List of Archived Posts

2009 Newsgroup Postings (10/22 - 11/15)

big iron mainframe vs. x86 servers
Is it time to stop research in Computer Architecture ?
Opinions on the 'Unix Haters' Handbook
Opinions on the 'Unix Haters' Handbook
Status of Arpanet/Internet in 1976?
Status of Arpanet/Internet in 1976?
Is it time to stop research in Computer Architecture ?
big iron mainframe vs. x86 servers
WSJ.com - IBM Puts Executive on Leave
Status of Arpanet/Internet in 1976?
big iron mainframe vs. x86 servers
Secret Service plans IT reboot
Secret Service plans IT reboot
Secret Service plans IT reboot
Heartland CIO is critical of First Data's credit card tokenization plan
Rogue security software threat will grow in 2010, warns report
WSJ.com - IBM Puts Executive on Leave
U.K. lags in information security management practices
Secret Service plans IT reboot
The future of CPU based computing, mini clusters
U.K. lags in information security management practices
The future of CPU based computing, mini clusters
FBI: National data-breach law would help fight cybercrime
Opinions on the 'Unix Haters' Handbook
Survey Revives Debate Over Mainframe's Future
Opinions on the 'Unix Haters' Handbook
Happy 40th Birthday, Internet!
FBI: National data-breach law would help fight cybercrime
Happy 40th Birthday, Internet!
Computer Experts Deconstruct FDIC Email Scam
Opinions on the 'Unix Haters' Handbook
Opinions on the 'Unix Haters' Handbook
Getting Out Hard Drive in Real Old Computer
Survey Revives Depate Over Mainframe's Future
big iron mainframe vs. x86 servers
DB2 announces technology that trumps Oracle RAC and Exadata
Survey Revives Debate Over Mainframe's Future - Business Center
Hillgang user group presentation yesterday
big iron mainframe vs. x86 servers
Opinions on the 'Unix Haters' Handbook
Wireless security (somehow thread-drifted from Re: Getting Out Hard Drive in Real Old Computer)
Wireless security (somehow thread-drifted from Re: Getting Out Hard Drive in Real Old Computer)
big iron mainframe vs. x86 servers
From The Annals of Release No Software Before Its Time
Nearly 500 People Fall Victim to ATM Skimming Scam
ATM machines are increasingly attractive to hackers
From The Annals of Release No Software Before Its Time
Opinions on the 'Unix Haters' Handbook
Opinions on the 'Unix Haters' Handbook
big iron mainframe vs. x86 servers
Opinions on the 'Unix Haters' Handbook
Opinions on the 'Unix Haters' Handbook
Mainframe Hacking
Opinions on the 'Unix Haters' Handbook
big iron mainframe vs. x86 servers
MasPar compiler and simulator
MasPar compiler and simulator
MasPar compiler and simulator
MasPar compiler and simulator
MasPar compiler and simulator
MasPar compiler and simulator
Need the Name of a "Don Lancaster" type person
Need the Name of a "Don Lancaster" type person
Little bit OT IBM & Air NZ outage report to stay Top Secret
Failing The Sniff Test: Researchers Find New Way To Spot Fraud
Crypto dongles to secure online transactions
New postal bar code?
Opinions on the 'Unix Haters' Handbook'
US retailers face $100bn in ID fraud losses a year - study
Opinions on the 'Unix Haters' Handbook'
My War On SQL
Blast from the Past: 40 years of Multics, 1969-2009
Crypto dongles to secure online transactions
The computer virus turns 26 today
The 50th Anniversary of the Legendary IBM 1401
What's old is new again
The 50th Anniversary of the Legendary IBM 1401
The 50th Anniversary of the Legendary IBM 1401
big iron mainframe vs. x86 servers
big iron mainframe vs. x86 servers
IBM driving mainframe systems programmers into the ground
IBM driving mainframe systems programmers into the ground
What would be a truly relational operating system ?
What would be a truly relational operating system ?
Anyone going to Supercomputers '09 in Portland?
Anyone going to Supercomputers '09 in Portland?
Opinions on the 'Unix Haters' Handbook
IBM driving mainframe systems programmers into the ground
Kaminsky Bug Options Include "Do Nothing," Says IETF

big iron mainframe vs. x86 servers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 22 Oct 2009 23:49:20 -0400
lynn@GARLIC.COM (Anne & Lynn Wheeler) writes:
lots of the financial stuff grew up in mainframe batch ... some past references/discussions (this from linkedin greater ibm)
http://www.garlic.com/~lynn/2009o.html#51 8 ways the American information worker remains a Luddite
and slightly older from year ago
http://www.garlic.com/~lynn/2008p.html#27 Father of Financial Dataprocessing


re:
http://www.garlic.com/~lynn/2009o.html#81 big iron mainframe vs. x86 servers

... at tandem, after leaving ibm, Jim did this study:

Why Do Computers Stop and What Can Be Done About It?
http://www.hpl.hp.com/techreports/tandem/TR-85.7.pdf

from above:
An analysis of the failure statistics of a commercially available fault-tolerant system shows that administration and software are the major contributors to failure.

... snip ...

also ...

Fault Tolerance in Tandem Computer Systems
http://www.hpl.hp.com/techreports/tandem/TR-86.2.pdf

from above:
When the sources of faults are examined in detail, a surprising picture emerges: Faults come from hardware, software, operations, maintenance and environment in about equal measure. Hardware may go for two months without giving problems and software may be equally reliable. The result is a one month MTBF. When one adds in operator errors, errors during maintenance, and power failures the MTBF sinks below two-weeks.

... snip ...

in the later part of the 90s, we spent some time with large financial transaction operation ... that had 100% availability so far in the decade. they attributed the 100% availability to:

1) IMS hot-standby 2) automated operator

recent post about high i/o error (disk development) environment where MVS had MTBF of 15 minutes ... and I undertook to rewrite i/o supervisor to never fail ... also brought down the wrath of the MVS group for just referring to the MVS failure rate internally
http://www.garlic.com/~lynn/2009o.html#17 Broken hardware was Re: Broken Brancher
http://www.garlic.com/~lynn/2009o.html#31 Justice Department probing allegations of abuse by IBM in mainframe computer market

other posts mentioning bldgs 14 (disk engineering) & 15 (disk product test)
http://www.garlic.com/~lynn/subtopic.html#disk

and earlier version of Gray's availability that I've scanned:
http://www.garlic.com/~lynn/grayft84.pdf

misc. recent posts referencing the above:
http://www.garlic.com/~lynn/2009.html#39 repeat after me: RAID != backup
http://www.garlic.com/~lynn/2009.html#47 repeat after me: RAID != backup
http://www.garlic.com/~lynn/2009.html#65 The 25 Most Dangerous Programming Errors

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Is it time to stop research in Computer Architecture ?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is it time to stop research in Computer Architecture ?
Newsgroups: comp.arch
Date: Fri, 23 Oct 2009 10:16:53 -0400
Bill Todd <billtodd@metrocast.net> writes:
Consider, for example, just the VMS market (a not-inconsiderable annual $4 billion system market all by itself before the Alphacide). When Alpha got the axe in mid-2001, Compaq mounted a concerted, fairly slick, and thoroughly disgusting effort to present Itanic as an upgrade rather than a regrettable alternative - and the majority of the VMS population seemed quite willing to go along with that view until a small subset of us screamed bloody murder for several years running setting the record straight.

electronics & technology seemed to drop through threshold for the mid-range market and demand exploded. Old post of decade of vax sliced & diced by year, model, US/non-US.
http://www.garlic.com/~lynn/2002f.html#0 Computers in Science Fiction

43xx saw similar numbers in that market in same time-frame ... except it appeared to edge out vax numbers with having some large corporate customers with orders of multiple hundreds at a time (sort of explosion with local, distributed departmental servers)

by mid-80s, that market was starting to shift to workstations and large PCs. the later 43xx machines, which had expected to repeat the explosive sales numbers of the earlier machines ... almost dried up (similar to what was seen with vax).

some old 43xx related email from the period
http://www.garlic.com/~lynn/lhwemail.html#43xx

this old post
http://www.garlic.com/~lynn/2001m.html#15 departmental servers

has reference to customer, that spring '79 was looking at 20 4341 order
http://www.garlic.com/~lynn/2001m.html#email790404b

... but by fall 79, order had turned into 210 4341s

there was big explosion internally ... departmental 43xx machines taking over deparmental supply rooms and in some cases, conference rooms. it was also significant contributor to internal network passing 1000 nodes in 1983 (same time frame arpanet/internet great conversion to tcp/ip; ... internal network was larger than arpanet/internet from just about beginning until possibly late '85 or early '86)
http://www.garlic.com/~lynn/subnetwork.html#internalnet

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook
Newsgroups: alt.folklore.computers
Date: Fri, 23 Oct 2009 13:49:13 -0400
jmfbahciv <jmfbahciv@aol> writes:
<snip> shoot, I missed it, too. The excerpt on the radio had a hint of the guy's bias. But I can't remember what he said that raised a red flag.

re:
http://www.garlic.com/~lynn/2009o.html#84 Opinions on the 'Unix Haters' Handbook

there was impression that with both change in administration and shift in congress political power... that there would start to be change in status quo ... including new generation of "Pecora" hearings (from the 30s looking at the crash of '29; outcome included Glass-Steagall ... which was then repealed by GLBA) ... and there would even be appetite for all the stuff I was doing to HTML/index the scans of the thousands of pages of Pecora hearings.

there was not a change in status quo ... and recent reports attribute it to financial industry heavy lobbying being political party agnostic ... some reports that recent round of billions in financial industry lobbying represents a quarter of million ROI ($250,000 in various beneftis/advantages to the financial industry for every dollar spent lobbying congress).

this morning there was tv business news about the enormous amounts of lobbying by bailed out institutions. there was a comment that finally fannie mae and freddie mac were eventually prohibited from lobbying (there was cbs news item from early part of this decade, that freddie mac had more lobbiests on its roles than it had employees) .. and that AIG wasn't suppose to also be spending money lobbying ... although it apparently missed the $20m that supposedly went from AIG to chamber of commerce ... and the chamber of commerce doing the lobbying
http://www.garlic.com/~lynn/2009o.html#48 Opinions on the 'Unix Haters' Handbook

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook
Newsgroups: alt.folklore.computers
Date: Fri, 23 Oct 2009 16:46:00 -0400
greymausg writes:
Generally, AFAIK in the UK anyway, if one is working in regulation, there is a forced period between resigning and taking a position in one of the entities that you regulated. Sorry, no citation.

(T'would not be hard to bypass that regulation, anyway)


re:
http://www.garlic.com/~lynn/2009o.html#84 Opinions on the 'Unix Haters' Handbook

it this case ... since they were in the process of precluding any regulation (of those to be regulated) ... they plausably could use that to get around any regulation about cozy relations between the regulators and those regulated.

or course congress seems to pretty much exempt themselves from all such limitations. in the comments about size (more lobbiests than employees) of freddie mac lobbying rolls
http://www.garlic.com/~lynn/2009p.html#2 Opinions on the 'Unix Haters' Handbook

there was some reference that very large percentage of those (freddie mac) lobbiests were former members of congress.

I also remember not getting political spam phone calls until after I had registered for no-call list ... apparently congress has it set up that they can use the no-call list to make calls.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Fri, 23 Oct 2009 19:06:46 -0400
Eric Chomko <pne.chomko@comcast.net> writes:
This is just a WAG, but was it Apollo?
https://en.wikipedia.org/wiki/Apollo_Computer


re:
http://www.garlic.com/~lynn/2009o.html#75 Status of Arpanet/Internet in 1976?

it wasn't apollo ... quicky search of the internet turned up reference that UCLA was running locus on vax & 68000 system (so it would have been easy for palo alto to also have some 68000 machines in addition to vax ... on their way to 370 & 386 AIXs).

a little additional searching turns up "Fortune System" as building 68000 systems in that timeframe ... but that name doesn't ring any bells. I've triped across references to Corvus Concept (one site mentiones Corvus Concepts being logo'ed to Valid Logic for SCALDStation) ... Corvus seems to be somewhat more likely as machines being used for Locus (but doesn't quite ring bells either):
https://en.wikipedia.org/wiki/Corvus_Concept

for something completely different ... some old SCALD gossip from drinking holes around silicon valley.

Date: 05/26/81 17:12:53
From: wheeler

talking to xxxx. He says that SCALD is being formed by Jerry Anderson who was president of 2-pi corp. (sister company of Signetics which has been sold to 4phase). 2-pi had lots of problem producing their 370 compatible cpu.


... snip ... top of post, old email index

Date: 05/27/81 13:35:15
From: wheeler

re: scald; money has been put up primarily by SRI people and Anderson is suppose to be "front" person with a name. Apparently Anderson has had to be talked to by backing people (calmed down). Hardware now is scheduled to be 68000 with special hardware mods.


... snip ... top of post, old email index

for other topic drift, NCSS was one of the original cp67 time-sharing commercial service bureaus ... and at one point were logo'ing and selling 2-pi (370 clones) with NCSS highly modified cp67.
http://www.garlic.com/~lynn/2003i.html#15 two pi, four phase, 370 clone

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Sat, 24 Oct 2009 01:06:18 -0400
cstacy@news.dtpq.com (Christopher C. Stacy) writes:
1976? I missed some context here so maybe this is irrelevant, but the 68000 did not come out until 1980, but it did not have functional support for virtual memory / protection yet.

The SUN-1 came out in 1982 using a custom memory management chip to augment the 68000. Apollo was earlier (early 1981), also with their own MMU I believe. The Apollo operating system was the much more interesting one; it was a dynamic linking large address space deal rather like Multics.


there was reference to network file system ... and I mentioned UCLA unix-like locus that had network file system ... and that it ran on 780 and 68000 system (standard a.f.c. topic drift)
http://www.garlic.com/~lynn/2009o.html#75 Status of Arpanet/Internet in 1976?

somebody asked if they were apollo 68000 systems
https://en.wikipedia.org/wiki/Apollo_Computer

... and I was pretty sure it wasn't ... more likely corvus 68000
http://www.garlic.com/~lynn/2009p.html#4 Status of Arpanet/Internet in 1976?

corvus omninet may or may not have played a role in using corvus concept in ucla locus effort (if it was corvus that was used):
https://en.wikipedia.org/wiki/Corvus_Concept

for other topic drift ... old post mention of meeting at palo alto science center proposing that the corporation do SUN workstations. three other corporate groups were invited ... all of them claimed that they were doing something better ... SUN people left and decided to form their own company and do it themselves
http://www.garlic.com/~lynn/96.html#4a
referenced more recently in thread about recent news article regarding IBM possibly buying SUN (i.e. old offer to have it all along):
http://www.garlic.com/~lynn/2009e.html#7
http://www.garlic.com/~lynn/2009f.html#6

for even more topic drift ... also post about 70s&80s intel & motorola chips ("chip wars" from sjmn news article april '89)
http://www.garlic.com/~lynn/2001n.html#80
http://www.garlic.com/~lynn/2005q.html#44

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Is it time to stop research in Computer Architecture ?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is it time to stop research in Computer Architecture ?
Newsgroups: comp.arch
Date: Sat, 24 Oct 2009 01:37:30 -0400
"Del Cecchi" <delcecchiofthenorth@gmail.com> writes:
I don't put the death of PA-Risc at Itaniums door, since HP was from all appearances one of the parents of the Itanium architecture and perhaps the ones that sold it to Intel, rather than vice versa.

They certainly were co-conspirators, so to speak.


from HP archives (PA-RISC was suppose to be replaced by PA-WW which morphed into Itanium)

Inventing Itanium: How HP Labs Helped Create the Next-Generation Chip Architecture
http://www.hpl.hp.com/news/2001/apr-jun/itanium.html

Bill Worley: Captaining the Next Generation
http://www.hpl.hp.com/news/2001/apr-jun/worley.html

some other notes ...
http://www.cs.clemson.edu/~mark/epic.html

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

big iron mainframe vs. x86 servers

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Sat, 24 Oct 2009 09:54:33 -0400
jmfbahciv <jmfbahciv@aol> writes:
There is also that pesky problem of not having the "correct" date/time. When that goes "wrong" (and it does twice/year), the effects begin to cascade like a series-->parallel setup of dominos.

re:
http://www.garlic.com/~lynn/2009p.html#0 big iron mainframe vs. x86 servers

one of the early things that I remember getting draged into after graduation and joining the science center (which consumed several peoples time and went on for three months) was discussing when did the century start and what to do about leap seconds (by comparison, the twice a year problem was relatively trivial). this was all about the new architecture specification for the 370 64bit TOD clock.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

WSJ.com - IBM Puts Executive on Leave

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: WSJ.com - IBM Puts Executive on Leave
Date: 24 Oct, 2009
Blog: Greater IBM
Morris & Ferguson book
http://www.amazon.com/Computer-Wars-Post-IBM-Charles-Ferguson/dp/1587981394/

made claim that decline started with corporate cultural changes that happened after the failure of the Future System effort ... old post with somebody's quotes from the book
http://www.garlic.com/~lynn/2001f.html#33

Another look (by executive insider)

The rise and fall of IBM
http://web.archive.org/web/20110718153549/http://www.ecole.org/Crisis_and_change_1995_1.htm
http://www.ecole.org/en/seances/CM07

older look at some of the issues ... found here
http://web.archive.org/web/20081115000000*/http://research.microsoft.com/en-us/um/people/gray/

'MIP Envy', or pdf, J. Gray, IBM Research Memo, Sept. 1980, (that created quite a mail-storm).
http://web.archive.org/web/20081115000000*/http://research.microsoft.com/en-us/um/people/gray/papers/MipEnvy.pdf

... i got blamed for computer conferencing on the internal network in the late 70s and earlier 80s ... and also got blamed for the referenced "email-storm"

related thread:
http://www.garlic.com/~lynn/2009o.html#73 IBM Hardware Boss Charged With Insider Trading

past posts mentioning future system
http://www.garlic.com/~lynn/submain.html#futuresys

In the 80s ... in some attempt to counteract spreading culture change and excessive bureaucracy ... IBUs (independent business units) were created ... however it was common for an IBU to tell some corporate bureaucrat that they weren't subject to that person's particular authority and the reply would be that IBU "exemption" only applied to other bureaucratic overhead ... but not theirs.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Status of Arpanet/Internet in 1976?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Status of Arpanet/Internet in 1976?
Newsgroups: alt.folklore.computers
Date: Sat, 24 Oct 2009 20:06:53 -0400
bbreynolds <bbreynolds@aol.com> writes:
When Formation and 2-pi when competing for sales to Sun Information Systems (now Sungard after its separation from Sun Company (oil, not systems), the 2-pi people could never show us a firm date for availability, but thought that they would have a shoo-in because of the long buyin by another one of Sun's subsidiaries to Four Phase. The 1981 date seems to be in the range when this was going on.

re:
http://www.garlic.com/~lynn/2009p.html#4 Status of Arpanet/Internet in 1976?

from long ago and far away ...

Date: 02/23/79 09:13:33
From: wheeler

at the joint american/japanese computer comf. in San Fran. about 6 months ago their was a paper by a Japanese bank about a 'hardware virtual machine' prototype (running). Comment was that Fujitsu has something called OS4 (billed as the 'correct' way to implement MVS). It is somewhat incompatible with MVS and Fujitsu has been unsuccessful selling it. Fujitsu possibly sees the hardware virtual machine facility on a way to get their machines in the door (under a current MVS) and then migrate the users to OS4.
--
Also know several people who work for 2pi who have been very active in this area in conjunction with NCSS. NCSS supplies an enhanced CP/67 converted to 370 (done by a good part of the original CP/67 design implementation team), performance is much better than VM for CMS activity (they have ignored virtual operating systems). You have probably seen several advertisements for the NCSS 3200 (which is a 2pi machine).


... snip ... top of post, old email index

four-phase URL in
http://www.garlic.com/~lynn/2003i.html#15

has gone 404 ... but lives on in the wayback machine
http://web.archive.org/web/20030220165859/www.four-phase.org/

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

big iron mainframe vs. x86 servers

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Mon, 26 Oct 2009 13:16:01 -0400
"Charlie Gibbs" <cgibbs@kltpzyxm.invalid> writes:
Top management? Good luck.

And then there's Microsoft...


re:
http://www.garlic.com/~lynn/2009o.html#81 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#0 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#7 big iron mainframe vs. x86 servers

Jim and I had a little dust up at acm sigops '91 ... about whether commodity component clusters could provide HA ... of course he was then at DEC (and pushing DEC cluster database and previously at tandem).

DEC then sold their dbms group to oracle and jim took a sabbatical. he came back for m'soft sanfran research center ... and then had to get up on stage as part of m'soft's (commodity component) cluster/HA announcement.

misc. past posts mentioning our ha/cmp product
http://www.garlic.com/~lynn/subtopic.html#hacmp

and misc. old email about work on ha/cmp cluster scaleup
http://www.garlic.com/~lynn/lhwemail.html#medusa

misc. other recent posts mentioning tandem
http://www.garlic.com/~lynn/2009o.html#2 IMS
http://www.garlic.com/~lynn/2009o.html#51 8 ways the American information worker remains a Luddite
http://www.garlic.com/~lynn/2009o.html#58 Rudd bucks boost IBM mainframe business
http://www.garlic.com/~lynn/2009o.html#77 Is it time to stop research in Computer Architecture ?
http://www.garlic.com/~lynn/2009p.html#0 big iron mainframe vs. x86 servers

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Secret Service plans IT reboot

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Secret Service plans IT reboot
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Mon, 26 Oct 2009 13:45:45 -0400
eamacneil@YAHOO.CA (Ted MacNEIL) writes:
Speed Matching Buffer, probably.

I thought so, too. They were more trouble than they were worth. Just like the fixed head on (some) original 3350's.


168 had 1.5mbyte channels (there had been special hack for 3mbyte 2305 ... but it had very limited channel distance).

3380 and 3880 would run at 3mbyte ... to retrofit 3380s to 1.5mbyte channels needed speed matching (and eckd) for 3380 (code named: calypso). calypso for CKD had lots of real problems (most of the speed-match problems with CKD which don't exist if it had been FBA).

a few past posts mentioning (problems getting) Calypso (working)
http://www.garlic.com/~lynn/2004o.html#7 Integer types for 128-bit addressing
http://www.garlic.com/~lynn/2007e.html#40 FBA rant
http://www.garlic.com/~lynn/2007f.html#0 FBA rant
http://www.garlic.com/~lynn/2008q.html#40 TOPS-10
http://www.garlic.com/~lynn/2009k.html#44 Z/VM support for FBA devices was Re: z/OS support of HMC's 3270 emulation?

Note that fixed-head feature on 3350s was for disk intensive operations ... theoritically put high-use data there and not have latency of arm motion. problem was that it didn't ship with multiple exposures (being able to overlap data transfer with 3350 arm motion) ... so a high-use 3350 with arm nearly always in motion (device busy) ... lost a lot of the benefit (transfers had to wait until arm motion and device signaled complete).

I tried to get 3350 multiple exposure support out the door ... but was opposed for some esoteric internal political reasons by organizations in hudson valley (they thot I was going to put a lot of high-use paging data there ... and they wanted to come out with an all electronic paging device ... prior incarnation of SSD ... and my paging stuff might compete with them; eventually their stuff got canceled w/o even being announced, but by then, it was too late to do anything more for 3350 fixed-head feature & multiple exposures, ... note what they were doing somewhat was re-incarnated as extended store)

provisions for high activity data also lost some motivation with introduction of cache controllers (Ironwood/Sheriff) 3880-11 & 3380-13

misc. past posts being allowed to play disk engineer in bldgs 14 (disk engineering) & 15 (disk product test)
http://www.garlic.com/~lynn/subtopic.html#disk

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Secret Service plans IT reboot

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Secret Service plans IT reboot
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Mon, 26 Oct 2009 14:49:39 -0400
dpurdy46@AOL.COM (David Purdy) writes:
Yup, Speed Matching Buffer is correct. 168 had timing issues with state-of-the-art 3380's (STK 8380's if I remember). Worst thing was the 168 shared DASD with a 3033 - the 168 always came in second.

actually the 168 had "faster" channels than 3033. after the demise of future system effort, there was a mad rush to get stuff into the 370 software&product pipeline. ... 303x was stop-gap while they got 3081 & 370-xa moving.

the 158 had integrated channels (same engine doing both 370 microcode and channel microcode). they took 158 engine with only integrated channel microcode and made it the 303x "channel director". A 3031 was then a 158 engine with only 370 microcode and a 2nd 158 engine (channel director) running only channel microcode. A 3032 was 168 reconfigured to use "channel director" as enternal channels. 3033 started out being 168 logic using 20% faster chips (the chips also had something like 10 times the number of circuits ... before product ship ... some amount of the logic was redone to use the larger circuits per chip and got 3033 up to 1.5 times 168 ... instead of only 1.2 times).

