List of Archived Posts

2010 Newsgroup Postings (03/11 - 03/28)

Entry point for a Mainframe?
More calumny: "Secret Service Uses 1980s Mainframe"
Entry point for a Mainframe?
Why is Kerberos ever used, rather than modern public key cryptography?
LPARs: More or Less?
search engine history, was Happy DEC-10 Day
Online Banking & Password Theft
What was the historical price of a P/390?
What was the historical price of a P/390?
Entry point for a Mainframe?
What was the historical price of a P/390?
IBM And Microsoft Clash Over Unbundling Policy
Real CPU Id
What was the historical price of a P/390?
What was the historical price of a P/390?
LPARs: More or Less?
What was the historical price of a P/390?
history of RPG and other languages, was search engine history
What was the historical price of a P/390?
Should the USA Implement EMV?
Would you fight?
The 2010 Census
history of RPG and other languages, was search engine history
history of RPG and other languages, was search engine history
Would you fight?
Should the USA Implement EMV?
Should the USA Implement EMV?
Should the USA Implement EMV?
floating point, was history of RPG, Fortran
Cyberattacks raise e-banking security fears
Should the USA Implement EMV?
Terse for PC
history of RPG and other languages, was search engine history
The 2010 Census
The 2010 Census
The 2010 Census
The 2010 Census
The 2010 Census
F.B.I. Faces New Setback in Computer Overhaul
The 2010 Census
F.B.I. Faces New Setback in Computer Overhaul
Should the USA Implement EMV?
the very slow 1130, was history of RPG and other languages
F.B.I. Faces New Setback in Computer Overhaul
Can't PIN be mandated in normal POS machines ? to avoid Losses / Frauds / NPA's ?
not even sort of about The 2010 Census
not even sort of about The 2010 Census
Nonlinear systems and nonlocal supercomputing
Nonlinear systems and nonlocal supercomputing
Nonlinear systems and nonlocal supercomputing
Handling multicore CPUs; what the competition is thinking
The 2010 Census
Handling multicore CPUs; what the competition is thinking
F.B.I. Faces New Setback in Computer Overhaul
The 2010 Census
Handling multicore CPUs; what the competition is thinking
Handling multicore CPUs; what the competition is thinking
Handling multicore CPUs; what the competition is thinking
Handling multicore CPUs; what the competition is thinking
More calumny: "Secret Service Uses 1980s Mainframe"
Handling multicore CPUs; what the competition is thinking
Handling multicore CPUs; what the competition is thinking
The 2010 Census
Handling multicore CPUs; what the competition is thinking
Handling multicore CPUs; what the competition is thinking
Mainframe Executive article on the death of tape
asymmetric multiprocessing
The 2010 Census
But... that's *impossible*
The 2010 Census
Handling multicore CPUs; what the competition is thinking
Law Enforcement Appliance Subverts SSL
Subpools - specifically 241
Handling multicore CPUs; what the competition is thinking
Is Security a Curse for the Cloud Computing Industry?
Is Security a Curse for the Cloud Computing Industry?
The 2010 Census
Notes on two presentations by Gordon Bell ca. 1998
Notes on two presentations by Gordon Bell ca. 1998
The 2010 Census
Law Enforcement Appliance Subverts SSL
The 2010 Census
Notes on two presentations by Gordon Bell ca. 1998
Notes on two presentations by Gordon Bell ca. 1998
The 2010 Census
16:32 far pointers in OpenWatcom C/C++
The 2010 Census
The 2010 Census
"Son of 1036": News Article Format and Transmission
16:32 far pointers in OpenWatcom C/C++
16:32 far pointers in OpenWatcom C/C++
16:32 far pointers in OpenWatcom C/C++
Why do most websites use HTTPS only while logging you in...and not for the entire session?

Entry point for a Mainframe?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Entry point for a Mainframe?
Newsgroups: alt.folklore.computers
Date: Thu, 11 Mar 2010 16:00:05 -0500
Joe Pfeiffer <pfeiffer@cs.nmsu.edu> writes:
There were a number of semi-smart terminals on the market which were very definitely designed with the idea of being used for forms processing. Protected fields, batch transfer of data....

re:
http://www.garlic.com/~lynn/2010e.html#80 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#81 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#83 Entry point for a Mainframe?

there was battle about introduction of 3274/3278 regressed the interactive computing human factors compared to earlier 3272/3277; eventually the official response was that 3274/3278 was designed for "data entry" ... not interactive computing ... aka the stuff that had earlier been done transcribing various things to punch cards.

recent past posts mentioning 3274/3278
http://www.garlic.com/~lynn/2010b.html#31 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010b.html#48 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010c.html#24 Processes' memory
http://www.garlic.com/~lynn/2010d.html#36 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#41 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#44 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#72 LPARs: More or Less?

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

More calumny: "Secret Service Uses 1980s Mainframe"

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: More calumny: "Secret Service Uses 1980s Mainframe"
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Thu, 11 Mar 2010 17:38:10 -0500
Tim Shoppa <shoppa@trailing-edge.com> writes:
Old 3270's can't print, and can't send E-mail, so no problem. (Actually I think the 3270 family did include 3276's which could have printers plugged in, right?)

re:
http://www.garlic.com/~lynn/2010e.html#37 More calumny: "Secret Service Uses 1980s Mainframe"
http://www.garlic.com/~lynn/2010e.html#59 More calumny: "Secret Service Uses 1980s Mainframe"
http://www.garlic.com/~lynn/2010e.html#63 More calumny: "Secret Service Uses 1980s Mainframe"

by the mid-80s, 3270s were PCs with terminal emulation ... print screen, screen scraping, all sorts of terminal emulation functions, etc.

the scenario sort of works in the 70s during FS period ... where internal security operations attempted to control FS architecture & specification documents with security enhanced vm370 and only being able to read on "real" 3270s.
http://www.garlic.com/~lynn/submain.html#futuresys

recent post mentioning being challenged with even if "I" was left alone in the machine room, even "I" wouldn't be able access the documents. One of the few times I took the bait ... took less than five minutes (most of the time involved isolating the machine from outside access since when I flipped a specific bit in storage ... all access security was compromised).
http://www.garlic.com/~lynn/2010e.html#6 Need tool to zap core

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Entry point for a Mainframe?

