition of IMPs (& host protocol) to TCP/IP ... starting Dec. 1982 with RFC832 (series: "Who Talks TCP?"). RFC832 has a little over 300 hosts. In the arpanet there was little ambiquity with IMPs being the network nodes when then had "hosts" hung off the IMPs. There were earlier ARPA/DDN references predicting 100 IMPs (network nodes) and more than 256 hosts by ye82.

this references that in 1983, 68 of the 113 existing "nodes" went to MILNET:
http://www.thocp.net/reference/internet/internet2.htm

there is a series from the 75 time-frame "survey of New-Protocol Telnet servers": RFC703, July, 1975 which lists 43 hosts.

this reference mentions 98 nodes on the ARPAnet in 1976 (but may actually be referring to "hosts").
http://www.cs.ucsb.edu/~almeroth/classes/F04.176A/homework1_good_papers/jay-akkad.html

43->98 hosts implies possibly doubling in twelve (or possibly 18; mid-75 to ye76?) month period. doesn't necessarily imply increase in number of locations

hobbes' internet timeline
http://home.utah.edu/history.html
1981 BITNET, the "Because Its Time (There) NETwork" - Started as a cooperative network at the City University of New York. - Provides electronic mail and listserv servers to distribute information. - Unlike USENET, where client s/w is needed, electronic mail is the only tool necessary.

CSNET (Computer Science NETwork) comes into being providing a dial-up capability to electronic mail. Many universities feeling left out of ARPANET, join CSNET.


... snip ...

reference to sjr connecting to csnet fall of '82
https://www.garlic.com/~lynn/internet.htm#email821022

search engine for "csnet 1982 nodes arpanet" turns up an acm.org entry ... clicking on the URL doesn't mention this ... but the search engine blurb for the URL has this little tidbit:

sites until late in 1982, becomes available for CSNET member .... An ARPANET node (IMP) costs roughly. $107000 annually in 1983 (flat rate, no additional ...

... snip ...

csnet & univ. bitnet connections were significantly lower (bitnet & earn links had corporate subsidy, further lowering cost of entry for educational institutions).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Mon, 21 Sep 2009 18:14:28 -0400
Patrick Scheible <kkt@zipcon.net> writes:
I wish we had some host lists from the 1970s. We know the first four Arpanet sites, but there seems to be a long dark period after that until the early 80s when all we have is IMP counts, not hosts, much less individual users.

re:
https://www.garlic.com/~lynn/2009n.html#24 Status of Arpanet/Internet in 1976?

take a look at the telnet survey for jul75


 Host  Number   Host
(Oct)   (Dec)   Name
101     65      UCLA-CCN
201     129     UCLA-CCBS
102     66      SRI-AI
3       3       UCSB-MOD75
4       4       UTAH-10
305     197     BBN-TENEXA
106     70      MIT-DMS
206     134     MIT-AI
306     198     MIT-ML
7       7       RAND-RCC
107     71      RAND-ISD
10      8       SDC-LAB
11      9       HARV-10
12      10      LL-67
112     74      LL-TX-2
13      11      SU-AI
16      14      CMU-10B
116     78      CMU-10A
17      15      I4-TENEX
217     143     I4B-TENEX
20      16      AMES-67
25      21      LLL-RISOS
126     86      USC-ISI
226     150     USC-ISIB
27      23      USC-44
327     215     USC-ECL
32      26      SDAC-44
34      28      ARPA-DMS
37      31      CCA-TENEX
40      32      PARC-MAXC
43      35      UCSD-CC
344     228     HAWAII-500
52      42      LONDON
53      43      OFFICE-1
54      44      MIT-MULTICS
55      45      SCI-TENEX
56      46      RUTGERS-10
61      49      BBN-TENEXB
361     241     BBN-TENEX
162     114     BBN-TENEXD
364     244     USC-ISIC
67      55      ANL
70      56      SUMEX-AIM

... snip ...

there is the lincoln labs (ll-67) (cp67) still listed(?)

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Signature specification without certificates

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Signature specification without certificates
Newsgroups: sci.crypt
Date: Mon, 21 Sep 2009 18:06:49 -0400
"James H. Markowitz" <noone@nowhere.net> writes:
Signatures are inambiguously specified when embedded in an X.509 certificate, as per the following ASN.1 defined in RFC 3280:

Certificate ::= SEQUENCE {
tbsCertificate TBSCertificate,
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING
}

How does one specify signatures without using certificates? I guess one could use a type like

SignatureInfo ::= SEQUENCE {
signatureAlgorithm AlgorithmIdentifier,
signatureValue BIT STRING
}


For x9.59 financial transaction protocol I had to do ASN.1 specifications for digital signatures independent of certificates. The issue was that in the mid-90s, the X9A10 financial standard group had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments.
https://www.garlic.com/~lynn/x959.html#x959

The certificate-oriented specifications from the period typically resulted in a 100-times increase in payment transaction payload size. Some just worked over the internet ... stripping off the digital certificate at the internet boundary and just including a bit in the actual payment transaction indicating that the digital certificate had validated the digital signature. There was pilot effort that if that bit was turned on, the "interchange fee" for the transaction was lower (cost the merchant less money). There was then report of the number of payment transactions with the bit turned on and it could be proved that no digital signatures or digital certificates were involved.

It was futher confounded by the fact that the financial institutions were registering their customers and issuing the digital certificates (as well as retaining all the information that went into the digital certificate).

A digital certificate oriented payment transaction was then appending and transmitting back to the customer's financial institution, a copy of the digital certificate (even if it only travelled part way); when the customer's financial institution had retained all that information (the digital certificates not only resulted in 100-times increase in payment transaction payload size, they were also redundant and superfluous).
https://www.garlic.com/~lynn/subpubkey.html#bloat

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Continous Systems Modelling Package

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Continous Systems Modelling Package
Newsgroups: alt.folklore.computers
Date: Mon, 21 Sep 2009 22:16:41 -0400
re:
https://www.garlic.com/~lynn/2009m.html#87 Continous Systems Modelling Package
https://www.garlic.com/~lynn/2009m.html#88 Continous Systems Modelling Package

mention of nlm in ...

tymshare tymnet article form

Future Networks, infotech state of the art conference, london, 14-15nov1977
http://archive.computerhistory.org/resources/text/Tymshare/tymshare.future_networks.1977.102640323.pdf

from above:
In November, 1971, TYMNET was fully deployed and operational, a 50-node net serving 5 host computers for Tymshare, Inc. In February, 1972, the National Library of Medicine put the first non-Tymshare host on the net, an IBM 370/155 with a medical data base. Since then, TYMNET has evolved far beyond its original design goals to become the largest value added network, serving about 25,000 users a day. It is the only international value added network currently operating.

... snip ...

misc. other recent posts mentioning Tymshare
https://www.garlic.com/~lynn/2009j.html#79 Timeline: The evolution of online communities
https://www.garlic.com/~lynn/2009l.html#14 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer
https://www.garlic.com/~lynn/2009l.html#16 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer
https://www.garlic.com/~lynn/2009l.html#52 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer
https://www.garlic.com/~lynn/2009n.html#9 Existence of early 360 software ( was Re: Continous Systems Modelling Packa

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Mon, 21 Sep 2009 22:36:50 -0400
Patrick Scheible <kkt@zipcon.net> writes:
I wish we had some host lists from the 1970s. We know the first four Arpanet sites, but there seems to be a long dark period after that until the early 80s when all we have is IMP counts, not hosts, much less individual users.

re:
https://www.garlic.com/~lynn/2009n.html#24 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#25 Status of Arpanet/Internet in 1976?

where arpanet had more "hosts" than IMPs (nodes) ... (tymshare's) tymnet had larger number of their (tymnet) network nodes ... but fewer hosts
https://www.garlic.com/~lynn/2009n.html#27 Continous Systems Modelling Package

above references this paper ...
http://archive.computerhistory.org/resources/text/Tymshare/tymshare.future_networks.1977.102640323.pdf

tymnet wiki page
https://en.wikipedia.org/wiki/Tymnet

above mentions Varian minicomputers. random virtual machine trivia, Varian had cp/67 system for doing design work ... some of the engineers showed up later at LSI Logic ... and using VM/370 hosts for engineering design.

Varian wiki page ...
https://en.wikipedia.org/wiki/Varian_Associates

LSI Logic wiki page ..
https://en.wikipedia.org/wiki/LSI_Corporation

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Tue, 22 Sep 2009 11:39:22 -0400
Patrick Scheible <kkt@zipcon.net> writes:
I wish we had some host lists from the 1970s. We know the first four Arpanet sites, but there seems to be a long dark period after that until the early 80s when all we have is IMP counts, not hosts, much less individual users.

re:
https://www.garlic.com/~lynn/2009n.html#24 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#25 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#28 Status of Arpanet/Internet in 1976?

just for the fun of it ... i did grep of all RFCs using some of the host names from jul75 telnet survey RFC.

there is RFC751 dated 10Dec78 which is an email survey. neither telnet survey nor the email survey actually claim that they list all known hosts (43 for telnet survey & 92 for email survey) ... however, at least the email survey lists hosts in several categories ... including all those that didn't respond (implying that they attempted to contact all hosts).

it would seem that number of hosts slightly more than doubled between Jul75 and dec78 ... and then slightly more than tripled between dec78 and dec82 (to something like 300 hosts).
AFWL AMES-67 ANL ARPA-DMS BBN-TENEX BBN-TENEXA BBN-TENEXB BBN-TENEXD BBN-TENEXE BBN-UNIX BNL CCA-SDMS CCA-SPEECH CCA-TENEX CCTC CMU-10A CMU-10B CMU-10D CMU-CMMP CTO-DDS DEC-MARLBORO DTI DTNSRDC EGLIN FNWC GUNTER-UNIX HARV-10 I4-TENEX I4B-TENEX ILL-UNIX ISI-SPEECH11 LBL LBL-UNIX LL LL-11 LL-ASG LL-XN LLL-COMP LLL-MFE LONDON LONDON-VDH MIT-AI MIT-DMS MIT-MC MIT-ML MIT-MULTICS MIT-XX MOFFET-ARC NADC NBS-10 NBS-UNIX NCSC NDRE NOSC-CC NOSC-SDL NOSC-SECURE1 NSWC-WO NTIA-ITS NUSC NUSC-NPT NWC NYU OFFICE-1 OFFICE-2 PARC-MAXC PARC-MAXC2 PENT-UNIX RADC-MULTICS RADC-TOPS20 RADC-XPER RAND-RCC RAND-UNIX RUTGERS SDAC-44 SDAC-UNIX SRI-KA SRI-KL SRI-UNIX SU-AI SUMEX-AIM UCLA-ATS UCLA-CCN UCLA-SECURITY USC-ECL USC-ISI USC-ISIB USC-ISIC USC-ISIE UTEXAS WHARTON WPAFB WPAFB-AFAL

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Tue, 22 Sep 2009 11:45:33 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
it would seem that number of hosts slightly more than doubled between Jul75 and dec78 ... and then slightly more than tripled between dec78 and dec82 (to something like 300 hosts).

re:
https://www.garlic.com/~lynn/2009n.html#24 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#25 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#28 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#29 Status of Arpanet/Internet in 1976?

... and much of the growth in number of hosts between jul75 and decl78 seems to be additional connected hosts at existing network nodes (as opposed to additional hosts at new network nodes).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Tue, 22 Sep 2009 13:19:58 -0400
Eric Chomko <pne.chomko@comcast.net> writes:
No. The internet really didn't take off until Sep 1981 with updated RFCs related to TCP, IP, etc. RFCs 791,792,793. See:
https://en.wikipedia.org/wiki/List_of_RFCs


re:
https://www.garlic.com/~lynn/2009n.html#24 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#25 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#28 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#29 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#30 Status of Arpanet/Internet in 1976?

for the fun of it ... i include RFC listed by month published ...
https://www.garlic.com/~lynn/rfcietff.htm

click on "Date" in the RFCs listed by section.

there are a bunch RFCs/month in 71-73 time-frame and then drops off and doesn't really pick back up until the early 90s.

when i started my index ... i would also do some sanity checking regarding listed RFCs in standardization process (STD1) and found a bunch of inconsistencies ... for a while, Postel would carry the list as section "6.10" in STD1. The inconsistencies were eventually cleaned up over time.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Tue, 22 Sep 2009 19:36:23 -0400
Al Kossow <aek@bitsavers.org> writes:
There are several hundred linear feet of documentation from SRI about the ARPANET and the NIC at the Computer History Museum from the early 70's to when the NIC shut down in the early 90's, if a serious researcher wants to write the history. The original plan for the NIC was MUCH more ambitious than its role ended up being (just a clearinghouse for IP addresses). It wouldn't surprise me if there was growth statistics report in there, but I would have no idea where it would be.

a quick search in the catalog turns up
http://www.computerhistory.org/collections/accession/102646704


from long ago and far away ...

+----------------------------------------------------------+
| You have reached what *USED* *TO* *BE* ftp.nisc.sri.com  |
+----------------------------------------------------------+

+----------------------------------------------------------+
| This site no longer supports NIC related services        |
| This site no longer maintains any RFC or IETF archives   |
| This site no longer supports anonymous FTP service       |
+----------------------------------------------------------+

+----------------------------------------------------------+
| If you are a warm body, you may want to try connecting   |
| to the FTP server at one of the following sites instead: |
|    DS.INTERNIC.NET           NIS.NSF.NET                 |
|    NISC.JVNC.NET             VENERA.ISI.EDU              |
|    WUARCHIVE.WUSTL.EDU       SRC.DOC.IC.AC.UK            |
|    FTP.CONCERT.NET           FTP.SESQUI.NET              |
+----------------------------------------------------------+

+----------------------------------------------------------+
| If you are a program (like archie), please remove this   |
| site from your database of FTP sites (as if "you" will   |
| actually understand and heed this message)               |
+----------------------------------------------------------+

+----------------------------------------------------------+
| Lack of FTP service signing off.  Over and out...        |
+----------------------------------------------------------+

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Tue, 22 Sep 2009 23:53:01 -0400
Walter Bushell <proto@panix.com> writes:
OSI wasn't a protocol it was a method of specifying protocols.

re:
https://www.garlic.com/~lynn/2009n.html#24 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#25 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#28 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#29 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#30 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#31 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#32 Status of Arpanet/Internet in 1976?

ISO had the "OSI Model" ... and requirement that (international networking) standardization work had to conform to the "OSI Model" (sometimes referred to as simply OSI).