In disk enginneering lab, I was doing channel processing overhead timings ... latency to do a "head-switch" on 3330 disk drive (read/write CCW, seak head, read/write CCW). 3330s could be formated with "dummy records" that increased inter-record gap ... allowing timing latency to insert a head-switch seek between the end of one record on a track and the start of a next record on a different track (but same cylinder). The size of the "dummy" record ... was adjusted to take into account channel processing latency.

The "fastest" channel (lowest latency in terms of size of dummy record to allow for channel latency) was 168, 148, 4341, etc. The slowest was 158 (needed larger dummy record ... to account for higher latency and slower processing of 158 integrated channel). All of the 303x processing (3031, 3032, 3033) with (158 engine) channel director had identical operational characteristics to 158.

Now sjr (bldg. 28 across street from bldg. 14 & 15) for a time had a 168 MVS system and a 158 VM system. All of the 3330 strings were interconnected ... but there was a "rule" that NO MVS packs would be mounted on VM-designated strings ... because the enormous performance penalty (drive, controller, channel) associated with common MVS multi-track search operations.

One day, an operator, accidentially mount a MVS pack on a drive in a VM-designated string. Within 10 minutes ... the datacenter was getting irate calls from users regarding severe degraded performance. Operations initially refused to switch the pack (to MVS-designated string) until off-shift. The VM group had a VS1 sysetm that had been highly optimized ... especially for running under VM. They took the VS1 pack and placed it on a MVS-designated string ... and started up standard sequence of (OS360) multi-track searches (VTOC, PDS, etc) ... and nearly brought the MVS system to its knews (i.e. the VS1 system on a VM/158 system nearly resulting in stoping a MVS/168 system ... by being able to do better job of multitrack searches). The nearly halting of the MVS/168 system ... so slowed down the multi-track searchs on the mis-mounted MVS pack ... that the VM/158 user throughput then nearly returned to normal (even with the load of virtual VS1 keeping the MVS/168 system in check).

At that point, operations decided to immediately move the mis-mounted MVS pack ... if the VM group would shutdown their virtual VS1 system.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Secret Service plans IT reboot

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Secret Service plans IT reboot
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Mon, 26 Oct 2009 16:41:58 -0400
re:
http://www.garlic.com/~lynn/2009p.html#12 Secret Service plans IT reboot

there use to be a joke about TSO users not realizing how deplorable performance was because they couldn't see the difference by operating with & w/o MVS (actually in large part, CKD & multi-track search).

CKD & multi-track search introduced with original 360 was scarce resource use trade-off of the period ... by the mid-70s, the relative amounts of resources had nearly inverted (which resources were the scarcest), starting to make multi-track search the exact wrong thing to do,

there was a large national retail operation with a consolidated datacenter (large number of systems in loosely-coupled configuration) ... which started to run into severe throughput problem during peak periods. This went on for awhile, lots of experts being brought in over period of time, until they eventualy got around to calling me in.

I was brought into a class room with large number of long class tables ... covered with high stacks of paper performance details from all the systems. while i started to leaf through all the pages (for shared disk activity, I had to aggregate drive activity from different systems/reports in my head ... while they started through overall summary of the symptoms).

After about 20-25 minutes ... I started to notice a somewhat anomolous circumstance ... about the only correlation between "good" thruput and "nearly no thruput" was a specific pack had aggregated i/o counts between 6 and 7 during high-load/low-throughput (which would seem to hardly be a thruput limitation).

After a little more investigation ... it turned out, the pack contained the shared application library for the whole complex ... more investigation was that the PDS had a three cylinder PDS directory.

Back of the envelope calculations was that avg. depth of search was cylinder and half (PDS member lookup) ... that would be two multi-track search I/Os that took elapsed time of nearly 1/2 second. Assumption then was the two PDS directory lookup I/Os would be followed by a single I/O for a PDS member load. That accounts for aggregate of six I/Os per second saturating the drive ... basically limiting the whole national loosely-coupled infrastructure to performing an aggregate of two application (PDS) program library loads per second.

Each full-cylinder multi-track search represented enormous busy elapsed time for the processor channel (locking out any other activity on the same channel). The full-cylinder multi-track searches also locked up the (shared) controller, string and drive ... locking out all systems from accessing anything else associated with those resources.

The eventual result was reconfiguring everything to try and come as close as possible to eliminating the long multi-track searches (drastically reduced PDS directory size) ... and replicating the shared application library on non-shared drives for each system.

PDS directory (& vtoc) multi-track searches alleviated needing the real storage to contain the directory information (at enormous cost in I/O resources). By the mid-70s, real storage was becoming plentiful enough that it was practical to keep high-useage (vtoc &) PDS directory information cached in system storage (allowing fast lookup of instorage index) ... so program loads could happen at "normal" disk activity thruput speeds (say 30-50/second) ... instead of at 2/second (limited by the enormous PDS directory multi-track search penalty).

This resource trade-off also showed up with RDBMS ... the original relational/sql was done on vm system in bldg. 28 ... system/r ... misc. past posts:
http://www.garlic.com/~lynn/submain.html#systemr

In the 70s, there was somewhat rivalry between the IMS group in STL and system/r in bldg. 28 on the main plant site. IMS group claimed better trade-offs because record pointers were exposed as part of the data ... and it was possible to go directly to a specific piece of data. This was contrasted with RDBMS implementation that had an implicit index ... which could take 4-5 disk i/os to eventually find the location of the desired data record. This implicit index also tended to double the physical disk space required (vis-a-vis same data in IMS). The system/r group countered that the exposed record pointers created a significant administrative and maintanance overhead ... especially for adding data ... nearly eliminated by the implicit indexes).

The resource trade-offs argument changed with combination of enormous disk size increases and drastic fall in cost/mbyte (muting the issue regarding doubling disk space for the indexes). At the same time there was significant increase in available system real storage ... making it practical to cache a large portion of the (implicit) RDBMS indexes (drastically reducing separate physical disk i/os to find data record).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Heartland CIO is critical of First Data's credit card tokenization plan

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Heartland CIO is critical of First Data's credit card tokenization plan
Date: 26 Oct, 2009
Blog: Payment Systems Network
Heartland CIO is critical of First Data's credit card tokenization plan
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1372390,00.html

from above:
Secure credit card processing begins with end-to-end encryption, says Heartland Payment Systems CIO Steven Elefant, who is critical of First Data Corp.'s credit card tokenization plan.

... snip ...

The basic problem is that knowing the account number ... or skimming magstipe is sufficient for doing fraudulent transaction ... basic a form of replay attack with static data. In that sense, it is a dual-use vulnerability ... the account number is required for large number of business processes ... but also effectively all that is needed for "authenticating" the transaction (i.e. knowing the account number or having a copy of the magstripe ... is sufficient "authentication" to perform a fraudulent transaction).

Encryption just tries to reduce the vulnerability to attackers harvesting account numbers ... but since the account number is required in large number of business processes ... there is requirement to be constantly decrypting and re-encrypting ... it doesn't actually eliminate the vulnerability.

There was somewhat tokenization related kind of specification from the associations more than a decade ago ... i.e. replace the account number with some other "one-time-use" transaction-identifier (not useable for originating new transactions) after the initial authorization. The problem from a decade ago ... was even tho it was suppose to have a mandated cutover date ... the transaction-id broke large number of business processes (that were dependent on having the account number) and so it never succeeded.

Fundamental problem is the dual-use characteristic of the current paradigm related to account number ... something that is both 1) needed for authentication to originated the transaction and 2) an account pointer that is needed by the multitude of business process associated with payment transactions.

Both of the current proposals leave many of the dual-use vulnerabilities untouched.

The cost estimates for end-to-end encryption change ... and the tokenization change are both higher than slightly tweaking the paradigm ... leaving the flows and operations untouched but eliminating the dual-use vulnerability of the account number.

It possibly isn't the actual cost of the different approaches ... but who is paying.

The issuers are in control of most aspects of the infrastructure ... and to tweak the paradigm slightly (eliminating dual-use vulnerability) is something that would be changes to parts of the infrastructure paid for by the issuers. While the end-to-end encryption and tokenization costs appear to be greater ... (than eliminating dual-use vulnerability), they are mostly in infrastructure paid for by the merchants and the acquiring processors.

Tokenization vs. end-to-end encryption
http://www.computerworld.com/s/article/9136680/Tokenization_vs._end_to_end_encryption?taxonomyId=17
Industry Giants First Data And RSA Give Tokenization a Boost
http://www.digitaltransactions.net/newsstory.cfm?newsid=2326
First Data, RSA push tokenization for payment processing
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1369064,00.html
Voltage Security Combines Encryption, Tokenization, Data Masking
http://www.paymentsnews.com/2009/09/voltage-security-combines-encryption-tokenization-data-masking.html
Voltage, RSA spar over tokenization, data protection
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1370103,00.html
Encryption, Tokenization Loom Large As PCI Council Mulls Changes
http://www.digitaltransactions.net/newsstory.cfm?newsid=2340

The cost estimates for end-to-end encryption change ... and the tokenization change are both higher than slightly tweaking the paradigm ... leaving the flows and operations untouched but eliminating the dual-use vulnerability of the account number.

It possibly isn't the actual cost of the different approaches ... but who is paying.

The issuers are in control of most aspects of the infrastructure ... and to tweak the paradigm slightly (eliminating dual-use vulnerability) is something that would be changes to parts of the infrastructure paid for by the issuers. While the end-to-end encryption and tokenization costs appear to be greater ... (than eliminating dual-use vulnerability), they are mostly in infrastructure paid for by the merchants and the acquiring processors.

Chip and PIN adoption serves lesson for U.S. payment industry
http://searchsecurity.techtarget.com/news/column/0,294698,sid14_gci1372836,00.html

note that there was a rather large pilot deployment in the US in the early part of this decade ... but it was in the Yes Card time-frame ... referenced here about cartes 2002 presentation mentioning that it was trivial to counterfeit chips (last paragraph, bottom of page):
http://web.archive.org/web/20030417083810/http://www.smartcard.co.uk/resources/articles/cartes2002.html

in the aftermath, the pilot seemed to disappear without a trace. There may currently still be some concern that there would be the cost of multiple deployments before actually getting it right.

misc. past posts mentioning Yes Card
http://www.garlic.com/~lynn/subintegrity.html#yescard

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Rogue security software threat will grow in 2010, warns report

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Rogue security software threat will grow in 2010, warns report
Date: 26 Oct, 2009
Blog: Payment Systems Network
Rogue security software threat will grow in 2010, warns report
http://www.computerweekly.com/Articles/2009/10/19/238189/rogue-security-software-threat-will-grow-in-2010-warns.htm

from above:
Rogue security software is set to increase in the next year, according to a report from security firm Symantec. Researchers have identified...

... snip ...

ongoing rogue software news

Rogue security software threat will grow in 2010, warns report
http://www.computerweekly.com/Articles/2009/10/19/238189/rogue-security-software-threat-will-grow-in-2010-warns.htm
Rogue security programs are 'ongoing threat'
http://news.zdnet.com/2100-9595_22-354127.html

I think that it has nearly always been that way ... even suspected that the professionals were purposefully using the "fun" aspect as obfuscation and misdirection. Nearly all spam falls into "profit" category ... dating back at least to the "green card" incident.
http://www.wired.com/politics/law/news/1999/04/19098
https://en.wikipedia.org/wiki/Laurence_Canter_and_Martha_Siegel

A couple yrs after the above, happen to be on business trip to Scottsdale and had dinner in mexican restaurant in oldtown. A couple came in and were seated behind me and a man joined them. The man then proceeded to detail what all he could do for their e-commerce website ... and the ins & outs of spam'ing on the internet. He claimed to have large scores of internet accounts preloaded with SPAM'ing software ... and that he could switch to different (spaming) accounts faster than they could shutdown old ones.

In some cases, there has been a lot of stuff happening ... and the serious stuff just not showing up in the popular press.

We were also tangentially involved with cal. state data breach notification legislation. We had been brought in to help word-smith the cal. state electronic signature legislation ... and several of the organization were also involved with privacy issues. They had done detailed in-depth customer privacy survey and found the #1 privacy issue was "identity theft" ... the major subcategory being "account fraud" (fraudulent transactions) as result of breaches. Little or nothing seemed to being done about such breaches and fraud ... and they apparently believed that there would be some motivation to take corrective action with the press that would come as a result of the breach notifications. ... misc. past posts
http://www.garlic.com/~lynn/subpubkey.html#signature

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

WSJ.com - IBM Puts Executive on Leave

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: WSJ.com - IBM Puts Executive on Leave
Date: 24 Oct, 2009
Blog: Greater IBM
re:
http://www.garlic.com/~lynn/2009o.html#37 Young Developers Get Old Mainframers' Jobs

Somewhat from the Boyd side of the house ... the Marines were forced to take Abrams tanks. The problem was that the contract had lower per tank price, if more than a certain number were bought/built. The army didn't have the budget/mission for that many ... so it was forced on the Marines to make up the short fall. The problem is that majority of Marine mission profiles involve parts of the world with max. load limit of 35tons ... where the Abrams are running 65-70 tons. All those Abrams position Marines as part of supporting Army missions. misc. past posts mentioning boyd
http://www.garlic.com/~lynn/subboyd.html#boyd

The corporate IBUs theoretically were to be some analogy to Marines ... quick reaction, lean, agile. One of the issues was they weren't given the budget for bureaucratic infrastructure. A corollary was that IBUs didn't have staff to deal with all the corporate bureaucratic infrastructure ... which wouldn't have been too bad ... if the IBUs were free of all those dealings. The reality was that they tended to have to deal with all the corporate bureaucratic infrastructure ... but not funded/staffed to handle it (so frequently everybody in the organization had to fill-in ... impacting what they were suppose to actually be doing).

Analogy to Abrams was the workstation IBU ... which had heavy hand laid on them for the RS6000 and the constant refrain to help their (PS2) IBM brethren ... meaning that the RS6000 wasn't suppose to do their own adapter cards ... but restricted to using PS2 microchannel adapter cards. There were all sorts of battles up to corporate senior VP level ... and still there was the refrain to help the PS2 IBM brethren.

A fundamental problem was that the PS2 microchannel adapter cards had totally different throughput and performance design point (graphics, LANs, disks, etc). A case in point was the token-ring cards. The workstation division had done their own ISA 4mbit T/R card for the PC/RT ... but when it came to the RS6000 (with microchannel) ... part of the "help their brethren" corporate heavy hand ... RS6000 was forced to use the PS2 microchannel 16mbit T/R card. With a totally different design point, the PS2 microchannel 16mbit T/R card had lower (per card) throughput than the PC/RT ISA 4mbit T/R card.

I would periodically comment that with the corporate "help their brethren" heavy hand, the RS6000 was going to be limited to throughput of PS2 (except for limited subset of numerical intensive applications that made little use of microchannel or the "PS2" adapter cards).

At least for the PS2, part of the issue was pervasive corporate environment attempting to help preserve the terminal emulation paradigm ... i.e. 300-500 PS2s on shared 16mbit T/R LAN, mostly doing terminal emulation into mainframe datacenter (eliminating any requirement for "per-card" throughput). misc. past posts mentioning terminal emulation
http://www.garlic.com/~lynn/subnetwork.html#emulation

In contrast, RS6000 servers could need sustained LAN throughput of several tens of mbits and RS6000 clients required burst thruput approaching LAN media bandwidth.

--------------------

One of the things found as part of fitting out the (then) new Almaden building ... that for typical configurations, 10mbit Ethernet over CAT5 had higher aggregate sustained throughput than 16mbit T/R (over the same CAT5) and 10mbit Ethernet had lower latency than 16mbit T/R. As a result, it became somewhat natural to use high-performance microchannel OEM Ethernet cards, side-stepping the whole 16mbit T/R issue with corporate.

It was similar serious problem with regard to graphics adapter (especially trying to compete in high-performance graphical workstation market segment). The guerrilla solution was doing a special VMEbus flavor of RS6000, forcing the use of OEM VMEbus graphics adapters (since PS2 wasn't making VMEbus cards). misc. past posts mentioning 801, Iliad, romp, rios, pc/rt, rs6000, somerset, power, etc
http://www.garlic.com/~lynn/subtopic.html#801

The pre-occupation with preserving terminal emulation also had other kinds of downside ... besides having severely limited bandwidth products for the distributed environment. The mainframe disk division was starting to see lots of data fleeing the datacenter (because the distributed environment had such difficulty getting thruput). At one point one of the senior people from the mainframe disk division managed to get a talk scheduled at the internal annual world-wide communication division conference ... and then started out the talk with the statement that the communication division was going to be responsible for the demise of the disk division. misc. past posts being allowed to play disk engineer in bldgs. 14&15
http://www.garlic.com/~lynn/subtopic.html#disk

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

U.K. lags in information security management practices

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: U.K. lags in information security management practices
Date: 26 Oct, 2009
Blog: Information Security Network
U.K. lags in information security management practices
http://searchsecurity.techtarget.co.uk/news/article/0,289142,sid180_gci1371542,00.html

from above:
Learn why the U.K. has fallen behind with its information security management practices. Many U.K. companies don't have CISO jobs or know the number of security incidents that have occurred. However, there is growth in data loss prevention implementation.

... snip ...

Britain needs data breach notification laws
http://www.itpro.co.uk/616708/britain-needs-data-breach-notification-laws

from above:
Data breach notification laws will make a big difference to the speed at which UK businesses put security controls like encryption in place.

... snip ...

We were tangentially involved in the cal. state data breach notification legislation (original in the states) ... we had been brought in to help word smith the cal. state electronic signature legislation and some of the parties involved were also involved in privacy issues.

They had done detailed, in-depth consumer surveys and turned up the #1 privacy issue was identity theft ... and quite a bit of that was associated with "account fraud" as a result of data breaches. There appeared to be little or nothing being done about countermeasures for breaches ... and they apparently believed that might change with lots of publicity that might happen as a result of breach notification.

It has been a decade since the cal. state data breach notification legislation and since then several other states have passed similar legislation. For the past couple years there have been a series of proposed breach notification bills at the federal level ... which have sort of fallen into two (somewhat opposing) categories .... 1) requirements similar to cal. for breach notification and 2) effectively federal preemption that would eliminate most requirements for notification.

The parties involved in privacy and cal. data breach notification were also in the process of producing an "opt-in" information sharing legislation when GLBA was passed. GLBA repealed Glass-Steagall (which has claimed to be a major contributor to the current financial mess), but also had a "federal pre-emption" opt-out provision (can share unless customer notifies that sharing can't be done; as opposed to only being able to share if customer authorize it).

There was privacy conference 2004 (renaissance, downtown washington DC, there was reception during the conference at the SPY Museum for the FTC commissioners) that had a panel session with the FTC commissioners (organization responsible for enforcing consumer protection and privacy regulation). Somebody from the back of the room got up and claimed to be involved in call-center software for majority of financial institutions and claimed that none of the (at least) insurance company call-centers answering "opt-out" calls had any mechanism for recording information (somebody would call in to "opt-out" of information sharing ... but there was no record of the call or the person opting-out). They then asked the commissioners if they were ever going to look into "opt-out" compliance.

New card threat to bank customers
http://news.bbc.co.uk/2/hi/uk_news/england/cambridgeshire/8325477.stm

from above:
An investigation by BBC Inside Out has revealed new figures show losses for online banking through fraud rose by 55% to GBP39m across the UK in the first half of 2009.

... snip ...

I was co-author of financial industry x9.99 privacy standard ... and part of that effort required looking at (at least) GLBA (opt-out section), EU-DPD (in part because there were plans on moving to ISO standards), and HIPAA (included meetings with some gov. staff people that have been trying to get HIPAA provisions passed dating back to the 70s).

I also did a "privacy" specific flavor of my merged taxonomies and glossaries ... ptr/reference here
http://www.garlic.com/~lynn/index.html#glosnote

a few more recent news items

Commission considers wider-ranging data breach notification law
http://www.out-law.com/default.aspx?page=10480

Data breaches and fraud-worse than you think
http://www.finextra.com/community/fullblog.aspx?id=3473

Javelin: Likelihood of Fraud is Over Four Times Higher For Consumers Who Receive Data-Breach Notifications
http://finance.yahoo.com/news/Javelin-Likelihood-of-Fraud-bw-800105111.html?x=0&.v=1

presumably the fraud isn't four times higher just because of the notification .... but it is related to the breach that prompted the notification.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Secret Service plans IT reboot

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Secret Service plans IT reboot
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Tue, 27 Oct 2009 12:27:11 -0400
Steve_Thompson@STERCOMM.COM (Thompson, Steve) writes:
Why is it called a memory leak? I think that's a distributed term. We used to call it something else on the mainframe, but I can't remember what.

<SNIP>

Memory creep.

Memory leak is a nice way of saying someone's coding practices are a little shaky -- in particular, from my experience, what is produced by certain compilers seem to not correctly cleanup after themselves forcing PAPS to have to be rebooted.

Regards, Steve Thompson


old lstsrv-l archives from 1991 (back when mailing lists were on bitnet vm370 machines)
http://community.emailogy.com/scripts/wa-COMMUNITY.exe?A2=ind9111&L=lstsrv-l&P=41042

storage cancer

misc. past posts mentioning bitnet (&/or earn)
http://www.garlic.com/~lynn/subnetwork.html#bitnet

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

The future of CPU based computing, mini clusters

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The future of CPU based computing, mini clusters.
Newsgroups: comp.arch
Date: Tue, 27 Oct 2009 18:00:18 -0400
Mayan Moudgill <mayan@bestweb.net> writes:
There are several OSes (including, IIRC, HP-UX) which do not permit multiple virtual addresses to point to the same real address. I'm guessing that they've managed to work around the CoW trick somehow.

the problem can be when there is some sort of virtual cache (i.e. cache lines are virtual address associative) ... here is old email describing the "logical directory" (mixture of virtual and real addresses) for 3090 cache:
http://www.garlic.com/~lynn/2003j.html#email831118
in this old post
http://www.garlic.com/~lynn/2003j.html#42

where the virutal addresses are "STO" associative ... effectively address space identifier. there was work in original 370 architecture allowing for "PTO" associative i.e. STO (segment table origin) points to a unique "Segment table" for each address space; the segment table contains segment table entries which are PTOs (page table origin) pointing to page table for each segment. If different virtual address spaces did sharing by pointing to the same segment (i.e. pagetable) and if the cache was PTO associative ... then there wouldn't be a problem ... even if the same shared segment appeared at different virtual addresses in different virtual address spaces.

I had done a lot of stuff originally on cp67 for page mapped filesystem and virtual sharing ... even sharing the same thing at different virtual addresses (or even having the same thing appearing multiple times in the same virtual address space at different virtual addresses). old email discussing migrating the changes from cp67 to vm370:
http://www.garlic.com/~lynn/2006v.html#email731212
http://www.garlic.com/~lynn/2006w.html#email750102
http://www.garlic.com/~lynn/2006w.html#email750430

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

U.K. lags in information security management practices

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: U.K. lags in information security management practices
Date: 28 Oct, 2009
Blog: Information Security Network
re:
http://www.garlic.com/~lynn/2009p.html#17 U.K. lags in information security management practices

article from today on financial mess, GLBA and repeal of Glass-Steagall

Fiddling Over Reform; Paul Volcker and Mervyn King are slapped down.
http://www.forbes.com/2009/10/27/volcker-mervyn-king-glass-steagall-opinions-columnists-thomas-f-cooley.html

from above:
Many others have come to same conclusion. Mervyn King, the Governor of the Bank of England, suggested last week that separating core aspects of banking from riskier activities could reduce the chance that a bank failure could put the whole financial system at risk

... snip ...

There was some anticipation that with the change in administration and shift in congressional politics that there would be efforts to correct the current situation. However, there are whole series of recent articles on enormous lobbying by the financial industrial to stave off such efforts.