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Entry point for a Mainframe?
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Fri, 12 Mar 2010 13:55:24 -0500
Anne & Lynn Wheeler <lynn@garlic.com> writes:
the 3725 pieces of the numbers came from official corporate HONE configurator (sales & marketing use for selling to customers) ... part of the presentation to fall '86 SNA architecture review board meeting in Raleigh
http://www.garlic.com/~lynn/99.html#67 System/1 ?

part of spring '86 common presentation on pu4/pu5 support in series/1
http://www.garlic.com/~lynn/99.html#70 Series/1 as NCP (was: Re: System/1 ?)


re:
http://www.garlic.com/~lynn/2010e.html#80 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#81 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#83 Entry point for a Mainframe?

Comparison with 3725NCP System:


• Higher availability
• More reliable
• More function
• Improved Useability
• Non-IBM Host Support
• Much better connectivity
• Much better performance
• Fewer components
• Easier to tune
• Easier to tailor
• Easier to manage
• Less expensive

... snip ...

SNA RUs were encapsulated and carried within real networking traffic. Part of the ease of implementing all of the above ... was whole infrastructure was real networking ... only dropping down to SNA emulation at boundary interfaces when necessary.

One of the internal parties that was really interested was IMS hot-standby. Some of the IMS hot-standby configurations with tens of thousands of terminals, was clocking at over 90minuts (sometimes a lot more) to re-establish all the sessions in fall-over scenario. IMS hot-standby wanted slight tweak to the "high availability" sessions (aka network session information was replicated within the distributed network) where "shadow" SNA sessions were created with the VTAM on the fall-over processor(s) ... instead of taking potentially hrs to get everything back up and running ... the (SNA/VTAM) session fall-over was as fast as the IMS hot-standby fall-over (all being spoofed by having a real non-SNA networking environment to do it from).

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Why is Kerberos ever used, rather than modern public key cryptography?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Why is Kerberos ever used, rather than modern public key cryptography?
Newsgroups: sci.crypt
Date: Fri, 12 Mar 2010 14:33:20 -0500
Jim Haynes <jhaynes@alumni.uark.edu> writes:
Either way you have to have an entity you can trust, either the Kerberos server or the server that gives out the public keys. Kerberos was developed and was free back when public key was still encumbered by patents and licenses.

Kerberos started out being able to register something you know shared-secret ... aka password. PKINIT for kerboros started out registering a public key ... in lieu of password for authentication. It was later that there was lots of pressure to add digitial certificate based public key processing option to PKINIT.

lots of public key cryptography is only used around the edges ... because it is so much more expensive than symmetric keys ... aka SSL uses public key for symmetric key exchange ... and then the rest is done not using public key cryptography.

way back when, we were part of one of the corporations that was underwriting Project Athena ... and would go by for periodic reviews of their projects ... including Kerberos. One week sat thru the evoluation of design for cross-domain operation.

Much more recently sat thru a presentation of one of the first SAML deployments... and brought up that their message flows were identicial to Kerberos cross-domain.

One of the original issues vis-a-vis digital certificate paradigm ... there still being requirement for the authorization information (what permissions), in addition to authentication. Early digital certificate scenarios were that both authentication and authorization information would be carried in the certificate. The issue was that a lot of authorization information needed to be much more timely than the stale/static information carried in the digital certificates ... as well as finding that authorization information frequenlty turning out to have privacy implications.

Creating real-time (non-public) repository for the authorization information ... significant reduces the justification for having digital certificates; in fact recording the authentication information (whether shared-secret or public key) in the same real-time (non-public) repository ... makes digital certificates redundant and superfluous

another major authentication/authorization infrastructure is RADIUS ... used by ISPs all over the world. This also started out with shared-secret authentication ... in approx. same time-frame as Kerberos. In much the same way that PKINIT had public key registration in lieu of password ... it is also possible to do RADIUS infrastructure that registers public key in lieu of password (neither actually requiring digital certificates as part of doing public key authentication).

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

LPARs: More or Less?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: LPARs: More or Less?
Newsgroups: alt.folklore.computers
Date: Fri, 12 Mar 2010 17:03:27 -0500
re:
http://www.garlic.com/~lynn/2010e.html#52 LPARs: More or Less?
http://www.garlic.com/~lynn/2010e.html#74 LPARs: More or Less?

Lehman autopsy throws Ernst & Young into spotlight
http://www.marketwatch.com/story/lehman-autopsy-throws-ernst-young-into-spotlight-2010-03-12

from above:
Ernst & Young came under fresh public scrutiny after a report on the Lehman Bros. collapse alleged that the accounting firm's audit failed to challenge transactions that essentially hid $50 billion of the investment bank's assets.

... snip ...

a few others

Lehman, Ernst & Young and accounting
http://insider.accountancyage.com/2010/03/lehman-ernst-yo.html
Will Ernst & Young Survive The Lehman Fiasco?
http://www.businessinsider.com/will-ernst-and-young-survive-the-lehman-fiasco-2010-3
Ernst & Young faces legal action over Lehman collapse
http://business.timesonline.co.uk/tol/business/industry_sectors/banking_and_finance/article7059469.ece
Lehman Fraudulently Cooked Its Books, Accounting Giant Ernst & Young Helped, Geithner and Bernanke Winked and Slapped Them on the Back
http://www.prisonplanet.com/lehman-fraudulently-cooked-its-books-accounting-giant-ernst-young-helped-geithner-and-bernanke-winked-and-slapped-them-on-the-back.html

tv business news shows today have been making several references to enron & anderson and where was SOX when all of this was going on.