I was involved in taking HSP (high-speed protocol) to ANSI (ISO chartered standards organization in the US) X3S3.3 (responsible for standards related to level 3 & level 4 in the OSI Model)

Is was rejected because there three places where it didn't conform to the OSI model:

1) it supported internetworking protocol ... a non-existent layer in the "OSI model" (somewhere between level 3, networking & level 4, transport).

2) it went directly from level 4, transport to LAN MAC interface, bypassing the level3/level4 interface.

3) it went directly to LAN MAC interface, LAN MAC is something that didn't exist in the OSI Model (LAN MAC interface sits somewhere in the middle of level 3, and subsumes some of the level 3, networking function, defined in the OSI Model.

misc. past posts mentioning HSP (and sometimes X3S3.3)
https://www.garlic.com/~lynn/subnetwork.html#xtphsp

there were other comments about ISO not actually requiring any working implementation for a standard ... compared to IETF which has required at least two interoperable implementations before standardization.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Wed, 23 Sep 2009 10:40:05 -0400
"Dave Wade" <g8mqw@yahoo.com> writes:
There were many reason ISO failed, many of which revolved around money:-

1. The PTTs expected to dominate the market place and wanted charge per packet 2. The Computer Suppliers wanted to charge mega bucks for software for something UNIX systems could do "out of the box" for free. 3. The ISO standards body charges so much for a copy of the standard that no one could provide portable implementations at reasonable prices.

In addition for my money the real killers were:-

4. In order to keep the Mainframe suppliers happy there are so many options that it is highly likely that two conformant implementations would be unable to interwork. 5. It was impossible to write truley portable code because you didn't know which layers of the model would be exposed as APIs by the supplier.


re:
https://www.garlic.com/~lynn/2009n.html#33 Status of Arpanet/Internet in 1976?

a big reason was that OSI still represented the closed VAN networks of the 70s (aka the recent Tymnet reference) ... each operation would offer their own closed networks ... that didn't interoperate (aka have a "internetworking" layer that might interconnect all networks). High prices and closed infrastructure sort of went hand-in-hand.

as previously referenced ... ISO could have final standardization before any implementation was even attempted (not only didn't know about whether implementations were interoperable ... but didn't know if it was even implementable) ... in contrast with IETF which required two (different) interoperable implementations before standardization.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Cybersecurity Today: The Wild, Wild West

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Cybersecurity Today: The Wild, Wild West
Newsgroups: alt.folklore.computers
Date: Wed, 23 Sep 2009 19:56:02 -0400
Cybersecurity Today: The Wild, Wild West
http://www.cio-today.com/story.xhtml?story_id=11300B0BFFOH

from above:

"We're the most vulnerable nation on the Earth because we're the most dependent," John "Mike" McConnell, former director of national intelligence and a senior vice president at Booz Allen Hamilton, says at a conference organized by the Security Innovation Network.

... snip ...

Anne had been con'ed in to doing a stint in charge of (mainframe) loosley-coupled (cluster) architecture in POK. While there, she came up with Peer-Coupled Shared Data architecture
https://www.garlic.com/~lynn/submain.html#shareddata

which except for IMS hot-standby ... didn't see any uptake until sysplex. this contributed to her not staying long in the position ... and then leaving to do a gig at SBS. SBS was eventually dissolved and bits & pieces sold off. BAH picked up the SBS building in Tysons.

a couple yrs ago we had opportunity to have meeting at BAH in conference room on the same flr where her office used to be. Although BAH had gutted and remodeled the interior ... "Mike's" office was almost exactly where her's had been.

misc. past posts mentioning internet & wild, wild west:
https://www.garlic.com/~lynn/2000g.html#39 Could CDR-coding be on the way back?
https://www.garlic.com/~lynn/2001m.html#27 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2001m.html#28 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2001m.html#29 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2001m.html#30 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2001m.html#31 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2002.html#24 Buffer overflow
https://www.garlic.com/~lynn/2002.html#26 Buffer overflow
https://www.garlic.com/~lynn/2002f.html#24 Computers in Science Fiction
https://www.garlic.com/~lynn/2003b.html#62 Storing digital IDs on token for use with Outlook
https://www.garlic.com/~lynn/2003i.html#17 Spam Bomb
https://www.garlic.com/~lynn/2003j.html#34 Interrupt in an IBM mainframe
https://www.garlic.com/~lynn/2003n.html#20 which CPU for educational purposes?
https://www.garlic.com/~lynn/2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceritificates
https://www.garlic.com/~lynn/2004k.html#32 Frontiernet insists on being my firewall
https://www.garlic.com/~lynn/2004o.html#53 360 longevity, was RISCs too close to hardware?
https://www.garlic.com/~lynn/2005g.html#21 Protocol stack - disadvantages (revision)
https://www.garlic.com/~lynn/2007c.html#30 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#32 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#43 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#32 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#67 SSL vs. SSL over tcp/ip
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#7 nouns and adjectives
https://www.garlic.com/~lynn/2007n.html#15 What if phone company had developed Internet?
https://www.garlic.com/~lynn/2007n.html#16 What if phone company had developed Internet?
https://www.garlic.com/~lynn/2007p.html#67 what does xp do when system is copying
https://www.garlic.com/~lynn/2007r.html#13 What do ATMS and card readers use?
https://www.garlic.com/~lynn/2007r.html#45 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#34 File sharing may lead to identity theft
https://www.garlic.com/~lynn/2007u.html#87 CompUSA to Close after Jan. 1st 2008
https://www.garlic.com/~lynn/2007v.html#53 folklore indeed
https://www.garlic.com/~lynn/2008.html#37 1975 movie "Three Days of the Condor" tech stuff
https://www.garlic.com/~lynn/2008g.html#26 CA ESD files Options
https://www.garlic.com/~lynn/2008p.html#28 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#31 FC5 Special Workshop CFP: Emerging trends in Online Banking and Electronic Payments
https://www.garlic.com/~lynn/2008p.html#72 Alternative credit card network
https://www.garlic.com/~lynn/2008p.html#75 Alternative credit card network
https://www.garlic.com/~lynn/2008r.html#29 What if the computers went back to the '70s too?

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

The Compliance Spectrum...Reducing PCI DSS Scope

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: The Compliance Spectrum...Reducing PCI DSS Scope
Date: 23 Sep, 2009
Blog: Information Security Network
The Compliance Spectrum...Reducing PCI DSS Scope
http://www.infosecisland.com/articleview/1170-The-Compliance-Spectrum%E2%80%A6Reducing-PCI-DSS-Scope.html

from above:
This is an article from the 2nd Quarter of Secure Payments. Recently people have been asking about how I can state that the use of end-to-end encryption, tokenization, data vault technologies, and point to point encryption can reduce the PCI DSS compliance burden

... snip ...

Secure Payments
http://www.securepaymentsmag.com/

...

The issue is that in the current paradigm .... PANs are extremely vulnerable ... just knowing the PAN enables being able to perform fraudulent financial transactions ... besides being extremely vulnerable ... it is also required in large number of business processes that occur at millions of places around the world. As a result, we've frequently commented that even if the planet were buried under miles of (information hiding) encryption, it wouldn't stop (PAN) information leakage.

In the mid-90s, the x9a10 financial standard working group was given the requirement to preserve the integrity of the financial infrastructure for *ALL* retail payments (POS, internet, unattended, debit, credit, stored-value, contact, contactless, mobile phone, low-value, high-value, transit turnstyle, etc). As part of the effort, detailed end-to-end threat and vulnerability studies were done ... and resulted in the x9.59 financial standard ... misc. references
https://www.garlic.com/~lynn/x959.html#x959

Part of the X9.59 financial standard was to slightly tweak the paradigm to remove the PAN as threat/vulnerability. It didn't do anything about trying to hide the PAN ... it just eliminated the ability for crooks knowing the PAN, to perform fraudulent transactions.

Prior to getting invited to participate in X9A10, we had been asked to consult with small client/server startup that wanted to do payment transactions on their server ... the startup had invented this technology called SSL they wanted to use ... the result is now frequently called "electronic commerce". The biggest use of SSL in the world today is hiding PAN information as part of this thing called "electronic commerce". One of the results of X9.59 eliminating the need to hide the PAN ... it also eliminates the major use of SSL in the world today.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Firms failing to treat card data security seriously

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Firms failing to treat card data security seriously
Date: 23 Sep, 2009
Blog: Financial Crime Risk, Fraud and Security
Firms failing to treat card data security seriously
http://www.finextra.com/fullstory.asp?id=20530

In the mid-90s, we were asked to participate in the x9a10 financial standard working group which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. The result was x9.59 standard
https://www.garlic.com/~lynn/x959.html#x959

Part of X9.59 standard was to eliminate card data as a vulnerability (slightly tweaked the paradigm so crooks weren't able to use the information for fraudulent financial transactions). One of the observation was that because of the millions of places that card data had to be available for business processes, even if the planet was buried under miles of (information hiding) encrypting, it still wouldn't prevent information leakage.

Credit-card security standards questioned, survey says; IT security executives say big benefit of PCI is impressing business partners, not locking down credit-card data
http://www.networkworld.com/news/2009/100909-congress-mainframes.html

Some of PCI is possibly in response to the (originally Cal state) data breach notification legislation. We were tangentially involved when we were called in to help word-smith the cal. state electronic signature legislation. There were organizations involved in the electronic signature legislation that were heavily involved in privacy issues. They had done in-depth consumer privacy surveys and found the number one issue was "identity theft" ... and a major form of "identity theft" was "account fraud" .... crooks harvesting card information and using the obtained information to perform fraudulent transactions (as previously referenced, x9.59 earlier had slightly tweaked the paradigm to eliminate harvesting card information as a vulnerability ... crooks no longer able to use the harvested information to perform fraudulent financial transaction).

There seemed to be impression that there was little being done to counter-act harvesting card information and some anticipation that resulting publicity from breach notification might motivate countermeasures.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Cybersecurity Today: The Wild, Wild West

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Cybersecurity Today: The Wild, Wild West
Newsgroups: alt.folklore.computers
Date: Thu, 24 Sep 2009 10:16:44 -0400
"Chris Burrows" <cfbsoftware@hotmail.com> writes:
Part of the problem can be traced to the unsafe programming languages that are still in widespread use despite their well-known flaws and insecurities. David Jackson of MIT has written an interesting article titled "A Direct Path to Dependable Software".

re:
https://www.garlic.com/~lynn/2009n.html#35 Cybersecurity Today: The Wild, Wild West

lots of past posts regarding C & common software errors
https://www.garlic.com/~lynn/subintegrity.html#overflow

In the 80s, I had done a lot of programming in vs/pascal ... and never experienced any of the software errors in vs/pascal that are common in C (while it isn't impossible in vs/pascal ... it is about as hard to have some of these errors ... as it is hard in C to *NOT* have the errors). Mainframe tcp/ip implementation was done in vs/pascal ... and I know of none of the common length problems (frequent in C) in that implementation.

A couple of above posts:
https://www.garlic.com/~lynn/2002l.html#42 Thirty Years Later: Lessons from the Multics Security Evaluation
https://www.garlic.com/~lynn/2002l.html#44 Thirty Years Later: Lessons from the Multics Security Evaluation

references a paper looking at '74 air force study of multics
http://www.acsac.org/2002/papers/classic-multics.pdf

including finding the (PLI implementation) Multics had no instances of buffer length related software errors

and slightly related, a NASA High Dependability Computing Consortium workshop (both Jim Gray and I were keynote speakers):
https://web.archive.org/web/20011004023230/http://www.hdcc.cs.cmu.edu/may01/index.html

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Thu, 24 Sep 2009 10:33:08 -0400
jmfbahciv <jmfbahciv@aol> writes:
I'll bet the NSA didn't show up on those maps either :-).

I know that in the 90s, NSA people participated in X9 (financial standard) meetings (especially crypto related meetings) ... and it was not unusual to have email communication from userids at "DOCKMASTER"
http://www.multicians.org/mgd.html#DOCKMASTER

from above:
DOCKMASTER

Unclassified Multics system operated by the US National Security Agency in Linthicum, MD. 1984-1998. Used as a communications tool among security researchers, lots of forum activity. See the DOCKMASTER site history.


... snip ...

and:
http://www.multicians.org/site-dockmaster.html

the above mentions that the DOCKMASTER IMP was hit by lightning in July 1986 and was down for many weeks.

The referenced machine didn't come into existance until after the switch-over to internetworking (and split off of the gov. part). However, the above implies that after the split, IMPs (and original arpanet protocols) continued on for some time (in the gov) ... before they eventually moved to internetnetworking.

Then there is this reference to systems that they used in the 60s:
https://web.archive.org/web/20090117083033/http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml

I did a lot of work on cp67 as an undergraduate in the 60s ... and would periodically even get requests from the vendor to do certain kinds of changes/enhancements. In retrospect, some of the requests were possibly of the nature to have originated from some of those customers (however, I didn't actually learn about those guys until much later).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

DARPA, at least, has a clue (maybe, sometimes)

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: DARPA, at least, has a clue (maybe, sometimes)
Newsgroups: comp.arch
Date: Thu, 24 Sep 2009 12:27:11 -0400
"Del Cecchi" <delcecchiofthenorth@gmail.com> writes:
On the other hand the technology of even 25 or so years ago had significant capability if used properly and was significantly easier to manufacture. For example, in 1970 the whole IBM rochester site ran, including development and manufacturing, on two 360 model 65s with performance less than a modern PC. Today if someone suggested running an industrial enterprise with thousands of employees on a couple of PCs they would probably be locked in a rubber room.