Last spring, somewhat in anticipation of at least looking into new round of hearings on the subject, I did a lot of work with the thousands & thousands of scan'ed pages of the original Pecora/Glass-Steagall hearing transcripts ... creating HTML, etc.

related posts on the subjects:
http://www.garlic.com/~lynn/2009b.html#58 OCR scans of old documents
http://www.garlic.com/~lynn/2009b.html#59 As bonuses...why breed greed, when others are in dire need?
http://www.garlic.com/~lynn/2009d.html#62 Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?
http://www.garlic.com/~lynn/2009d.html#73 Should Glass-Steagall be reinstated?
http://www.garlic.com/~lynn/2009d.html#77 Who first mentioned Credit Crunch?
http://www.garlic.com/~lynn/2009e.html#8 The background reasons of Credit Crunch
http://www.garlic.com/~lynn/2009e.html#23 Should FDIC or the Federal Reserve Bank have the authority to shut down and take over non-bank financial institutions like AIG?
http://www.garlic.com/~lynn/2009e.html#40 Architectural Diversity
http://www.garlic.com/~lynn/2009f.html#56 What's your personal confidence level concerning financial market recovery?
http://www.garlic.com/~lynn/2009f.html#65 Just posted third article about toxic assets in a series on the current financial crisis
http://www.garlic.com/~lynn/2009g.html#5 Do the current Banking Results in the US hide a grim truth?
http://www.garlic.com/~lynn/2009g.html#33 Treating the Web As an Archive
http://www.garlic.com/~lynn/2009h.html#22 China's yuan 'set to usurp US dollar' as world's reserve currency
http://www.garlic.com/~lynn/2009h.html#25 The Paradox of Economic Recovery
http://www.garlic.com/~lynn/2009h.html#29 Analysing risk, especially credit risk in Banks, which was a major reason for the current crisis
http://www.garlic.com/~lynn/2009i.html#40 64 Cores -- IBM is showing a prototype already
http://www.garlic.com/~lynn/2009i.html#57 In the USA "financial regulator seeks power to curb excess speculation."
http://www.garlic.com/~lynn/2009j.html#35 what is mortgage-backed securities?
http://www.garlic.com/~lynn/2009o.html#23 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009p.html#2 Opinions on the 'Unix Haters' Handbook

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

The future of CPU based computing, mini clusters

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The future of CPU based computing, mini clusters.
Newsgroups: comp.arch
Date: Wed, 28 Oct 2009 12:30:14 -0400
re:
http://www.garlic.com/~lynn/2009p.html#19 The future of CPU based computing, mini clusters.

I've periodically claimed that John's 801/risc in the mid to late 70s some past posts
http://www.garlic.com/~lynn/subtopic.html#801

was to to to the opposite hardware extreme from the (failed/canceled) future system effort ... some past posts
http://www.garlic.com/~lynn/submain.html#futuresys

801/iliad/romp/rios started out 32bit virtual addresses ... with 16 segment registers (top four bits of virtual address would access one of 16 segment registers). The segment register would contain a "segment id" (12bits in romp, 24bits in rios) ... which would be used to provide "associativity" (TLB).

in 370, TLB (and potentially virtual cache) would be "STO" associative ... basically the real address of the start of the address space "segment table". 370 hardware could implement a "STO stack" ... say seven entries saving the most recently used STOs. TLB (STO-associative) entries would have 3-bit tag ... indicating invalid entry ... or association with one of the seven entries from the STO stack.

801 with inverted tables ... didn't have a corresponding hardware tables for uniquely identifying virtual address space ... so explicitly defined an virtual address spaced identifier ... or actually a virtual address space segment identifier (a combination of 16 values used to create a virtual address space definition). The ROMP 12-bit "identifier" roughtly corresponded to the 3bit STO-stack identifier in (some) 370 hardware implementations. However, being a segment identifier ... it corresponds closer to the "PTO" identifier mentioned in the previous post (allowed for in the original 370 architecture definition ... but I don't believe there was actually any such 370 implementation).

There were some issues with only 16 segment registers ... that it limited number of concurrent different shared objects for sharing. In original 801, there was no protection domain ... and the claim was that inline code could as easily change the value in one of the virtual segment registers ... as address pointers in general registers could be changed. This ran into little more difficulty in the transition to using 801 for unix ... and requirement to implement hardware protection domain.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

FBI: National data-breach law would help fight cybercrime

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: FBI: National data-breach law would help fight cybercrime
Date: 28 Oct, 2009
Blog: Information Security Network
FBI: National data-breach law would help fight cybercrime
http://www.networkworld.com/news/2009/111309-dns-problem-linked-to-ddos.html

from above:
A U.S. law that would require businesses to report data breaches to potential victims could help law enforcement agencies fight the growth of cybercrime, a U.S. Federal Bureau of Investigation official said Wednesday.

... snip ...

some of the issues and history of data breach notification has been recently discussed in new article discussion:

U.K. lags in information security management practices
http://www.linkedin.com/newsArticle?viewDiscussion=&articleID=79571561&gid=80784

posts also archived here:
http://www.garlic.com/~lynn/2009p.html#17
http://www.garlic.com/~lynn/2009p.html#20

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook
Newsgroups: alt.folklore.computers
Date: Wed, 28 Oct 2009 16:26:18 -0400
Eric Chomko <pne.chomko@comcast.net> writes:
The problem was all the fly-by-night mortgage brokerage firms making deals and expecting the actual resale of loans to the actual mortgage banks, such as Countrywide, Wells Fargo, Washington Mutual, etc. The real banks who can afford to hold a 30-year mortgage, not your local We-Three Mortgage company of Pondunk, trying like heck to sell those many loans they made to people who really can't afford them. Now you have whole communities where the "For Sale" signs are all bank owned houses. Oh boy...

re:
http://www.garlic.com/~lynn/2009n.html#56 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009n.html#58 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009n.html#62 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009o.html#23 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009o.html#25 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009o.html#48 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009o.html#84 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009p.html#2 Opinions on the 'Unix Haters' Handbook

with GLBA repeal of Glass-Steagall, the unregulated investment banking arms (of regulated depository financial institutions) bought up a huge amount of the triple-A rated, mortgage-backed toxic CDOs (from unregulated load originators) and carried them off-balance. Beginning of this year ... there was an estimate that the four largest regulated depository financial institutions had over five trillion being carried off-balance (courtesy of GLBA, repeal of Glass-Steagall, and their unregulated investment banking arms). At the time, there was some market in that five trillion in toxic CDOs ... going for 22cent on the dollar.

bloomberg article from early in the year:

Bank's Hidden Junk Menaces $1 Trillion Purge
>http://www.bloomberg.com/apps/news?pid=newsarchive&sid=akv_p6LBNIdw&refer=home

from above:
So investors betting for quick solutions to the financial crisis could be disappointed. The tangled web that banks wove over the years will take a long time to undo.

At the end of 2008, for example, off-balance-sheet assets at just the four biggest U.S. banks -- Bank of America Corp., Citigroup Inc., JPMorgan Chase & Co. and Wells Fargo & Co. -- were about $5.2 trillion, according to their 2008 annual filings.


... snip ...

as in past statements, w/o the unregulated investment banking institutions with their huge appetite for those mortgage-backed toxic CDOs .... the unregulated loan originators wouldn't have had the funds to make all of those lonas (unlikely to have been a tens of billions problem ... instead what turns out to be large multiple trillions).

there was past estimate that possibly 1000 executives were responsible for 80 percent of current financial mess. Part of this was that select individuals could get compensation based on size of deal (buying & selling) ... unrelated to quality, profit and/or the eventual effect on the institutions, economy and the country.

The original justification for the TARP funds ... was that it would be used to buy up those off-balance toxic CDOs (and clear them off the books of the too big to fail institutions). However, it is possible when they found that a measly trillion dollars would hardly make a dent in the problem ... they changed and used TARP for a give-away to prop up the institutions in other ways ... and allowed the audit rules to leave the toxic assets off-balance (maybe hoping that at some time in the future, that the assets appreaciate in value to the point that the institutions would no longer be considered insolvent ... and then could be brought back onto the books).

past posts mentioning above article:
http://www.garlic.com/~lynn/2009e.html#23 Should FDIC or the Federal Reserve Bank have the authority to shut down and take over non-bank financial institutions like AIG?
http://www.garlic.com/~lynn/2009e.html#36 Architectural Diversity
http://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
http://www.garlic.com/~lynn/2009e.html#70 When did "client server" become part of the language?
http://www.garlic.com/~lynn/2009e.html#79 Are the "brightest minds in finance" finally onto something?
http://www.garlic.com/~lynn/2009f.html#27 US banking Changes- TARP Proposl
http://www.garlic.com/~lynn/2009f.html#31 What is the real basis for business mess we are facing today?
http://www.garlic.com/~lynn/2009f.html#35 US banking Changes- TARP Proposl
http://www.garlic.com/~lynn/2009f.html#38 On whom or what would you place the blame for the sub-prime crisis?
http://www.garlic.com/~lynn/2009f.html#47 TARP Disbursements Through April 10th
http://www.garlic.com/~lynn/2009f.html#49 Is the current downturn cyclic or systemic?
http://www.garlic.com/~lynn/2009f.html#53 What every taxpayer should know about what caused the current Financial Crisis
http://www.garlic.com/~lynn/2009g.html#3 Do the current Banking Results in the US hide a grim truth?
http://www.garlic.com/~lynn/2009h.html#79 The $4 trillion housing headache
http://www.garlic.com/~lynn/2009i.html#60 In the USA "financial regulator seeks power to curb excess speculation."
http://www.garlic.com/~lynn/2009i.html#77 Financial Regulatory Reform - elimination of loophole allowing special purpose institutions outside Bank Holding Company (BHC) oversigh
http://www.garlic.com/~lynn/2009j.html#35 what is mortgage-backed securities?
http://www.garlic.com/~lynn/2009j.html#69 64 Cores -- IBM is showing a prototype already

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Survey Revives Debate Over Mainframe's Future

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Survey Revives Debate Over Mainframe's Future
Date: 29 Oct, 2009
Blog: Mainframe Experts
Survey Revives Debate Over Mainframe's Future
http://www.pcworld.com/businesscenter/article/174459/survey_revives_debate_over_mainframes_future.html

from above:
A survey by Afcom predicts a decline in mainframe use, though some analysts are skeptical.

... snip ...

some archived posts in slightly related thread from bit.listserv.ibm-main (mailing list that started on bitnet in the 80s):
http://www.garlic.com/~lynn/2009o.html#81 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#0 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#7 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#10 big iron mainframe vs. x86 servers

There was a lot of operations that have attempted to migrate off mainframes ... some of them successfully. A common/frequent refrain was that they couldn't find/hire mainframe trained staff.

Part of the thread in bit.listserv.ibm-main traces it back to anti-trust and other litigation in the 60s and 70s. The company had a shift away from the deep discount & support given to educational institutions. Eventually educational institutions became populated with other kinds of computers ... and there were fewer and fewer graduates with mainframe experience. In the 90s, I know of large gov. facilities that shutdown mainframes when last support person left/retired (and hadn't been able to hire replacement).

There have also been discussion about how to go from something like two-nines availability to five-nines (or greater) availability. That has become more & more environmental issues and having countermeasures for surviving local disasters.

When I was out marketing our HA/CMP product
http://www.garlic.com/~lynn/subtopic.html#hacmp

... I coined the terms disaster survivability and geographic survivability
http://www.garlic.com/~lynn/submain.html#available

I was also asked to write a section in the corporate continuous available strategy document ... but the section got pulled when both Rochester and POK (mainframes) complained (that they weren't able to meet the objectives).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook.
Newsgroups: alt.folklore.computers
Date: Thu, 29 Oct 2009 11:32:12 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
with GLBA repeal of Glass-Steagall, the unregulated investment banking arms (of regulated depository financial institutions) bought up a huge amount of the triple-A rated, mortgage-backed toxic CDOs (from unregulated load originators) and carried them off-balance. Beginning of this year ... there was an estimate that the four largest regulated depository financial institutions had over five trillion being carried off-balance (courtesy of GLBA, repeal of Glass-Steagall, and their unregulated investment banking arms). At the time, there was some market in that five trillion in toxic CDOs ... going for 22cent on the dollar.

re:
http://www.garlic.com/~lynn/2009p.html#23 Opinions on the 'Unix Haters' Handbook

x-over post from yesterday on linkedin ... this morning there were comments on tv business news asking why there haven't been more attention being paid to Volcker and King ... and putting Glass-Steagall back in place ...

article from today on financial mess, GLBA and repeal of Glass-Steagall

Fiddling Over Reform; Paul Volcker and Mervyn King are slapped down.
http://www.forbes.com/2009/10/27/volcker-mervyn-king-glass-steagall-opinions-columnists-thomas-f-cooley.html

from above:
Many others have come to same conclusion. Mervyn King, the Governor of the Bank of England, suggested last week that separating core aspects of banking from riskier activities could reduce the chance that a bank failure could put the whole financial system at risk

... snip ...

There was some anticipation that with the change in administration and shift in congressional politics that there would be efforts to correct the current situation. However, there are whole series of recent articles on enormous lobbying by the financial industrial to stave off such efforts.

Last spring, somewhat in anticipation of at least looking into new round of hearings on the subject, I did a lot of work with the thousands & thousands of scan'ed pages of the original Pecora/Glass-Steagall hearing transcripts ... creating HTML, etc.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Happy 40th Birthday, Internet!

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Happy 40th Birthday, Internet!
Newsgroups: alt.folklore.computers
Date: Thu, 29 Oct 2009 12:26:33 -0400
Happy 40th Birthday, Internet!
http://www.pcworld.com/article/174667/happy_40th_birthday_internet.html

from above:
Kleinrock was trying to write "login," starting up a remote time-sharing system, but the system crashed after two letters, and lo! The Internet was born with the first data message sent between two networked computers.

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

FBI: National data-breach law would help fight cybercrime

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: FBI: National data-breach law would help fight cybercrime
Date: 29 Oct, 2009
Blog: Information Security
re:
http://www.garlic.com/~lynn/2009p.html#22 FBI: National data-breach law would help fight cybercrime

We were tangentially involved in the cal. state data breach notification. We were brought in to help wordsmith the cal. state electronic signature legislation and several of the organization were also heavily involved in privacy issues. They had done in-depth consumer surveys on privacy and the #1 issue that kept turning up was "identity theft" ... especially the major subcategory account fraud in large part result of data breaches. It seemed that little or nothing was being done in this area and they seemed to think that the publicity from breach notification would result/motivate corrective action.

Since then there have been several other states that have passed similar legislation. Also in the past several years there have been a number of breach notification bills introduced in congress ... which appear to fall into two general categories 1) bills with similar notification requirements and 2) federal pre-emption that would eliminate a lot of breach notification requirements. about the same as the work on the data breach notification,
https://en.wikipedia.org/wiki/Data_breach

there were also the industry critical infrastructure protection meetings
https://en.wikipedia.org/wiki/Critical_Infrastructure_Protection

and push for ISACs (industry exploit, threats and vulnerability information sharing). there was some perception that financial industry didn't want to divulge/share exploits (even non public ISAC).
http://www.fsisac.com/

if the FBI is advocating a national data breach notification legislation to help fight cybercrime, it raises question whether exploits are being divulged ... even in the non-public financial industry critical infrastructure ISAC.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Happy 40th Birthday, Internet!

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Happy 40th Birthday, Internet!
Newsgroups: alt.folklore.computers
Date: Thu, 29 Oct 2009 17:27:44 -0400
Al Kossow <aek@bitsavers.org> writes:
It was Charley Kline, not Leonard Kleinrock.

re:
http://www.garlic.com/~lynn/2009p.html#26 Happy 40th Birthday, Internet!

a little better ...

A Look Back At Internet's Birth 40 Years Ago
http://www.redorbit.com/news/technology/1777494/a_look_back_at_internets_birth_40_years_ago/index.html

from above:

Kline began by typing the letter "L", and then asked his colleague Bill Duvall at SRI via telephone whether or not the letter had arrived.

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Computer Experts Deconstruct FDIC Email Scam

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Computer Experts Deconstruct FDIC Email Scam
Date: 29 Oct, 2009
Blog: Computer Security and Forensics
Computer Experts Deconstruct FDIC Email Scam
http://www.consumeraffairs.com/news04/2009/10/fdic_scam02.html

from above:
The Federal Deposit Insurance Corporation (FDIC) warned this week that cyber criminals are using fake messages claiming to be from the FDIC to steal victims' financial data.

... snip ...

also

BitDefender Reports Fake FDIC Notification Leading To Infamous ZBot
http://www.darkreading.com/vulnerability_management/security/antivirus/showArticle.jhtml?articleID=221100094

In the 90s, the majority of the exploits involved buffer related problems associated with characteristic of C programming language. In the first part of the decade the percentages shifted (buffer related problems didn't decrease ... the problem just became a lot larger) with sharp increase network distributed files that took advantage of features that would automatically execute embedded scripts in files.

Some of this is legacy of "enhancing" business applications with automatic script which evolved in closed/private networks. This was transposed to the hostile and wild anarchy of the internet ... w/o adequate countermeasures (somewhat analogous to believing that because you can live on the surface of the planet w/o a space suit ... that you can also live in open space w/o a space suit).

More recently there has been report that exploits have been 1/3rd buffer length related, 1/3rd automatic scripting, and 1/3rd social engineering (frequently involving getting people to execute scripts that wouldn't otherwise be automatically executed).

old post about doing word frequency/counts on explit reports
http://www.garlic.com/~lynn/2004e.html#43

attempting to categorize exploits. Problem has been that the official report descriptions have been somewhat freeform ... i've been periodically advocating that the reports include more formal classification information. more recent post discussing the subject
http://www.garlic.com/~lynn/2009h.html#46

Mainframe tcp/ip in 80s was implemented in vs/pascal ... and had none of the buffer related problems that showed up in C language related implementations. That implementation did have some issues using a 3090 processor getting 44kbytes/sec. I did RFC1044 implementation and in some tuning tests at Cray Research got channel/media thruput between Cray and 4341 (clone) using only modest amount of 4341 processor (possibly three orders magnitude improvement in bytes moved per instruction executed). misc. past posts mentioning rfc 1044 support
http://www.garlic.com/~lynn/subnetwork.html#1044

In the 90s we were asked to consult with a small client/server startup that wanted to do payment transactions on their server ... and they had invented this technology called SSL they wanted to use; the result is now frequently referred to as "electronic commerce". As part of that effort we had to do various end-to-end threat & vulnerability studies ... including walk thrus of many of the new things calling themselves Certification Authorities.

Part of electronic commerce was this thing called a "payment gateway" ... which acts as the payment transaction gateway between webservers and the financial network. We specified a bunch of countemeasures and compensating procedures for the hostile environment of the internet. misc. past post mentioning the payment gateway
http://www.garlic.com/~lynn/subnetwork.html#gateway

Also, part of. the use of SSL between browsers and webserver had some implicit assumptions 1) the end user understood the relationship between webserver they thought they were contacting and the URL they entered and 2) the browser would check the binding between the user entered URL and webserver contacted (using SSL, SSL domain name digital certificates, public key stuff, etc). Both parts together then results in making sure that the webserver that the user thinks they are contacting is the webserver they have contacted.

Almost immediately the basic assumptions for trusted use of SSL was voided ... merchants found that SSL cut their thruput by 85-95% and dropped back to just using SSL for checkout. This results in the user clicking on a pay/checkout button which provides the URL to the browser. Now instead of the complete process ... it is reduced to just the browser validating that the webserver contacted is whatever webserver, the webserver claims to be (potentially totally unrelated to the webserver that the user thinks it is)

This "clicking" vulnerability has created a security disconnect and has been used by fraudulent websites as well as a flood of bogus email.

Later we started the HA/CMP product (high availability)
http://www.garlic.com/~lynn/subtopic.html#hacmp

and did detailed theat & vulnerability study of tcp/ip (not so much specifically for external attackers ... but anything that could compromise operation). In the project, we were also doing a lot on cluster scaleup ... some old email from the period
http://www.garlic.com/~lynn/lhwemail.html#medusa

this is old post discussing a meeting on cluster scaleup in Ellison's conference room in Jan92
http://www.garlic.com/~lynn/95.html#13

later two people mentioned in the above ... left and joined small client/server startup responsible for something called "commerce server". We were then called in to consult because they wanted to do payment transactions on the server.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook.
Newsgroups: alt.folklore.computers
Date: Fri, 30 Oct 2009 09:26:42 -0400
greymausg writes:
Ps, I am amused by the people who ascribe the present problems to 'Republicans' or 'Democrats', reading Lynn's relevent posts shows how the cause of the problems, the removal of laws governing financial institutions, proceeded fairly seamlessly through various coloured adminstrations since the early 70's. Trying to run the Iraq-Afgan wars without extra taxes made the crises happen, but it would have emerged in the same period anyway.

TV business news (in real time) is talking about current round of financial reform laws actually have provisions that makes it more favorable to financial industry than things were before the bursting of the current bubble (allowing them to gamble in the largest/riskiest casino of all time and doing with taxpayer money). They make some statement that thank goodness for the head of FDIC, since she seems about the only voice that appears to be opposing this activity. They also re-iterated that there are five financial industry lobbiests on the hill for ever congressman.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook.
Newsgroups: alt.folklore.computers
Date: Sat, 31 Oct 2009 08:56:44 -0400
Ahem A Rivet's Shot <steveo@eircom.net> writes:
Ban political parties and require all candidates to stand as individuals. Cap campaign spending to $1000 per candidate and require that it comes from personal income or anonymous donations, add a standard taxpayer funded publication of policy for each candidate. Any mention of or indication of any kind of alliance between two or more candidates means permanent disqualification of all candidates involved, if it is found after election then instant dismissal and re-election for their posts.

last year at some sort of gathering of economists, there was discussion of flat rate tax .... current code is over 60,000 pages ... flat rate tax would reduce it to possibly 400-500 pages and eliminate a large percentage of the lobbying and corruption in congress (i.e. effectively eliminate various kinds of lobbying/bribes for special provisions in the tax code).

there was semi-humorous reference to Ireland lobbying against the change since the existing tax code was major motivation for US companies setting up operation in Ireland.

it would also free up several percentage of the existing work force that is devoted to dealing with the existing tax code ... for doing something that contributes productively to GDP & the economy (each individual special tax code provisions might seem inconsequencial ... but as they pile up over the years, the aggregate of all such special privisions has enormous adverse effect on the country's productivity ... starting to approach lack of competitive math & science skills coming out of educational system).

misc. past refs:
http://www.garlic.com/~lynn/2008m.html#87 Fraud due to stupid failure to test for negative
http://www.garlic.com/~lynn/2008n.html#43 VMware Chief Says the OS Is History
http://www.garlic.com/~lynn/2008n.html#44 VMware Chief Says the OS Is History
http://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
http://www.garlic.com/~lynn/2009e.html#83 Architectural Diversity
http://www.garlic.com/~lynn/2009h.html#20 China's yuan 'set to usurp US dollar' as world's reserve currency
http://www.garlic.com/~lynn/2009i.html#13 64 Cores -- IBM is showing a prototype already

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Getting Out Hard Drive in Real Old Computer

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Getting Out Hard Drive in Real Old Computer
Newsgroups: alt.folklore.computers
Date: Sat, 31 Oct 2009 09:11:20 -0400
Chris Barts <chbarts+usenet@gmail.com> writes:
Nor should you. Use SSH tunnels and/or file encryption for any data you want to remain secure. Security isn't supposed to be implemented at the link layer anyway; it /could/ have been, in a different world, but that isn't the world we reside in.

the internal network use to be larger than the arpanet/internet from just about the beginning until sometime possibly late 85 or early 86.
http://www.garlic.com/~lynn/subnetwork.html#internalnet

in the mid-80s, there was comment that the internal network had over half of all the (hardware) link encryptors in the world (provided the revenue for whole crypto companies).

I was looking for something more powerful and versatile for HSDT ...
http://www.garlic.com/~lynn/subnetwork.html#hsdt

old email that to do software DES on T1 link ... would require a dedicated 3081 processor for the traffic in each direction (two 3081 processors dedicated for supporting DES encryption on full-duplex T1 link).
http://www.garlic.com/~lynn/2006n.html#email841115
in this post
http://www.garlic.com/~lynn/2006n.html#36

for misc. other crypto related old email
http://www.garlic.com/~lynn/lhwemail.html#crypto

including discussion of PGP-like implementation
http://www.garlic.com/~lynn/2007d.html#email810506
http://www.garlic.com/~lynn/2006w.html#email810515

a couple posts about being faced with three kinds of crypto
http://www.garlic.com/~lynn/2008h.html#87 New test attempt
http://www.garlic.com/~lynn/2008i.html#86 Own a piece of the crypto wars
http://www.garlic.com/~lynn/2008j.html#43 What is "timesharing" (Re: OS X Finder windows vs terminal window weirdness)

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Survey Revives Depate Over Mainframe's Future

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Survey Revives Depate Over Mainframe's Future
Date: 31 Oct, 2009
Blog: Mainframe Experts
Survey Revives Depate Over Mainframe's Future
http://www.pcworld.com/businesscenter/article/174459/survey_revives_debate_over_mainframes_future.html

from above:
A survey by Afcom predicts a decline in mainframe use, though some analysts are skeptical.

... snip ...

some archived posts in slightly related thread from bit.listserv.ibm-main (mailing list that started on bitnet in the 80s):
http://www.garlic.com/~lynn/2009o.html#81 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#0 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#7 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#10 big iron mainframe vs. x86 servers

There was a lot of operations that have attempted to migrate off mainframes ... some of them successfully. A common/frequent refrain was that they couldn't find/hire mainframe trained staff.