A few posts mentioning SOX
http://www.garlic.com/~lynn/2009.html#15 What are the challenges in risk analytics post financial crisis?
http://www.garlic.com/~lynn/2009.html#52 The Credit Crunch: Why it happened?
http://www.garlic.com/~lynn/2009.html#53 CROOKS and NANNIES: what would Boyd do?
http://www.garlic.com/~lynn/2009.html#57 CROOKS and NANNIES: what would Boyd do?
http://www.garlic.com/~lynn/2009.html#73 CROOKS and NANNIES: what would Boyd do?
http://www.garlic.com/~lynn/2009b.html#36 A great article was posted in another BI group: "To H*** with Business Intelligence: 40 Percent of Execs Trust Gut"
http://www.garlic.com/~lynn/2009b.html#37 A great article was posted in another BI group: "To H*** with Business Intelligence: 40 Percent of Execs Trust Gut"
http://www.garlic.com/~lynn/2009b.html#48 The blame game is on : A blow to the Audit/Accounting Industry or a lesson learned ???
http://www.garlic.com/~lynn/2009b.html#49 US disaster, debts and bad financial management
http://www.garlic.com/~lynn/2009b.html#52 What has the Global Financial Crisis taught the Nations, it's Governments and Decision Makers, and how should they apply that knowledge to manage risks differently in the future?
http://www.garlic.com/~lynn/2009b.html#53 Credit & Risk Management ... go Simple ?
http://www.garlic.com/~lynn/2009b.html#54 In your opinion, which facts caused the global crise situation?
http://www.garlic.com/~lynn/2009b.html#57 Credit & Risk Management ... go Simple ?
http://www.garlic.com/~lynn/2009b.html#59 As bonuses...why breed greed, when others are in dire need?
http://www.garlic.com/~lynn/2009b.html#73 What can we learn from the meltdown?
http://www.garlic.com/~lynn/2009b.html#80 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009c.html#0 Audit II: Two more scary words: Sarbanes-Oxley
http://www.garlic.com/~lynn/2009c.html#1 Audit II: Two more scary words: Sarbanes-Oxley
http://www.garlic.com/~lynn/2009c.html#3 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009c.html#20 Decision Making or Instinctive Steering?
http://www.garlic.com/~lynn/2009c.html#29 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009c.html#44 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009c.html#48 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009d.html#0 PNC Financial to pay CEO $3 million stock bonus
http://www.garlic.com/~lynn/2009d.html#3 Congress Set to Approve Pay Cap of $500,000
http://www.garlic.com/~lynn/2009d.html#10 Who will Survive AIG or Derivative Counterparty Risk?
http://www.garlic.com/~lynn/2009d.html#22 Is it time to put banking executives on trial?
http://www.garlic.com/~lynn/2009d.html#37 NEW SEC (Enforcement) MANUAL, A welcome addition
http://www.garlic.com/~lynn/2009d.html#42 Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
http://www.garlic.com/~lynn/2009d.html#61 Quiz: Evaluate your level of Spreadsheet risk
http://www.garlic.com/~lynn/2009d.html#62 Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?
http://www.garlic.com/~lynn/2009d.html#63 Do bonuses foster unethical conduct?
http://www.garlic.com/~lynn/2009d.html#73 Should Glass-Steagall be reinstated?
http://www.garlic.com/~lynn/2009d.html#75 Whistleblowing and reporting fraud
http://www.garlic.com/~lynn/2009e.html#0 What is swap in the financial market?
http://www.garlic.com/~lynn/2009e.html#13 Should we fear and hate derivatives?
http://www.garlic.com/~lynn/2009e.html#35 Architectural Diversity
http://www.garlic.com/~lynn/2009e.html#36 Architectural Diversity
http://www.garlic.com/~lynn/2009e.html#37 How do you see ethics playing a role in your organizations current or past?
http://www.garlic.com/~lynn/2009f.html#2 CEO pay sinks - Wall Street Journal/Hay Group survey results just released
http://www.garlic.com/~lynn/2009f.html#29 What is the real basis for business mess we are facing today?
http://www.garlic.com/~lynn/2009f.html#51 On whom or what would you place the blame for the sub-prime crisis?
http://www.garlic.com/~lynn/2009g.html#7 Just posted third article about toxic assets in a series on the current financial crisis
http://www.garlic.com/~lynn/2009g.html#33 Treating the Web As an Archive
http://www.garlic.com/~lynn/2009h.html#17 REGULATOR ROLE IN THE LIGHT OF RECENT FINANCIAL SCANDALS
http://www.garlic.com/~lynn/2009i.html#60 In the USA "financial regulator seeks power to curb excess speculation."
http://www.garlic.com/~lynn/2009j.html#12 IBM identity manager goes big on role control
http://www.garlic.com/~lynn/2009j.html#30 An Amazing Document On Madoff Said To Have Been Sent To SEC In 2005
http://www.garlic.com/~lynn/2009m.html#89 Audits V: Why did this happen to us ;-(
http://www.garlic.com/~lynn/2009n.html#17 UK issues Turning apology (and about time, too)
http://www.garlic.com/~lynn/2009n.html#20 UK issues Turning apology (and about time, too)
http://www.garlic.com/~lynn/2009o.html#71 "Rat Your Boss" or "Rats to Riches," the New SEC
http://www.garlic.com/~lynn/2009s.html#45 Audits VII: the future of the Audit is in your hands
http://www.garlic.com/~lynn/2009s.html#47 Audits VII: the future of the Audit is in your hands

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

search engine history, was Happy DEC-10 Day

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: search engine history, was Happy DEC-10 Day
Newsgroups: alt.folklore.computers
Date: Sat, 13 Mar 2010 11:10:07 -0500
Michael Wojcik <mwojcik@newsguy.com> writes:
If you want an example of a "single entity" that is "the opposite of the Open Source movement", how about SCO? Or any of the software patent troll firms? Or even Microsoft, which until recently was extremely hostile to open source, and is now best characterized as ambivalent (if not schizophrenic) toward it?

original SCO ...
https://en.wikipedia.org/wiki/Santa_Cruz_Operation
and SCO Group
https://en.wikipedia.org/wiki/SCO_Group

some recent:

News: SCO Asked O'Gara To Smear Groklaw
http://news.slashdot.org/story/10/03/13/138210/SCO-Asked-OGara-To-Smear-Groklaw
Blake Stowell Email to Maureen O'Gara: "I Need You to Send a Jab PJ's Way"
http://www.groklaw.net/article.php?story=20100312150121798

older reference:

Final Judgment -- SCO Loses, Owes $3,506,526
http://news.slashdot.org/story/08/11/21/1849215/Final-Judgment-mdash-SCO-Loses-Owes-3506526
Final Judgment in SCO v. Novell: SCO Loses Again
http://www.groklaw.net/article.php?story=20081120195227418

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Online Banking & Password Theft

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 23 Feb, 2010
Subject: Online Banking & Password Theft
Blog: Computer Security and Forensics
In the mid-90s, various of the consumer dial-up online banking were making presentations that they would move to the internet ... offloading significant support costs onto ISPs (who could spread the costs across large variety of online offerings ... not just online banking). Major costs were customer support for the after-market proprietary modem drivers (some operations claiming library of >60 different such drivers ... and still having problems) and support for the incoming computers calls.

at the same time (early/mid 90s), the cash management/commercial dial-up online banking operations were claiming that they would never move to the internet for a long list of reasons ... all of which have been seen in the last 15 yrs. Recently there has been call for commercial internet online banking almost return to the dial-up days ... advocating that businesses have a new, dedicated PC that is only used for online banking (and never used for anything else).