I got 360/67 up to 80 users ... preserving subsecond trivial response ... in mix-moded environment (basically 360/65 with DAT hardware ... the DAT hardware slowed 360/65 memory cycle/processing from 750mics to 900mics)

slightly related recent post in a.f.c.
https://www.garlic.com/~lynn/2009n.html#39 Status of Arpanet/Internet in 1976?

mentions some darpa related institutions using 360/67 in the 60s & 70s (I didn't learn about those guys until much later).

this is reference to some pontificating I was doing in the 70s & 80s ... that eventually got me in trouble with the disk division (relative system thruput of disks had declined by an order of magnitude over a period of 15 yrs):
https://www.garlic.com/~lynn/93.html#31 Big I/O or Kicking the Mainframe out the Door

with similar user workload profile ... the number of users supported by cp67->vm370 increased by about factor of four (about the same as increase in disk thruput) while the processor power increased by nearly a factor of 50.

some executive in the disk division, taking offense, assigned their performance group to refute the statements. after a few weeks, they came back and said that I had actually slightly understated the problem.

part of the issue was that as undergraduate in the 60s ... i started doing dynamic adaptive resource scheduling (sometimes referred to as fairshare scheduler ... because default policy was fair share) and "scheduling to the bottleneck". By the mid-70s, it was becoming apparent that the bottlenecks were changing (increasing processor speed and memory sizes but disk thruput improvements were lagging).

as mentioned in the above ... just taking processor speed and memory size ... a 3081k should have supported a couple thousand users (rather than a couple hundred) ... just using processor thruput measure.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Follow up

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Follow up
Newsgroups: comp.protocols.tcp-ip
Date: Thu, 24 Sep 2009 14:23:19 -0400
Ouyang <ouyangtu@gmail.com> writes:
Finally The HTTP layer will have to check errors according to the data received from underlying layer No matter it's TCP or UDP,

TCP will say "Hey, this is the data so far I have, and I guarantee it's all the remote node have sent by now, and the order is correct, but I don't know whether remote node finish or not" UDP will say "Hey, this is the data so far I received from remote node, no guarantee at all"


there are bits and pieces of other stuff. we had been brought in to consult with a small client/server startup that wanted to do payment transaction on their server ... the startup had also invented this stuff called "SSL" that they wanted to use; the result is now frequently called "electronic commerce".

as part of the effort, there was something called a "payment gateway" deployed. we had sign-off authority on the webserver to payment gateway and we mandated some amount of additional features 1) required "SSL" mutual authentication (which hadn't been implemented prior to that time), 2) multiple A-record support (i.e. DNS reponds with multiple IP-address and if the connection attempt fails for the first IP-address, it cycles thru other "A records", and 3) some number of compensating procedures. misc. past posts mentioning "payment gateway"
https://www.garlic.com/~lynn/subnetwork.html#gateway

Part of the problem was that payment transaction messages were use to flowing over a circuit-based infrastructure ... just remapping to packets & the internet, didn't provide the same level of service. An example is that "merchant" trouble desk (merchant having trouble) is expected to do 1st level problem determination within five minutes. Early in trial deployment of the "payment gateway" there was a problem/trouble call that was investigated for three hrs and closed as NTF (no trouble found). There were a lot of implicit diagnostic processes that were lost in move from circuit-based infrastructure to the internet ... and we had to develop compensating processes (new diagnostic and fault isolation operations).

Although, we didn't have sign-off authority on the browser/server side of the operations ... I suggested several times that the browser also include multiple A-record (whether http or https). For instance, a major early adopter was doing national TV advertisements on Sunday NFL football ... and was antificapting a lot of clicks during half-time. However, one of their ISPs (at the time) was in the habit of taking down routers for service on sunday. Even tho they had multiple links to different places in the internet (increased availability) ... multiple-A record support in the browser would be required to get through (if their major ISP connection was down).

Anyway, the browser group responded that multiple A-record support was too advanced and wouldn't do it. I then provided them with example FTP & telnet client (multiple A-record) code from 4.3 RENO. It still took another year to get multiple A-record support into the browser.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

DARPA, at least, has a clue (maybe, sometimes)

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: DARPA, at least, has a clue (maybe, sometimes)
Newsgroups: comp.arch
Date: Fri, 25 Sep 2009 00:02:12 -0400
"Del Cecchi" <delcecchiofthenorth@gmail.com> writes:
All that stuff about VM and TSslOw is why Rochester wrote MTMT and ran it for years. It was long running batch job that interfaced to the 2260 and later 3270 terminals to allow editing and batch job submission.

re:
https://www.garlic.com/~lynn/2009n.html#40 DARPA, at least, has a clue (maybe, sometimes)

undergraduate at the univ ... most of the workload was batch & so ran os/360 and the 360/67 as 360/65 for most of the time (I was able to run cp67 a little mostly late weekend nights). I had added ASCII/TTY terminal support to cp67.

I was also responsible for os/360, hasp, etc support at the univ. I then added TTY & 2741 terminal support to HASP ... as well as interactive editor ... implementing the CMS editor command syntax in HASP (time-frame was OS/360 MVT18). Allowed editing and batch jog submission.

Univ. didn't have any 2260s ... however, original cp67 2741 & 1052 support was done in such a way, tricks of programming 2702 controller, that it did automatic terminal type identification. When I added, TTY support (both cp67 and later HASP), i tried to do the same thing. This worked for hardwired lines ... but was problem with dial-up using common base number for rotary pool (the problem was a short cut in the 2702 hardware implementation that hardwired the line-speed for each port; 2741 & 1052 were fine because they were same line-speed ... but TTY was different).

This was somewhat motivation behind univ. starting a clone controller project; reverse engineer mainframe channel interface, build channel interface board for Interdata/3 and program Interdata/3 to emulate 2702 controller, with addition of being able to do agile/dynamic line-speed. Four of us got written up & blamed for clone controller product. orignally sold under interdata name and later under perkin/elmer logo ... at least thru much of the 80s, a lot went into gov. accounts. The implementation started out with interdata/3 handling both the channel interface and the line scanner. This was later extended to cluster with interdata/4 handling the channel interface and multiple interdate/3s handling the line scanner function.

the univ. had also gotten a 2250mod1 (channel attach) ... and I also played with cms editor supporting 2250.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Fri, 25 Sep 2009 09:47:18 -0400
jmfbahciv <jmfbahciv@aol> writes:
Oh, I see what you're distinguishing. It's roots were being watered and tended, though. I don't think any of us could have anticipated the "web" usages that occurred in the 90s. Data entry and screen forms had been.

one of the things in the NSFNET backbone ... was that the telcos (and others) had put in large amount of (dark) fiber ... but they couldn't figure out how to break the $$/bits long-jam. the telcos had huge fixed-cost run rate ... w/o bandwith hungry applications, significantly reducing $$/bits would drop their revenue way below their run rate for several years (until the bandwidth hungry apps appeared). however, w/o significantly reduced $$/bits (for high bandwidth connections) ... the bandwidth hungry apps weren't going to be invented.

corporations donated resources to NSFNET backbone (and other education networks, significantly in excess of what was paid for). This was targeted at creating incubator for bandwidth hungry apps ... and the prohibitions against commercial use ... was as much to prevent commercial revenue from bleeding off into educational networks, as any other reason. In that sense it worked.

misc. past posts mentioning NSFNET
https://www.garlic.com/~lynn/subnetwork.html#nsfnet

as other past references, besides the organizational issues with scaling up the closed arpanet infrastructure ... the arapnet protocols were starting to experience scale-up issues by the late 70s. I remember late 70s comments that arpanet would have sporadic periods where the arpanet links were nearly totally saturated with administrative traffic (exchanging information about what nodes and routes were up ... and which way to route traffic).

internet backbone ran into something like that in the mid-90s (of course the scale-up size was several orders of magnitude larger than arpanet from a couple decades earlier).

we had been called in to consult with small client/server startup that wanted to do payment transactions on their server ... and they had invented this technology called "SSL" they wanted to use; the result is now frequently called "electronic commerce". As part of the effort we deployed this thing called "payment gateway" ... some past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway

part of the payment gateway was lots of availability ... including doing HA/CMP configuration ... misc. past posts having done HA/CMP product
https://www.garlic.com/~lynn/subtopic.html#hacmp

in fact, two people at the startup responsible for the "commerce server" had previously been involved in our HA/CMP activity ... mentioned in this Jan92 meeting in Ellison's conference room
https://www.garlic.com/~lynn/95.html#13

part of availability was multiple links into different places in the internet backbone. Initially I started out planning on advertising (routed) alternate routes for servers (multi-home) ip-addresses. However, in the period of the deployment, internet backbone announced transition to hierarchical routing. As a result ... my only fall-back was to multiple A-record ... ip-addresses and routes didn't change ... just that there were multiple A-records (ip-addresses) for the payment gateway URL.

recent post (in tcp-ip n.g.) discussing getting multiple A-record support implemented:
https://www.garlic.com/~lynn/2009n.html#41

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Follow up

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Follow up
Newsgroups: comp.protocols.tcp-ip
Date: Fri, 25 Sep 2009 09:58:05 -0400
David Schwartz <davids@webmaster.com> writes:
Exactly. You're very unlikely to overcome the fact that TCP has been worked out by protocol experts and implemented in each operating system by experts on that particular platform.

The only time UDP wins over TCP is when TCP has an expensive feature that the particular application does not need. For example, if you don't need retransmissions, for example, it can be a big win to use UDP.


this was such a problem for 6-12 months in mid-90s.

one of the things was TCP session involves a minimum of 7 packet exchange ... and keeps FINWAIT list for dangling session packets. TCP session were assumed to be long-lived ... and session close was relatively infrequent activity with FINWAIT list very short. As a result, there was linear search of the FINWAIT list for incoming packets.

HTTP behavior use of TCP/IP ... was more packet-like (UDP) than session-like (TCP) ... and loaded webservers were starting to see thousands on the FINWAIT list ... and spending 95% of processor time doing FINWAIT list search. Big websites couldn't add machines fast enough to handle the processing requirement. It took a little time for vendors to come out with new release that completely redid FINWAIT list handling and significantly reduced that overhead.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Fri, 25 Sep 2009 18:46:03 -0400
a little more x-over from post in thread
https://www.garlic.com/~lynn/2009n.html#27 Continous Systems Modelling Package

regarding tymnet:
HISTORICAL PERSPECTIVE

In the late 1960s, two networks were developed which laid the groundwork for all networks to follow. They were the ARPAnet, and TYMNET. The ARPAnet was sponsored by the United States Department of Defense as an experiment in computer communications.

Its purpose was to tie together many different kinds of large computers on many different university campuses. A variety of simultaneous experiments could then be carried out to test the feasibility of sharing data base, hardware, and software among the universities.

50 kilobit lines and packet switching were used to move the data. Since low speed terminal support was not a consideration and since the lines were lightly loaded, the inefficiencies of packet switching did not matter. Network control was distributed among the nodes, with each node having global knowledge of the net. Some standard host interfaces were developed and many independent teams of graduate students successfully modified their machines to attach them to the net. The ARPAnet was quite successful in achieving its original goals. It became the most widely studied and publiczed network.

TYMNET developed quite differently. Its primary purpose was to interface large numbers of low speed terminals to a relatively small number of timeshared computers operated by Tymshare, Inc. Most of these terminals were full duplex and interacted with the computers character by character. Each character was echoed from either the network or the computer according to what the user was doing. Echo control had to pass back and forth between network and computer very smoothly to retain the flexible typing characteristics of the full duplex terminal. Finally, since this was to operate in a commercial environment, it had to be efficient and low cost. That ruled out packet switching and 50 kilobit lines.

A scheme called virtual circuit switching was invented in which the path that the user's data was to follow was determined when the user logged on. This path was called the virtual circuit because of its analogy with a telephone circuit. Data following that circuit does not have to carry routeing information with it. Furthermore, data from many users can share the same physical record. The overhead of checksums and record headers can be spread over many small users. Finally, since flow control operates node to node rather than circuit end to circuit end, there is no need for the recipient of data to send back a message to the sender that it is all right to send more data. This scheme proved to be so efficient that it is possible to serve up to 40 low speed (10 to 30 character per second) interactive terminals on one 2400 bit per second line.


... snip ...

re:
https://www.garlic.com/~lynn/2009n.html#24 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#25 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#28 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#29 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#30 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#31 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#32 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#33 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#34 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#39 Status of Arpanet/Internet in 1976?

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Follow up

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Follow up
Newsgroups: comp.protocols.tcp-ip
Date: Fri, 25 Sep 2009 23:39:52 -0400
rpw3@rpw3.org (Rob Warnock) writes:
Which is why in the late 1980s Greg Chesson invented XTP, which supports (quasi-)reliable[1] multicast, see:

https://en.wikipedia.org/wiki/Xpress_Transport_Protocol
http://www1.cs.columbia.edu/~hgs/internet/xtp.html
http://osm7.cs.byu.edu/people/gardner/xtp/xtp.html
http://www.ietf.org/rfc/rfc1458.txt [Section 3.2 "XTP"]

Unfortunately, interest in XTP has waned markedly in recent years, despite the U.S. Navy's use of it for SAFENET.


I was on the XTP technical advisery board.

One issue is error drops ... and another issue was congestion. Rate based congestion control is a lot more stable than window-based stuff.

earlier we had been doing some stuff with cyclotomics on FEC. One was reed-solomon ecc for normal transmission ... but if there was packet arrive in error (as opposed to dropped packet) ... rather than retransmit the original packet ... transmit the half-rate viterbi (also encoded with reed-solomon ecc).

XTP has minimum of 3-packet exchange for reliable transaction (compared to minimum of 7-packet exchange for TCP).

I've periodically proposed a non-PKI (certificate-less) XTP SSL transaction using DNSSEC. Piggy-back (dnssec) registered public key in the ip-address lookup response. Client then generates random SSL symmetric key, encodes the XTP packet with the symmetric key and encodes the symmetric key with the (server's) public key (from the dns response). some related posts
https://www.garlic.com/~lynn/subpubkey.html#catch22

XTP SSL transaction could then be less expensive than equivalent transaction using vanilla HTTP (w/o encryption).