Part of the thread in bit.listserv.ibm-main traces it back to anti-trust and other litigation in the 60s and 70s. The company had a shift away from the deep discount & support given to educational institutions. Eventually educational institutions became populated with other kinds of computers ... and there were fewer and fewer graduates with mainframe experience. In the 90s, I know of large gov. facilities that shutdown mainframes when last support person left/retired (and hadn't been able to hire replacement).

There have also been discussion about how to go from something like two-nines availability to five-nines (or greater) availability. That has become more & more environmental issues and having countermeasures for surviving local disasters.

When I was out marketing our HA/CMP product
http://www.garlic.com/~lynn/subtopic.html#hacmp
... I coined the terms disaster survivability and geographic survivability
http://www.garlic.com/~lynn/submain.html#available

I was also asked to write a section in the corporate continuous available strategy document ... but the section got pulled when both Rochester and POK (mainframes) complained (that they weren't able to meet the objectives).

I was undergraduate in the 60s ... but doing a lot of work on CP67. Spring of '69, IBM & Boeing talked me into giving a one week/40hr class during spring break on CP67 to the technical staff of the recently formed BCS (I'm actually LinkedIn to one of the people that was in that class). Then summer of '69, I was hired as a full-time BCS employee (even tho I hadn't graduated yet ... I then went on education leave of absence to finish school) to setup/install cp67 system and help get BCS going. I got a basement apartment not far from SeaTac from Boeing engineer working on 747 up in Everett. That summer at Boeing ... I also did the CP67 changes for pageable kernel ... now quite a bit of changes I did as undergraduate was released as part of cp67 product ... the changes for pageable kernel weren't released until vm370.

Part of the issue with forming BCS was to change datacenter from a cost center to (at least on paper) P&L center ... making it easier to justify new hardware and latest software (and also allow "selling" to non-Boeing customers). However, BCS started out in corporate hdqtrs (had a 360/30 for doing payroll) across from Boeing field ... and there was all sorts of politics going absorbing various datacenters around Boeing. At the time, Renton was the largest datacenter I had been in ... one of the visits they had big backlog of 360s being installed ... they were coming in faster than they could be deployed (there were frequently all the pieces for three 360/65s sitting in halls ... waiting for installation).

In the 80s, I sponsored Boyd's briefings at IBM ... misc. URLs from around the web mentioning Boyd
http://www.garlic.com/~lynn/subboyd.html#boyd2

One of Boyd's biographies mentioning him doing a years tour in 1970 running spook base ... "a $2.5B windfall for IBM".

When I graduated, I had choice between going back to Boeing (I was still listed as full-time employee), taking offer from one of the recently formed commercial cp67 time-sharing service bureaus, or joining the science center. I joined the science center.
http://www.garlic.com/~lynn/subtopic.html#545tech

... oh, at $2.5B ... spook base would seemed to have been a larger datacenter than renton.

23Jun69 unbundling (during summer I was at BCS) started charging for application software, maint, SE services, etc. Part of the problem was major traditional training for SEs was sort of apprentice kind of program as part of large SE group on-site at customers. With unbundling that disappeared ... past posts mentioning unbundling
http://www.garlic.com/~lynn/submain.html#unbundle

Somewhat to compensate the data processing division created several HONE (hands-on) CP67 datacenters in the US to give branch SEs online virtual machine access to practice their operating system skills.

also ported APL\360 to CMS for CMS\APL ... several parts of APL had to be reworked for (large) virtual memory environment. Dataprocessing division also started deploying some number of CMS\APL sales&marketing support applications on HONE ... which soon came to dominate all HONE useage (and the SE virtual machine operating system use withered away).
http://www.garlic.com/~lynn/subtopic.html#hone

One of my hobbies at science center was building & supporting highly enhanced operating systems for internal locations (including HONE). As part of HONE expanding to world-wide sales&marketing support (by mid-70s mainframe orders had to be run through HONE applications before being processed) ... I got some number of overseas trips as part of cloning HONE systems around the world. some old email about "csc/vm"
http://www.garlic.com/~lynn/2006v.html#email731212
http://www.garlic.com/~lynn/2006w.html#email750102
http://www.garlic.com/~lynn/2006w.html#email750430

science center was on 4th flr, 545 tech sq, multics was on 5th flr 545 tech sq. there was some friendly rivalry between the groups. I've mentioned in the past that at one point, I was supporting more internal "CSC/VM" systems than the aggregate number of MULTICS installation that ever existed (the number of CSC/VM systems was smaller than the total number of internal vm systems ... which was also much smaller than the total number of customer vm systems.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

big iron mainframe vs. x86 servers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Sat, 31 Oct 2009 13:15:38 -0400
Patrick Scheible <kkt@zipcon.net> writes:
All the characters from the several versions of EBCDIC are in Unicode. It should be simple enough to map them from EBCDIC order to Unicode order, and back, if necessary.

that makes things a lot simpler than when i first added tty/ascii support to cp67 ... i had to make some judgements on how to deal with ascii characters that weren't in ebcdic and ebcdic that weren't in ascii (as part of translating incoming & outgoing streams).

even more interesting was how to deal with traffic on the wire coming into mainframe memory.

one of the first "bugs" when getting the clone controller working at the univ ... misc. past posts
http://www.garlic.com/~lynn/subtopic.html#360pcm

was initial incoming terminal data was all garbage in mainframe memory; had (momentarily) overlooked the fact that the official terminal controller line scanner placed leading bit off the wire in low-order bit position. as a result when ascii terminal bytes actually transferred to mainframe memory ... each ascii terminal/character byte was "bit-reversed". in order to properly emulate the official mainframe controller ... the clone controller also had to bit-reverse each byte off the line.

recent post/reference about as undergraduate, adding tty/ascii terminal support to cp67
http://www.garlic.com/~lynn/2009p.html#34 big iron mainframe vs. x86 servers

part of adding the support to cp67, I tried to make the 2702 terminal controller do something it couldn't quite do. this somewhat prompted the univ. to do a clone controller project ... reverse engineering the channel interface, building hardware channel board for an interdata/3 minicomputer and programming the interdata/3 to emulate 2702 (and also do the stuff that I couldn't get the 2702 to do). misc. past posts
http://www.garlic.com/~lynn/subtopic.html#360pcm

recent post in (linkedin) "Greater IBM" mentions future system effort
http://www.garlic.com/~lynn/2009p.html#8 WSJ.com - IBM Puts Executive on Leave

which in this reference describes as having been heavily motivated by clone controllers
http://web.archive.org/web/20110718153549/http://www.ecole.org/Crisis_and_change_1995_1.htm
http://www.ecole.org/en/seances/CM07

other posts mentioning future system effort
http://www.garlic.com/~lynn/submain.html#futuresys

the Morris & Fergus book describes that the preoccupation of the future system effort (which was going to completely replace 360/370 and was as different from 360/370 as 360 had been different from earlier computers) and failure (canceled w/o even being announced), allowed the 360/370 product pipelines dry up, allowing clone processors to gain foothold in the market. the book also mentions that the future system failure had long term effect on the corporate culture ... the old culture under Watsons being replace with sycophancy and make no waves under Opel and Akers (somewhat being able to coast on prior glories).

similar recent discussion from bit.listserv.ibm-main mailing list
http://www.garlic.com/~lynn/2009o.html#29 Justice Department probing allegations of abuse by IBM in mainframe computer market
http://www.garlic.com/~lynn/2009o.html#31 Justice Department probing allegations of abuse by IBM in mainframe computer market
http://www.garlic.com/~lynn/2009o.html#32 Justice Department probing allegations of abuse by IBM in mainframe computer market

During the future system period, I had continued to do 370 stuff ... and somewhat pan'ed the effort by drawing comparison with cult film that had been playing continuously for over decade down in central sq ... which probably wasn't a career enhancing mode ... possibly unrelated, but later being told by an executive that
they could have forgiven me for being wrong but they were never going to forgive me for being right

There seems to have been a lot of similarities with old Boyd quote:
"There are two career paths in front of you, and you have to choose which path you will follow. One path leads to promotions, titles, and positions of distinction.... The other path leads to doing things that are truly significant for the Air Force, but the rewards will quite often be a kick in the stomach because you may have to cross swords with the party line on occasion. You can't go down both paths, you have to choose. Do you want to be a man of distinction or do you want to do things that really influence the shape of the Air Force? To be or to do, that is the question." Colonel John R. Boyd, USAF 1927-1997

... snip ...

From the dedication of Boyd Hall, United States Air Force Weapons School, Nellis Air Force Base, Nevada. 17 September 1999

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

DB2 announces technology that trumps Oracle RAC and Exadata

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: DB2 announces technology that trumps Oracle RAC and Exadata
Date: 31 Oct, 2009
Blog: AIX Advanced Technical Experts
DB2 announces technology that trumps Oracle RAC and Exadata
http://freedb2.com/2009/10/10/for-databases-size-does-matter/

from above:
DB2 pureScale database clustering borrows from the mainframe design to deliver better scalability and high availability to trump Oracle RAC and Exadata.

... snip ...

also:

IBM pureScale Technology Redefines Transaction Processing Economics. New DB2 Feature Sets the Bar for System Performance on More than 100 IBM Power Systems
http://www-03.ibm.com/press/us/en/pressrelease/28593.wss

...

small hiatus since Jan92 meeting in Ellison's conference room mentioned in this old post
http://www.garlic.com/~lynn/95.html#13

part of the issue was that in the early 90s, the non-mainframe DB2 (shelby/persist/crosswinds) were still pretty much focused on OS2 ... so for AIX, we were working with Ingres, Oracle, Sybase, and Informix. A lot of early cluster work was with Ingres and moving their vax/cluster product to HA/CMP and working on scaleup.

some old email from the period on cluster, DLM and DBMS scaleup
http://www.garlic.com/~lynn/lhwemail.html#medusa

other HA/CMP posts
http://www.garlic.com/~lynn/subtopic.html#hacmp

much earlier my wife had been con'ed into going to POK to be in charge of (mainframe) loosely-coupled architecture and created "peer-coupled" shared-data architecture
http://www.garlic.com/~lynn/submain.html#shareddata

... which except for IMS hot-standby ... saw very little uptake initially (until much later) .... contributing to her not remaining long in the position. Part of the issue at the time was preoccupation with tightly-coupled.

AIX filesystem didn't have shared-disk support ... so had to move the Oracle & Ingres "vax/cluster" shared-disk support to AIX shared-disk cluster with "raw disks".

Ingres had a list of ten short-comings in vax/cluster ... which we "fixed" for them ... in addition to lots of scale-up having done mainframe shared-disk support back to the 70s.

This was required looking at scaleup to hundreds of processors and thousands of shared disks.

HA Sybase & HA Informix work was straight partitioned RDBMS and "fall-over" ... not having (heritage of vax/cluster) shared disk.

and for something totally different, lots of past posts mentioning original relational/sql implementation
http://www.garlic.com/~lynn/submain.html#systemr

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Survey Revives Debate Over Mainframe's Future - Business Center

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Survey Revives Debate Over Mainframe's Future - Business Center
Date: 31 Oct, 2009
Blog: Mainframe Experts Network
re:
http://www.garlic.com/~lynn/2009p.html#24 Survey Revives Debate Over Mainframe's Future - Business Center
http://www.garlic.com/~lynn/2009p.html#33 Survey Revives Debate Over Mainframe's Future - Business Center
http://www.garlic.com/~lynn/2009p.html#35 DB2 announces technology that trumps Oracle RAC and Exadata

In the mid-70s, US HONE datacenters were consolidated in Cal. ... in a large, shared-disk, loosely-coupled complex (possibly largest single-system image implementation at the time) ... with load-balancing and fall-over. Then because of earthquake concerns, the datacenter was replicated first in Dallas and then a 3rd in Boulder ... with load-balancing and fall-over between the three locations. All this built on virtual machine vm370 platform.

The original relational/sql system/r was also all done on vm370 platform ... I even handled some of the technology transfer to Endicott for SQL/DS product.

Then one of the people mentioned in this Jan92 meeting
http://www.garlic.com/~lynn/95.html#13

claimed to have handled the technology transfer from Endicott back to STL for what becomes (mainframe) DB2 (when they were working in STL).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Hillgang user group presentation yesterday

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Hillgang user group presentation yesterday
Date: 31 Oct, 2009
Blog: z/VM
re:
http://www.garlic.com/~lynn/2009o.html#79 Is it time to stop research in Computer Architecture ?
http://www.garlic.com/~lynn/2009o.html#80 OpenSolaris goes "tic'less"??

The queue drop delay was because lack of adequate measurements. there were actually several problems at the time ... old email discussing in detail
http://www.garlic.com/~lynn/2001f.html#email830420
in this old post
http://www.garlic.com/~lynn/2001f.html#57

first off ... SMP support was changed for SP1 ... special case for TPF customers ... but adding 10-15% degradation to all customers running multiprocessors.

back then vm370 dropped virtual machine from queue based on whether virtual device type was "high-speed" or "low-speed". this resulted in virtual machine doing I/O to "slow-speed" virtual 3215 would be dropped ... even when it was a "high-speed" 3270. I had a fix for this I had done to cp67 to drop based on real device type ... not virtual device type (running on internal vm370 systems)

finally, some virtual machines could have a large amount of concurrent activity involving multiple "slow-speed" devices (which in aggregate would have frequent operations). In the mid-70s ... I had done some stuff to remember most recent queue drop period ... and not drop high-activity virtual machines ... even when waiting on (all) slow-speed devices (or timer value).

plus some other stuff mentioned in the referenced email.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

big iron mainframe vs. x86 servers

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Sat, 31 Oct 2009 19:45:51 -0400
AIX filesystem didn't have shared-disk support ... so had to move the Oracle & Ingres "vax/cluster" shared-disk support to AIX shared-disk cluster with "raw disks".

Ingres had a list of several short-comings in vax/cluster ... which we "fixed" for them ... in addition to lots of scale-up having done mainframe shared-disk support back to the 70s.

This was required looking at scaleup to hundreds of processors and thousands of shared disks.

HA Sybase & HA Informix work was straight partitioned RDBMS and "fall-over" ... not having (heritage of vax/cluster) shared disk.

and for something totally different, lots of past posts mentioning original relational/sql implementation
http://www.garlic.com/~lynn/submain.html#systemr

from long ago and far away ...

Date: Mon, 29 Jul 91 15:14:38 EST
From: wheeler
Subject: Some HA/CMP Project Activities Summary

This is a summary of the HA/CMP project position, both respect to the recent internal IBM classes and customer demo/presentations, as well as the long term objectives.

The immediate roll-out of HA/CMP activities (as well as related activities) being discussed with IBM'ers and numerous customers (under non-disclosure letters):

1) Highly Available RISC/6000 scheduled to announce in August and ship in either Sept. or Oct.
2) shrink-wrap RISC/6000 Unitree this fall
3) staged roll-out of HA/Unitree enhancements next year
4) numerous other HA/CMP and related development activities that will be going on over the next 12-18 months

The HA/CMP project activities and directions are addressing:

1) augmenting industry standard Unix environments for server, commerical, and industrial markets
2) supporting interoperability and portability standards in the Unix market place
3) providing high-availability features as add-ons to the standard environment.
a) no single point of failure configurations
b) all data and components replicated
c) optional use of replicated hardware for horizontal growth
4) providing high-availability features in a cost/effective manner by leveraging horizontal growth opportunities
5) system managed storage and other resource control and management functions
6) disaster survivability functions
7) industry standard kernel
8) addressing additional performance opportunities for the distributed environment


... snip ... top of post, old email index

I had coined the terms disaster survivability and geographic survivability when out marketing to customers. I was also asked to write a section for the corporate continuous availability strategy document ... but it got pulled when both Rochester and POK complained (that they couldn't meet the objectives). misc. past posts
http://www.garlic.com/~lynn/submain.html#available

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook.
Newsgroups: alt.folklore.computers
Date: Sat, 31 Oct 2009 23:32:33 -0400
Dave Garland <dave.garland@wizinfo.com> writes:
In my observation, the problem with a "flat rate" tax system is that even the proponents don't actually want that, mostly they want to shift taxes from themselves onto others. They want it to be a tax on wages, but want special treatment for capital gains, or inheritances, or dividends, or corporate profits (if a corporation is a person, why don't they pay tax at personal rates?), or charity, or options, or [insert source of funds or exemptions dear to themselves personally].

Yes, a flat tax would solve a lot, but everybody's got a vested interest in the current system.


re:
http://www.garlic.com/~lynn/2009p.html#31 Opinions on the 'Unix Haters' Handbook

the issue of flat tax simplifying the tax code by at least two orders of magnitude (at least two orders of magnitude reduction in number of pages ... but complexity actually tends to increase non-linearly with size ... so reduction in size of tax code by two orders of magnitude might reduce complexity by 3-4 orders of magnitude) and eliminating much of the cause of lobbying and corruption .... is separate from the issue of flat tax change changing how much different parties pay in taxes and for what reasons.

it is likely that the lobbiests aren't interested in significantly reducing the justifications for lobbying.

on of the big issues with eliminating all the effort dealing with tax code (& lobbying) ... estimate that switching all that non-productive effort to something that actually has positive contribution to the economy, could incrase GDP by several percent.

argument could be made that with increase in the productivity in the economy and the country ... that things would improve at least as much as what-ever justification exists for the enormous number of special provisions.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Wireless security (somehow thread-drifted from Re: Getting Out Hard Drive in Real Old Computer)

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Wireless security (somehow thread-drifted from Re: Getting Out Hard Drive in Real Old Computer)
Newsgroups: alt.folklore.computers
Date: Sun, 01 Nov 2009 10:02:00 -0500
"Joe Morris" <j.c.morris@verizon.net> writes:
You're probably thinking of the STIGs ("Secure Technical Implementation Guides"); the wireless STIG has been recently updated:

http://iase.disa.mil/stigs/stig/wireless_stig_v6r1_6aug2009.zip

Note that this is a public site even though it's in the .MIL domain.

And I have to note that MAC filtering is only an irritation to a hacker with any real smarts...although vendors continue to brag about how secure it makes your system. I recently sat through sales pitches from a number of sales-pitch presentations about top-end NAC (Network Access Control) products (my POE is rearchitecting its network security structure), and they all said we could reliably identify authorized computers by using a only a table of valid MAC addresses...


when we were doing HA/CMP
http://www.garlic.com/~lynn/subtopic.html#hacmp

... we did a lot of work with ip-address take-over; one server fails ... another server takes its place and assumes the first servers ip-address.

we had a problem with a bug in bsd 4.3 reno/tahoe implementation used by majority of the platforms. ARP protocol specifies that client sends out ARP broadcast, requesting MAC address for corresponding ip-address. The response is saved in ARP table (mapping of ip-addresses to mac-addresses). ARP protocol requires that the entries in the ARP table time-out periodically (relatively short interval). The time-out results in clients eventually re-issuing ARP broadcast and gets back the MAC address for the take-over server.

The "bug" was that there was performance optimization, the ip-layer code saved the result from call to ARP table code. The next entry to ip-layer code, it would check if the ip-address was the same as the saved ip-address (from previous execution) ... and use that saved MAC address. This value never timed out ... and only changed if the client had tcp/ip communication with some other ip-address. There is lots & lots of client activity that that goes for extended periods only communicating with the same server (or possibly the same router) ... resulting in the "saved" (MAC) value never timing out. This "bug" existed in millions of platforms from large number of different vendors ... and there was no reasonable expectation to having it corrected in any reasonable period of time.

So a work-around ... was to have "take-over" server to send out broadcast from some other ip-address ... trying to prod all the clients to run through their ip-layer code for some other ip-address (& changing the saved MAC value). Then the next communication using the take-over ip-address would result in actually executing the ARP-layer code ... and eventually associating the correct MAC value.

In any case, we did look at a number of other kinds of implementations (not necesarily even strictly "HA" oriented) that went to using adatper cards that had software setable MAC addresses ... as means of addressing various kinds of issues (including some kinds of non-IP protocols that have more tightly bound MAC addresses and don't have dynamic ARP-like layer).

wiki MAC address
https://en.wikipedia.org/wiki/MAC_address

from above:
Although intended to be a permanent and globally unique identification, it is possible to change the MAC address on most of today's hardware, an action often referred to as MAC spoofing.

... snip ...

wiki MAC spoofing
https://en.wikipedia.org/wiki/MAC_spoofing

and wiki ARP spoofing
https://en.wikipedia.org/wiki/ARP_spoofing

and "Hacking Techniques in Wireless Networks"
http://www.cs.wright.edu/~pmateti/InternetSecurity/Lectures/WirelessHacks/Mateti-WirelessHacks.htm

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Wireless security (somehow thread-drifted from Re: Getting Out Hard Drive in Real Old Computer)

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Wireless security (somehow thread-drifted from Re: Getting Out Hard Drive in Real Old Computer)
Newsgroups: alt.folklore.computers
Date: Sun, 01 Nov 2009 15:17:47 -0500
sidd <sidd@situ.com> writes:
been bitten by this too.. in some cases i have the replacement machine take over the IP and the MAC

last time was about a year ago


re:
http://www.garlic.com/~lynn/2009p.html#40 Wireless security (somehow thread-drifted from Re: Getting Out Hard Drive in Real Old Computer)

bsd4.3 tahoe is more than 20yrs old ... bits and pieces from the tar distribution:
1988-10-10 21:35 arp.c
1988-09-20 00:19 Makefile
1988-09-20 00:08 arp.8


--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

big iron mainframe vs. x86 servers

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Sun, 01 Nov 2009 19:16:26 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
DB2 announces technology that trumps Oracle RAC and Exadata
http://freedb2.com/2009/10/10/for-databases-size-does-matter/


also from above article:
To bring this capability to UNIX systems, DB2 pureScale implements Coupling Facility completely in software. It is called 'PowerHA pureScale;. The use of 'power' in the name is in reference to the POWER processor architecture that is used in the IBM System p UNIX servers.

... snip ...

re:
http://www.garlic.com/~lynn/2009p.html#35 DB2 announces technology that trumps Oracle RAC and Exadata

the base RDBMSes that i was working could have a form of lazy-write or fast-commit ... where the locks were released as soon as log record(s) was written ... but the actual records weren't necessarily written to their dbms location. this could significantly improve the thruput ... but it left actual dbms in inconsistent state. Recovery after a failure, then involved updating the dbms from the log records (roll-forward).

for the shared-disk vax/cluster scenario ... to avoid problems with merging different recovery logs ... buffer-to-buffer (involving different processors in shared-disk clsuter) involved forcing modified records (in cache) to disk ... where they were then read back off disk.

past posts discussing the much earlier ha/cmp scaleup upgrading DBMS shared-disk cluster mechanism (in some cases from vax/cluster heritage) to support direct buffer-to-buffer transfers and in the case of failure/recovery, the process of merging the different processor-specific log records in correct order:
http://www.garlic.com/~lynn/2001.html#40 Disk drive behavior
http://www.garlic.com/~lynn/2002k.html#8 Avoiding JCL Space Abends
http://www.garlic.com/~lynn/2003i.html#70 A few Z990 Gee-Wiz stats
http://www.garlic.com/~lynn/2003j.html#7 A few Z990 Gee-Wiz stats
http://www.garlic.com/~lynn/2004q.html#70 CAS and LL/SC
http://www.garlic.com/~lynn/2005f.html#32 the relational model of data objects *and* program objects
http://www.garlic.com/~lynn/2006c.html#8 IBM 610 workstation computer
http://www.garlic.com/~lynn/2006o.html#33 When Does Folklore Begin???
http://www.garlic.com/~lynn/2007i.html#27 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007p.html#58 what does xp do when system is copying
http://www.garlic.com/~lynn/2008c.html#81 Random thoughts

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

From The Annals of Release No Software Before Its Time

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: From The Annals of Release No Software Before Its Time
Date: 2 Nov, 2009
Blog: Greater IBM
recent announcement ...

z/VM V61. Preview Summary and Statements of Direction
http://www.vm.ibm.com/zvm610/zvm61sum.html

when the US HONE (vm370) datacenters were consolidated in northern cal. in the mid-70s. worked started off on shared disk, loosely-coupled, single-system-image ... with failure fall-over and front-end load-balancing (load balancing across systems). both the US hone datacenter was operating in this way as well as the european hone datacenter in uithoorn. misc past posts mentioning HONE
http://www.garlic.com/~lynn/subtopic.html#hone

note ... (at least) one of the original cp67 commercial time-sharing service bureaus had migrated to vm370 and by mid 70s had implemented single-system-image, loosely-coupled shared disk operation ... that also included process migration .... aka processes could be dynamically migrated from one CEC to another ... say for taking a CEC offline for scheduled maint.

as to HONE, because of earthquake/disaster concerns ... in the early 80s, the US HONE vm370 datacenter was replicated first in dallas and then a 3rd center in boulder ... with single-system image, disaster survivability and load-balancing across the 3 dataceenters.

a few recent posts
http://www.garlic.com/~lynn/2009o.html#32 Justice Department probing allegations of abuse by IBM in mainframe computer market
http://www.garlic.com/~lynn/2009o.html#57 Justice Department probing allegations of abuse by IBM in mainframe computer market
http://www.garlic.com/~lynn/2009o.html#52 Revisiting CHARACTER and BUSINESS ETHICS
http://www.garlic.com/~lynn/2009o.html#81 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#33 Survey Revives Debate Over Mainframe's Future - Business Center
http://www.garlic.com/~lynn/2009p.html#34 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#36 Survey Revives Debate Over Mainframe's Future - Business Center

.... and another recent announcement .....