EU had somewhat analogous approach with the EU FINREAD standard in the late 90s ... basically moved the authentication/authorization end-point to a stand-alone, dedicated device ... as countermeasure to long list of well understood ways that PCs were being compromised (situation that has changed little in the past decade-plus period). misc. past posts mentioning EU FINREAD standard
http://www.garlic.com/~lynn/subintegrity.html#finread

In late 90s, EU FINREAD standard was countermeasure for compromised PCs which

1) stole pin/passwords (something you know authentication) that could be used in "replay" fraudulent transactions by criminal software on the same or different machines.

2) for token (something you have authentication), the criminal software can directly generate fraudulent transactions, spoofing human interactions on the compromised PC (having captured keystrokes and screen displays from previous transactions)... transactions that the human isn't even aware of.

3) for token (something you have authentication), which requires some form of unspoof'able interaction ... the compromised PC displays a different transaction than is actually executed ... the user is asked to approve transactions ... which are totally different than the transaction actually executed.

Latest round of online banking software compromises ... have sophisticated software that is aware of large number of online banking web page formate ... and eliminate the fraudulent transactions ... so that they don't show up when user asks for current transactions and balance.

compromises of PCs have been known from when PCs were originally introduced ... and accelerated with ubuquitous internet connectivity. most recent:

Security Industry Faces Attacks It Can't Stop
http://it.slashdot.org/article.pl?sid=10/03/12/1651253

from above:
What both Mariposa and the Google attacks illustrate, and what went largely unsaid at RSA, was that the security industry has failed to protect paying customers from some of today's most pernicious threats

... snip ...

and ...

Security industry faces attacks it cannot stop; Tests find that most AV is still not blocking Aurora exploit
http://www.itworld.com/security/100320/security-industry-faces-attacks-it-cannot-stop

tens of millions (if not hundreds of millions) are "owned" by compromised software (as in all the news about vast "botnets").

for other drift ... say online banking requires USB hardware token that requires a PIN; then the compromised software captures keystrokes and can simulate PIN entry for fraudulent transactions. Say USB token also requires human to unplug and plug-in token for each transaction; token only does a single transaction per power cycle (token recognizes power on/off) ... compromised software cycles the power to the USB port ... simulating human unplug/plug-in. As previously mentioned, if there is some totally unspoof'able human interaction for every transaction ... then display the intended transaction ... but perform a totally different fraudulent transaction.

In the EU FINREAD standard scenario .. If the end-point is potentially point of compromise and represents interface to human ... then the compromised end-point can be used to spoof anything that might be required from a real live human .... it is independent of where stuff executes and/or is stored .... and it doesn't actually have to compromise any other part of the infrastructure ... just has to sufficiently reproduce what might be required of a real live human as part of a transaction.

countermeasures (other than eu finread) has been increasingly complex interactions ... visual keyboards with randomly re-arranged keys that relies on mouse clicks for input ... or stuff like CAPTCHA (as countermeasure to compromised end-point spoofing live human interactions)
https://en.wikipedia.org/wiki/CAPTCHA

crooks have come back with being able to recognize key locations in visual keyboard and simulate mouse click correct key selection and being able to do character recognition for increasingly obscured CAPTCHA schemes.

It might be thot of a form of impersonation... but instead of a real live person doing the impersonation ... it is increasingly sophisticated criminal software (instead of criminal software simulating the real software, the criminal software is simulating the human).

recent reference:

Zeus botnet malware is improving for hackers
http://news.techworld.com/security/3215033/zeus-botnet-malware-is-improving-for-hackers/?olo=rss

from above:
The Windows-based Zeus Trojan software, which takes up about 50,000 bytes on a compromised Windows-based computer, is designed to plunder accounts in North American and United Kingdom banking systems via the victim's computer.

... snip ...

another recent reference:

Password-stealing virus on Facebook
http://infotech.indiatimes.com/News-Internet/Password-stealing_virus_on_Facebook/articleshow/5696733.cms

from above:
Hackers have flooded the Internet with virus-tainted spam that targets Facebook's estimated 400 million users in an effort to steal banking passwords and gather other sensitive information.

... snip ...

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

What was the historical price of a P/390?

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What was the historical price of a P/390?
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Sun, 14 Mar 2010 11:11:22 -0400
shmuel+ibm-main@PATRIOT.NET (Shmuel Metz , Seymour J.) writes:
Yes, and you could add more at much more attractive prices than external ECKD DASD. Admittedly the I/O bandwidth was much lower, but for an entry level system that's not an issue.

the original definition of RAID (from 1987) was: Redundant array of inexpensive disks (although somebody that I worked with a generation earlier at san jose got a patent on the technology a decade earlier)
https://en.wikipedia.org/wiki/RAID

one of the raid configurations is purely parallel transfer.

with fiber channel transfer speeds ... at the time when there was struggles to get mainframe disks at escon speeds.

old post about jan92 meeting wanting harrier to turn into interoperabiilty with fiber channel ... instead of SSA
http://www.garlic.com/~lynn/95.html#13

what i remember of the fiber channel standards from the early 90s ... where the escon forces was creating quite a bit of contention trying to layer significantly more complex structure on top of the native FCS to handle ECKD half-duplex, synchronous type stuff (subsequently turns into FICON).

part of several Harrier, SSA, SCI, and FCS activities (from the late 80s & early 90s) were taking parallel bus protocol, packetizing them and running them asynchronously over (dual simplex) serial links ... significantly improving thruput and eliminating the end-to-end synchronous latency required by half-duplex parallel bus protocols.

Harrier could use high-end SCSI disks ... with dual 80mbit/sec serial copper links (dedicated serial link for each direction of data flow). As part of HA/CMP
http://www.garlic.com/~lynn/subtopic.html#hacmp

I benchmarked a wide variety of workloads on Harrier and standard SCSI ... using effectively identical disks ... with Harrier having significantly higher thruput ... especially as load went up. Harrier then evolves into SSA
https://en.wikipedia.org/wiki/Serial_Storage_Architecture

By comparison, in that time-frame, ESCON forces were fighting to emulate parallel bus synchronous operation on top of FCS (for what later becomes FICON) ... which was nearly the opposite of most of the other direction from the period.