... bits & pieces from long ago and far away (I've got some amount of the stuff still in boxes someplace):


Protocol Engines 1990 Document Register (revision date 12/14/90)

90-1     SGI Plans XTP Chip - Digital Review
90-2     LAN Protocol Pushed - CS News
90-3     XTP Short Tutorial - Weaver
90-4     XTP/PE Design Considerations - Chesson
90-5     Multicast Strategies for XTP - Weaver
90-6     Extract of Proceedings of Gigabit Workshop - NRI
90-7     VMEbus Controller Implementations Survey - Warnock
90-8     Engineering Report - Gronski
90-9     XTP Workshop Report - Chesson
90-10    Preliminary XBUS and CBUS Specification - Warnock
90-11    Xpress Transfer Protocol Report - Weaver
90-12    N-Party Operation Taxonomy I - Chesson
90-13    ANSI Plan A, B, Straw Vote
90-14    IEEE 802.6 Report - Mollenaur
90-15    Medical Imaging and HS Protocols - Chimiak
90-16    KRM Status - Jan 24, 1990 - Chesson
90-17    NSWC Report - Marlow
90-18    SAFENET Status Report- Cohn
90-19    Minutes of January TAB Meeting - Green
90-20    Requirements for LANS and MANS - ECMA
90-21    PRM Preliminary Interface Specification - Warnock (obsoleted by 90-29)
90-22    January-February Press Clippings
90-23    Paradigm Shift Draft Rev 0 - Moulton (obsoleted by 90-44)
90-24    UVA XTP Status Report - Weaver
90-25    HSP Requirements - X3S3.3
90-26    Soderblom Patient - Chesson
90-27    HSP Requirements - Marlow
90-28    HSP Report - Green
90-29    PRM Preliminary Interface Spec - Warnock
90-30    IEEE 802 Report - Green
90-31    Minutes of X3S3.3 Meeting - Feb. 1990 - Green
90-32    XTP Porting Reference Model - Warnock
...
90-200   KRM Distribution Guide 12/14/90 - Whaley

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook'

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook'.
Newsgroups: alt.folklore.computers
Date: Sat, 26 Sep 2009 00:11:15 -0400
Charles Richmond <frizzle@tx.rr.com> writes:
And making decisions that bring profit in the *short* term, but are a *disaster* in the long term. The current "mortgage crisis" is a case in point.

or ... making decisions motivated by individuals personal compensation/bonuses based on the size & number of transactions w/o regard to profit, loss, risk and/or whether it might take down the institution, or destroy the country's (or even the world's) economy

... it is almost like some of the stereotype stories about teenagers getting so involved in violent roll-playing games ... they no longer can differentiate fantasy from reality; it is purely the thrill of the game.

the mortgage originators didn't care, they wrote the mortgages as fast as possible w/o regard to risk ... only issue was how much and how fast ... and they took their percentage ... and unloaded them to be somebody else's problem.

... I recently got notified that this was ranked as "best" answer to (linkedin) question from nearly year ago (there is close parallel to the unregulated mortgage originators being able to unload everything they could write w/o regarding to quality ... taking down the economy ... and the '20s brokers' loans fueling the stock market speculation and crash of '29):
My Question: How is Subprime crisis impacting other Industries?

Your Answer:

Unregulated mortgage originators found a large untapped source of funds by packaging mortgages as triple-A rated toxic CDOs. Since they could unload ever mortgage they could write w/o regard to quality (as triple-A rated toxic CDOs) ... the question is what kind of mortgages had little activity. In the past, there was limited source of funds for writing low-quality mortgages. With triple-A rated toxic CDOs, funds for this market became almost unlimited. This nearly unlimited source of funds became very attractive for speculators; no-documentation, no-downpayment, 1percent, interest only ARMs could be leveraged for 2000% or better ROI (planning on flipping the property before the rate reset).

Subprime had originally been targeted at 1st time, low-income home buyers. However, speculators could leverage "sub-prime" all across the home-owner market. The speculation, in addition to greatly inflating home prices, made it appear like demand was much larger that it actually was. As a result, construction companies took out loans to build large number of additional houses & stripmalls for the apparent big upswing in demand (anticipating they would sell the houses & stripmalls and pay off the loans). Companies that supplied material for building, took out loans to stock the additional supplies. Cities & towns sold bonds to build all the infrastructure services for all the new housing projects (anticipating all the additional real estate taxes when the properties sold ... would fund the bonds).

When the speculation bubble burst, the properties went unsold ... hitting all the construction companies (and their loans), the building material supply companies (& their loans), and the municipalities (and their bonds). Bursting of the speculation bubble then starts to spread throughout much of the economy.

CDOs were used two decades ago during S&L crisis to obfuscate underlying value and sell for more than they were worth.

Congressional hearings a couple weeks ago looked at toxic CDOs getting triple-A ratings. Testimony was that both mortgage originators and rating agencies knew that the toxic CDOs weren't worth triple-A rating ... but the mortgage originators were paying for the triple-A ratings. This enormously increase the market for these instruments (and the source of funds)

On the institution side buying all these triple-A rated toxic CDOs ... there was questionable behavior ... they were playing both 1) long/short mismatch ... which has been known for centuries to take down institutions and 2) capital leveraged 40-80 times buying triple-A rated toxic CDOs.

All of the individual characteristics had been around before the triple-A ratings ... but the availability of funds was severely limited. Getting the triple-A ratings on toxic CDOs contributed to all the isolated hotbeds of greed and corruption to turn into a firestorm.

Links:
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html


... snip ...

re:
https://www.garlic.com/~lynn/2008q.html#20 How is Subprime crisis impacting other Industries?

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Microprocessors with Definable MIcrocode

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Microprocessors with Definable MIcrocode
Newsgroups: alt.folklore.computers
Date: Sat, 26 Sep 2009 00:45:02 -0400
Charles Richmond <frizzle@tx.rr.com> writes:
The AMD 2900 bit-slice microprocessors came up in a previous thread. Al Kossow noted that he would soon post material related to these chips. It was mentioned that the KL version of the PDP-10 used these chips for the CPU. And then there's the Foonly...

no ... but the 29k was a risk processor
http://www.cpushack.net/Am29k.html

above references that 29k was "descended from the berkeley risc design (and the ibm 801 project)".

one of the big efforts for 801 in the late 70s and early 80s was to replace the large number of internal microprocessors that then were microcoded for low-end & mid-range 370s ... as well as large number of embedded processors in various products & controllers (as well as going to be the original processor for AS/400).

that 801/Iliad effort eventually floundered ... as/400 quickly doing a cisc, 4331/4341 follow-ons (4361 & 4381) doing cisc, and microprocessors continued business as usual for a time. With the floundering of those projects, some number of 801 engineers left and showed up at other companies. I have some vague recollection that one showd up at AMD working on 29K ... and there was some legal wrangling for a time about possible 801/Iliad secrets leaking. misc. past 801, risc, iliad, romp, rios, power/pc, etc posts
https://www.garlic.com/~lynn/subtopic.html#801

The other thing was some number of the silicon valley chips shop in the 70s and early 80s (before the availability of engineering workstations) were large vm370 shops (some even cp67 before that) ... and some of their support people would show up at monthly virtual machine user group meetings held at SLAC. I remember getting amd 2900 and early amd 29k books from such a contact.

the cpushack reference mentions that AMD discontinued the 29k in 1985, but because of its mission critical uses, they sold it off to Honeywell ... where it is still being used today: Boeing 777 - All Models, Boeing 737-600/700/800, Boeing 717, Federal Express MD-80s, US Airforce KC-10, US Airforce C5B Galaxy

a little more drift on 29050:

Versatile Integrated Avionics (VIA)
http://www.honeywell.com/sites/aero/Military-Aircraft3_C5470C98A-2B24-D58B-E116-A12EE0618C23_HE5F5AEBE-E7E3-B706-E36D-4D58219C52D0.htm

Boeing Flies on 99% Ada
http://www.adaic.org/atwork/boeing.html

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook'

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook'.
Newsgroups: alt.folklore.computers
Date: Sat, 26 Sep 2009 00:55:26 -0400
Walter Bushell <proto@panix.com> writes:
But yes, there was a lot of pressure on the quants to "prove" that investments were safe. To sell the things they needed a number and if you wanted to keep your job, you gave them their number.

Just like business consulting. You come in to do a study, find out what management wants to do and recommend managements desire. But, of course, you have to make it look like an independent study of the situation.


re:
https://www.garlic.com/~lynn/2009n.html#47 Opinions on the 'Unix Haters' Handbook'

the other scenario was that everything was fiddled to do what the traders & deal people wanted to do ... risk managers were overruled and/or told to adjust the parameters until they supported what the traders & deal people wanted.

example was article from 18Sept2008

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/

article from summer 2007:

Subprime = Triple-A ratings? or 'How to Lie with Statistics' (gone 404 but lives on at the wayback machine)
https://web.archive.org/web/20071111031315/http://www.bloggingstocks.com/2007/07/25/subprime-triple-a-ratings-or-how-to-lie-with-statistics/

misc. past posts mentioning above articles:
https://www.garlic.com/~lynn/2008n.html#49 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#65 Whether, in our financial crisis, the prize for being the biggest liar is
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#72 Why was Sarbanes-Oxley not good enough to sent alarms to the regulators about the situation arising today?
https://www.garlic.com/~lynn/2008n.html#78 Isn't it the Federal Reserve role to oversee the banking system??
https://www.garlic.com/~lynn/2008n.html#80 Why did Sox not prevent this financal crisis?
https://www.garlic.com/~lynn/2008n.html#82 Fraud in financial institution
https://www.garlic.com/~lynn/2008o.html#15 Financial Crisis - the result of uncontrolled Innovation?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#19 What's your view of current global financial / economical situation?
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#34 The human plague
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008q.html#49 Have not the following principles been practically disproven, once and for all, by the current global financial meltdown?
https://www.garlic.com/~lynn/2008q.html#50 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008r.html#58 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008s.html#8 Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#29 Let IT run the company!
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?
https://www.garlic.com/~lynn/2008s.html#62 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2009.html#14 What are the challenges in risk analytics post financial crisis?
https://www.garlic.com/~lynn/2009.html#63 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#80 Are reckless risks a natural fallout of "excessive" executive compensation ?
https://www.garlic.com/~lynn/2009b.html#36 A great article was posted in another BI group: "To H*** with Business Intelligence: 40 Percent of Execs Trust Gut"
https://www.garlic.com/~lynn/2009b.html#53 Credit & Risk Management ... go Simple ?
https://www.garlic.com/~lynn/2009b.html#54 In your opinion, which facts caused the global crise situation?
https://www.garlic.com/~lynn/2009b.html#65 What can agencies such as the SEC do to insure us that something like Madoff's Ponzi scheme will never happen again?
https://www.garlic.com/~lynn/2009c.html#4 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#28 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009d.html#16 The Formula That Killed Wall Street
https://www.garlic.com/~lynn/2009d.html#18 HSBC is expected to announce a profit, which is good, what did they do differently?
https://www.garlic.com/~lynn/2009d.html#30 I need insight on the Stock Market
https://www.garlic.com/~lynn/2009d.html#36 Bernanke Says Regulators Must Protect Against Systemic Risks
https://www.garlic.com/~lynn/2009d.html#40 Bernanke Says Regulators Must Protect Against Systemic Risks
https://www.garlic.com/~lynn/2009d.html#59 Quiz: Evaluate your level of Spreadsheet risk
https://www.garlic.com/~lynn/2009e.html#8 The background reasons of Credit Crunch
https://www.garlic.com/~lynn/2009g.html#1 Future of Financial Mathematics?
https://www.garlic.com/~lynn/2009g.html#31 OODA-loop obfuscation
https://www.garlic.com/~lynn/2009h.html#29 Analysing risk, especially credit risk in Banks, which was a major reason for the current crisis
https://www.garlic.com/~lynn/2009j.html#38 what is mortgage-backed securities?

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Sat, 26 Sep 2009 10:08:09 -0400
jmfbahciv <jmfbahciv@aol> writes:
I think a lot of people thought that the "control" of their site's network should be centrally located, both physically and computationally. Once that mindset was changed, the routing traffic decisions became more adaptive based on reality rather than where the decision makers were placed within the network.

re:
https://www.garlic.com/~lynn/2009n.html#43 Status of Arpanet/Internet in 1976?

... centralized physically, computationally, and as significant administratively. however, the arpanet scenario about saturating bandwidth was all the IMPs exchanging lots of activity & status information and then having all the IMPs coming to decisions based attempting to have all information distributed to all IMPs.

... note that in the tymnet reference ... they mention having significantly more efficient infrastructure
https://www.garlic.com/~lynn/2009n.html#27 Continous Systems Modelling Package
https://www.garlic.com/~lynn/2009n.html#28 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#45 Status of Arpanet/Internet in 1976?

the internal network didn't have the "control" characterisitic ... misc. past posts mentioning internal network & being larger than the arpanet/internet from just about the beginning until sometime late '85 or possibly early '86
https://www.garlic.com/~lynn/subnetwork.html#internalnet

there is folklore story about somebody from corporate hdqtrs discovering the internal network circa 1980 and doing an investigation. at one point the person explains that there has been detailed study of what would be required to implement a fully distributed operation ... and the resources involved. supposedly the people-yrs to implement the supposed "distribtued operation" of the internal network is so humongous, that it would have had to show up as an individual budget line-item at the corporate level ... and no such line-item has ever should up (well beyond the capability of a single person at the cambridge science center).

I had gotten blamed for computer conferencing on the internal network in the late 70s and early 80s ... and I don't remember whether the above incident predated corporate becoming aware of the online computer conferencing characteristic.

for more drift, on-going thread in comp.protocols.tcp-ip
https://www.garlic.com/~lynn/2009n.html#41
https://www.garlic.com/~lynn/2009n.html#44

including mention of Greg Chesson inventing XTP (for a couple yrs, I was on the XTP technical advisery board)
https://www.garlic.com/~lynn/2009n.html#46

taking HSP to x3s3.3 ... mentioned earlier in this thread
https://www.garlic.com/~lynn/2009n.html#33 Status of Arpanet/Internet in 1976?

was done out of XTP effort ... the most recent post in the comp.protocols.tcp-ip includes part of the XTP TAB document register ... which has references to x3s3.3 activity (some of the TAB documents I have partial softcopy ... majority is in boxes someplace).

minor reference to Greg having earlier done UUCP
http://www.uucp.org/papers/chesson.html

past posts mentionin xtp &/or hsp (and/or OSI & x3s3.3):
https://www.garlic.com/~lynn/subnetwork.html#xtphsp

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Follow up

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Follow up
Newsgroups: comp.protocols.tcp-ip
Date: Sat, 26 Sep 2009 13:17:31 -0400
bits & pieces from (20yrs ago):
Transfer vol. 2 no. 5 Protocol Engine Information September/October 1989

In this issue:

XTP Electronic Mail Group XTP Multicast Group Management X3S3.3 HSP Meeting Thoughts on Fast Protocols Use of the XTP Path Command TAB Activity On the Road with XTP1


... snip ... and ...
XTP Multicast Group Management and Data Transfer by Alfred C. Weaver, Bert J. Dempsey, W. Timothy Strayer

(editors note: this is the second installment on a five part series on Multicast)

Group Management

In developing any multicasting facility one must first decide on the nature of the multicast groups and how they will be created and modified. In this section we look first at group attributes of possible interest, then at the functionality of the group management protocol, and finally at a classification of the ways to implement group management.


... snip ... and ...
To Probe Further ....