DB2 announces technology that trumps Oracle RAC and Exadata
http://freedb2.com/2009/10/10/for-databases-size-does-matter/
IBM pureScale Technology Redefines Transaction Processing Economics. New DB2 Feature Sets the Bar for System Performance on More than 100 IBM Power Systems
http://www-03.ibm.com/press/us/en/pressrelease/28593.wss

this is discussion of meeting in ellison conference room jan92 on loosely-coupled shared disk for 128-way processor by ye92.
http://www.garlic.com/~lynn/95.html#13
and then
http://www.garlic.com/~lynn/2006x.html#email920129
in this post
http://www.garlic.com/~lynn/2006x.html#3 Why so little parallelism?

however over the next couple weeks, the effort was transferred, we were told we couldn't work on anything with more than 4 processors ... and there was announcement for numerical intensive-only. some old email on ha/cmp cluster scaleup from the period.
http://www.garlic.com/~lynn/lhwemail.html#medusa

in this particular instance, rdbms with shared-disk vax/cluster support was migrated to ha/cmp (the underlying filesystem didn't support shared disk, so had to do raw device) ... with added performance enhancements ... including extending lazy-writes/fast-commit to cluster environment ... including being able to do direct buffer-to-buffer transfers w/o having to drag the records out to disk and back in ... the direct buffer-to-buffer copies was straight-forward ... the harder part was working out merging log records in correct order from several different logs during recovery.

a couple recent posts
http://www.garlic.com/~lynn/2009p.html#35 DB2 announces technology that trumps Oracle RAC and Exadata
http://www.garlic.com/~lynn/2009p.html#42 big iron mainframe vs. x86 servers

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Nearly 500 People Fall Victim to ATM Skimming Scam

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Nearly 500 People Fall Victim to ATM Skimming Scam
Date: 2 Nov, 2009
Blog: Financial Crime Risk, Fraud and Security
Nearly 500 People Fall Victim to ATM Skimming Scam
http://www.newschannel5.com/Global/story.asp?S=11417801

from above:
Detectives said nearly 500 debit cards have been compromised after crooks attached skimming devices to area ATM machines.

... skip ...

nacha rfi for nacha debit trails
http://www.garlic.com/~lynn/nacharfi.htm

basically a chip that is always dynamic data ... then traditional skimming or data breaches doesn't provide information that can be used in replay attacks (i.e. use information from previous transactions/interactions for new fraudulent transaction). That doesn't preclude fraudulent card-acceptor machines from getting card to authorize some sort of financial transaction different from what is reported to the user ... aka is the transactions that the user "sees" ... the transaction that is executed?

the results of internet-specific pilot
http://web.archive.org/web/20070706004855/http://internetcouncil.nacha.org/News/news.html

there were a number of CHIP based programs in the US in the early part of this decade that ran into various kinds of problems ... which appeared to motivate a pullback from all CHIP based programs with hardly any trace left.

One was POS chip based pilot deployment ... but in the time-frame of the Yes Card threat .... old reference to CARTES2002 presentation that it was trivial to clone/counterfeit chips and program them for Yes Cards (last paragraph, bottom of the page):
http://web.archive.org/web/20030417083810/http://www.smartcard.co.uk/resources/articles/cartes2002.html

lots of past posts discussing Yes Card vulnerability
http://www.garlic.com/~lynn/subintegrity.html#yescard

there was also a internet-oriented CHIP based program that involved free giveaway of serial-port card acceptor devices. The enormous customer support issues with those serial-port card acceptor devices resulted in pulling back from the program and a rapidly spreading opinion in the financial industry that chipcards weren't practical in the consumer market place.

However, there had been several pitches in the mid-90s about major motivation for migrating the (old) dial-up home banking programs to the internet was the enormous customer support issues supporting serial-port devices. In fact, a major motivation for USB was the enormous end-user issues dealing with serial-port devices.

In any case, the (ephemeral) financial industry institution knowledge regarding enormous consumer serial-port support issues appeared to rapidly evaporate after the migration of online banking from (proprietary) dial-up to the internet.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

ATM machines are increasingly attractive to hackers

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: ATM machines are increasingly attractive to hackers
Date: 3 Nov, 2009
Blog: Financial Crime Risk, Fraud and Security
ATM machines are increasingly attractive to hackers
http://www.scmagazineuk.com/ATM-machines-are-increasingly-attractive-to-hackers/article/156356/

from above:
What's to stop anyone placing 'back-doored' ATMs around the place? They don't even have to dispense cash; a message saying 'out of cash' after the victim has entered the PIN would do. Find some 'sympathetic' shopkeepers to locate machines in their premise

... snip ...

One of the issues with the low-tech vis-a-vis high-tech is the fraud return-on-investment to the crook and the aggregate amounts that are lost in the particular approach. An ATM compromised at point of manufacturer has been known to reap tens of millions (cases dating back at least 10-15 yrs). The effort for the compromise is on the order of the newspaper distraction (reaping $300 ... although it requires some amount more skill and planning).

There have been past criticisms of some law enforcement organizations having preoccupation with bank robbers that reap thousands or tens of thousands ... while roughly equivalent "white-collar" variety makes off with tens of millions (maybe three orders of magnitude ROI for roughly equivalent amount of activity).

similar thread:
http://www.garlic.com/~lynn/2009p.html#44 Nearly 500 People Fall Victim to ATM Skimming Scam

slightly related news item from (linkedin) Information Security ... archived here
http://www.garlic.com/~lynn/2009p.html#22 FBI: National data-breach law would help fight cybercrime
http://www.garlic.com/~lynn/2009p.html#27 FBI: National data-breach law would help fight cybercrime

the above raises the question that if the FBI is promoting national data-breach law ... that even it is not getting adequate reporting ... possibly, even financial industry ISAC isn't even getting the information
http://www.fsisac.com/

a somewhat related thread in the same group ... also archived here
http://www.garlic.com/~lynn/2009p.html#17 U.K. lags in information security management practices
http://www.garlic.com/~lynn/2009p.html#20 U.K lags in information security management practices

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

From The Annals of Release No Software Before Its Time

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: From The Annals of Release No Software Before Its Time
Date: 3 Nov, 2009
Blog: AIX Advanced Technical Experts
re:
http://www.garlic.com/~lynn/2009p.html#43 From The Annals of Release No Software Before Its Time

Later, one of the senior people involved in mainframe DB2 said that if I had gone ahead and had some of these RDBMS shared-disk vax/cluster platforms moved to 128-way HA/CMP clusters with all my enhancements by ye92 ... it would have been at least five years ahead of mainframe DB2.
http://www.garlic.com/~lynn/lhwemail.html#medusa

at least 5yrs ahead seems to be some sort of code-phrase.

i had started HSDT project (high-speed data transport) in the early 80s ... with T1 and higher speed links ... some past posts
http://www.garlic.com/~lynn/subnetwork.html#hsdt

part of that included doing RFC1044 for mainframe tcp/ip implementation. The base support was getting 44kbytes/sec thruput using a full 3090 processor. I did the enhancements for RFC1044 support and in some tuning tests at Cray Research was getting channel thruput on 4341-clone using only a modest amount of the processor (maybe a factor of 500 times improvement in bytes moved per instruction executed)
http://www.garlic.com/~lynn/subnetwork.html#1044

also started talking to some of the entities that were getting involved in (NSFNET) backbone proposal (tcp/ip is the technology basis for the modern internet, NSFNET backbone was the operational basis for the modern internet, and CIX was the business basis for the modern internet). some past posts mentioning nsfnet activity
http://www.garlic.com/~lynn/subnetwork.html#nsfnet

then some internal politics prevent bidding on the NSFNET backbone. the director of NSF tried to help by writing a letter to the corporation, copying the CEO. There was also the statement that what we already had running was at least 5yrs ahead of all bid submissions to build something new. That letter just aggravated the internal politics.

at one point, we had a conference scheduled with most of the target NSFNET backbone locations (for a HSDT-based implementation) and at least one of the executives later involved in transferring HA/CMP cluster scaleup activity ... was also involved in calling up the individuals and telling them that the conference had been canceled. misc. old email from the period
http://www.garlic.com/~lynn/lhwemail.html#nsfnet

We would claim that the NSFNET backbone RFP called for T1 links (much faster than the typical 56kbit links of the period) was at least partially motivated by the example of what we already had running. Note that the winning bid only installed 440kbits links (although they had telco multiplexors of T1 trunks ... so they could sort of claim meeting the letter of the RFP ... we somewhat sarcastically pointed out that they should have been able to claim T3 and/or even T5 ... since those T1 trunks ... tended to be multiplexed over much higher speed telco trunks).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook
Newsgroups: alt.folklore.computers
Date: Tue, 03 Nov 2009 10:43:10 -0500
re:
http://www.garlic.com/~lynn/2009p.html#30 Opinions on the 'Unix Haters' Handbook

one of the TV business news channels spent a lot of the morning looking at (effectively) unless Glass-Steagall is put back ... the too-big-to-fail institutions won't change their ways and there would be continued rounds of bailouts for the financial industry (the only difference going forward is that they are doing their risky gambling with public bailout money)

other past posts in this thread mentioning Glass-Steagall
http://www.garlic.com/~lynn/2009n.html#56 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009n.html#58 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009n.html#62 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009o.html#23 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009o.html#25 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009o.html#48 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009o.html#84 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009p.html#2 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009p.html#23 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009p.html#25 Opinions on the 'Unix Haters' Handbook

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook
Newsgroups: alt.folklore.computers
Date: Tue, 03 Nov 2009 15:42:06 -0500
re:
http://www.garlic.com/~lynn/2009p.html#23 Opinions of 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009p.html#47 Opinions of 'Unix Haters' Handbook

New theory on fairness in economics targets CEO pay
http://news.uns.purdue.edu/x/2009b/091103VenkatasubramanianCEO.html

from above ...
Chief executives in 35 of the top Fortune 500 companies were overpaid by about 129 times their "ideal salaries" in 2008,

... and
The ratio of CEO pay to the lowest employee salary has gone up from about 40-to-1 in the 1970s to as high as 344-to-1 in recent years in the United States. However, the ratio has remained around 20-to-1 in Europe and 11-to-1 in Japan, according to available data, he said.

... snip ...

old posts referencing earlier claim of ratio being as high as "400:1" ...
http://www.garlic.com/~lynn/2008i.html#73 Should The CEO Have the Lowest Pay In Senior Management?
http://www.garlic.com/~lynn/2008j.html#24 To: Graymouse -- Ireland and the EU, What in the H... is all this about?
http://www.garlic.com/~lynn/2008j.html#76 lack of information accuracy
http://www.garlic.com/~lynn/2008k.html#71 Cormpany sponsored insurance
http://www.garlic.com/~lynn/2008m.html#25 Taxes
http://www.garlic.com/~lynn/2008m.html#33 Taxes
http://www.garlic.com/~lynn/2008m.html#53 Are family businesses unfair competition?
http://www.garlic.com/~lynn/2008m.html#93 What do you think are the top characteristics of a good/effective leader in an organization? Do you feel these characteristics are learned or innate to an individual?
http://www.garlic.com/~lynn/2008n.html#2 Blinkylights
http://www.garlic.com/~lynn/2008n.html#58 Traditional Approach Won't Take Businesses Far Places
http://www.garlic.com/~lynn/2008q.html#14 realtors (and GM, too!)
http://www.garlic.com/~lynn/2008q.html#17 realtors (and GM, too!)
http://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
http://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
http://www.garlic.com/~lynn/2008s.html#41 Executive pay: time for a trim?
http://www.garlic.com/~lynn/2008s.html#44 Executive pay: time for a trim?
http://www.garlic.com/~lynn/2009.html#50 Greed Is
http://www.garlic.com/~lynn/2009.html#80 Are reckless risks a natural fallout of "excessive" executive compensation ?
http://www.garlic.com/~lynn/2009b.html#25 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
http://www.garlic.com/~lynn/2009b.html#41 The subject is authoritarian tendencies in corporate management, and how they are related to political culture
http://www.garlic.com/~lynn/2009d.html#3 Congress Set to Approve Pay Cap of $500,000
http://www.garlic.com/~lynn/2009e.html#73 Most 'leaders' do not 'lead' and the majority of 'managers' do not 'manage'. Why is this?
http://www.garlic.com/~lynn/2009f.html#2 CEO pay sinks - Wall Street Journal/Hay Group survey results just released
http://www.garlic.com/~lynn/2009g.html#44 What TARP means for the future of executive pay
http://www.garlic.com/~lynn/2009o.html#37 Young Developers Get Old Mainframers' Jobs

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

big iron mainframe vs. x86 servers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Tue, 03 Nov 2009 18:46:21 -0500
re:
http://www.garlic.com/~lynn/2009p.html#38 big iron mainframe vs. x86 servers

another email from long ago & far-away ... in the following, "mode3" refers to "shared disk"; there was lengthy distribution list, including two people in the Almaden database group and several customer marketing contacts around the world. the following, in part leads up to meeting a month later in ellison's conference room
http://www.garlic.com/~lynn/95.html#13

Date: Dec 5 11:42:53 1991
From: wheeler
Subject: oracle meeting

in the oracle meeting yesterday the question of (near term oracle) risc/6000 hardware came up in the context of:

a) immediate (oracle) development activities during the month of dec.

b) potential ibm/oracle marketing presentation to a very large number of customers in sacramento the middle of january

c) ha/cmp demos at both the ibm & oracle booths at Uniform

Also, Oracle would like to start with something like your color ha/cmp foils and turn out an automated storyboard ha/cmp (+ mode3 oracle) overview targeted somewhat for mis & corporate crowd. They would like to have free diskettes to give out in time for the trade-show ... and then make it available as a standard "pub" order (also possibility that we can make the storyboard "diskette" image available over the internal ibm network).

I've somewhat voluntered that I could loan one of the LSG "all disk 9333" racks available ... and LSG is supposedly getting four 530h machines this month ... which I would loan two to Oracle. I'm still trying to track down delivery date on the 530h.

For uniform in san fran, Jan. ... do you have a trade-show contact that we can see about getting an HA/CMP demo in the IBM booth.

They are still talking about ha/cmp mode3 betatest starting sometime in Jan. at VLSI.


... snip ... top of post, old email index

basically shared-disk support was simplified if it was able to adapt existing support for vax/cluster shared-disk.

related recent thread:
http://www.garlic.com/~lynn/2009p.html#43 From the Annals of Release No Software Before Its Time
http://www.garlic.com/~lynn/2009p.html#46 From the Annals of Release No Software Before Its Time

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook
Newsgroups: alt.folklore.computers
Date: Wed, 04 Nov 2009 09:11:56 -0500
Ahem A Rivet's Shot <steveo@eircom.net> writes:
However the lawyers, CPAs[1] and insurance companies are happy and spend more so the economy seems to be more active. AFAICS the model in much of the western world seems to be that we should all get rich selling each other insurance, legal advice and financial services and forget about the messy business of actually producing things of real value.

there was some UN report that standard of living is being significantly lowered in many 3rd world countries by western convention of value ... which only happens when things are exchanged (especially involving middlemen). if somebody grows food for their own consumption ... it has zero value ... if is only when they sell the food to somebody else and then buy it back, that it is considered value. UN report was that there have been significant forces to move from self-consumption to selling & buying ... which results in actually lowering the standard of living of many families (but it doesn't show up that way with western convention of value).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook
Newsgroups: alt.folklore.computers
Date: Wed, 04 Nov 2009 09:56:12 -0500
Roger Blake <rogblake10@iname10.com> writes:
How much value has the dollar lost since the Fed went online in 1913?

If you want stable currency, the current system does not seem to be the ticket at all.


re:
http://www.garlic.com/~lynn/2009p.html#47 Opinions on the 'Unix Haters' Handbook

TV business news channel this morning had one of the regulators on and asking them when congress was going to get around to fixing the underlying infrastructure ... bailout of which has put the US taxpayers on the hook for $24 Trillion in liabilities ... as a result of the '99 bank modernization act ... GLBA & repeal Glass-Steagall ... and '00 commodities trading modernization act ... exempted OTC derivatives from regulation. The regulator kept trying to play nice and say that it takes time to change the underlying infrastructure (created by decade old legislation).

25 People to Blame for the Financial Crisis; Phil Gramm
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877330,00.html

from above:
He played a leading role in writing and pushing through Congress the 1999 repeal of the Depression-era Glass-Steagall Act, which separated commercial banks from Wall Street. He also inserted a key provision into the 2000 Commodity Futures Modernization Act that exempted over-the-counter derivatives like credit-default swaps from regulation by the Commodity Futures Trading Commission. Credit-default swaps took down AIG, which has cost the U.S. $150 billion thus far.

... snip ...

just a few recent references
http://www.garlic.com/~lynn/2009f.html#29 What is the real basis for business mess we are facing today?
http://www.garlic.com/~lynn/2009f.html#38 On whom or what would you place the blame for the sub-prime crisis?
http://www.garlic.com/~lynn/2009f.html#51 On whom or what would you place the blame for the sub-prime crisis?
http://www.garlic.com/~lynn/2009f.html#53 What every taxpayer should know about what caused the current Financial Crisis
http://www.garlic.com/~lynn/2009g.html#5 Do the current Banking Results in the US hide a grim truth?
http://www.garlic.com/~lynn/2009g.html#7 Just posted third article about toxic assets in a series on the current financial crisis
http://www.garlic.com/~lynn/2009g.html#33 Treating the Web As an Archive
http://www.garlic.com/~lynn/2009g.html#76 Undoing 2000 Commodity Futures Modernization Act
http://www.garlic.com/~lynn/2009h.html#17 REGULATOR ROLE IN THE LIGHT OF RECENT FINANCIAL SCANDALS
http://www.garlic.com/~lynn/2009i.html#54 64 Cores -- IBM is showing a prototype already
http://www.garlic.com/~lynn/2009i.html#60 In the USA "financial regulator seeks power to curb excess speculation."
http://www.garlic.com/~lynn/2009i.html#74 Administration calls for financial system overhaul
http://www.garlic.com/~lynn/2009i.html#77 Financial Regulatory Reform - elimination of loophole allowing special purpose institutions outside Bank Holding Company (BHC) oversigh
http://www.garlic.com/~lynn/2009j.html#21 The Big Takeover
http://www.garlic.com/~lynn/2009j.html#30 An Amazing Document On Madoff Said To Have Been Sent To SEC In 2005
http://www.garlic.com/~lynn/2009j.html#35 what is mortgage-backed securities?
http://www.garlic.com/~lynn/2009n.html#56 Opinions on the 'Unix Haters' Handbook'
http://www.garlic.com/~lynn/2009o.html#84 Opinions on the 'Unix Haters' Handbook'

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Mainframe Hacking

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Mainframe Hacking
Date: 04 Nov, 2009
Blog: Mainframe Experts
ibm-main mailing list originated on bitnet in the 80s ... which has maintained a fairly good moderation policy for not having things like job postings as well as off-topic subjects.

bitnet (& earn) was corporate sponsored educational network using vm370 networking software. some posts posts mentioning bitnet/earn
http://www.garlic.com/~lynn/subnetwork.html#bitnet

old email from somebody tasked with setting up EARN
http://www.garlic.com/~lynn/2001h.html#email840320

it used similar network software that was used on the internal (primarily vm370) corporate network ... which was larger than the arpanet/internet from just about the beginning until possibly late '85 or early '86 ... some past posts
http://www.garlic.com/~lynn/subnetwork.html#internalnet
misc. old email mentioning the internal network
http://www.garlic.com/~lynn/lhwemail.html#vnet

url references in the subject post (from above):
http://www.garlic.com/~lynn/2009k.html#15
http://www.garlic.com/~lynn/2009k.html#16
http://www.garlic.com/~lynn/2009k.html#17

current ibm-main archives (requires registration to access)
http://listserv.ua.edu/archives/ibm-main.html
archives for that month:
http://bama.ua.edu/cgi-bin/wa?A1=ind0907&L=ibm-main&X=2C438C5DA4FE54B796

ibm-main mailing list distribution is also gateway to usenet ... and so shows up in the google group usenet archives ... the google groups bit.listserv.ibm-main thread that the above posts appeared in (Mainframe hacking):
http://groups.google.com/group/bit.listserv.ibm-main/browse_thread/thread/14a47b85d232b0bc/7fb4adf9046f3b4a?q=mainframe+hacking+group%3Abit.listserv.ibm-main&lnk=ol&
and (posts span several google group web pages):
http://groups.google.com/group/bit.listserv.ibm-main/browse_thread/thread/14a47b85d232b0bc/5e96c23214f9043b?q=mainframe+hacking+group%3Abit.listserv.ibm-main&lnk=nl&
and
http://groups.google.com/group/bit.listserv.ibm-main/browse_thread/thread/14a47b85d232b0bc/4e08880830ee74df?q=mainframe+hacking+group%3Abit.listserv.ibm-main&lnk=nl&

the bitnet mailing list software, "listserv" was done in mid-80s ... reference here:
http://www.lsoft.com/products/listserv-history.asp

and was a subset of the internal "TOOLSRUN" that was used on the internal network. TOOLSRUN supported both a distribution list type option ... as well as being able to setup distributed clone TOOLSRUNs for something more like usenet operation (locally managed files).

the internal network (& later bitnet/earn) had a special distribution list "driver" which optimized the physical bits actually transmitted for large distribution list. recent post with snipets of original (July 1980) proposal for the distribution (*LIST) driver:
http://www.garlic.com/~lynn/2009k.html#12
http://www.garlic.com/~lynn/2009k.html#13

listserv (mailing list) function has since been ported to a number of other platforms

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook
Newsgroups: alt.folklore.computers
Date: Wed, 04 Nov 2009 13:53:14 -0500
re:
http://www.garlic.com/~lynn/2009p.html#50 Opinions on the 'Unix Haters' Handbook

... also applied to barter (in addition to self consumption) ... it is only when money is involved and 3rd parties ... possibly (especially) large US conglomerates

past reference (measurement of "wealth"):
http://www.garlic.com/~lynn/2009f.html#52 School traditions

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

big iron mainframe vs. x86 servers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Wed, 04 Nov 2009 20:27:29 -0500
re:
http://www.garlic.com/~lynn/2009p.html#38 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#49 big iron mainframe vs. x86 servers

with old ha/cmp email
http://www.garlic.com/~lynn/2009p.html#email910729
http://www.garlic.com/~lynn/2009p.html#email911205

note: "simple" mode1 & mode2 are two machines with shared disks ... but not doing concurrent access. In "mode1" the 2nd machine is idle and waiting for take-over in case the active machine fails. In "mode2", both machines are active with their own workload, but also monitoring the other; if either fails, the other takes-over and runs both workloads (at possibly some degradation, and/or giving preference to the higher priority workload).

mode3 is shared disk with concurrent access, easy is migrating the rdbms vendor existing vax/cluster concurrent access shared disk support to ha/cmp platform ... along with additional enhancements.
http://www.garlic.com/~lynn/subtopic.html#hacmp

Date: Thu Dec 12 15:08:12 1991
From: wheeler
Subject: HA/CMP and Oracle

informix, oracle, ingres, etc ... essential all run today w/o modifications in "mode1" and "mode2". An implementation of Ingres "mode3" support was done by xxxx under contract to IBM on an Ingres 6.2 platform. xxxx is currently working with Ingres to migrate the changes to an Ingres 6.4 platform for future product release. I'm not sure about the dates.

In parallel with that we are also working with Oracle for mode3 support ... and Oracle has been somewhat more aggresive (atlhough starting later). We've had a series of meetings with Oracle this week in Dallas and Austin. Oracle currently wants to highlight HA/CMP Oracle demo in the Oracle booth at Uniform ... running effectively mode2. In parallel with that they are planning a very aggresive development schedule for tentative mode3 availability in April ... which also includes generic RISC/6000 Oracle enhancements as well as HA/Oracle performance enhancements (in addition to HA/Oracle mode3 support).