ESCON basic was emulating half-duplex parallel over 17mbyte/sec links (getting 17mbyte/sec aggregate modulo syncrhonous latency delays). About the time that ESCON finally shipped, RS/6000 also came out with SLAs. ESCON had been kicking around POK for a long time before finally getting out. In that period, one of the RS/6000 engineers took the ESCON definition, tweaked it to be about 10% faster, made it full duplex/asynchronous (i.e. 220mbit concurrent in each direction, 440mbit/sec aggregate) and used significantly less expensive optical drivers. The engineer was then convinced to not do a 800mbit version of SLA ... but to work on FCS standard instead.

that engineer was then also heavily involved in cluster scaleup ... old medusa email
http://www.garlic.com/~lynn/lhwemail.html#medusa

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

What was the historical price of a P/390?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What was the historical price of a P/390?
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Sun, 14 Mar 2010 11:59:29 -0400
re:
http://www.garlic.com/~lynn/2010f.html#7 What was the historical price of a P/390?

old post mentioning p/390 ... but mostly about "a74" precursor (from the dept in the pok ... officially "7437") with several press releases & articles about a74
http://www.garlic.com/~lynn/2002d.html#4 IBM Mainframe at home

one of the releases in the above mentions 7437 priced at $18,100. The above also has several references to "washington" (xt/370 & at/370) ... I had gotten blamed for six month slip in shipping washington because I had done a number of benchmarks and showed that the VM&CMS they were using was somewhat bloated in real storage requirements and had a lot of page thrashing (slip was to redo card with more real storage to cut down page thrashing).

wiki page with some amount r/390, p/390 & s/390 integrated server:
https://en.wikipedia.org/wiki/PC-based_IBM-compatible_mainframes

S/390 Integrated server announcement letter (198-211, 8sep1998)
http://www-01.ibm.com/common/ssi/rep_ca/1/897/ENUS198-211/index.html

above lists support for SSA disk.

this lists S/390 Integrated server at $49,990, with $18,855 going towards purchase of the S/390 daughter card:
http://findarticles.com/p/articles/mi_m0CGN/is_n181/ai_21154322/

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Entry point for a Mainframe?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Entry point for a Mainframe?
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Sun, 14 Mar 2010 13:07:33 -0400
re:
http://www.garlic.com/~lynn/2010e.html#80 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#81 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#83 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010f.html#0 Entry point for a mainframe
http://www.garlic.com/~lynn/2010f.html#2 Entry point for a mainframe

of course, I had managed to offend the communication group as undergraduate in the 60s working on plug-compatible controller (originally done on interdata/3 ... eventually acquired by Perkin-Elmer and marketing at least thru much of the 80s ... P/E fed/gov marketing manager commented that channel interface board looked like it may have been the original wire-wrap design done at the univ. in the 60s). misc. past posts
http://www.garlic.com/~lynn/subtopic.html#360pcm

there was writeup blaming four of us for the clone controller business.

in the late 90s, touring a merchant acquiring (very) large mainframe installation (multiple max'ed out CECs), there were these boxes handling calls from a significant percentage of the merchant point-of-sale terminals in the US.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

What was the historical price of a P/390?

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What was the historical price of a P/390?
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Sun, 14 Mar 2010 18:01:00 -0400
Mike <mhammoc@bellsouth.net> writes:
I really should have mentioned that the zPDT systems are only for approved PWD developers. Not for general commercial use. Also, I've see the "claim" that you can get a z10BC for $100K, and technically, it is true, but try to configure an actual usable system and you will be well over that. Add in a disk subsystem and it is very difficult to come in under $200K, even with the very high discounts available to some cutomers, like developers. Mike Hammock

re:
http://www.garlic.com/~lynn/2010f.html#7 What was the historical price of a P/390?
http://www.garlic.com/~lynn/2010f.html#8 What was the historical price of a P/390?

zpdt page:
http://dtsc.dfw.ibm.com/adcd/adcd.html

other p/390 page
http://searchdatacenter.techtarget.com/sDefinition/0,,sid80_gci212733,00.html

the above mentions that MVS required 128mbytes of RAM, while VM and VSE will install 32megabytes.

getting blamed for six month slip in washington (xt/370) was original shipping with 384kbyte RAM (fixed storage for vm kernel as well as paging space for cms). It ran in that space ... but did some amount of paging. The issue compared to "real" mainframe disks ... was that I/O requests were passed to cp/88 on the XT ... which would use the XT (20mbyte) harddisk for paging as well as cms filesystem ... operating at 100ms/access.

In any case, upgrade was to increase memory to 512kbyte RAM ... cutting down amount of paging (passed over to cp/88 and then 100ms).

They also picked up some other stuff I had done. I had done CMS paged mapped filesystem that had several features that provided much higher thruput than normal CMS filesystem (moderate i/o workload getting possibly 300% better thruput on identical 3380 drives). Part was playing some tricks with page invalid/valid to allow asynchronous CMS operation ... launching CMS application execution ... and allowing to overlap while application program image was still loading. misc. past posts mentioning doing paged mapped filesystem for cms
http://www.garlic.com/~lynn/submain.html#mmap

for other drift, slightly related at same website: "IBM mainframe user 2010 wish list":
http://searchdatacenter.techtarget.com/tip/0,289483,sid80_gci1381173,00.html

related thread:
http://www.garlic.com/~lynn/2010e.html#68 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#70 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#71 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#72 Entry point for a Mainframe?

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

IBM And Microsoft Clash Over Unbundling Policy

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: IBM And Microsoft Clash Over Unbundling Policy
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Mon, 15 Mar 2010 10:48:52 -0400
IBM And Microsoft Clash Over Unbundling Policy
http://www.informationweek.com/news/global-cio/interviews/showArticle.jhtml?articleID=224600614

from above:
Column about IBM attacking a study that it says was funded by Microsoft and that calls for server hardware and software to be unbundled, and for the same policy to apply for mainframes

... snip ...

can anybody say 23jun69? ... lots of past posts
http://www.garlic.com/~lynn/submain.html#unbundle

IBM did make the case that kernel (aka operator system) software should still be free.

While at the univ. in the 60s, I was involved in building clone controller ... then there was write-up blaming four of us for the clone controller business. ... misc. past posts
http://www.garlic.com/~lynn/subtopic.html#360pcm

the clone controller business is claimed to have been major motivation for future system effort ... misc. past posts
http://www.garlic.com/~lynn/submain.html#futuresys

future system was going to completely replace 360/370 with something radically different ... and 370 product pipelines were allowed to go dry. that has been claimed to be major factor behind clone processors gaining foothold in the market. then with the demise of the future system effort, there was mad rush to get products back into the 370 product pipeline.