BIRM87 - Birman, Kenneth, and Josepth, T., "Reliable Communication in the Presence of Failures", ACM Transactions on Computer Systems, Volume 5, Number 1, pp 47-76, February 1987

CHER85a - Cheriton, D., and Deering S.E., "'Host Groups' a Multicast Extension for Datagram Interneworks", Proceedings of the Ninth Data Communications Symposium, IEEE?ACM, Whistler Mountain, BC, Canada, pp. 172-179, Sept. 1985

CHER85b - Cheriton, D. and Zwaenepoel, W., "Distributed Process Groups in the V Kernel", ACM Transactions on Computer System, Volume 3, Number 2, pp. 77-107, May 1985

CHER89 - Cheriton, D. and Williamson, Carey L., "VMTP as the Transport Layer for High-Performance Distributed Systems", IEEE Communications Magazine, pp. 37-44, June 1989

GAIT89 - Gait, Jason, "A Kernel for High-Performance Multicast Communications", IEEE Transactions on Computers, Volume 38, Number 2, February 1989.

HUGH87 - Hughes, L., "An Introduction to Multicast Communications", Proceedings of the Special Conference of the International Council for Computer Communications, New Delhi, India, October 1987

PALI88 - Paliwoda, K., "Transactions Involving Multicast", Computer Communication Review, Volume 11, Number 6, pp. 313-18, December 1988


... snip ... and ...
Thoughts on Fast Protocols by Alfred C. Weaver

Protocol speed is affected by its design philosophy, mechanical definition, implementation, and the circumstances of its eventual use. My comments are focused mainly on design philosophy. Since the transport layer is the traditional provider of reliable communications, these comments are therefore focused on that layer in particular. Let's examine some common design philosophies.


... snip ... and ...
(2) A connection must exist before data can be reliably transferred.

The ISO TP4 philosophy is a six-way handshake: connection request, connect confirm, data transfer, acknowledgment, disconnect request, and disconnect confirm. The Xpress Transfer Protocol (XTP) has shown that data can be reliably exchanged with a three-way handshake: one to establish the context and transfer the data, one to acknowledge the context and data, and one to terminate the context. There is little harm in allowing data to accompany the connection request. If the connection is accepted then data transfer has already begun; if refused, the loss is just the investment in transmitting one frame.


... snip ...

the above multicast article reference has mention of VMTP which has IETF RFC1045.

for some more drift ... my rfc index
https://www.garlic.com/~lynn/rfcietff.htm

re:
https://www.garlic.com/~lynn/2009n.html#41 Follow up
https://www.garlic.com/~lynn/2009n.html#44 Follow up
https://www.garlic.com/~lynn/2009n.html#46 Follow up

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Security

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Security
Newsgroups: alt.computer.security
Date: Sun, 27 Sep 2009 10:22:53 -0400
Randy Yates <yates@ieee.org> writes:
I wonder if you can install a virtual machine under a virtual machine? A la "Thirteenth Floor"? If so, could it be somehow leveraged to this problem?

before 370 was announced (or even built) there was project at the science center to simulate the 370 architecture (in cp67) (which was somewhat different than the 360 architecture, some new instructions, virtual memory hardware tables had different format, etc).

the problem was that the science center cp67 time-sharing service also had numerous (non-employee) users (students and others) from various educational institutions (harvard, mit, bu, etc) in the boston/cambridge area. as a result, there was lots of security concerns that the effort would leak (confidential) information about unannounced products.

so the decision was made that the modifications (for 370 virtual machines) were made to version of cp67 system that ran in a 360/67 virtual machine (kept isolated from what the non-employees had access to).

then a different cp67 was modified to run on 370 machine (using the new instructions and building the 370 virtual memory tables ... rather than the 360 virtual memory tables). the result was:

360/67 hardware
->  cp/67 running on real 360/67 providing 360 virtual machines
->    cp/67 running in 360 virtual machine providing 370 virtual machines
->      cp/67 running in 370 virtual machine providing 370 virtual machine
->        cms running in 370 virtual machine
all of this was operational and in regular use a year before there was engineering 370s with virtual memory hardware support (circa 1970) ... and while non-employees also had online access to the same, underlying (unmodified) cp67 virtual machine system (running on the real 360/67 hardware).

"real" virtual machine implementations are recursive.

there was an incident where information about 370 virtual memory was leaked ... but it didn't involve the above effort. an internal confidential document was copied and made it into the hands of somebody from the press. there was an investigation attempting to identify who leaked the information. one of the results were that all the corporate copier machines were modified so that they left (unique) identifiable mark on paper copies (indicating which machine made the copy).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Long parms...again

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: lynn@GARLIC.COM (Anne & Lynn Wheeler)
Subject: Re: Long parms...again
Newsgroups: bit.listserv.ibm-main
Date: 27 Sep 2009 08:11:04 -0700
wmhblair@COMCAST.NET (William H. Blair) writes:
Of course, to some people it wasn't "common knowledge." But folks were no more interested in hearing about the two-digit year problem in 1981 than they were in 1995. Nobody (but some banks and a lot of software vendors) cared. It would not hit the fan until much later, as I am sure everyone now well remembers.

I had gotten blamed for online computer conferencing on the internal network in the late 70s and early 80s (back then it was decidedly not viewed as a good thing). after some investigation there was eventually decided to have officially sanctioned online computer conferencing (implemented with CMS "toolsrun" exec ... basically concurrently supported both mailing listserv-like operation as well as usenet kind of operation).

in any case there was an internal computer conference (CENTURY) discussing the upcoming y2k problem ... old post in the discussion from somebody working with nasa about some related problems:

Date: 7 December 1984, 14:35:02 CST
To: Distribution

1.In 1969, Continental Airlines was the first (insisted on being the first) customer to install PARS. Rushed things a bit, or so I hear. On February 29, 1972, ALL of the PARS systems canceled certain reservations automatically, but unintentionally. There were (and still are) creatures called "coverage programmers" who deal with such situations.

2.A bit of "cute" code I saw once operated on a year by loading a byte of packed data into a register (using INSERT CHAR), then used LA R,1(R) to bump the year. Got into a bit of trouble when the year 196A followed 1969. I guess the problem is not everyone is aware of the odd math in calendars. People even set up new religions when they discover new calendars (sometimes).

3.We have an interesting calendar problem in Houston. The Shuttle Orbiter carries a box called an MTU (Master Timing Unit). The MTU gives yyyyddd for the date. That's ok, but it runs out to ddd=400 before it rolls over. Mainly to keep the ongoing orbit calculations smooth. Our simulator (hardware part) handles a date out to ddd=999. Our simulator (software part) handles a date out to ddd=399. What we need to do, I guess, is not ever have any 5-week long missions that start on New Year's Eve. I wrote a requirements change once to try to straighten this out, but chickened out when I started getting odd looks and snickers (and enormous cost estimates).


... snip ... top of post, old email index

past threads, posting the above:
https://www.garlic.com/~lynn/99.html#24 BA Solves Y2K (Was: Re: Chinese Solve Y2K)
https://www.garlic.com/~lynn/2000.html#94 Those who do not learn from history...
https://www.garlic.com/~lynn/2003p.html#21 Sun researchers: Computers do bad math ;)
https://www.garlic.com/~lynn/2006r.html#16 Was FORTRAN buggy?

past posts mentioning the internal network
https://www.garlic.com/~lynn/subnetwork.html#internet

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Follow up

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Follow up
Newsgroups: comp.protocols.tcp-ip
Date: Sun, 27 Sep 2009 13:51:04 -0400
rpw3@rpw3.org (Rob Warnock) writes:
Unfortunately, interest in XTP has waned markedly in recent years, despite the U.S. Navy's use of it for SAFENET.

part of the problem at the time was that the fed. gov. had mandates (GOSIP) to eliminate tcp/ip and the internet and move everything to OSI/ISO. Some number of the XTP participants were either gov. agencies and/or other organizations that believed the GOSIP mandates.

as a result there was effort to take xtp(hsp) to x3s3.3 (ISO chartered US standards group responsible for level 3&4 in the OSI model) for standardization. However x3s3.3 was under ISO (charter) restrictions to not do standardization for stuff that violated the OSI model ... and there were various pieces of XTP/HSP that violated the OSI model (which then precluded x3s3.3 ever really doing anything with xtp/hsp).

on the tcp/internet side ... there were lots of stuff with wide-spread (widely deployed) commodity implementations and XTP was moving up the value chain ... which represented some barrier on the internet side.

tcp/ip was the technology basis for the modern internet ... but the nsfnet backbone was the operational basis for the modern internet (and CIX was going to be the business basis for the modern internet).

we had been involved in some of the early NSFNET backbone activity as well as doing our own highspeed backbone (copper, fiber, satellite, T1 & higher speed). when the T1 NSFNET backbone RFP was released, internal politics prevented us from bidding. The director of NSF wrote a letter to the corporation (co-signed by some others), copying the CEO and referenced wanting us involved and things like what we already had running was at least five years ahead (possibly 20) of all RFP responses to build something new. That just made the internal politics worse.

re:
https://www.garlic.com/~lynn/2009n.html#41 Follow up
https://www.garlic.com/~lynn/2009n.html#44 Follow up
https://www.garlic.com/~lynn/2009n.html#46 Follow up
https://www.garlic.com/~lynn/2009n.html#51 Follow up

misc. past posts mentioning nsfnet backbone
https://www.garlic.com/~lynn/subnetwork.html#nsfnet

misc. past posts mentiong HSDT (high-speed data transport) project
https://www.garlic.com/~lynn/subnetwork.html#hsdt

misc. past posts mentioning internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Hexadecimal Kid - articles from Computerworld wanted

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Hexadecimal Kid - articles from Computerworld wanted
Newsgroups: alt.folklore.computers
Date: Sun, 27 Sep 2009 23:10:59 -0400
Charles Richmond <frizzle@tx.rr.com> writes:
I have said for years now, that high school (at least by then) there should be a *mandatory* course on handling money, compound interest, and what investments are available out there. It should also include methods of developing a consistent savings plan.

the comptroller general (appointed a little more than a decade ago for 15yr term) had been on tirade that nobody in congress for the past 50 yrs has been capable of middle school arithmetic, he apparently stepped down last spring so he could be more vocal.

misc. past posts
https://www.garlic.com/~lynn/2006f.html#41 The Pankian Metaphor
https://www.garlic.com/~lynn/2006f.html#44 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#9 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#14 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#27 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#2 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#3 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#4 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#17 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#19 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#33 The Pankian Metaphor
https://www.garlic.com/~lynn/2006o.html#61 Health Care
https://www.garlic.com/~lynn/2006p.html#17 Health Care
https://www.garlic.com/~lynn/2006r.html#0 Cray-1 Anniversary Event - September 21st
https://www.garlic.com/~lynn/2006t.html#26 Universal constants
https://www.garlic.com/~lynn/2007j.html#20 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#91 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#19 Another "migration" from the mainframe
https://www.garlic.com/~lynn/2007o.html#74 Horrid thought about Politics, President Bush, and Democrats
https://www.garlic.com/~lynn/2007p.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying
https://www.garlic.com/~lynn/2007s.html#1 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007t.html#13 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#14 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#15 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#24 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007t.html#25 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#33 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#35 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007v.html#26 2007 Year in Review on Mainframes - Interesting
https://www.garlic.com/~lynn/2008.html#57 Computer Science Education: Where Are the Software Engineers of Tomorrow?
https://www.garlic.com/~lynn/2008d.html#40 Computer Science Education: Where Are the Software Engineers of Tomorrow?
https://www.garlic.com/~lynn/2008e.html#50 fraying infrastructure
https://www.garlic.com/~lynn/2008f.html#86 Banks failing to manage IT risk - study
https://www.garlic.com/~lynn/2008g.html#1 The Workplace War for Age and Talent
https://www.garlic.com/~lynn/2008h.html#3 America's Prophet of Fiscal Doom
https://www.garlic.com/~lynn/2008h.html#26 The Return of Ada
https://www.garlic.com/~lynn/2008i.html#98 dollar coins
https://www.garlic.com/~lynn/2008n.html#8 Taxcuts
https://www.garlic.com/~lynn/2008n.html#9 Taxcuts
https://www.garlic.com/~lynn/2008n.html#17 Michigan industry
https://www.garlic.com/~lynn/2009f.html#20 What is the real basis for business mess we are facing today?

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook'

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook'.
Newsgroups: alt.folklore.computers
Date: Mon, 28 Sep 2009 00:21:23 -0400
Peter Flass <Peter_Flass@Yahoo.com> writes:
The current crisis began during the Clinton years when someone looked at the statistics on government-insured mortgages and decided that low-income people were underrepresented. The politically-correct response to this led directly to subprime mortgages. Just because you couldn't afford it didn't mean you're not entitled to it anyway.

re:
https://www.garlic.com/~lynn/2009n.html#47 Opinions on the 'Unix Haters' Handbook'

all the stuff went on for some time ... including the adjustable rate mortgages ... the issue was that there wasn't much money available in the market for the practices to do much harm.

major items fueling the current situation were

GLBA (Gramm-Leach-Bliley, "bank modernization act", repeal of Glass-Steagall) allowing regulated financial institutions to have unregulated investment banking arms (which then put the regulated financial institution at enormous risk as a result of their unregulated activity and various things being carried off balanace)

and

Commodity futures modernization act (again with Gramm) exempted over-the-counter direvatives (like credit default swaps) from regulation (which took down AIG).

25 People to Blame for the Financial Crisis - Phil Gramm
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877330,00.html

Enron and Gramm's wife was also involved in some of this ... recent post with several article references:
https://www.garlic.com/~lynn/2009i.html#60 In the USA "financial regulator seeks power to curb excess speculation."

unregulated mortgage originators could get enormous funding (trillions) for all the sub-prime loans by packaging them up as toxic CDOs, buying triple-A ratings for the toxic CDOs and selling them to the world.

They managed to do large trillions (low-income market is only small percentage) in this way. Being able to sell off the loans as fast as possible, eliminated any motivation to care about loan quality and borrowers qualifications

In earlier times, mortgages were done by regulated financial institution using deposits as source of funds. With GLBA & repeal of Glass-Steagall, regulated financial institutions could use their unregulated investment banking arms to move the banks assets (buying triple-A rated toxic CDOs, which was in turn providing the enormous funds for unregulated, non-depository mortgage originators to write mortgages with the only qualification being how much and how fast).

however speculators found no-documentation, no-downpayment, interest-only, 1% ARMs extremely attactive ... since the carrying cost was significantly less than real-estate inflation in many parts of the country (possibly as high as 2000% ROI ... and they tended to buy huge amount of stuff way out of the low-income category ... like jumbo loans for large McMansions).