Oracle is also planning on working closely with the IBM TPC/benchmark center in Dallas. Oracle has done some "enhancements" to Tuxedo ... and have a plan to get this available for /t running on HA/CMP for HA/Oracle TPC-a benchmarking work targeted for the month of March ... in support of the planned announcement in April.


... snip ... top of post, old email index

April would have been in time for the projected 16-machine "cluster" in July ... this old post mentioning meeting in ellison's conference room early Jan92
http://www.garlic.com/~lynn/95.html#13

with work to have 128-machine configurations by ye92.

everything was going fine (both commercial dbms and all the scientific and numerical intensive) as of this email end of jan92
http://www.garlic.com/~lynn/2006x.html#email920129
in this post
http://www.garlic.com/~lynn/2006x.html#3 Why so little parallelism?

but then in very quick order, the effort was transfered, we were told we couldn't work on anything with more than four processors, and there were announcements by middle of Feb92:
http://www.garlic.com/~lynn/2001n.html#6000clusters1
and additional press by the summer
http://www.garlic.com/~lynn/2001n.html#6000clusters2

other old email about cluster scaleup work:
http://www.garlic.com/~lynn/lhwemail.html#medusa

related recent thread:
http://www.garlic.com/~lynn/2009p.html#43 From the Annals of Release No Software Before Its Time
http://www.garlic.com/~lynn/2009p.html#46 From the Annals of Release No Software Before Its Time

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

MasPar compiler and simulator

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: MasPar compiler and simulator
Newsgroups: comp.arch
Date: Thu, 05 Nov 2009 07:49:15 -0500
Robert Myers <rbmyersusa@gmail.com> writes:
Some of what happened is a matter of public record. IBM, when it was still wondering whether it was going to survive, wanted to focus on its core business in the nineties and wasn't thrilled at the idea of putting its own research money into specialized computers for HPC. Thus, a bunch of Regattas as a "super"-computer.

old email about working on ha/cmp cluster scaleup (both dbms commercial and scientific & numeric intensive)
http://www.garlic.com/~lynn/lhwemail.html#medusa

also reference in this post about meeting first of Jan92 in ellison's conference room
http://www.garlic.com/~lynn/95.html#13

also having lots of meetings and interactions with LLNL up through end of Jan92 ... old email reference:
http://www.garlic.com/~lynn/2006x.html#email920129

the effort was then very quickly transferred, we were told we couldn't work on anything with more than four processors and was announced as scientific and numerical intensive by mid-Feb92 ... some press from 17Feb92
http://www.garlic.com/~lynn/2001n.html#6000clusters1
more press quotes from 11May92 about being "caught by surprise"
http://www.garlic.com/~lynn/2001n.html#6000clusters2

this old post with some number of other press items
http://www.garlic.com/~lynn/2001n.html#70

up until above ... the supercomputer group had been doing a bunch of other stuff as well as pumping money into steve chen.

recent thread about some other activity
http://www.garlic.com/~lynn/2009p.html#43 From The Annals of Release No Software Before Its Time
http://www.garlic.com/~lynn/2009p.html#46 From The Annals of Release No Software Before Its Time

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

MasPar compiler and simulator

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: MasPar compiler and simulator
Newsgroups: comp.arch
Date: Thu, 05 Nov 2009 08:24:34 -0500
re:
http://www.garlic.com/~lynn/2009p.html#55 MasPar compiler and simulator

one of the cluster scaleup old emails
http://www.garlic.com/~lynn/lhwemail.html#medusa

mentions in nov91 meeting with federal systems division (FSD) getting things setup for FSD to make what I was doing the division's strategic direction (not just LLNL & LANL).
http://www.garlic.com/~lynn/2006w.html#email911119

as referenced here
http://www.garlic.com/~lynn/2006x.html#email920129

effectively just hrs before the activity was transferred and we were told we couldn't work on anything with more than four processors.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

MasPar compiler and simulator

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: MasPar compiler and simulator
Newsgroups: comp.arch
Date: Thu, 05 Nov 2009 21:14:54 -0500
re:
http://www.garlic.com/~lynn/2009p.html#55 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#56 MasPar compiler and simulator

there was an "official" group that was suppose to be handling scientific and numerical intensive market place. i had run-ins with them periodically over the years ... one involved some of the higher end stuff i was doing in hsdt project
http://www.garlic.com/~lynn/subnetwork.html#hsdt

this mentions some of the internet stuff
http://www.garlic.com/~lynn/2009p.html#46 From The Annals of Release No Software Before Its Time

but also refers to some higher speed stuff with rfc1044 and doing some tuning tests at cray research (although the 4341-clone could hardly be considered high performance box (minor example of offending the official group) ... but i did optimize the bytes moved per instruction executed). some past posts mentioning rfc1044
http://www.garlic.com/~lynn/subnetwork.html#1044

also my ietf rfc index
http://www.garlic.com/~lynn/rfcietff.htm

rfc 1044 summary
http://www.garlic.com/~lynn/rfcidx3.htm#1044

... and as always, clicking on the ".txt=nnn" field in the summary retrieves the actual rfc.

also this references (nearly 20yrs earlier than date of the post) trying to pack 96 of the first 32bit 801 chips into a rack, turns out the chip never did get completely debugged. however, one of the biggest problems was massive cooling (or heat) problem (depending on how you look at it).
http://www.garlic.com/~lynn/2004m.html#17 mainframe and microprocessor

misc. old email related to 801, iliad, romp, rios, etc
http://www.garlic.com/~lynn/lhwemail.html#801

in any case, the "offical group" was "sponsored" by a senior corporate executive that retired fall '91. there was then reviews of some number of projects ... in some cases, the results weren't pretty ... just say that then there was an effort to scour the corporation for some technology (under the guise of a corporate advanced technology symposium) for the group to take-over. We advised everybody we knew not to participate ... but some did anyway.

as it turns out, it probably wouldn't have made a lot of difference in the long run. we were also being invited into some number of high profile commercial accounts ... and various traditional commerical mainframe interests were complaining. there were even accusations that we were violating all sorts of corporate rules in some way or another ... fortunately we had paper trail to show that we followed all the corporate rules.

one of the customers that we did everything according to the book was SIAC (since been absorbed, responsible for the NYSE dataprocessing) ... but there were still accusations that we had violated corporate practices. if there has been any perception about activity like spreading FUD, it wasn't limited to external activity. old post where somebody has some quotes from fergus&morris book about what happened to corporate culture after failure of FS
http://www.garlic.com/~lynn/2001f.html#33

a slight topic drift in these recent posts mentioning "business ethics" is an oxymoran
http://www.garlic.com/~lynn/2009o.html#47 U.S. begins inquiry of IBM in mainframe market
http://www.garlic.com/~lynn/2009o.html#52 Revisiting CHARACTER and BUSINESS ETHICS
http://www.garlic.com/~lynn/2009o.html#57 U.S. begins inquiry of IBM in mainframe market

so we didn't stay around long after we were told that we couldn't work on anything with more than four processors.

for some drift & thread between cluster scaleup and electronic commerce in this meeting early jan92 in ellison's conference room discussing 128-way by ye92 (as applied to commercial dbms as opposed to scientific and numerical intensive) ...
http://www.garlic.com/~lynn/95.html#13

two of the other people mentioned in the post, later left their positions and show up at a small client/server startup responsible for something called the commerce server (initially a multi-store "mall-like" paradigm built using oracle ... funded by large telco; later, greatly simplified, single store implementation was offered). we got invited to consult because they wanted to do payment transactions on their server (the startup had also invented some technology called "SSL" ... and the results is now frequently called electronic commerce).

part of that effort involved doing something called the payment gateway which sat on the internet and handled payment transactions between electronic commerce webservers and the payment infrastructure. we had a bunch of high availability stuff built into the payment gateway ... as well as a bunch of compensating process for the vagaries of the internet infrastructure.
http://www.garlic.com/~lynn/subnetwork.html#gateway

somewhat as a result of having worked on this stuff called "electronic commerce", in the mid-90s we were asked to participate in the x9a10 financial standard working group, which had been given the reqauirement to preserve the integrity of the financial infrastructure for all retail payments. the result was the x9.59 financial standard transaction protcol ... reference
http://www.garlic.com/~lynn/x959.html#x959
and various past posts
http://www.garlic.com/~lynn/subpubkey.html#x959

bunch of patents related to above ... all the patents are assigned ... and haven't been involved at all since my position there was eliminated dec2005 ... but there continues to be patent activity(??)
http://www.garlic.com/~lynn/aadssummary.htm

somewhat because of having done the "electronic commerce" stuff and the x9.59 financial transaction protocol ... in the late 90s we got invited in to look at doing something similar for trading protocols at NSCC (since merged with DTC to be DTCC) ... slightly related to the earlier SIAC stuff. Part way thru, the effort got suspended, apparently because a side effort of significantly increasing the security .... would also have had the side-effect of significantly improving transparency and visability. The issue appeared to be that visibility and transparency was not part of the fundamental trading culture.

now one of the issues highlighted in the madoff ponzi congressional hearings by the person that had been trying unsuccessfully for a decade to try and get the SEC to do something about Madoff, was that the fundamental problem is lack of transparency and visibility in trades. misc. recent refs:
http://www.garlic.com/~lynn/2009b.html#35 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
http://www.garlic.com/~lynn/2009b.html#65 What can agencies such as the SEC do to insure us that something like Madoff's Ponzi scheme will never happen again?
http://www.garlic.com/~lynn/2009b.html#80 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009c.html#1 Audit II: Two more scary words: Sarbanes-Oxley
http://www.garlic.com/~lynn/2009d.html#47 Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
http://www.garlic.com/~lynn/2009e.html#15 The background reasons of Credit Crunch
http://www.garlic.com/~lynn/2009e.html#36 Architectural Diversity
http://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
http://www.garlic.com/~lynn/2009f.html#45 Artificial Intelligence to tackle rogue traders
http://www.garlic.com/~lynn/2009f.html#67 Just posted third article about toxic assets in a series on the current financial crisis
http://www.garlic.com/~lynn/2009g.html#29 Transparency and Visibility
http://www.garlic.com/~lynn/2009i.html#23 Why are z/OS people reluctant to use z/OS UNIX? (Are settlements a good argument for overnight batch COBOL ?)
http://www.garlic.com/~lynn/2009i.html#60 In the USA "financial regulator seeks power to curb excess speculation."

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

MasPar compiler and simulator

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: MasPar compiler and simulator
Newsgroups: comp.arch
Date: Thu, 05 Nov 2009 22:43:15 -0500
Del Cecchi <delcecchinospamofthenorth@gmail.com> writes:
IBM spent a lot, repeat lot, of money on steve chen and SSI. Not so much for cray to my best recollection.

SSi died anyway.


re:
http://www.garlic.com/~lynn/2009p.html#55 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#56 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#57 MasPar compiler and simulator

i don't remember company ever spending any money on cray ... however lots on steve. steve shows up later as CTO of Sequent ... and we did a little consulting for him ... including some that involved a little look at Itanium. I don't remember Steve sticking around after Sequent was bought.

... slightly related ... the executive that we reported to when we were doing ha/cmp ... later left and shows up as president of MIPs (was already owned by SGI). We would go by and visit ... he even let me "have" the personal Indy that each executive got ... under the guise of configuring it for him (I had to finally give it back when he left).

SGI later buys Cray.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

MasPar compiler and simulator

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: MasPar compiler and simulator
Newsgroups: comp.arch
Date: Thu, 05 Nov 2009 23:44:13 -0500
Robert Myers <rbmyersusa@gmail.com> writes:
The behavior of the US over the last ten years and looking at where we are now indicates how poorly federal decisionmakers who panicked over Japan, Inc. understood the business. Neither Japan nor the Federal government can compete with the flow of money coming from consumers.

re:
http://www.garlic.com/~lynn/2009p.html#55 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#56 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#57 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#58 MasPar compiler and simulator

that showed up even more in the dept. of commerce meetings over hdtv ... it included apparently constantly fiddling the standard ... the theory was if foreign company(s) won the hdtv market ... that would be significantly larger higher performance chip funding than the measely personal computer market.

early in hsdt project
http://www.garlic.com/~lynn/subnetwork.html#hsdt

there was some hardware being built on the other side of the pacific. the friday before i was to leave on trip there ... somebody in the company sent out an announcement for a new discussion group on high speed networking ... with the following definitions
low-speed <9.6kbits medium-speed 19.2kbits high-speed 56kbits very high-speed 1.5mbits

the following monday on the wall of a conference room in the far east:
low-speed <20mbits medium-speed 100mbits high-speed 200-300mbits very high-speed >600mbits

i was also paying an arm and leg for T1 modems ... i came back from that trip with comment that i could get enormously better technology from a $300 cdrom player than i was getting for the 20* some amount i was paying T1 modems (and if i was going to move into optical drivers ... why couldn't i use cdrom parts). on that trip, i also got my first look at surface mount ... including line where it looked like the chips were being sprayed on the boards as they passed down the line.

more recently, some of that came up in IDF conference where i was on a panel in the trusted computing track with one of the guys. I had some number of years earlier made the crack that i would take a $500 milspec part, aggresively cost-reduce it by 2-3 orders of magnitude while improving the security. The comment back was that might be true except for some stuff about radiation hardening.

The guy running TPM project at trusted computing was in the front row ... and I also quiped that it was nice to see that TPM over the past couple years had started to look more and more like my chip (which could effectively do nearly all the TPM objectives ... w/o having been designed for TPM). His quip back was that I hadn't had a committee of 200 people helping me with the design.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

MasPar compiler and simulator

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: MasPar compiler and simulator
Newsgroups: comp.arch
Date: Fri, 06 Nov 2009 10:30:32 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
a slight topic drift in these recent posts mentioning "business ethics" is an oxymoran
http://www.garlic.com/~lynn/2009o.html#47 U.S. begins inquiry of IBM in mainframe market
http://www.garlic.com/~lynn/2009o.html#52 Revisiting CHARACTER and BUSINESS ETHICS
http://www.garlic.com/~lynn/2009o.html#57 U.S. begins inquiry of IBM in mainframe market


re: re:
http://www.garlic.com/~lynn/2009p.html#55 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#56 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#57 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#58 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#59 MasPar compiler and simulator

i had sponsored boyd's briefings at ibm in the 80s. some past posts
http://www.garlic.com/~lynn/subboyd.html#boyd

for some corporate connection ... one of boyd's biographies mentions he did a yrs tour in 1970 running "spook base", a $2.5B windfall for IBM ... however even that wouldn't have been enuf to cover what was lost in FS
http://www.garlic.com/~lynn/submain.html#futuresys

boyd was later credited with battle plan for desert storm ... and there was us news&report article on him titled "the fight to change how america fights" (6May1991) ... also mentioned latest crop of majors and cols. as boyd's jedi knights. more recently there was a comment that major problem in the current conflicts is that boyd had died in 1997. misc. URLs from around the web mentioning Boyd
http://www.garlic.com/~lynn/subboyd.html#boyd2

and one of my favorites:
"There are two career paths in front of you, and you have to choose which path you will follow. One path leads to promotions, titles, and positions of distinction.... The other path leads to doing things that are truly significant for the Air Force, but the rewards will quite often be a kick in the stomach because you may have to cross swords with the party line on occasion. You can't go down both paths, you have to choose. Do you want to be a man of distinction or do you want to do things that really influence the shape of the Air Force? To be or to do, that is the question." Colonel John R. Boyd, USAF 1927-1997

... snip ...

From the dedication of Boyd Hall, United States Air Force Weapons School, Nellis Air Force Base, Nevada. 17 September 1999

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Need the Name of a "Don Lancaster" type person

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Need the Name of a "Don Lancaster" type person...
Newsgroups: alt.folklore.computers
Date: Sat, 07 Nov 2009 18:38:38 -0500
Charles Richmond <frizzle@tx.rr.com> writes:
I am having a "senior moment" here...

ISTR that there was a veteran computer person who was heavy into the hardware side of the microcomputer revolution. I associated him with Don Lancaster, because he was a similar type of computer person. The one I am thinking of... died in the early 2000's.

Can anyone suggest who this might be???


not specifically hardware and mid-2000
https://en.wikipedia.org/wiki/Jef_Raskin

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Need the Name of a "Don Lancaster" type person

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Need the Name of a "Don Lancaster" type person...
Newsgroups: alt.folklore.computers
Date: Sun, 08 Nov 2009 11:46:19 -0500
Charles Richmond <frizzle@tx.rr.com> writes:
Ah, yes. Jef Raskin: he of Apple documentation, original Macintosh project, and Canon Cat fame. I think he was Apple employee number 8. It's sad that he lived only to be about 62 years of age. From the standpoint of an "auld fart" like me (and others), 62 does *not* seem old at all...

Raskin had a lot of interests, but ISTR that one of his big interests was music. He was *not* the one whose name I am seeking.


re:
http://www.garlic.com/~lynn/2009p.html#61 Need the Name of a "Don Lancaster" type person...

in the early 80s, my brother was regional apple rep. (claimed it was the largest sized region in conus). when he came to town ... i would frequently get to go to business dinners with him ... and get into animated discussion with some of the other people around the table; including arguments about design of unannounced machines ... like the MAC.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Little bit OT IBM & Air NZ outage report to stay Top Secret

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Little bit OT IBM & Air NZ outage report to stay Top Secret
Newsgroups: bit.listserv.ibm-main
Date: Mon, 09 Nov 2009 15:22:04 -0500
Peter_Big_Iron <pwoodbury1@comcast.net> writes:
Thanks for posting this - was not aware of data center loss-of-power failure. Seems as if data center had only (1) backup generator ?? I worked for years as an engineer in both nuclear and fossil power plants. We always had at least two lines of defense in any scenario that would have tripped the plant off-line and created an outage condition. Sure would like to learn what the power supply configuration was for this data center.

we did a lot of failure mode analysis for our ha/cmp product
http://www.garlic.com/~lynn/subtopic.html#hacmp

part of that included PDU (power distribution units ... for large datacenters handled power switch-over from public power to various power sources ... like battery pending diesel generator being brought online).

one corporate plant site had paid something like $5m for a diesel generator power backup system. now places like hospitals have procedures like running on emergency power at least an hour or two a month as part of verifying that it actually works when needed. in the five yrs that the diesel generator was in place ... nobody at the plant site ever thought to periodic test it. so what do you think happens when there is actually a power outage and the emergency power is required?

once did a tour of large mainframe datacenter (they claimed turning over a billion dollars in ibm mainframes every 18months ... to keep up with the business). they weren't satisified with the PDUs that they could get ... so they hired two engineering companies to work with the PDU vendor to redesign to their requirements. Last I heared was that the PDU vendor had sold over 1200 of the redesigned units just in the DC beltway area.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Failing The Sniff Test: Researchers Find New Way To Spot Fraud

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Failing The Sniff Test: Researchers Find New Way To Spot Fraud
Date: 9 Nov, 2009
Blog: Financial Crime Risk, Fraud and Security
Failing The Sniff Test: Researchers Find New Way To Spot Fraud
http://www.sciencedaily.com/releases/2009/11/091109090429.htm
Failing the sniff test: Researchers find new way to spot fraud
http://www.eurekalert.org/pub_releases/2009-11/ncsu-ft110509.php

At 2004 EU conference of financial institution CEOs ... i claimed that SOX audit of corporate financial reports weren't going to catch fraud w/o independent verification (just looking at provided reports would catch mistakes ... but serious fraud would make sure all the numbers would pass traditional audit).

old posts mentioning sox:
http://www.garlic.com/~lynn/2006h.html#33 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#58 Sarbanes-Oxley
http://www.garlic.com/~lynn/2006i.html#1 Sarbanes-Oxley
http://www.garlic.com/~lynn/2006j.html#28 Password Complexity
http://www.garlic.com/~lynn/2006o.html#35 the personal data theft pandemic continues
http://www.garlic.com/~lynn/2006u.html#22 AOS: The next big thing in data storage
http://www.garlic.com/~lynn/2007b.html#63 Is Silicon Valley strangeled by SOX?
http://www.garlic.com/~lynn/2007j.html#0 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007j.html#74 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#75 IBM Unionization
http://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
http://www.garlic.com/~lynn/2007r.html#61 The new urgency to fix online privacy
http://www.garlic.com/~lynn/2008.html#71 As Expected, Ford Falls From 2nd Place in U.S. Sales
http://www.garlic.com/~lynn/2008.html#78 As Expected, Ford Falls From 2nd Place in U.S. Sales
http://www.garlic.com/~lynn/2008g.html#17 Hannaford breach illustrates dangerous compliance mentality
http://www.garlic.com/~lynn/2008n.html#0 Blinkylights
http://www.garlic.com/~lynn/2008n.html#2 Blinkylights
http://www.garlic.com/~lynn/2008n.html#72 Why was Sarbanes-Oxley not good enough to sent alarms to the regulators about the situation arising today?
http://www.garlic.com/~lynn/2008n.html#74 Why can't we analyze the risks involved in mortgage-backed securities?
http://www.garlic.com/~lynn/2008n.html#80 Why did Sox not prevent this financal crises?
http://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
http://www.garlic.com/~lynn/2008o.html#38 The human plague
http://www.garlic.com/~lynn/2008o.html#68 Blinkenlights
http://www.garlic.com/~lynn/2008o.html#71 Why is sub-prime crisis of America called the sub-prime crisis?
http://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
http://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
http://www.garlic.com/~lynn/2008q.html#19 Collateralized debt obligations (CDOs)
http://www.garlic.com/~lynn/2008q.html#58 Obama, ACORN, subprimes (Re: Spiders)
http://www.garlic.com/~lynn/2008s.html#8 Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations
http://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
http://www.garlic.com/~lynn/2008s.html#20 Five great technological revolutions
http://www.garlic.com/~lynn/2008s.html#24 Garbage in, garbage out trampled by Moore's law
http://www.garlic.com/~lynn/2008s.html#28 Garbage in, garbage out trampled by Moore's law
http://www.garlic.com/~lynn/2008s.html#30 How reliable are the credit rating companies? Who is over seeing them?

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Crypto dongles to secure online transactions

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Date: Mon, 09 Nov 2009 22:01:06 -0500
Subject: Re: Crypto dongles to secure online transactions
MailingList: cryptograpy
On 11/08/2009 02:07 AM, John wrote:
At a meeting a few weeks ago I was talking to a guy from BITS, the e-commerce part of the Financial Services Roundtable, about the way that malware infected PCs break all banks' fancy multi-password logins since no matter how complex the login process, a botted PC can wait until you login, then send fake transactions during your legitimate session. This is apparently a big problem in Europe.

I told him about an approach to use a security dongle that puts the display and confirmation outside the range of the malware, and although I thought it was fairly obvious, he'd apparently never heard it before. When I said I'd been thinking about it for a while, he asked if I could write it up so we could discuss it further.

So before I send it off, if people have a moment could you look at it and tell me if I'm missing something egregiously obvious? Tnx.


deja vu 1999 .... this should be covered in enormous detail in the EU finread standards documents from the late 90s.

note that the EU finread standard from late 90s (over decade ago) was countermeasure to most every kind of PC compromise that you can think of. Basically it moved the end point out to independent hardware device with its own display and pin-pad. The transaction was still composed on the PC ... but had to be sent to the hardware finread device for approval/authentication. transaction to be approved/executed would be displayed on finread device for approval. It then required physical PIN entry to execute the approval process ... typically assumed to be a digital signature ... which was returned to the PC.

compromised PC could still do a denial of service ... but the independent finread device effectively moved the end-point from the PC out to the finread. the independent display & pin-pad ... was countermeasures to various kinds of exploits ... including

• keylogging ... trojan horse or other could execute transactions w/o users actual knowledge

• is the transaction that the user sees the actual transaction being executed

bad design might have used the finread for session authentication in lieu of separately authentication/approval for every transaction (which would allow trojans on compromised pcs to execute fraudulent transactions within the boundaries of the session.

infrastructure would still be vulnerable to various kinds of social engineering ... convincing end-user to execute valid transactions for the benefit of the attacker.

There was some conjecture (again more than decade ago) that if finread deployment eliminated all the other kinds of compromises ... that user education programs could purely concentrate on social engineering exploits (sort of like the stuff for little kids to have nothing to do with strangers).

EU finread program got caught up in the disastrous deployment of serial-port card acceptor device at the start of the decade (many versions had the appearance of card acceptor device with its own independent display and pin-pad ... slightly akin to small POS terminals that might appear at point-of-sale). The disastrous serial-port acceptor device deployment resulted in rapidly spreading opinion in the financial industry that smartcards and card readers weren't practical in the consumer market ... resulting in nearly all such programs quickly evaporating w/o hardly a trace.