I had continued to do 370 stuff all during future system era ... even making less than complimentary comments about future system stuff. Then the mad rush (to get stuff back into 370 product pipeline) possibly contributed to picking up pieces of my work and shipping them. One such was a bunch of dynamic adaptive resource management that I had originally done on cp67 as undergraduate. The clone processors possibly contributed to change in decision to start charging for kernel software ... and my resource manager was selected as the first guinea pig ... so I got to spend lots of time with the lawyers and business people about kernel software charging. ... misc. resource management and/or scheduling posts
http://www.garlic.com/~lynn/subtopic.html#fairshare

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Real CPU Id

From: lynn@GARLIC.COM (Anne & Lynn Wheeler)
Subject: Re: Real CPU Id
Newsgroups: bit.listserv.ibm-main
Date: 15 Mar 2010 09:47:09 -0700
PaulGBoulder@AIM.COM (Paul Gilmartin) writes:
How many vendors might a customer need to call to get running on a Disaster Recovery site? Are the DR CPUs pre-keyed?

Gossip, unsubstantiated: Several years ago when some music publishers experimented with copy-protected CDs, they observed lower sales for the protected CDs than for the unprotected.


the whole DRM business & piracy is big problem.

there were scenarios in the 90s with music stores near large college campuses. drop-off of something like 90% in CD sales after univ. put in high-speed networking and filesharing servers going up on campus.

part of the issue was that CD sales were heavily skewed ... a very few popular recent releases accounting for majority sales in any month.

early design of trusted platform module (in trusted computing) was to support DRM ... but various kinds of opposition has TPM positioned as trusted system component (countermeasure to system compromises, viruses, trojan horses, etc) ... primarily on higher-end servers.

part of what I had done in the AADS chip strawman was countermeasure to copy-chips. at one point was approached by some of the processor chip vendors about possibly incorporated that part of the AADS chip strawman as part of every processor chip (as countermeasure not only for copy-chips ... but also grey market chips). an issue is that the countermeasure for copy-chips can also be used for DRM.

very long ago and far away spent a little time on task force looking at what kind of hardware that could be added to original PC for anti-piracy ... it was a little like TPM, but such technology back then was much more primitive and much more expensive.

misc. references to AADS chip strawman
http://www.garlic.com/~lynn/x959.html#aads

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

What was the historical price of a P/390?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What was the historical price of a P/390?
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Tue, 16 Mar 2010 10:54:28 -0400
shmuel+ibm-main@PATRIOT.NET (Shmuel Metz , Seymour J.) writes:
PC's may have the speed edge for an individual I/O, but how does a fast PC I/O stack up against 100's of concurrent mainframe I/O's? It's the number of channels operating in parallel that gives the mainframe a speed edge.

re:
http://www.garlic.com/~lynn/2010f.html#7 What was the historical price of a P/390?
http://www.garlic.com/~lynn/2010f.html#8 What was the historical price of a P/390?

lot of it was adding lots of additional processors for managing the i/o programming. the 3033 using channel directors (158 engines with 370 microcode removed and only the integrated channels) wasn't all that hot.

the 3090 had more processors for doing i/o. however, the 3880 disk controller had much slower processor for command processing that it significantly drove up channel busy time per operation. the result was that there was change in 3090 to add a lot more channels (for a "balanced configuration") to spread the 3880s across a larger number of channels. This pushed 3090 channel circuits passed a threshold and another TCM had to be added. POK wanted to charge the san jose disk division the cost of the extra TCM on every 3090 sold. 3090 was also being sold into some of the "supercomputer" market with vector processing. However, that also implied lots of real high-speed disks operating at HIPPI speeds (basically standards version of cray channel) operating at 100mbyte/sec. The 3090 i/o interface couldn't handle the 100mbyte/sec transfers ... so there was a hack to cut into the side of the expanded store bus to added HIPPI. The problem there was no channel processors on the expanded store bus ... just the 4k move instructions ... so 3090 HIPPI i/o had to be done with "peek/poke" paradgim.

a lot of the sequent NUMA-Q machine was PC processors with lots of things like enormous amounts of i/o processing. old emails
http://www.garlic.com/~lynn/2010e.html#email951030
http://www.garlic.com/~lynn/2010e.html#email961211
from recent post
http://www.garlic.com/~lynn/2010e.html#70 Entry point for a Mainframe?

about customer providing sequent with 3590 drives to get support done ... and mention that first pass of the sequent dynix 3590 device driver didn't support scatter/gather & sili. the application was several hundred million accounts with possibly tens of millions of transactions every day. the transactions would be sorted in account order (and account summary information on tape was in account sorted order). the application would read input tape, apply/merge transaction summary information with days transactions and write the result to new tape. the idea was to do the processing at full 3590 speed ... getting nightly processing done to approx 30mins elapsed time (compared to having every night processing taking a couple weeks elapsed time using various other approaches).

a big bottleneck for mainframe has been the half-duplex channel paradigm and CKD simulation (attempting to compensate for the bottleneck results in significantly increased complexity).

original harrier was dual 80mbit/sec links ... running asynchronously ... getting 160mbit/sec aggregate ... SSA doubled that to 160mbit/sec asynchronous links ... getting 320mit/sec aggregate (and running asynchrnously help offset increasing latency issue). As mentioned SSA was offered on s/390 integrated server:
http://www-01.ibm.com/common/ssi/rep_ca/1/897/ENUS198-211/index.html
mentioned here
http://www.garlic.com/~lynn/2010f.html#8 What was the historical price of a P/390?

compared to half-duplex 200mbit/sec escon ... which suffered protocol latency issues with half-duplex activity. FCS disk infrastructures ... operating similar to harrier/SSA but at FCS speeds ... long before FICON. that was sort of what got us into trouble (with mainframe group) ... with cluster scaleup ... referenced in this old post about jan92 meeting in ellison's conference room
http://www.garlic.com/~lynn/95.html#13
and this old email references
http://www.garlic.com/~lynn/lhwemail.html#medusa

within a couple weeks after the meeting in ellison's conference room, the project was transferred ... announced as a product in the numerical intensive market (only) ... and we were told we couldn't work on anything with more four processors. Old press article from 17feb92 (approx. five weeks after meeting in ellison's conference room):
http://www.garlic.com/~lynn/2001n.html#6000clusters1
and another from 11May92
http://www.garlic.com/~lynn/2001n.html#6000clusters2

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

What was the historical price of a P/390?