Again with large trillions in funding (in large part indirectly from regulated financial institutions) being poured into the unregulated mortgage origiantors (in circuitous manner, skirting regulations) ... enabling vast numbers/amounts of mortgages being written as sub-prime (for speculators); far beyond any kind of "low-income" designation ... that resulted in the huge damage to the economy.

25 People to Blame for the Financial Crisis - Angelo Mozilo
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877339,00.html

from above:
Countrywide wasn't the first to offer exotic mortgages to borrowers with a questionable ability to repay them. In its all-out embrace of such sales, however, it did legitimize the notion that practically any adult could handle a big fat mortgage.

... snip ...

unregulated, non-depository loan originators no longer needed to care anything at all about borrower qualifications ... their bottom line was purely how many loans they could write and how fast ... since being able to unload them all as triple-A rated, toxic CDOs ... they no longer carried any risk and had no reason to care. If an "adult" wasn't handy ... they could always write a half-dozen mortgages to a speculator (they no longer had any reason to care).

I've commented before that the hot beds of greed and corruption have always been there ... but it was being able to buy triple-A ratings for the toxic CDOs and the repeal of Glass-Steagall ... that enabled the individual hot beds of greed and corruption to turn into an economic firestorm and the current economic nightmare (i.e. allowing what would have been possibly a tens of billions problem to turn into a tens of trillions problem ... a thousand-fold increase in the magnitude of the problem).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Evolution of Floating Point

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Evolution of Floating Point
Newsgroups: alt.folklore.computers
Date: Mon, 28 Sep 2009 00:28:04 -0400
Walter Bushell <proto@panix.com> writes:
So, the 370/155 had virtual memory, no? IIRC, I have edited photos bigger than the memory on my computer at the time. Not that I would particularly recommend the procedure if it could be avoided. Not for the impatient. ;)

... originally 370 (135, 145, 155, 165) didn't have virtual memory ... after virtual memory was eventually announced, existing customer 155 & 165 required a pricy (especially for 165) hardware field upgrade for virtual memory. 135 & 145 were more in the nature of a different microcode load.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook'

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook'.
Newsgroups: alt.folklore.computers
Date: Mon, 28 Sep 2009 10:38:53 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
I've commented before that the hot beds of greed and corruption have always been there ... but it was being able to buy triple-A ratings for the toxic CDOs and the repeal of Glass-Steagall ... that enabled the individual hot beds of greed and corruption to turn into an economic firestorm and the current economic nightmare (i.e. allowing what would have been possibly a tens of billions problem to turn into a tens of trillions problem ... a thousand-fold increase in the magnitude of the problem).

re:
https://www.garlic.com/~lynn/2009n.html#47 Opinions on the 'Unix Haters' Handbook'
https://www.garlic.com/~lynn/2009n.html#49 Opinions on the 'Unix Haters' Handbook'
https://www.garlic.com/~lynn/2009n.html#56 Opinions on the 'Unix Haters' Handbook'

aka ... if it had been sub-prime to low-income by regulated, depository financial institutions... it wouldn't even have been a blip on the screen ... it was trillions in uncontrolled, unregulated (by unregulated mortgage originators not subject to such requirements) sub-prime to everybody else ... including huge amounts to speculators ... that resulted in the economic firestorm

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Evolution of Floating Point

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Evolution of Floating Point
Newsgroups: alt.folklore.computers
Date: Mon, 28 Sep 2009 11:35:45 -0400
Charles Richmond <frizzle@tx.rr.com> writes:
I think Peter was referring to the address space of the IBM 370/155. ISTR that the *largest* hard disk, a refrigerator-sized multi-platter affair, had *less* than two gigs of storage space. So you have to worry about where you will *store* all those 25 meg pictures...

early 155s (before virtual memory) would typically have one (8-drive) 2314 strings ... removable packs at approx 29mbytes/pack. one or two mbyte of "2micsec" real storage was typical. later ... (8-drive) 3330 strings with removable packs at 100mbyte/pack.

155 was faster than 145 ... even tho 145 had approx. 400+nsec memory (compared to 155 2mic memory) because 155 had cache (8kbytes; as long as what you were doing fit within the small 155 cache size). the size of many of today's programs wouldn't even fit in 155 real storage (independent of the data).

announcement that virtual memory could be retrofit with (purchased) hardware upgrade ... came about the same time as 370/158 ... which had approx. same speed memory as 145 (and cache).

the gigabyte refrigerators+ size were a decade after 155.

155 announced 30jun70, withdrawn 23dec77
http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_PP3155.html

above shown with 2314 string (9th drive was "spare" could be used for service and/or staging mounting packs).

158 announced 2aug72 and withdrawn 15sep80
http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_PP3158.html

shown with 8-drive 3330 string

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Hexadecimal Kid - articles from Computerworld wanted

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Hexadecimal Kid - articles from Computerworld wanted
Newsgroups: alt.folklore.computers
Date: Mon, 28 Sep 2009 12:10:10 -0400
Dave Garland <dave.garland@wizinfo.com> writes:
I'm not sure why they'd use periods instead of commas (spaces maybe), but I bet using commas instead of (decimal) periods was a problem. Unless you had a compile option to change the decimal indicator.

wait until the directions for the clerk comes out as number of individual items (different dollar and change demoninations) as opposed to just the total change value. it is akin to when the airlines changed from boarding by rows to boarding by area ... since it appeared that many people didn't understand whether their row was "greater" than specific row number (and it would have been too time-consuming to call out each individual row).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Evolution of Floating Point

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Evolution of Floating Point
Newsgroups: alt.folklore.computers
Date: Mon, 28 Sep 2009 19:17:47 -0400
Peter Flass <Peter_Flass@Yahoo.com> writes:
Sorry, I must have snipped too much. I was referring to 370 systems. OS/VS1 (and, I believe, DOS/VS) supported 16MB in total for the whole system. VS2 supported 16MB for each address spece, but the system and CSA took up a lot of it.

original VS2 (SVS) was basically minor modifications to MVT to think it was running in 16mbyte address space (not a whole lot of difference between MVT running in a cp67 or vm370 16mbyte virtual machine).

one of the big hacks for initial prototype of SVS was to wire CP67's CCWTRANS into the side of MVT input/output supervisor (EXCP processing).

base OS/360 environment had applications (and/or libraries running in application space) building i/o channel programs in the application space ... and then doing a supervisor call EXCP ... to execute the passed channel program.

MVT running in virtual machine ... or VS2 (whether SVS or MVS) is passed pointer to channel program filled with virtual addresses. A "shadow" copy of the channel program has to be built that substitutes the real address (for the virtual addresses) before being able to execute the (shadow) channel program (as opposed to the "passed" channel program). The initial pass for VS2 borrowed CCWTRANS from CP67 that would scan the passed channel program ... building a shadow duplicate, substituting real addresses for the virtual addresses (as well as fetching and pinning the required virtual pages in real memory).

In theory, the migration from SVS (single address space) to MVS (multiple address space) gave each application its own 16mbyte virtual address space. However, os/360 is a pointer passing intensive paradigm ... so each virtual address space was populated with 8mbyte kernel image (taking half of each 16mbyte virtual address space).

In MVT and SVS there were also these "sub-system" applications that sat outside the kernel ... but were extensively used by applications (using pointer passing paradigm). Migration to MVS moved each of these sub-system applications into their own virtual address space. The problem sub-system problem was having normal application make a sub-system call, passing a pointer ... the call passing thru the kernel ... with the kernel switching to the sub-system address space. The sub-system is now got a pointer to a parameter list back in the original application address space.

Solution was something called a "common segment" ... initially a one megabyte area that existed in every address space ... where application could stuff parameter values ... and then make a subsystem call passing a parameter to the address of the parameter list in the common segment.

For larger systems, "common segment" grew to be 4-5 mbytes ... which for many installations left only 3mbytes (and shrinking) for application actual execution/use.

Burlington chip house was having problems with fortran chip programs that were just hanging in at 7mbytes max ... on specially configured MVS system trimmed to be no larger than 9mbytes. Minor changes to the fortran program would exceed 7mbytes or minor changes to mvs would have it exceed 9mbytes ... in either case, program would no longer be able to execute.

Some things were done for burlington to allow their programs to run with vm370/cms ... giving the program nearly all of a 16mbyte virtual address space. some past references:
https://www.garlic.com/~lynn/2006b.html#39 another blast from the past
https://www.garlic.com/~lynn/2006c.html#0 Multiple address spaces
https://www.garlic.com/~lynn/2007g.html#59 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
https://www.garlic.com/~lynn/2007g.html#82 IBM to the PCM market
https://www.garlic.com/~lynn/2008r.html#32 What if the computers went back to the '70s too?

old email mentioning the issue:
https://www.garlic.com/~lynn/2006b.html#email800310

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook'

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook'.
Newsgroups: alt.folklore.computers
Date: Mon, 28 Sep 2009 19:58:15 -0400
Walter Bushell <proto@panix.com> writes:
Yes. The banks were making lots of money on the loans and if they were not making money, they would have found a way not to make the loans. You might have had the banks make a few questionable loans, by arm twisting but what happened was a feeding frenzy. I'm sure the banks would not have gone so hog wild if they had to carry the loans on their books and apparently knew enough to sell them while they were salable.

re:
https://www.garlic.com/~lynn/2009n.html#47 Opinions on the 'Unix Haters' Handbook'
https://www.garlic.com/~lynn/2009n.html#49 Opinions on the 'Unix Haters' Handbook'
https://www.garlic.com/~lynn/2009n.html#56 Opinions on the 'Unix Haters' Handbook'
https://www.garlic.com/~lynn/2009n.html#58 Opinions on the 'Unix Haters' Handbook'

regulated, depository financial institutions weren't making the loans.

unregulated, non-depository mortgage originators were making the loans. in the past, unregulated, non-depository mortgage originators were quite limited (in the amount of loans) because of limited available of funds to the institutions (not like regulated depository financial institutions that had deposits to use).

the big change came when unregulated, non-depository mortgage originators found that they could package the loans as toxic CDOs and pay the rating agencies to give the toxic CDOs triple-A ratings" ... creating nearly unlimited source of funds for the unregulated, non-depository mortgage originators.

it turns out that some of the large regulated, depository financial institutions were actually providing lots of the funds ... but in a circuitous, round-about unregulated way, where their unregulated investment banking arms (courtesy of GLBA repealing Glass-Steagall) buy the triple-A rated toxic CDOs. The investment banking side of the house would purchase these instruments ... because they could get compensation based on percent of the transaction value ... unrelated to whether the instruments made any money or not. There is some analogy to the old problem with financial advisers "churning accounts" (doing lots of unnecessary stock trades because they earned a percent from each trade, regardless of whether there was profit or loss).

In effect, the same thing was happening at the unregulated, non-depsoitory mortgage originators ... getting a percent of the transaction (size) ... unrelated to whether the transaction was profitable or not (since they immediately unloaded the mortgages as triple-A rated toxic CDOs and no longer had to care about whether the mortgage performed).

Individuals were making huge amounts from the way the transactions were structured ... w/o regard to profitability of the transactions.

Trillions of dollars of these toxic CDOs are now setting (off-the-books) at many of these large (too big to fail) regualted financial institutions. In theory, the original TARP funds justification (to congress ... and for which congress approved the funds for) ... was to buy up these toxic CDOs. However, apparently somebody quickly realized that the amount of TARP funds represented barely a drop in the bottom of the bucket compared to the aggregate magnitude of the toxic CDOs held by various (too big to fail) financial institutions. So instead ... TARP funds were divereted to temporarily prop up these (too big to fail) financial institutions, while they tried to figure out what to do about the real problem (the large trillions in mortgage backed toxic CDOs).

In theory, if these financial instruments (mortgage backed toxic CDOs) were to be brought back onto the books (or if they had been there all along), these (too big to fail) financial institutions would have to be declared insolvent and liquidated.

there was some effort trying to figure out from the annual reports of the four largest (too big to fail) regulated financial institutions ... guessing that those four held possibly $5.2 trillion in (off-the-books) toxic CDOs. misc. past posts mentiong "Bank's Hidden Junk Menaces $1 Trillion Purge"
https://www.garlic.com/~lynn/2009e.html#23 Should FDIC or the Federal Reserve Bank have the authority to shut down and take over non-bank financial institutions like AIG?
https://www.garlic.com/~lynn/2009e.html#36 Architectural Diversity
https://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
https://www.garlic.com/~lynn/2009e.html#70 When did "client server" become part of the language?
https://www.garlic.com/~lynn/2009e.html#79 Are the "brightest minds in finance" finally onto something?
https://www.garlic.com/~lynn/2009f.html#27 US banking Changes- TARP Proposl
https://www.garlic.com/~lynn/2009f.html#31 What is the real basis for business mess we are facing today?
https://www.garlic.com/~lynn/2009f.html#35 US banking Changes- TARP Proposl
https://www.garlic.com/~lynn/2009f.html#38 On whom or what would you place the blame for the sub-prime crisis?
https://www.garlic.com/~lynn/2009f.html#47 TARP Disbursements Through April 10th
https://www.garlic.com/~lynn/2009f.html#49 Is the current downturn cyclic or systemic?
https://www.garlic.com/~lynn/2009f.html#53 What every taxpayer should know about what caused the current Financial Crisis
https://www.garlic.com/~lynn/2009g.html#3 Do the current Banking Results in the US hide a grim truth?
https://www.garlic.com/~lynn/2009h.html#79 The $4 trillion housing headache
https://www.garlic.com/~lynn/2009i.html#60 In the USA "financial regulator seeks power to curb excess speculation."
https://www.garlic.com/~lynn/2009i.html#77 Financial Regulatory Reform - elimination of loophole allowing special purpose institutions outside Bank Holding Company (BHC) oversigh
https://www.garlic.com/~lynn/2009j.html#35 what is mortgage-backed securities?
https://www.garlic.com/~lynn/2009j.html#69 64 Cores -- IBM is showing a prototype already

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Evolution of Floating Point

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Evolution of Floating Point
Newsgroups: alt.folklore.computers
Date: Tue, 29 Sep 2009 19:32:38 -0400
ArarghMail909NOSPAM writes:
Impossible for several reasons: 1) Most all of OS/360 was written in assembler. So, no compiler. 2) Since several hundred? little object files were linked to create the nucleus there was no possible way to insure placement of any single instruction.