As i've mentioned before ... it wasn't actually a problem with smartcards and/or card readers .... but with the serial-port interface. In the 1995 time-frame there were a number of presentations about moving the dial-up home banking programs to the internet ... in large part motivated by the significant customer support costs associated with supporting serial-port modems (one such bank program claimed to have a library of over 60 serial port modem software drivers to try and cover some reasonable set of their customers. Problems with the whole serial-port gorp was also big motivator behind development of USB.

In any case, i've commented before about the financial industry institutional knowledge and experience apparently rapidly evaporated between the migration of dial-up home banking (migration to the internet) and 2000. A partial/possible explanation might be that the vendor, knowing that everything was moving to USB, saw a really great chance to unload their stock of obsolete serial-port devices on a client that didn't really know what they were doing.

lots of past EU finread standard posts:
http://www.garlic.com/~lynn/subintegrity.html#finread

random trivia ... i was at an eu finread standard meeting in brussels not long before the whole thing with serial-port resulted in all such programs imploding (even those not using serial-port ... radiation from the event seemed to catch everything)

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

New postal bar code?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New postal bar code?
Newsgroups: alt.folklore.computers
Date: Mon, 09 Nov 2009 22:15:00 -0500
Dave Garland <dave.garland@wizinfo.com> writes:
So, does the "war on drugs" constitute a state of war, or just hot air? Are we in a war when we take out a Somali pirate? Of course not. How precisely do you distinguish between that and attacking Iraq? Between Iraq and 1941 Japan? All of these things had Congressional approval, but only the last had a declaration of war.

china's countermeasure to get their people off drugs that had been forced on them by the british ... just said anybody caught with drugs would be beheaded. Supposedly it cured the problem within two yrs ... with significantly less human death and misery than goes with the drug program in this country.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook'

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook'.
Newsgroups: alt.folklore.computers
Date: Mon, 09 Nov 2009 22:22:12 -0500
Morten Reistad <first@last.name> writes:
With the CIA and Saddam in the eighties it can be somewhat complicated to tell who was acting as agent for whom.

Has the CIA done ANYTHING right in terms of their policy analysis, ever?

Even yours truly could see fishy things happen before the USSR invaded Afgahnistan, the whole grapewine of the oil business knew bad stuff was going to happen in Iran just before the hostages were taken, we saw the Taliban danger around 1992, and read the Sudan interview with Osama BL with disbelief; and we were deeply alarmed by the assasination of Massoud two days before 9/11. Yet the CIA had their eyes wide shut.

Now Pakistan fights for its survival. If Pakistan falls, or is finlandised to Taliban, then very major trouble is unleashed.


i had german language teacher in college who talked about going on summer college trip in germany just before WW2 broke out. She claimed that it was obvious to "everybody" the date that hostilities would start and so they scheduled their return to US on ship sailing the day before.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

US retailers face $100bn in ID fraud losses a year - study

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: US retailers face $100bn in ID fraud losses a year - study
Date: 9 Nov, 2009
Blog: Financial Crime Risk, Fraud and Security
US retailers face $100bn in ID fraud losses a year - study
http://www.finextra.com/fullstory.asp?id=20717

from above:
US retailers rack up around $100 billion in identity fraud losses every year, absorbing nearly 10 times the cost incurred by financial institutions, according to a study from LexisNexis and Javelin Strategy & Research

... snip ...

this is over & above the fraud-proportional part of interchange fee.

part of the problem with eliminating this kind of fraud (for financial institutions) is that it would likely shift the crooks to kind of identity theft involved in opening new accounts .... as opposed to the "account fraud" form of identity theft (doing fraudulent transactions against existing accounts)

misc. recent posts mentioning account fraud
http://www.garlic.com/~lynn/2009g.html#57 LexisNexis says its data was used by fraudsters
http://www.garlic.com/~lynn/2009h.html#69 How practically risky is it to use unsecured IMAP
http://www.garlic.com/~lynn/2009j.html#13 PCI SSC Seeks Input on Security Standards
http://www.garlic.com/~lynn/2009k.html#77 Cyber attackers empty business accounts in minutes
http://www.garlic.com/~lynn/2009l.html#5 Internal fraud isn't new, but it's news
http://www.garlic.com/~lynn/2009n.html#37 Firms failing to treat card data security seriously
http://www.garlic.com/~lynn/2009n.html#71 Sophisticated cybercrooks cracking bank security efforts
http://www.garlic.com/~lynn/2009o.html#50 WSJ.com The Fallacy of Identity Theft
http://www.garlic.com/~lynn/2009p.html#17 U.K. lags in information security management practices
http://www.garlic.com/~lynn/2009p.html#27 FBI: National data-breach law would help fight cybercrime

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook'

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook'.
Newsgroups: alt.folklore.computers
Date: Tue, 10 Nov 2009 11:52:58 -0500
Peter Flass <Peter_Flass@Yahoo.com> writes:
Those people who did schedule their return then were happy to broadcast their foresight. Those who didn't, just kept quiet about it.

re:
http://www.garlic.com/~lynn/2009p.html#67 Opinions on the 'Unix Haters' Handbook

she actually had long explanation of supporting information that led them to concluding the date for onset of hostilities ... and for scheduling return on ship departing the day before (although i guess much of it involved having in-depth study of the country, events and culture).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

My War On SQL

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: My War On SQL
Date: 10 Nov, 2009
Blog: Financial Cryptography
My War On SQL
http://financialcryptography.com/mt/archives/001207.html

...

There was an article around mid-90s about how rdbms & sql set the computing business back (at least) 20 yrs.

disclaimer: i was in sjr in 70s & 80s as well as handling some of the technaology transfer to endicott for sql/ds ... misc. past post mentioning original rdbms/sql
http://www.garlic.com/~lynn/submain.html#systemr

this is old post about jan92 meeting in ellison's conference room ... one of the people mentioned claimed to have done much of the technology transfer from endicott back to stl for (mainframe) db2.
http://www.garlic.com/~lynn/95.html#13

as an aside, two other people also named at the same meeting ... later left and show up at small client/server startup responsible for something called commerce server (the startup had also invented this technology called "SSL" they wanted to use). We were brought to consult because they wanted us to do payment transactions ... the result is now frequently referred to as "electronic commerce"

during those early years of electronic commerce, RDBMS based webserver tended to have a significantly larger number of problems ... use of rdbms significantly increased the skill level and effort and the added complexity significantly increased the probability of mistakes, security vulnerabilities ... you name it ... it was always much worse.

i do some playing with sqlite3 because it is used by mozilla ... and i do a whole bunch of processing with firefox file (outside of firefox and backup information in various non-relational formats)

for the fun of it:

Developers: The NoSQL Ecosystem
http://developers.slashdot.org/story/09/11/09/2335214/The-NoSQL-Ecosystem

and

NoSQL Ecosystem
http://www.rackspacecloud.com/blog/2009/11/09/nosql-ecosystem/

for something completely different ... old post in comp.database.theory on 3value logic
http://www.garlic.com/~lynn/2003g.html# How to cope with missing values - NULLS?

now their is something over dispute between rdbms and xml database. original markup language, GML was invented at the science center in 1969 (precursor to sgml, html, xml, etc). GML (generalized markup language) actually stands for the first letters of last names of the inventors. science center was also responsible for early virtual machine systems (cp40, cp67, vm370 ... gml original ran on cms under cp67). misc. past posts mentioning science center
http://www.garlic.com/~lynn/subtopic.html#545tech

some number of people transferred from science center to sjr ... where the original rdbms/sql implementation went on under vm370 ("L" from gml did some amount of work on "blobs" in r-star time-frame).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Blast from the Past: 40 years of Multics, 1969-2009

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Blast from the Past: 40 years of Multics, 1969-2009
Newsgroups: alt.folklore.computers
Date: Tue, 10 Nov 2009 22:49:04 -0500
Blast from the Past: 40 years of Multics, 1969-2009
http://www.cio.com.au/article/325323/cio_blast_from_past_40_years_multics_1969-2009?fp=4&fpid=5

from above:

At MIT we had already built CTSS (The Compatible Time-Sharing System) as a demonstration system. It was out of this environment that Project Mac was formed at MIT with the vision of exploring and enhancing interactive computing.

... snip ...

some number of people from CTSS went to multics on the 5th flr of 545 tech sq. ... others went to the science center on 4th flr of 545 tech sq. ... misc. past posts mentioning sci center
http://www.garlic.com/~lynn/subtopic.html#545tech

multics web pages
http://www.multicians.org/multics.html

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Crypto dongles to secure online transactions

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Date: Wed, 11 Nov 2009 11:08:39 -0500
Subject: Re: Crypto dongles to secure online transactions
MailingList: cryptograpy
On 11/10/2009 09:44 AM, Jerry wrote:
Not that this should block the use of devices like the ZTIC! They're still much more secure than the alternatives. But it's important to keep in mind the vulnerabilities we engineer *into* systems at the same time we engineer others *out*.

re:
http://www.garlic.com/~lynn/2009p.html#65 Crypto dongles to secure online transactions

vulnerabilities tend to be proportional to complexity.

we had been asked in to consult with small client/server startup that wanted to do payment transactions on their server ... they had also invented this technology called "SSL" applied to the process. The result is frequently called "electronic commerce". The major use/purpose of that "SSL" in the world today is hiding the account number and other transaction details.

somewhat as a result, in the mid-90s we were invited to to participate in the x9a10 financial standard working group which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. Part of that was detailed threat&vulnerability studies of different payment methods and environments. One of the biggest problems was vulnerability of leaking account number ... since it was trivial for crooks to use it for originating fraudulent transactions ... and at the same time required by millions of business processes around the world. So part of the resulting standard was slightly tweaking the paradigm and eliminating the account number (and transaction details) as a vulnerability (which then also eliminates the major use of SSL in the world today).
http://www.garlic.com/~lynn/x959.html#x959

along the way, i also made semi-facetious comment that i would take a $500 milspec item and aggressively cost reduce it by 2-3 orders of magnitude while making it more secure. Part of the effort effectively worked out getting it close to the EPC RFID technology process (items targeted at replacing UPC barcodes on grocery items at a few cents or less) w/o reducing security.

Basically it is all silicon ... which not only reduces a lot of after-FAB vulnerabilities ... but also eliminates the costs of a lot of the post-FAB processing steps (as silicon cost goes to zero, post-FAB processing costs started to dominate).
http://www.garlic.com/~lynn/x959.html#aads

Along with it is the concept of security proportional to risk ... at the issuing authorization end of a transaction ... the security characteristics of the originating components can be evaluated ... in the case of the chip ... the security level of the chip can even be updated in real time as vulnerabilities are identified. This can help decide like a when a few cent item might be needed to be replaced for higher value transactions

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

The computer virus turns 26 today

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: The computer virus turns 26 today
Newsgroups: alt.folklore.computers
Date: Wed, 11 Nov 2009 15:02:03 -0500
from yesterday ...

The computer virus turns 26 today
http://www.techspot.com/news/36893-the-computer-virus-turns-26-today.html

except the x-mas thing was on bitnet almost exactly a year earlier. misc. past refs:
http://www.garlic.com/~lynn/2005b.html#20 [Lit.] Buffer overruns
http://www.garlic.com/~lynn/2006o.html#60 Greatest Software?
http://www.garlic.com/~lynn/2008.html#76 Rotary phones
http://www.garlic.com/~lynn/2008b.html#27 Re-hosting IMB-MAIN
http://www.garlic.com/~lynn/2008g.html#26 CA ESD files Options
http://www.garlic.com/~lynn/2008r.html#29 What if the computers went back to the '70s too?
http://www.garlic.com/~lynn/2009g.html#18 Top 10 Cybersecurity Threats for 2009, will they cause creation of highly-secure Corporate-wide Intranets?

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

The 50th Anniversary of the Legendary IBM 1401

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: The 50th Anniversary of the Legendary IBM 1401
Newsgroups: alt.folklore.computers
Date: Wed, 11 Nov 2009 15:49:17 -0500
The 50th Anniversary of the Legendary IBM 1401
http://www.computerhistory.org/events/index.php?id=1246917465

was last night at computer history museum.

i'd come in to the bay area for the first time in couple years (for conference in santa cruz over last weekend) and stayed around in monterey bay area. considered going last night, but couldn't quite get the motivation up for driving back over the hill last night for the event.

when i was undergraduate at the univ., they had a 709 with 1401 doing tape<->unit-record front-end (for the 709 which would just run tape-to-tape). in process of moving from 709 to 360/67 (anticipating running tss/360) ... the 1401 was replaced with 360/30. Although the 360/30 had 1401 hardware emulation mode ... i was hired to write a 360 assembler program performing the 709 front-end function. I got to design/implement my own monitor, storage management, interrupt handlers, device drivers, recovery, etc. I got to touch the 1401 a few times ... and ran the 1401 "MPIO" application on 360/30 quite a large number of times (in took me a couple months to get my 360 replacement working ... and verify it did the same thing that the original was doing)

recent posts mentioning the MPIO port effort:
http://www.garlic.com/~lynn/2009.html#18 Magnetic tape storage
http://www.garlic.com/~lynn/2009.html#19 Magnetic tape storage
http://www.garlic.com/~lynn/2009b.html#71 IBM tried to kill VM?
http://www.garlic.com/~lynn/2009d.html#55 1401's in high schools?
http://www.garlic.com/~lynn/2009e.html#67 Architectural Diversity
http://www.garlic.com/~lynn/2009f.html#19 greenbar
http://www.garlic.com/~lynn/2009h.html#12 IBM Mainframe: 50 Years of Big Iron Innovation
http://www.garlic.com/~lynn/2009h.html#41 Book on Poughkeepsie
http://www.garlic.com/~lynn/2009h.html#52 IBM 1401
http://www.garlic.com/~lynn/2009h.html#56 Punched Card Combinations
http://www.garlic.com/~lynn/2009m.html#38 33 Years In IT/Security/Audit

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

What's old is new again

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: What's old is new again
Date: 11 Nov, 2009
Blog: Financial Crime Risk, Fraud and Security
What's old is new again
http://www.scmagazineus.com/Whats-old-is-new-again/article/157251/

from above:
Today, criminals are using amped-up techniques to tap into a perpetual cycle of fraud and identity theft, reports Deb Radcliff. Back in computing's early days, security expert Winn Schwartau took a lot of flack for his warnings of a "digital Pearl Harbor," even as he lived out his predictions.

... snip ...

from yesterday in cryptography mailing list ... somebody had post about talking to somebody from BITS a couple weeks ago that the trojans & virus have gotten so sophisticated in the EU, that they are looking at introducing a new external device for doing financial transactions (effectively it is impossible for banking security software to deal with this level of sophisticated pc compromises).

all the compromises addressed and the techniques used to address them sounds right out of late 90s EU finread standard (although possibly taking advantage of ten yr newer hardware .... but the threat/vulnerability descriptions haven't changed and the countermeasure requirements haven't changed at all in the ten yrs).

deja vu 1999 response ...
http://www.garlic.com/~lynn/2009p.html#65 Crypto dongles to secure online transactions

past posts mentioning EU finread standard
http://www.garlic.com/~lynn/subintegrity.html#finread

more fun in the crypto mailing list:
http://www.garlic.com/~lynn/2009p.html#72 Crypto dongles to secure online transactions

somewhat related to above:

End-to-end encryption is the key to protecting data and reputations
http://news.zdnet.com/2100-9595_22-363861.html

from above:
PCI DSS is a set of requirements developed by the card issuers to safeguard cardholder data security throughout its lifecycle, while it is stored, processed or transmitted. Organizations that work with the card schemes are obliged to undergo annual verification of their compliance with PCI DSS each year by qualified assessors.

... snip ...

As mentioned in the crypto mailing list posts ... somewhat because of having done the work for "electronic commerce", in the mid-90s we were invited to participate in the x9a10 financial standard working group which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. Part of that effort looked at end-to-end (i.e. from point that the transaction originates to the consumer financial institution) threat & vulnerability studies of the various payment methods and environments.

Part of the issue was the conflicting requirements placed on the account number and other payment transaction data .... both needing to be kept confidential and at no point (in the infrastructure) divulged ... and at the same time required for standard business processing at millions of places around the world. Realizing that true end-to-end (from origination to consumer's financial institution) was impossible (i.e. account number and transaction details at no point are ever divulged) .... the resulting x9.59 financial transaction standard, instead, slightly tweaked the paradigm, eliminating (leaking or divulging) the account number and transaction details as vulnerability.
http://www.garlic.com/~lynn/x959.html#x959

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

The 50th Anniversary of the Legendary IBM 1401

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 50th Anniversary of the Legendary IBM 1401
Newsgroups: alt.folklore.computers
Date: Wed, 11 Nov 2009 17:40:45 -0500
"Joe Morris" <j.c.morris@verizon.net> writes:
I wonder if anyone ever counted the number of shops that wrote an app for the S/360 to do the functions of the 1401 IOUP to support the sysin/sysout tape processing for a 70x/70xx mainframe. Even with SHARE and the Type 4 program library there didn't seem to be any movement to share those programs.

At my PPOE we wrote a service program that ran in P0 under MFT on a /40, providing sysin, sysout, and utility (card-tape, tape-print, card-card, etc.) functions, all initiated from the console typewriter. One programmer wrote the supervisor for this, another wrote the sysin/sysout code, and I wrote the utility tool; the supervisor moved the programs into and out of memory as required and provided memory management and a round-robin scheduler...all in an 18K partition (later reduced to 16K when the nucleus of MFT version 14 grew by 2K), leaving a full 86K for batch processing.

It was for the sysout tool that I wrote the code to allow an application to read the console lever switches; they were used to pause or abort the output. And yes, there were people at other shops who tried to use it but who didn't note that it had to be configured for the particular model of S/360 being used; choose the wrong one and you've got a red-light hardstop.


re:
http://www.garlic.com/~lynn/2009p.html#74 The 50th Anniversary of the Legendary IBM 1401

lincoln labs wrote "LLMPS" which was a small 360 multi-tasking monitor supporting mostly unit record and tape functions (a little like souped up DEBE). It was a SHARE contribution ... and somewhere in boxes i've had the manual (I've also done some work with the authors since lincoln was also an early cp67 installation).

old post with bits from the (share library) llmps manual
http://www.garlic.com/~lynn/2000g.html#0 TSS ancient history, was X86 ultimate CISC? designs)

the folklore is that Univ of Mich started off with LLMPS as the core/basis for implementing MTS (michigan terminal system).

misc other past posts mentioning LLMPS:
http://www.garlic.com/~lynn/93.html#15 unit record & other controllers
http://www.garlic.com/~lynn/93.html#23 MTS & LLMPS?
http://www.garlic.com/~lynn/93.html#25 MTS & LLMPS?
http://www.garlic.com/~lynn/93.html#26 MTS & LLMPS?
http://www.garlic.com/~lynn/98.html#15 S/360 operating systems geneaology
http://www.garlic.com/~lynn/2000.html#89 Ux's good points.
http://www.garlic.com/~lynn/2001m.html#55 TSS/360
http://www.garlic.com/~lynn/2001n.html#45 Valid reference on lunar mission data being unreadable?
http://www.garlic.com/~lynn/2001n.html#89 TSS/360
http://www.garlic.com/~lynn/2002n.html#54 SHARE MVT Project anniversary
http://www.garlic.com/~lynn/2002n.html#64 PLX
http://www.garlic.com/~lynn/2003f.html#41 SLAC 370 Pascal compiler found
http://www.garlic.com/~lynn/2004d.html#31 someone looking to donate IBM magazines and stuff
http://www.garlic.com/~lynn/2004l.html#16 Xah Lee's Unixism
http://www.garlic.com/~lynn/2004o.html#20 RISCs too close to hardware?
http://www.garlic.com/~lynn/2005g.html#56 Software for IBM 360/30
http://www.garlic.com/~lynn/2006k.html#41 PDP-1
http://www.garlic.com/~lynn/2006m.html#42 Why Didn't The Cent Sign or the Exclamation Mark Print?
http://www.garlic.com/~lynn/2007t.html#54 new 40+ yr old, disruptive technology
http://www.garlic.com/~lynn/2007u.html#18 Folklore references to CP67 at Lincoln Labs
http://www.garlic.com/~lynn/2007u.html#23 T3 Sues IBM To Break its Mainframe Monopoly
http://www.garlic.com/~lynn/2007u.html#85 IBM Floating-point myths

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

The 50th Anniversary of the Legendary IBM 1401

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 50th Anniversary of the Legendary IBM 1401
Newsgroups: alt.folklore.computers
Date: Wed, 11 Nov 2009 18:57:11 -0500
re:
http://www.garlic.com/~lynn/2009p.html#74 The 50th Anniversary of the Legendary IBM 1401
http://www.garlic.com/~lynn/2009p.html#76 The 50th Anniversary of the Legendary IBM 1401

my program ended up about 2000 cards (almost exactly box of cards) with comments and "conditionals". I started out doing stand-alone version with all my own hardware support ... but then added conditionals that did version that ran under os/360 on the (64kbyte) 360/30. The "stand-alone" version took almost 30mins to assemble (under os/360) ... but the os/360 version took closer to an hour (elapsed time) to assemble.

the difference was that the os/360 version had five DCBs which would take nearly six minutes each to assemble (could tell from the 360/30 front panel lights when the assembler had hit the DCB macros ... had its own distinctive pattern).

in any case, because assembly took so long, i got proficient patching the assembled/"TXT" cards ... finding the card that corresponded to the code to be patched ... feeding it into card punch machine ... duplicating columns until got to the columns needing changing ... and then "multi-punching" the changes into the specific columns ... and then finishing duplicating the remainder of the card.

i got proficient at reading "hex" paper dumps ... recognizing instruction and data hex values ... but also got proficient reading hex punch card patterns ... being able to fan TXT deck looking for card with the hex (displacement) address containing fields/columns to be patched.

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

big iron mainframe vs. x86 servers

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 12 Nov 2009 14:30:32 -0500
Morten Reistad <first@last.name> writes:
This is the design choice I mentioned in the last posting; local, fast redundancy or remote, slower failover; or other continent, manual intervention restart.

I have worked for two organisations that has as a design requirement to survive a 20 kiloton blast anywhere in the infrastructure; without losing all connectivity elsewhere in the network. This led to analysis of power sourcing, optical interfaces with optical bridges, minimum physical separation distances (makes some protocols work harder because of the delay) etc.


re:
http://www.garlic.com/~lynn/2009p.html#38 big iron mainframe vs. x86 servers

same time as doing ha/cmp ... i was on XTP technical advisory board. There were some participants in XTP that had somewhat stringent requirements. An example was using XTP for command&control, integrated weapons systems, etc ... on large warships; assumption was that unless completely destroyed ... things would continue to operate (at some level of proficiency) even with repeated/lots of damage as well as potentially high radiation enviornment (something similar for warplanes). things way beyond single point of failure (supporting whatever level of redundancy available).

misc. past posts mentioning doing ibm's ha/cmp product
http://www.garlic.com/~lynn/subtopic.html#hacmp

a little ha/cmp x-over from recent posts in comp.arch
http://www.garlic.com/~lynn/2009p.html#55 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#56 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#57 MasPar compiler and simulator

llnl use to have webpages for xtp ... but seem to have gone 404 ...

some past posts that may mention xtp
http://www.garlic.com/~lynn/subnetwork.html#xtphsp

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

big iron mainframe vs. x86 servers

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: big iron mainframe vs. x86 servers
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 12 Nov 2009 15:23:53 -0500
re:
http://www.garlic.com/~lynn/2009p.html#38 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009p.html#78 big iron mainframe vs. x86 servers

oh ... and little earlier in hsdt project
http://www.garlic.com/~lynn/subnetwork.html#hsdt

we worked with company that did a lot of FEC work, reed-solomon & viterbi ... also had somebody on the project that had been one of reed's grad. students working on the technology (had earlier been undergrad at MIT and would claim one of his favorite courses was one he took from Anne's father)

one scenario would normally operate at 15/16s reed-solomon ... but on NAK (or time-out) send 1/2 rate viterbi ... in lieu of the original packet. in extremely hostile environment switch to sending 1/2 rate viterbi with the original (all of which would also have 15/16s reed-solomon)

misc. past posts mentioning viterbi
http://www.garlic.com/~lynn/93.html#28 Log Structured filesystems -- think twice
http://www.garlic.com/~lynn/99.html#210 AES cyphers leak information like sieves
http://www.garlic.com/~lynn/2001.html#1 4M pages are a bad idea (was Re: AMD 64bit Hammer CPU and VM)
http://www.garlic.com/~lynn/2001k.html#71 Encryption + Error Correction
http://www.garlic.com/~lynn/2002e.html#53 Mainframers: Take back the light (spotlight, that is)
http://www.garlic.com/~lynn/2002p.html#53 Free Desktop Cyber emulation on PC before Christmas
http://www.garlic.com/~lynn/2004f.html#37 Why doesn't Infiniband supports RDMA multicast
http://www.garlic.com/~lynn/2005n.html#27 Data communications over telegraph circuits
http://www.garlic.com/~lynn/2005r.html#52 Go-Back-N protocol?
http://www.garlic.com/~lynn/2007v.html#82 folklore indeed

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

IBM driving mainframe systems programmers into the ground

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM driving mainframe systems programmers into the ground
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 12 Nov 2009 19:35:49 -0500
ps2os2@YAHOO.COM (Ed Gould) writes:
Scott: I agree with you and other posters but I think I have some evidence that indicates IBM is essentially attempting to get rid of a lot of sysprogs. IIRC the year was 1995 (6? it was early in the SERVPAC years). I was attending an IBM class for SERVPAC's in the IBM Chicago education center. One of the 2-3 instructors was talking and giving the outline of how SERVPAC's work. After his talk he made a statement that SERVPAC was the attempt of IBM to either eliminate or minimize the systems programmer. I was surprised but it dawned on me that a *LOT* (perhaps 20 percent of the class) consisted of application type programmers(!!).As the class dragged on it was clear that the people that were asking the questions did not have a clue as what SYS1.LINKLIB (and other types of system data sets were). The class was getting hopeless bogged down as 20 percent of the class kept asking less that typical questions to the point of almost not knowing what MVS was and how it

early 80s saw a big explosion in mid-range market ... huge numbers of vm/43xx and huge numbers of vax/vms. there was some SHARE study that while vm/43xx had edge in price/performance and other issues ... vax/vms supposedly had significant advantage in staff hrs & skill level .... that skill level & amount of effort for vm/370 (still significantly less than mvs) was market inhibitor (& competitive issue vis-a-vis vax/vms).

there had actually been a proposal for the 43xx percusor (138/148) to effectively make vm370 appear as part of the hardware (somewhat analogous to current day LPAR support) ... but it was vetoed by corporate hdqtrs ... since corporate was going thru one of those phases to kill off vm370 completely. of course this was just following the future system project being canceled and their was mad rush to repopulate 370 product pipeline ... XA & MVS/XA was going to take yrs yrs starting from scratch ... in fact MVS/XA had successfully made the argument to corporate that it was necessary to shutdown the vm370 development group and move all the people to POK in order to be able to make MVS/XA first-customer-ship schedule.