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What was the historical price of a P/390?
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Tue, 16 Mar 2010 11:24:38 -0400
re:
http://www.garlic.com/~lynn/2010f.html#8 What was the historical price of a P/390?

recent old email
http://www.garlic.com/~lynn/2010e.html#email810617
in this post
http://www.garlic.com/~lynn/2010e.html#36 What was old is new again (water chilled)

3033 would use three channel directors (i.e. 158 integrated channels microcode provided six channels) to get 16 channels.

the above email reference has 4341 with six channels that performance significantly better than 158 integrated channels (or channel directors).

one of the problems with scaling up 3033 was it was limited in real storage as well as number of channels (and the performance of each of those channels) ... along with mvs/3033 scaleup was running into severe problem with common segement area bloat (trying to add more & more stuff in the same mvs) ... threatening to eliminate any address space for running an application. recent reference
http://www.garlic.com/~lynn/2010e.html#75 LPARs: More or Less?
http://www.garlic.com/~lynn/2010e.html#76 LPARs: More or Less?

eventually there was hack for 3033 that allowed attaching more than 16mbyte real storage ... which played games with the page table entry bits ... to map 16mbyte virtual addresses into greater than 16mbyte real addresses.

a single vm/4341 didn't quite beat 3033 ... but six (vm370) 4341s easily did ... as well as being less expensive. a high-speed cluster of six 4341s could be placed in the datacenter ... but also had alternative to be deployed out in distributed manner in places like dept. store rooms or dept. conference rooms. misc. old email mentioning 43xx
http://www.garlic.com/~lynn/lhwemail.html#43xx

research did do high-speed cluster with up to eight high-speed vm/4341s using trotter (3088, eight "arm" channel-to-channel) ... that tried to do some of the things that show up later in sysplex. however, when going to release to customers ... they had to drop down to using SNA for cluster operation protocol ... recent reference:
http://www.garlic.com/~lynn/2010e.html#60 LPARs: More or Less?

which was similar to issues that my wife ran into with communication group when she was in POK in charge of loosely-coupled architecture ... misc. past posts
http://www.garlic.com/~lynn/submain.html#shareddata

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

LPARs: More or Less?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: LPARs: More or Less?
Newsgroups: alt.folklore.computers
Date: Tue, 16 Mar 2010 11:39:28 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
There would be several transactions along the toxic CDO value chain, with commissions at the various points ... possibly 15-20% aggregate commissions by the time the $27T made its way thru the labyrinth ... or maybe $5T.
Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=a0jln3.CSS6c


re:
http://www.garlic.com/~lynn/2010e.html#74 LPARs: More or Less?
http://www.garlic.com/~lynn/2010f.html#4 LPARs: More or Less?

besides the enormous personal financial motivation to disregard risk being placed on institution & infrastructure ... there have been past articles that many of the individuals involved seem to have personality characteristic that deals differently with the concept of consequences.

recent study also looking at capacity for dealing with consequences and risk taking

Psychopaths' brains wired to seek rewards, no matter the consequences
http://www.sciencedaily.com/releases/2010/03/100314150924.htm

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

What was the historical price of a P/390?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What was the historical price of a P/390?
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Tue, 16 Mar 2010 12:34:23 -0400
shmuel+ibm-main@PATRIOT.NET (Shmuel Metz , Seymour J.) writes:
PC's may have the speed edge for an individual I/O, but how does a fast PC I/O stack up against 100's of concurrent mainframe I/O's? It's the number of channels operating in parallel that gives the mainframe a speed edge.

re:
http://www.garlic.com/~lynn/2010f.html#13 What was the historical price of a P/390?
http://www.garlic.com/~lynn/2010f.html#14 What was the historical price of a P/390?

half-duplex, synchronous convention ... significantly drives up the need for larger number of channels ... significant thruput loss because of the half-duplex latencies. for dasd ... the significant increase in 3880 channel busy (per operation) forced 3090 to significantly increase number of channels (to compensate for loss of thruput because of 3880 channel busy overhead) ... over what was originally planned (adding an extra TCM and increasing 3090 manufacturing cost). CKD and multi-track search paradigm also significantly increases channel busy (per operation) ... futher motivating much larger number of channels (and controllers) ... because of enormous channel resource consumption in long multi-track searches. some amount of the large number of channels has been motivated by legacy issues significantly degrading possible thruput per channel.

harrier/ssa, fcs and other infrastructures went to packetized, asynchronous full-duplex operation ... as latency become increasingly thruput bottleneck. each outstanding asynchronous packet effectively becomes its own channel .... operating at full media speed ... drastrically reducing the number of "actual" channels required.

for slightly other drift, comment about gulftown (and maybe $5/370mip?)
http://www.garlic.com/~lynn/2010e.html#71 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#72 Entry point for a Mainframe?

recent news items

Intel wants vintage x64 servers on rubbish heap
http://www.theregister.co.uk/2010/03/16/intel_westmere_ep_pitch/
Intel Brings 32nm Xeon 5600 Series To The Data Center
http://www.crn.com/white-box/223900043

native virtualization and large numbers in small footprint blades, assisting in server consolication.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

history of RPG and other languages, was search engine history

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: history of RPG and other languages, was search engine history
Newsgroups: alt.folklore.computers
Date: Tue, 16 Mar 2010 12:45:24 -0400
Eric Chomko <pne.chomko@comcast.net> writes:
The 360 used micro-coded instructions. I doubt that the 1401 did. I never used a 1401 but did use an 360/370 architecture computer.

360/30 could run either the 360 microcode or the 1401 microcode (i.e. operated as if it was a 1401 rather than operating as if it was a 360).

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

What was the historical price of a P/390?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: What was the historical price of a P/390?
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Tue, 16 Mar 2010 16:03:29 -0400
re:
http://www.garlic.com/~lynn/2010f.html#13 What was the historical price of a P/390?
http://www.garlic.com/~lynn/2010f.html#14 What was the historical price of a P/390?
http://www.garlic.com/~lynn/2010f.html#16 What was the historical price of a P/390?

there is this old IBM story about the copier3 ... that may have been included in business school case study/story. The copier3 went thru period when it had much higher rate of paper jams than other copiers. IBMs ad-agency came up with consumer tv adverisements that highlighted how much easier it was to clear paper jams on copier3 than competition. The ads backfired ... reminding people how much they hated paper jams. This is sometimes referred to as "featuring a bug".

the first time I did full-duplex asynchronous (modulo full-duplex networking, full-duplex terminals, etc) packetized channel programs was in 1980 for the IMS group in STL. STL was bringing in more & more groups ... and starting to burst at the seams. 300 people from the IMS group were selected to be moved to offsite bldg (about half way between STL and main plant site). They tested remote 3270s ... and apparently there would have been a revolt in the ranks (compared to their local 3270 vm/cms response in STL ... this is before vm/4341s started to be deployed in every nook & cranny).