360/370 instructions were half-word aligned ... BALR was two byte instruction, it was impossible for BALR instruction to cross a 4k boundary.

system convention was to load programs on double-word boundary ... and there were assembler directives for full-word & double-word bounardies (from start of program ... assumed to be on double-word boundary).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

another item related to ASCII vs. EBCDIC

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: another item related to ASCII vs. EBCDIC
Newsgroups: alt.folklore.computers
Date: Tue, 29 Sep 2009 20:42:52 -0400
"Joe Morris" <j.c.morris@verizon.net> writes:
One of the reasons there's hope for the US is demonstrated by the existence of a number of *very* senior officers at the Pentagon who have developed a strong dislike for the class of people they sarcastically refer to as "Powerpoint Warriors". Subordinates (even those of fractionally lower rank) know better than to offer a content-free, tarted-up PowerPoint presentation to these people.

gov. efforts seem to require huge amounts of documentation (and then executive overviews to summarize whats in the documentation). we used to accuse FSD being mostly made up of GML/script programmers.

at one point FSD said they wanted a review of HSDT projects ... some past posts mentioning HSDT
https://www.garlic.com/~lynn/subnetwork.html#hsdt

I said I'd give an all day presentation ... imagine my surpise when something like 30 people showed up. Later, imagine my astonishment when FSD attempted to bill HSDT for that day for all 30 people.

misc. old boyd stories mentioning pentagon:
https://www.garlic.com/~lynn/2001e.html#82 The Mind of War: John Boyd and American Security
https://www.garlic.com/~lynn/2002o.html#38 META: Newsgroup cliques?
https://www.garlic.com/~lynn/2003h.html#57 employee motivation & executive compensation
https://www.garlic.com/~lynn/2004b.html#13 The BASIC Variations
https://www.garlic.com/~lynn/2004d.html#61 If you're going to bullshit, eschew moderation
https://www.garlic.com/~lynn/2005n.html#14 Why? (Was: US Military Dead during Iraq War
https://www.garlic.com/~lynn/2005t.html#13 Dangerous Hardware
https://www.garlic.com/~lynn/2005t.html#16 Dangerous Hardware
https://www.garlic.com/~lynn/2006f.html#14 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#13 News Release
https://www.garlic.com/~lynn/2006h.html#4 The Pankian Metaphor
https://www.garlic.com/~lynn/2007h.html#69 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007h.html#71 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#5 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2008c.html#52 Current Officers
https://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
https://www.garlic.com/~lynn/2009g.html#16 USAF officers slammed for pranging Predators on manual
https://www.garlic.com/~lynn/2009j.html#42 Mission Control & Air Cooperation -- Part I
https://www.garlic.com/~lynn/2009j.html#65 Infosec As a Form of Asymmetric Warfare
https://www.garlic.com/~lynn/2009m.html#16 comp.arch has made itself a sitting duck for spam

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Evolution of Floating Point

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Evolution of Floating Point
Newsgroups: alt.folklore.computers
Date: Tue, 29 Sep 2009 21:06:42 -0400
ArarghMail909NOSPAM writes:
Yes --- but unless all object sizes were also rounded up there is still no way to insure placement of any single instruction. :-)

re:
https://www.garlic.com/~lynn/2009n.html#63 Evolution of Floating Point

linker/loaded combining object sizes ... always started next program/object on double word boundary. object may not be multiple of double words ... but next object/program would always be on the next double world boundary ... even if the previous object was not multiple of double word.

assembler had statements like


        ds 0h      ... align on half-word boundary
ds 0f      ... align on full-word boundary
ds 0d      ... align on double word boundary

... predicated on object/program always starting on double word boundary. also

cnop 0,4

example from:
http://99-bottles-of-beer.net/language-assembler-%28system-370%29-48.html

         CNOP  0,4
BAL   13,START
         DC    20A(0)
START    ST    13,8(11)

CNOP would conditional insert "NOP" instructions (possible four byte conditional branch with zero condition and/or two byte conditional branch register with zero condition). The above makes sure that four byte "BAL 13,START" starts on full-word boundary ... so the following address is also on full-word boundary. the following "DC 20A(0)" allocates 20 4-byte, full-word aligned words.

The BAL stores the "nominal" return address ... which is actually the start of a 80 byte (save) area ... and branches around the storage (never intending to use the value in 13 as a "return" address ... but as the address of the storage area). The above operation wouldn't be correct if the "BAL 13,START" was only half-word aligned (as opposed to full-word aligned) ... since the address in 13 wouldn't then be full-word aligned address.

assembler generation of instructions is predicated on programs & objects being at least half-word align ... in order to make sure that instructions occur on at least half-word boundaries. "dc 0d" & "cnop 0,8" ... for double-word boundary ... is predicated on programs & objects being at least double-word aligned.

Newer directives were introduced for later gernations of link/loaders ... that would allow forcing program/object to 4k boundary.

I originally used such a hack when I added pageable kernel support to CP67 when I was an undergraduate in the 60s. All of cp67 kernel started out fixed ... but I figured i could make lower-use stuff ... effectively "transient". I broke up pieces of the kernel into 4k, page-aligned "transient" executable chunks ... that could be brought in & out (using the standard paging mechanism). The cp67 flavor wasn't released in the product ... but something very similar was part of the standard vm370 product.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Evolution of Floating Point

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Evolution of Floating Point
Newsgroups: alt.folklore.computers
Date: Tue, 29 Sep 2009 23:05:22 -0400
"Charlie Gibbs" <cgibbs@kltpzyxm.invalid> writes:
Why 1800? The standard length is 2400.

Others have gone into the complications of GCR and how 6250 bpi might not be real. I never used 6250 bpi myself - in fact, most of my work was on 800-bpi drives. So here's an example from that world.


i did the original cmsback ... bascially backup/archive
https://www.garlic.com/~lynn/submain.html#backup

that was deployed at some number of internal locations ... and eventually morphed into workstation datasaves facility ... which was released as product ... then morphed into adsm ... and was moved to tivoli (when san jose was being unloaded) and is now called tsm.

i started out by taking vmfplc and modifying for much better density on 6250 tapes (vmfplc wasn't too bad on 800 or 1600) but wasn't as good for 6250. basicaly vmfplc dumped the file FST (file status) block as separate physical block and then started dumping file data blocks (as 4k records). For lots of "small" files ... the tape would be mostly gaps ... with FSTs (few tens of bytes each) as separate physical blocks with small data blocks. First modification I did was merged the FST into the same physical block(s) with the file data block. Cut the gaps in half for lots of small files. I then started out allowing file data records to be block up to 12k bytes. In all, it could double the effective amount that could get on the tape (especially for lots of small files).

tivoli storage manager:
http://www-01.ibm.com/software/tivoli/products/storage-mgr/

couple past posts mention vmfplc
https://www.garlic.com/~lynn/2003b.html#42 VMFPLC2 tape format
https://www.garlic.com/~lynn/2003b.html#43 VMFPLC2 tape format

I had some data from the univ. that had been on 800bpi tapes ... which i eventually moved to 1600bpi at the science center ... and then to 6250bpi at sjr (along with lots other stuff from the science center). Research then moved up the hill to almaden and 6250 tapes were replaced with 3480 cartridges (and data copied to 3480s).

recent post referencing almaden data center had period when apparently random tapes were being mounted for "scratch" requests ... and valuable data was lost (case where i had triple replicated on three different tapes ... but all in the same tape library/data center)
https://www.garlic.com/~lynn/2009m.html#79 Existence of early 360 software ( was Re: Continous Systems Modelling Package)

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Wed, 30 Sep 2009 09:50:12 -0400
jmfbahciv <jmfbahciv@aol> writes:
didn't people have to be logged into the same machine? That's not what I'd call instant messaging. The only networking involved is the TTY patch panel.

old email about converted my cp67 internal distribution to vm370
https://www.garlic.com/~lynn/2006w.html#email750430
in this post
https://www.garlic.com/~lynn/2006w.html#8

including incorporating "SPM" updates. "SPM" had originally been done for cp67 at Pisa (in italy). It allowed a virtual machine to set things up so that "messages" (sent to the virtual machine) could be "read" by software (running in the virtual machine).

other old email referring to converting my stuff from cp67 to vm370 base for internal distribution (basically highly modified internal vm370 "product")
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102

it was used for users being able to communicate with "services" running in service virtual machines (old name for things now called virtual appliances).

one of these service virtual machines was the networking application. "instant messages" had always been possible between users logged into the same cp67 system. "SPM" allowed a message to be sent to the network service virtual machine ... which carried instructions to forward the rest of the content to the network service virtual machine running somewhere else and then "messaged" to user on that machine.

later in the 70s, the author of rex(x) used the capability to implement distributed version of "space wars" (using special message to allow program to read incoming messages). A "space war" server was set up somewhere ... and people ran "space war" clients ... that managed the 3270 display and communicated with the "space war" server. If the server was on a different machine, the "clients" used the network service virtual machines to communicate with the "space war" server.

I had gotten blamed for computer conferencing on the internal network in the late 70s and early 80s ... misc. past posts mentioning the internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet

somewhat as a result, there was a researcher to study how i communicated, including sitting in the back of my office for nine months taking notes on how I communicated. They also got copies of all my incoming & outgoing email and logs of all my instant messages (basically my terminal was logged ... all input and output ... and then parsed for incoming/outgoing instant messages). the result was also a stanford phd thesis and material for some number of papers and books. misc. past posts mentioning computer mediated conversation
https://www.garlic.com/~lynn/subnetwork.html#cmc

misc. past posts mentioning distributed "space war"
https://www.garlic.com/~lynn/2001f.html#10 5-player Spacewar?
https://www.garlic.com/~lynn/2003i.html#27 instant messaging
https://www.garlic.com/~lynn/2005e.html#64 Graphics on the IBM 2260?
https://www.garlic.com/~lynn/2006n.html#41 Tek 4010, info and prices
https://www.garlic.com/~lynn/2007l.html#44 internet game history
https://www.garlic.com/~lynn/2008c.html#2 folklore indeed
https://www.garlic.com/~lynn/2009j.html#79 Timeline: The evolution of online communities

misc. past posts mentioning virtual appliances
https://www.garlic.com/~lynn/2006t.html#46 To RISC or not to RISC
https://www.garlic.com/~lynn/2006w.html#25 To RISC or not to RISC
https://www.garlic.com/~lynn/2006x.html#8 vmshare
https://www.garlic.com/~lynn/2007i.html#36 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007s.html#4 Why do we think virtualization is new?
https://www.garlic.com/~lynn/2007u.html#39 New, 40+ yr old, direction in operating systems
https://www.garlic.com/~lynn/2007u.html#41 New, 40+ yr old, direction in operating systems
https://www.garlic.com/~lynn/2008.html#59 old internal network references
https://www.garlic.com/~lynn/2008b.html#52 China's Godson-2 processor takes center stage
https://www.garlic.com/~lynn/2008c.html#55 Kernels
https://www.garlic.com/~lynn/2008e.html#11 Kernels
https://www.garlic.com/~lynn/2008h.html#97 Is virtualization diminishing the importance of OS?
https://www.garlic.com/~lynn/2008l.html#14 recent mentions of 40+ yr old technology
https://www.garlic.com/~lynn/2008m.html#67 Is Virtualisation a Fad?
https://www.garlic.com/~lynn/2008m.html#68 New technology trends?
https://www.garlic.com/~lynn/2008n.html#57 VMware renders multitasking OSes redundant
https://www.garlic.com/~lynn/2008q.html#62 Virtualization: What is it exactly?
https://www.garlic.com/~lynn/2008s.html#56 Computer History Museum
https://www.garlic.com/~lynn/2009h.html#59 Operating Systems for Virtual Machines

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook'

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook'.
Newsgroups: alt.folklore.computers
Date: Wed, 30 Sep 2009 10:25:51 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
the big change came when unregulated, non-depository mortgage originators found that they could package the loans as toxic CDOs and pay the rating agencies to give the toxic CDOs triple-A ratings" ... creating nearly unlimited source of funds for the unregulated, non-depository mortgage originators.

re:
https://www.garlic.com/~lynn/2009n.html#62 Opinions on the 'Unix Haters' Handbook.

recent reference to the ratings agencies

U.S. Ratings fraud continues
http://www.stockhouse.com/Community-News/2009/Sept/29/U-S--Ratings-fraud-continues

from above:
Most of the too-big-to-fail banks have actually been allowed to get bigger. And ratings-fraud continues unabated with respect to the so-called 'credit rating' agencies.