Endicott eventually managed to save the vm370 product mission ... but they effectively had to recreate the vm370 product group from scratch.

In any case, starting in the mid-80s ... hardware and operating systems were starting to become commodities ... and apps & data were starting to leak off the mainframe ... and MVS ... which had viewed the enormous staff & skill level for support ... as a positive attribute ... was starting to view it as a non-competitive cost-of-ownership issue.

at the time, i bucked quite a bit of the conventional corporate wisdom ... by pointing out that hardware and operating systems were becoming commoditized (and what happens to profit margins as that happens).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

IBM driving mainframe systems programmers into the ground

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM driving mainframe systems programmers into the ground
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 13 Nov 2009 12:50:55 -0500
jchase@USSCO.COM (Chase, John) writes:
It's not (only) IBM "pushing down the pay scales".

Like it or not, we live in a global economy, and "our" segment of that global economy is such that anybody can do any of the work we do from anywhere on the planet. As the initiators of the technological "wave", we in the US have been riding the crest of that "wave" for a generation or longer. Now that "wave" is beginning to "normalize" around the globe, such that those in the "trough" are now rising and those on the "crest" (us) are falling. Expect that trend to continue until the "crest" and "trough" have leveled out.


re:
http://www.garlic.com/~lynn/2009p.html#80 IBM driving mainframe systems programmers into the ground

also, the corollary to "telecommuting" ... is "distance insensitive"

i've been blamed for online computer conferencing on the internal network in the late 70s and early 80s. misc. past posts mentioning internal network (larger arpanet/internet from just about the beginning until possible late '85 or early '86)
http://www.garlic.com/~lynn/subnetwork.html#internalnet

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

What would be a truly relational operating system ?

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What would be a truly relational operating system ?
Newsgroups: comp.databases.theory
Date: Fri, 13 Nov 2009 18:39:03 -0500
paul c <toledobythesea@oohay.ac> writes:
I remember reading an Datamation interview of Gene Amdahl, long ago, must have been in the 1970's because that magazine was one of the few trade mags then. I still remember it because he was waxing on about his 1950's designs and what came to be called complex instruction sets. He was regretting that there was little industry enthusiasm for even more complex instructions, I got the impression that he had felt he was barely scratching the surface with ones such as 'edit and mark' or 'translate and test'. If I had to pick just one target for applying complex instructions, that would be something like the D&D A-algebra. (This wouldn't prevent parallelism under the covers.) Unlike most of us Gene Amdahl is able to visualize approaches that are contrary to what's already been built.

clone controllers were supposedly primary motivation for future system project ... an extrodinary complex machine with complex instructions. future system was targeted at completely replacing 360/370 and as different from 360 as 360 had been different from prior computer generations. future system was canceled w/o ever being announced ... some past posts
http://www.garlic.com/~lynn/submain.html#futuresys

Amdahl gave a talk in large MIT auditorium in the early 70s about leaving ibm and starting his own clone processor company. he was asked what justification he used with investors regarding his company. he replied that that ibm mainframe customers had already invested $200B in developing mainframe software ... and even if ibm were to completely walk away from 360 (which might be construed as veiled reference to future system project), that would be enough software to keep him in business through the end of the century.

it has been claimed that the pre-occupation with future system (going to completely replacing 360/370) allowed the 370 product pipeline to go dray. with the demise of the future system effort, there was mad rush to get products back into the 370 hardware and software pipeline. However, the lack of 370 products is claimed to have contributed to allowing clone processors (like amdahl's) to gain a foothold in the market.

I've also claimed that big motivation for John doing 801/risc was to go in the opposite extreme from what was going on with future system. lots of past posts mentioning 801, risc, iliad, romp, rios, power, power/pc, etc
http://www.garlic.com/~lynn/subtopic.html#801

this is old email mentioning the mip lisp machine group trying to get 801/risc chips
http://www.garlic.com/~lynn/2003e.html#email790711

for other drift ... this talks about shootout between QBE & system/r
http://www.mcjones.org/System_R/SQL_Reunion_95/sqlr95-Shoot-ou.html

original relational/sql was done on vm370 ... and compare&swap was part of the 370 instruction set. The discussion regarding compare&swap (in the above) strayed a bit (& got the details wrong).

charlie had invented compare&swap instruction doing parallel, fine-grain multiprocessor locking work on cp67 (360/67 virtual machine precursor to vm370) at the science center ... misc. past posts mentioning the science center (note compare&swap name was chosen because CAS are charlie's initials)
http://www.garlic.com/~lynn/subtopic.html#545tech

initial attempts to get compare&swap into 370 architecture were rebuffed. the favorite son operating system claiming that test&set instruction was more than adequate for multiprocessor operation. the challenge was that to get compare&swap instruction into 370 architecture, a non-multiprocessor specific use needed to be created. Thus was born the example use for application use ... still included in current principles of operation.
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/A.6?DT=20040504121320

since then many hardware architectures have implemented comapre&swap (or very similar instructions) and have been widely adapted by multithreaded applications (including most DBMS implementations) ... regardless of whether running in single processor or multiprocessor environment. misc past posts mentioning multiprocessor work and/or compare&swap instruction
http://www.garlic.com/~lynn/subtopic.html#smp

misc. past posts mentioning original relational/sql implementation
http://www.garlic.com/~lynn/submain.html#systemr

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

What would be a truly relational operating system ?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What would be a truly relational operating system ?
Newsgroups: comp.databases.theory
Date: Fri, 13 Nov 2009 19:48:26 -0500
paul c <toledobythesea@oohay.ac> writes:
Thanks, very interesting. Regarding C&S, I don't know that that has anything to do with database logic per se, rather it's for serialization in general. Regarding VM/CMS I used to know a guy who did a lot of work on the sql/ds optimizer. I remember him scoffing in the early 1990's as various improvements to the DB2 optimizer came out: "ha, sql/ds had that five years ago!"

re:
http://www.garlic.com/~lynn/2009p.html#82 What would be a truly relational operating system ?

i handled some amount of the tech transfer from sjr (system/r) to endicott for sql/ds

one of the people listed as being at jan92 meeting in ellison's conference room ... mentioned here
http://www.garlic.com/~lynn/95.html#13

claimed to have handled the tech transfer from endicott back to STL for (mainframe) DB2. There are two different DB2s ... the original mainframe DB2 and the one running on other platforms. this is thread discussing some recent news item about the non-mainframe DB2
http://www.garlic.com/~lynn/2009p.html#43 From The Annals of Release No Sfotware Before Its Time
http://www.garlic.com/~lynn/2009p.html#46 From The Annals of Release No Sfotware Before Its Time

the non-mainframe DB2 started out as RDBMS for OS2 ... it took quite a bit of work to get much further than that.
http://www.garlic.com/~lynn/2009p.html#35 DB2 announces technology that trumps Oracle RAC and Exadata

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Anyone going to Supercomputers '09 in Portland?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Anyone going to Supercomputers '09 in Portland?
Newsgroups: comp.arch
Date: Sat, 14 Nov 2009 12:42:48 -0500
"Del Cecchi" <delcecchiofthenorth@gmail.com> writes:
That is because watson research had the only news server in the company for a long time and you had to jump through hoops to get through the firewall as well if you weren't in research division. But if you did you could post. And nobody ever said anything to me about it. Besides IBM had an internal system of forums that pretty much filled the needs of the internal folks, "in the divisions" as the phrase went. Dave Chess was the guy for those as I recall. del

one of the virtual machine based commercial time-sharing service bureaus (tymshare) had developed online computer conferencing ... and made a "VMSHARE" service free to the SHARE (ibm user group) organization in Aug76 (predating usenet). archives:
http://vm.marist.edu/~vmshare/

I got to dialin/access directly ... some old photos of one of my home offices (over the years), cdi minitterm, fiche viewer, corporate phone (at home)
http://www.garlic.com/~lynn/lhwemail.html#oldpict

a lot of this was easy in the bay area ... sjr, disk division, stl (database and language development), pa science center, consolidate us hone datacenter, lots of customers, tymshare, monthly user group meetings at SLAC. I was allowed to visit and/or help at around the area. Periodically there was joke about four shift workweek, 1st shift in sjr, 2nd shift getting to play disk engineer in bldgs 14&15, 3rd shift in stl, and 4th shift/weekends at hone.

I also made a deal with tymshare to get monthly tape dump of all files. I put them up on sjr vm system and HONE system ... and also offered other locations on the internal network the monthly updates. in the process of deploying other places internally ... somebody asked me what made me think that I could convince HONE to host a copy of the VMSHARE files (HONE was world-wide sales & marketing support applications hosts on virtual machine systems ... originally cp67 and then migrated to vm370). I reminded them that one of my hobbies for nearly the whole time HONE had been in existance was building and supporting highly enhanced virtual machine systems for hone (in the early days of propagating hone clones around the world ... i even did some of the installas personally). misc. past posts mentioning hone
http://www.garlic.com/~lynn/subtopic.html#hone

the bigger problem i had was dealing with lawyers who raised issues like if allowing internal corporate employees to read what customers were writing, might corrupt the employees.

i also got blamed for computer conferencing on the internal network during this period. corporate hdqtrs eventually did investigation and somewhat outcome of that was TOOLSRUN EXEC and officially sanctioned computer conferencing (with moderators that would terminate unauthorized discussions). site could set up toolsrun and host specific discussion groups. ytk setup early IBMVM (& VMTOOLS) and then later IBMPC (& pctools). it was possible for individuals to subscribe to toolsrun ... effectively mailing list (listserv-like) mode. it was also possible for other sites to setup toolsrun and operate their own discussion groups. it was also possible to configure toolsrun for distributed operation (i.e. much more like usenet with local copies). (at least) endicott set up VMPERF (for vm performance) and raleigh setup IBMCOMM (communication). The "high-speed" (56kbit) networking discussion announcement mentioned in this recent post
http://www.garlic.com/~lynn/2009p.html#59 MasPar compiler and simulator

was IBMCOMM.

listserv (mailing list subset of toolsrun)
The History of LISTSERV
was later done on bitnet(/earn)
http://www.garlic.com/~lynn/subnetwork.html#bitnet

sjr did put in the original corporate gateway to csnet ... announcement
http://www.garlic.com/~lynn/internet.htm#email821022
in this post
http://www.garlic.com/~lynn/internet.htm#0

later awd (workstation divison) in austin had its own usenet feed.

after leaving in '92, i did a gig for a usenet satellite feed, writing drivers for their modem ... for windows, dos, and a couple unixes ... and co-authored article that appeared in boardwatch (BBS) magazine ... so got a "free" (full) usenet satellite feed to my house (downlink only ... when i posted, i had to do have telephone connection).

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Anyone going to Supercomputers '09 in Portland?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Anyone going to Supercomputers '09 in Portland?
Newsgroups: comp.arch
Date: Sun, 15 Nov 2009 11:16:02 -0500
"Del Cecchi" <delcecchiofthenorth@gmail.com> writes:
As I recall, most of the toolsrun thing was master slave, with a master usually in YKT and the shadows (slaves) remote, along with references to the scifi "7 princes in amber" or something like that. Reading was done from the local shadow. posting went to the master and was reflected back to the shadow.

re:
http://www.garlic.com/~lynn/2009p.html#84 Anyone going to Supercomputers '09 in Portland?
http://www.garlic.com/~lynn/2009p.html#85 Anyone going to Supercomputers '09 in Portland?

fiber optic technology had been knocking around in POK since late 70s. one of the austin engineers took the technology, tweaked it, much cheaper drivers ... and it was part of the RS6000 product as "SLA" (serial link adaptor ... similar, faster, cheaper, but incompatible with the POK mainframe ESCON).

chips were done by rochester. in an attempt to get SLA more acceptable, we talked a router vendor into adding SLA support. Then we had to talk Rochester into supplying the chips to the outside vendor. Rochester would do an inter-plant "transfer" the chips to Austin ... at 300% markup ... and then Austin would "transfer" the chips to the vendor at 300% markup ... total 900% markup ... for a vendor that was doing us a favor.

I had been doing various stuff on & off over the yrs with LLNL ... which were driving force behind FCS standard. When the SLA engineer wanted to start work on an 800-mbit version ... spent something like six months convincing him to participate in FCS instead. He eventually did and became the "owner" (secretary) of the FCS standards document.

Rochester and POK also started to participate in FCS standards (POK channel engineers working hard on layering a half-duplex protocol on top of the basic full-duplex FCS operation ... current FICON). There was a standards FCS discussion list (fiber-channel-ext@think.com) ... but Rochester also hosted an internal toolsrun discussion list (dfcforum@rfcvmv) .. which included forwarding the fiber-channel-ext@think.com traffic (as well as some other items like the hippi discussion, hippi-ext@think.com).

misc. other stuff found its way on to dfcforum ... from long ago and far away
MARKETPLACE NEWS

1. HP signed a letter of intent to buy Texas Instrument's multiuser computer business with the intent to gain commercial market share for its HP 9000 Series 800 computers. HP will encourage users to migrate from the 125,000 installed TI machines to the 800 Series servers. HP also acquired a well-developed reseller and integration channel with an intimate knowledge of the TI user base. Source: Systems & Network Integration Date: June 29, 1992

2. Stratus also announced that they would use HP's PA-RISC architecture in future systems to be developed. Their director of systems products explained that this was done after careful consideration of several vendors architectures that would be available in the 1994-1995 timeframe. This is something of a coup for HP considering that 18% of the Stratus 1991 revenue of $448 million was sold by IBM's reselling of Stratus fault tolerent systems. As part of this deal, Sratus will also port Unix 5.4 to the HP-RISC architecture. Source: Systems & Network Integration Date: June 29, 1992

3. IBM will enhance its RS/6000 clusters this year by providing optical channels between systems. Ancor Communications will provide the optical communications between machines that can be located up to 2 kilometers apart. Phil Hester, AWD Vice President, said that this technology will be Beta tested by year's end. "Loosely-coupled RS/6000s have the ability to scale well beyond the power of ES9000 mainframes" said Stu Skomra, vice president of marketing at ILAN Inc., a network integrator that uses RS/6000s, "but the downside to this is that there is no single system image for systems administration." IBM has yet to detail a strategy that allows clusters to be managed administratively by a single image. Source: System & Network Integration Date: June 29, 1992 Page: 12

4. Solaris 2.0 is experiencing performance impacts of 10-12% below that achieved by Version 1.0 because of all of the code put in it to support things such as multiprocessing according to users that have tested the new software. Although 2.0 will not officially ship until December of this year, the performance problems are a major issue with integrators that are trying to use the software. "Performance has been Sun's Achilles' heel" said Ira Cohen, president of Copley Systems Corp., a network integrator. Solaris 2.0 is a 32-bit Unix Operating System designed to support multiprocessing and have hooks for OSF's Distributed Computing Environment. Source: System & Network Integration Date: June 29, 1992 Page: 1


... snip ...

somewhat related topic drift ... recent mention of single-system-image, and rs/6000 clusters
http://www.garlic.com/~lynn/2009p.html#43 From The Annals of Release No Software Before Its Time
http://www.garlic.com/~lynn/2009p.html#46 From The Annals of Release No Software Before Its Time

and somewhat related ...
http://www.garlic.com/~lynn/2009p.html#55 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#56 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#57 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#58 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#59 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009p.html#60 MasPar compiler and simulator

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Opinions on the 'Unix Haters' Handbook

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Opinions on the 'Unix Haters' Handbook
Newsgroups: alt.folklore.computers
Date: Sun, 15 Nov 2009 12:35:11 -0500
greymausg writes:
Was woken out of sleep one night years ago by a friend that had to pay a debt to a government entity before 12midnight, and needed cash, so I and a few other got enough together to get him off the hook.

CSPAN currently broadcasting program carrying testimony of david walker (former comptroller general that i've frequently had opportunity to quote in the past).

big part of testimony is the gov. debt and the couple foreign countries that are buying our debt and supporting the country's profligate ways .. are getting tired. Something about "tipping" point that could spiral downwards out-of-control ... and these other foreign countries can contribute to how soon that tipping point arrives (having gotten tired of getting together and keeping us off the hook).

it almost as if the "robber baron" era from 100 yrs ago is repeating itself, various legislation and other contributing factors, temporarily put it it off for a century ... but legislation from at least a decade ago (although seeds have been there for some time) ... it will repeat ... but with significantly worse results.

past posts mentioning comptroller general
http://www.garlic.com/~lynn/2006f.html#41 The Pankian Metaphor
http://www.garlic.com/~lynn/2006f.html#44 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#9 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#14 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#27 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#2 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#3 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#4 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#17 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#19 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#33 The Pankian Metaphor
http://www.garlic.com/~lynn/2006o.html#61 Health Care
http://www.garlic.com/~lynn/2006p.html#17 Health Care
http://www.garlic.com/~lynn/2006r.html#0 Cray-1 Anniversary Event - September 21st
http://www.garlic.com/~lynn/2006t.html#26 Universal constants
http://www.garlic.com/~lynn/2007j.html#20 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#91 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#19 Another "migration" from the mainframe
http://www.garlic.com/~lynn/2007o.html#74 Horrid thought about Politics, President Bush, and Democrats
http://www.garlic.com/~lynn/2007p.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying
http://www.garlic.com/~lynn/2007s.html#1 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#13 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#14 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#15 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#24 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#25 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#33 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#35 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007v.html#26 2007 Year in Review on Mainframes - Interesting
http://www.garlic.com/~lynn/2008.html#57 Computer Science Education: Where Are the Software Engineers of Tomorrow?
http://www.garlic.com/~lynn/2008d.html#40 Computer Science Education: Where Are the Software Engineers of Tomorrow?
http://www.garlic.com/~lynn/2008e.html#50 fraying infrastructure
http://www.garlic.com/~lynn/2008f.html#86 Banks failing to manage IT risk - study
http://www.garlic.com/~lynn/2008g.html#1 The Workplace War for Age and Talent
http://www.garlic.com/~lynn/2008h.html#3 America's Prophet of Fiscal Doom
http://www.garlic.com/~lynn/2008h.html#26 The Return of Ada
http://www.garlic.com/~lynn/2008i.html#98 dollar coins
http://www.garlic.com/~lynn/2008n.html#8 Taxcuts
http://www.garlic.com/~lynn/2008n.html#9 Taxcuts
http://www.garlic.com/~lynn/2008n.html#17 Michigan industry
http://www.garlic.com/~lynn/2009f.html#20 What is the real basis for business mess we are facing today?
http://www.garlic.com/~lynn/2009n.html#55 Hexadecimal Kid - articles from Computerworld wanted

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

IBM driving mainframe systems programmers into the ground

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM driving mainframe systems programmers into the ground
Newsgroups: bit.listserv.ibm-main
Date: Sun, 15 Nov 2009 15:01:11 -0500
zoswork@GMAIL.COM (P S) writes:
That's assuming that this "lying" violates the law...not necessarily the case (though one can hope).

re:
http://www.garlic.com/~lynn/2009p.html#80 IBM driving mainframe systems programmers into the ground
http://www.garlic.com/~lynn/2009p.html#81 IBM driving mainframe systems programmers into the ground

post from today .. CSPAN broadcast of David Walker's (recent fed. comptroller general) congressional testimony ... post mentions some possible parallels with the "robber baron" period from 100yrs ago (I've vague recollections doing book report on book by that title in junior high, 50 some yrs ago ... just checked search engine, written in 1934):
http://www.garlic.com/~lynn/2009p.html#86

and recent posts about being (repeatedly) reminded that "business ethics" is an "oxymoron" (some from linkedin "greater ibm" discussions):
http://www.garlic.com/~lynn/2009.html#53 CROOKS and NANNIES: what would Boyd do?
http://www.garlic.com/~lynn/2009e.html#37 How do you see ethics playing a role in your organizations current or past?
http://www.garlic.com/~lynn/2009o.html#36 U.S. students behind in math, science, analysis says
http://www.garlic.com/~lynn/2009o.html#37 Young Developers Get Old Mainframers' Jobs
http://www.garlic.com/~lynn/2009o.html#52 Revisiting CHARACTER and BUSINESS ETHICS
http://www.garlic.com/~lynn/2009o.html#57 U.S. begins inquiry of IBM in mainframe market

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970

Kaminsky Bug Options Include "Do Nothing," Says IETF

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Kaminsky Bug Options Include "Do Nothing," Says IETF
Date: 15 Nov, 2009
Blog: Information Security Network
Kaminsky Bug Options Include "Do Nothing," Says IETF
http://tech.slashdot.org/story/08/11/20/2130236/Kaminsky-Bug-Options-Include-Do-Nothing-Says-IETF?art_pos=4

from above:
IETF community is debating whether to aggressively fashion and apply fixes for the so-called Kaminsky bug in the DNS discovered this summer, or to simply let its threat stand as motivation for all to move with greater speed toward DNSSEC,

... snip ...

misc. past posts discussing DNSSEC could be a catch-22 for the Certification Authority (digital certificate) industry
http://www.garlic.com/~lynn/subpubkey.html#catch22

i.e. big part of original SSL digital certificates were countermeasure to various deficiencies in the domain name infrastructure ... fixing deficiencies eliminates some motivation for the certificates. misc. past posts about SSL digital certificates (& being asked in to consult with small client/server startup that wanted to do payment transactions on their servers ... and had invented this technology called "SSL")
http://www.garlic.com/~lynn/subpubkey.html#sslcerts

i.e. above is year old Slashdot article from nov2008 ... and from today

DNS Problem Linked To DDOS Attacks Gets Worse
http://tech.slashdot.org/story/09/11/15/1238210/DNS-Problem-Linked-To-DDoS-Attacks-Gets-Worse

and some more:

DNS Problem Linked to DDoS Attacks Gets Worse
http://www.pcworld.com/businesscenter/article/182168/dns_problem_linked_to_ddos_attacks_gets_worse.html
DNS problem linked to DDoS attacks gets worse
http://www.computerworld.com/s/article/9140839/DNS_problem_linked_to_DDoS_attacks_gets_worse
DNS problem linked to DDoS attacks gets worse
http://www.networkworld.com/news/2009/120309-google-launches-free-public.html
Consumer modems are worsening DNS problem linked to DDoS attacks
http://www.infoworld.com/d/security-central/consumer-modems-are-worsening-dns-problem-linked-ddos-attacks-420

--
40+yrs virtualization experience (since Jan68), online at home since Mar1970




previous, next, index - home