... snip ...

the congressional hearing from last fall into the rating agencies ... said that the seeds for this were sown in the early 70s when the rating agencies switched from the buyers paying for the ratings to the sellers paying for the agencies (creating the opening for conflict of interests ... i.e. producing the rating that the seller pays for).

somewhat related, IDC has item on their website that they bought the "pricing services division" from one of the rating agencies in the early 70s (about the time, they switched from buyer paid ratings to seller paid ratings). IDC was one of the early (virtual machine) online cp67 time-sharing service bureaus in the 60s ... and started fairly quickly to move up the online value chain with lots of financial information. disclaimer ... i interviewed with them in the 60s ... but didn't join. misc. past references:
https://www.garlic.com/~lynn/2009.html#21 Banks to embrace virtualisation in 2009: survey
https://www.garlic.com/~lynn/2009.html#31 Banks to embrace virtualisation in 2009: survey
https://www.garlic.com/~lynn/2009.html#32 What are the challenges in risk analytics post financial crisis?
https://www.garlic.com/~lynn/2009.html#42 Lets play Blame Game...?
https://www.garlic.com/~lynn/2009.html#52 The Credit Crunch: Why it happened?
https://www.garlic.com/~lynn/2009.html#77 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#79 The Credit Crunch: Why it happened?
https://www.garlic.com/~lynn/2009b.html#38 A great article was posted in another BI group: "To H*** with Business Intelligence: 40 Percent of Execs Trust Gut"
https://www.garlic.com/~lynn/2009b.html#49 US disaster, debts and bad financial management
https://www.garlic.com/~lynn/2009b.html#53 Credit & Risk Management ... go Simple ?
https://www.garlic.com/~lynn/2009b.html#78 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#1 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009e.html#15 The background reasons of Credit Crunch
https://www.garlic.com/~lynn/2009e.html#30 Timeline: 40 years of OS milestones
https://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
https://www.garlic.com/~lynn/2009e.html#70 When did "client server" become part of the language?
https://www.garlic.com/~lynn/2009f.html#41 On whom or what would you place the blame for the sub-prime crisis?
https://www.garlic.com/~lynn/2009f.html#49 Is the current downturn cyclic or systemic?
https://www.garlic.com/~lynn/2009g.html#27 Flawed Credit Ratings Reap Profits as Regulators Fail Investors
https://www.garlic.com/~lynn/2009h.html#40 Analysing risk, especially credit risk in Banks, which was a major reason for the current crisis
https://www.garlic.com/~lynn/2009n.html#20 UK issues Turning apology (and about time, too)

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Thu, 01 Oct 2009 10:23:18 -0400
jmfbahciv <jmfbahciv@aol> writes:
How did your messages get from here to over there without a dialtone in the middle? Those wires must have been dedicated.

re:
https://www.garlic.com/~lynn/2009n.html#67 Status of Arpanet/Internet in 1976?

mostly leased/dedicated ... but there were some dial. fairly early there was corporate requirement that (starting with computer-to-computer) links leaving corporate pysical premises had to be encrypted. there was comment circa 1985 that the internal network had over half of all the link encryptors in the world (some number of crypto companies were motivated by the business from the internal network).

in the 80s, as corporate was exposed to people having terminals at home and possibililty that executives having portable PCs ... there was requirement for encrypted PC communication. Corporation also instituted "dial-back" procedure for home terminal program ... dial-in, identify, hangup, and the system would dial-back your registered phone number. For emerging "road-warriers" ... corporation did custom encrypting 1200 baud modems (there would be dynamically generated random session key that was exchanged securily ... sort of an early version of "SSL").

slightly related posts mentioning getting involved with crypto boxes
https://www.garlic.com/~lynn/2008h.html#87 New test attempt
https://www.garlic.com/~lynn/2008i.html#86 Own a piece of the crypto wars
https://www.garlic.com/~lynn/2009l.html#14 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer

in effort I called HSDT (high-speed data transport)
https://www.garlic.com/~lynn/subnetwork.html#hsdt

doing HSDT effort also got us involved in some early NSFNET stuff (and internal politics that prevented use from bidding on the NSFNET backbone T1 RFP):
https://www.garlic.com/~lynn/subnetwork.html#nsfnet

misc. past posts mentioning internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Thu, 01 Oct 2009 10:30:20 -0400
jmfbahciv <jmfbahciv@aol> writes:
How did your messages get from here to over there without a dialtone in the middle? Those wires must have been dedicated.

re:
https://www.garlic.com/~lynn/2009n.html#67 Status of Arpanet/Internet in 1976?
https://www.garlic.com/~lynn/2009n.html#69 Status of Arpanet/Internet in 1976?

and when those leased lines with link encryptors ... between purely corporate sites ... also happened to cross national boundaries ... there was lots of interaction with gov. institutions around the world regarding whether it was allowed to have encrypted links that crossed national boundaries.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Sophisticated cybercrooks cracking bank security efforts

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Sophisticated cybercrooks cracking bank security efforts
Date: 1 Oct, 2009
Blog: Financial Crime Risk, Fraud and Security
Sophisticated cybercrooks cracking bank security efforts
http://www.finextra.com/fullstory.asp?id=20556

from above:
Cybercrooks have stolen more than EUR300,000 in just three weeks from German bank accounts using a sophisticated new Trojan that forges online statements to hide the theft from victims.

... snip ...

also .....

Bank Trojan used against German accounts evades antifraud systems
http://searchfinancialsecurity.techtarget.com/news/article/0,289142,sid185_gci1369675,00.html?track=NL-102&ad=728247&asrc=EM_NLN_9397721&uid=1308899

It is possible to do digital signature authentication and hardware tokens w/o PKI. In the mid-90s, the banking industry looked at doing this and the PKI industry allowed that they would take the information from a financial institution and populate digital certificates with the information from account records at only $100/account.

The certificate-less issue was that the digital certificates were actually redundant and superfluous since the financial institution already had all the information in the account records. The rest of the cost of deploying a digital signature infrastructure was on the order of 5% of the what was being charged for digital certificates (and it is actually possible to deploy a digital signature infrastructure w/o digital certificates and/or PKI).
https://www.garlic.com/~lynn/subpubkey.html#certless

Some number of financial institutions with tens of millions of accounts were looking at billions (per annum) for digital certificates (which nominally had to be re-issued ever year).

The other issue with regard to financial "PKI" floundering in the mid-90s ... besides the enormous cost for something that was redundant and superfluous, had to do with the enormous payload bloat for payment transactions.

Appending (an enormously expensive, redundant and superfluous) digital certificate on every payment transaction, typically increased the payment transaction payload size by a factor of one hundred times.
https://www.garlic.com/~lynn/subpubkey.html#bloat

We were asked to come in to help word-smith the cal. state electronic signature legislation. There had been some factions lobbying for digital signatures and digital certificates as equivalent to "human signatures" (as well as non-repudiation) ... however the lawyers explained that digital signatures didn't satisfy the requirement for analogy to "human signatures".

There seemed to be possible semantic confusion because the terms "human signature" and "digital signature", both contained the word "signature".

There was even an suggestion floated (attempting to counteract the floundering PKI in the financial industry) ... that if banks & merchants were to pickup PKI operation, REG-E would be changed (for PKI payment transactions) to change the burden of proof from the institutions to the consumers ... and the consumers wold be convinced to pay for their own digital certificates.

Somebody raised the question, why would a consumer pay $100/annum for a (expensive, redundant and superfluous, and enormous payload bloat) digital certificate that would result in switching the burden of proof in payment transaction dispute from the institutions to the consumer.

In the cal. electronic signature legislation ... the lawyers did lay out some of the requirements to be able to meet any "intent" demonstration ... and/or demonstrating having read, understood, agrees, approves, and/or authorizes.
https://www.garlic.com/~lynn/subpubkey.html#signature

... old copy of RFI response to NACHA for a (certificate-less) digital signature operation ... using digital signatures purely for integrity and authentication (eliminating much of spoofing, impersonation and/or other trivial account fraud exploits)
https://www.garlic.com/~lynn/nacharfi.htm

and results here of the NACHA (certificate-less) digital signature trials:
https://web.archive.org/web/20070706004855/http://internetcouncil.nacha.org/News/news.html

in that sense, the digital signature is the same as some recent cryptogram suggestions that uniquely establishes integrity of the transaction (hasn't been modified) and authentication of the sender.

this is basically what the x9a10 financial standard working group had come up with in the mid-90s for x9.59 financial transaction standard ... some references
https://www.garlic.com/~lynn/x959.html#x959

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Real-Time Hackers Foil Two-Factor Security

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Real-Time Hackers Foil Two-Factor Security
Date: 1 Oct, 2009
Blog: Financial Crime Risk, Fraud and Security
Real-Time Hackers Foil Two-Factor Security
http://www.technologyreview.com/computing/23488/

from above:
A forensic analysis performed later would reveal that an earlier visit to another website had allowed a malicious program to invade his computer. While the manager issued legitimate payments, the program initiated 27 transactions to various bank account...

... snip ...

also ... little x-over

Internet crooks 'used virus to raid computer users' online bank accounts'
http://www.dailymail.co.uk/sciencetech/article-1216930/Internet-crooks-used-virus-raid-users-online-bank-accounts.html?printingPage=true

This was an identified vulnerability/exploit identified by at least the mid-90s with regard to a compromised "end-point".

As mentioned in other discussions, the EU Finread standard in the 90s had countermeasure for compromised PC by effectively moving the end-point out to a hardened secure independent device. The device had its own display and key pad and transaction processing. The transaction was displayed and required physical action by human at the independent keypad.
https://www.garlic.com/~lynn/subintegrity.html#finread

Any (compromised) PC then simply becames a store&forward transmission ... basically an intermediate point that could either forward or not forward the information .... possibly denial of service attack ... but in that respect ... not any different from any other intermediary transmission point at any place in the internet.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

IDCAMS delete with mask

From: lynn@GARLIC.COM (Anne & Lynn Wheeler)
Subject: Re: IDCAMS delete with mask
Newsgroups: bit.listserv.ibm-main
Date: 1 Oct 2009 14:33:21 -0700
John.McKown@HEALTHMARKETS.COM (McKown, John) writes:
Well, in a sense it is dying. The installed capacity is going up, but it appears that the number of companies actually using it is declining. In the past, IBM went after the "small business" with the 135 or 4341. There is no longer a machine which is cost effective for that demographic, mainly due to software costs. If I had a 10 person company, I'd be a Linux/Intel user. I would not even consider Linux on a small z due to the other hardware costs. I.e. a DASD array is much more expensive than a small NAS box or even AOE arrays. If I were somewhat bigger and needed better performance and reliability, then a pSeries running Linux or perhaps even an iSeries would be more affordable. And the iSeries is very impressive!

43xx (and vax) saw big explosion in the entry & mid-range starting 1979 ... large number ... bascially distributed/departmental servers ... some large companies ordered them in hundreds at a time. some old email discussing that 43xx period:
https://www.garlic.com/~lynn/lhwemail.html#4341

recent reference to STL as example ... which in the early 80s they were installing them on every floor in every tower ... basically in the departmental "stock" room or in conference room.
https://www.garlic.com/~lynn/2009n.html#15 Mainframe Hall of Fame: Three New Members Added

another example is this old reference
https://www.garlic.com/~lynn/2001m.html#15 departmental servers

to customer initially looking at getting 20 4341s ... but order grew to 210 4341s (over six month period):
https://www.garlic.com/~lynn/2001m.html#email790404b

43xx competed against vax in the entry and midrange market for customers buying single or few number of machines (comparable number of sales) ... but 43xx were also sold in quantities to large customers ordering multiple hundred at a time. this is vax sales sliced & diced by year, model, US & non-US ... and it is easy to see that by mid-80s, that market was moving to workstations & large PCs.
https://www.garlic.com/~lynn/2002f.html#0 Computers in Science Fiction

follow-on 4361/4381 anticipated to see equally large explosion in orders ... but by that time ... workstations & PCs were starting to move up the value chain and take over the entry & mid-range market segment (similar fate as what happened to vax).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Best IEFACTRT (off topic)

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Best IEFACTRT (off topic)
Newsgroups: bit.listserv.ibm-main
Date: Thu, 01 Oct 2009 18:38:51 -0400
gerhard@VALLEY.NET (Gerhard Postpischil) writes:
In the eighties I worked for a service bureau that provided primarily on-line Wylbur and batch services. We acquired two 4341 processors. While the customers didn't need it, I started working on TSO. On the bare test system, I could log on and run; but once I added the SMF exits, I got 0C4s and was unable to complete the logon process. Sounds like an obvious error in the exits, but I tracked it down to the 4341, which had an architecture based on 2K pages. Whenever the source or destination of an MVCK crossed a 2K boundary that was not also a 4K boundary, the instruction failed. It took quite a while to convince the CE that this was not a software problem; some interminable (?) time later he returned with a new floppy containing a firmware fix. We loaded and tested it, and the logon failed again, on the same MVCK. The "fix" worked when either the MVCK destination or source crossed the 2K boundary, but not when both did. The problem was fixed eventually, and also showed up on the 4381 we upgraded to some time later. Ever since, in two states, I've has an MVCK license plate <g>

little x-over with this recent post
https://www.garlic.com/~lynn/2009n.html#73 IDCAMS delete with mask

4341 was nominally vanilla 370 (including 2k storage protect keys) ... with vm/370 ecps performance assist (carried over from 138/148) ... old post detailing what part of vm370 kernel was selected for ecps microcode:
https://www.garlic.com/~lynn/94.html#21 370 ECPS VM microcode assist

in the 138/148 (and 4331/4341) ... it was vertical microcode engine that avg. about 10 microcode instructions per 370 instruction. ECPS managed to map approx. 1 (kernel) 370 instruction into each microcode instruction ... achieving effectively 10:1 speedup.

there was some look at doing something similar for MVS on 3033 ... and a somewhat similar, but large 3033 microcode package was done for MVS ... and newer MVS releases required the microcode package to run (compared to the vm370 ecps implementation which would run whether ecps was available or not). the issue with the high-end machines was that there was so much hardware optimization that 370 instruction was executing about as fast as microcode instruction ... so there was little speed-up going for one-for-one translation of 370 instruction to microcode (on high-end machines). the other part of the MVS package was dual-address space support ... attempting to address the problem with exploding size of common segment ... 16mbyte virtual address space per application, but kernel mapped to half that ... and common segment invented to preserve pointer-passing paradigm between applications and subsystems (now in different address space). for larger systems, common segment was starting to threaten exceeding five mbytes (reducing application space to only two mbytes).

In any case ... MVS was starting to look at the enormous explosion in 43xx (and vm370) installations (mentioned in "IDCAMS delete with mask" post) ... and there was some anticipation that MVS might be able to get some of that ... if MVS could be made to run on at least 4341 (no hope on 4331) ... but that required retrofitting the large 3033 MVS microcode change (including dual-address space support) to 4341.

it wasn't clear how it was justified ... considering the size of the effort and the expected number of incremental 43xx sales.

SHARE had already done a study that vm370 suffered via-s-vis vax/vms in the low-end and mid-range market because requiring more people hrs & skill level for care and feeding (i.e. both the 43xx and vax systems had dropped below some price threshold where people costs and people skill were starting to dominant). while vm370 skill/time wasn't quite as good as vax/vms ... it still was still way below what MVS required.

for topic drift ... using MVCK to test for dual-address space is mentioned in this Amdahl patent
http://www.freepatentsonline.com/4979106.html

MVCK is also referenced in this IBM patent
http://www.freepatentsonline.com/5023773.html

There was a similar but different problem on 115/125 with MVCL. 360 instructions always checked operand starting and ending storage locations ... and if there was some problem, wouldn't execute the instruction. 370 introduced incrementally executing instructions (mvcl, clcl) where operand starting storage was checked ... but would incrementally execute the instruction ... checking the storage operand as it executed. If there was a problem ... the instruction would interrupt indicating how much had successfully executed.

I had a customer that wanted to run vm370 on (256kbyte) 125 (which hadn't been announced as officially supported) ... and I ran into the MVCL "bug". VM370 kernel build process had special sequence where it attempted to clear storage and determine how much (real) storage was available ... in single MVCL instruction (i.e. MVCL with 16mbyte length, clear up to end of real storage and then interrupt indicating end of real storage was located). However, the 125 MVCL would check ending address of storage operand and not even start execution ... which was taken as implying that there was zero real storage ... and vm370 kernel build would abort.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970




previous, next, index - home