So the alternative was HYPERChannel channel extention ... move all the local channel 327x controllers to offsite bldg (along with some tape controllers & misc. other controllers) ... and replace them with an HYPERChannel A220 directly on mainframe channel ... and install HYPERChannel A510s (channel emulators) at the offsite bldg.

I wrote a driver that would packetize the channel programs (sort of another kind of flavor of virtualized scanning channel programs and creating shadow "programs") and send them off for downloading into the memory of A510s. I programmed the A220 to simulate full-duplex ... with different dedicated subchannel addresses for outgoing and incoming traffic. A little topic drift ... svs/mvs excp0 had to scan & create "shadow" channel programs ... and started out by borrowing CCWTRANS routine (from cp67 virtual machine support).

The net was that remote users basically saw local channel vm/370 3270 response ... and side-effect was that the mainframe in STL got 10-15% higher thruput. In turns out that convential wisdom at the time had 3270 controllers spread across all channels shared with DASD. However, 3270 controllers had enormously high channel busy for operation. Replacing all the 3270 controllers on every channel shared with DASD ... with single A220 ... where the A220 circuitry was significantly faster and had much lower channel busy per operation (using packetized full-duplex paradigm). All the 3270 traffic could be streamed thru a single channel once converted to packetized full-duplex operation ... and fast enough circuitry to operate at full channel transfer speed. Getting the 3270 controller off channels shared with DASD allowed the disks thruput to increase ... increasing overall thruput by 10-15%.

The packetized full-duplex operation also masked a lot of the 30mile round-trip to the offsite bldg (transmission was 10miles from STL to bldg. 12 on main plant site and then 5miles back to off-site bldg ... for 15miles ... and then return for the 30miles roundtrip). (the half-duplex 3270 overhead being limited to multiple local A510 channel emulators at the offsite building).

recent posts mentioning doing the HYPERChannel thing for the STL IMS group:
http://www.garlic.com/~lynn/2010b.html#72 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#71 LPARs: More or Less?
http://www.garlic.com/~lynn/2010d.html#72 LPARs: More or Less?

besides the half-duplex overhead paradigm ... limiting thruput ... and slow controllers ... significantly driving up channel busy (in the half-duplex paradigm) ... there is the whole search-id paradigm penalty ... left over from '60s CKD technology trade-off. to conserve scarce electronic memory, the controller refetched the search argument from processor memory on every id-compare ... this introduced severe latency constraints (as well as monopolizing a lot of memory bus, channel, controller, and device resources).

the CKD search latency constraint resulted in not being able to easily use the HYPERChannel strategy for remote device support. Eventually, NSC came out with the A515 which allowed including the search argument in the downloaded packetized channel program. However, for most of the mainstream, the whole CKD search constraints helped perpetuate the half-duplex and low latency requirements for channel deployments.

Trying to wean MVS off the CKD/search very expensive resource hog didn't meet with much success. I was told that even if I provided them with fully integrated and tested FBA support ... I still needed to show incremental revenue ROI to cover the claimed $26m for education, pubs and training (the claim being that customers would just buy the same amount of FBA as they had been buying CKD ... showing no new net revenue).

misc. past posts mentioning CKD & multi-track search
http://www.garlic.com/~lynn/submain.html#dasd

recent post mentioning the $26m number
http://www.garlic.com/~lynn/2010d.html#0 PDS vs. PDSE

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Should the USA Implement EMV?

Refed: **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 16 Mar, 2010
Subject: Should the USA Implement EMV?
Blog: Payment Systems Network
There was a rather large pilot deployment in US nearly decade ago ... however it was in the yes card period ...and then it appeared to evaporate w/o a trace. There have been various comments about resistance because of deployment costs ...but there may also be the case that there is some concern about there would have to be the costs of several (multiple different) deployments. misc. past posts mention yes card
http://www.garlic.com/~lynn/subintegrity.html#yescard

instead of Uncle Sam's card ... how about x9.59 financial industry retail payment standard.

Approx. same time as EMV was being defined ... and a totally different payment specification for the internet ... the x9a10 financial standard working group had been given the requirement to preserve the integrity of the financial infrastructure for ALL retail payments (credit, debit, ach, stored-value, high-value, low-value, point-of-sale, unattended, transit turnstile, internet, contact, contactless, wireless, aka ALL).

part of x9.59 standard was making payment infrastructure agnostic, form factor agnostic, and something called parameterised risk management ... that the same standard works independent of the number of authentication factors ... whether single-factor authentication or multi-factor authentication (and/or types of multi-factor authentication) could purely be based on value &/or risk for specific transaction.

this went along with something referred to as person-centric ... as an alternative to institutional centric ... aka a single person-centric token could be used in a large number of different ways ... with a wide variety of different valued transactions ... potentially requiring a variety of different authentication factors (single-factor, two-factor, more than two-factor, etc).

x9.59 financial standard reference
http://www.garlic.com/~lynn/x959.html#x959

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Would you fight?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 16 Mar, 2010
Subject: Would you fight?
Blog: Greater IBM
from discussion here on "would you ever take a sabbatical"
in '92, got paid to take a sabbatical bridge to 30yrs ... and not come back. during the executive interview ... there was comment that they could have forgiven me for being wrong ... but they were never going to forgive me for being right. The day that the sabbatical started, got a letter at home claiming that I was promoted (I still don't understand the reason why, it had strongly been implied while regular employee, promotion was something that would never happen).

... snip ...

from wandering discussion here from news item about "US begins inquiry of IBM in mainframe market" ... part of comments archived here:
http://www.garlic.com/~lynn/2009o.html#57

includes mention of being periodically reminded that business ethics is an oxymoron.

In the past, I sponsored John Boyd's briefings at IBM ... lots of past post mentioning Boyd
http://www.garlic.com/~lynn/subboyd.html#boyd1

and various URLs from around the web mentioning Boyd and/or OODA-loops
http://www.garlic.com/~lynn/subboyd.html#boyd2

Boyd would mention doing a stint in charge of "spook base" ... but it wasn't until one of his biographies that I saw reference which claimed "spook base" was a $2.5B windfall for IBM.

A reference to John:
"There are two career paths in front of you, and you have to choose which path you will follow. One path leads to promotions, titles, and positions of distinction.... The other path leads to doing things that are truly significant for the Air Force, but the rewards will quite often be a kick in the stomach because you may have to cross swords with the party line on occasion. You can't go down both paths, you have to choose. Do you want to be a man of distinction or do you want to do things that really influence the shape of the Air Force? To be or to do, that is the question." Colonel John R. Boyd, USAF 1927-1997

From the dedication of Boyd Hall, United States Air Force Weapons School, Nellis Air Force Base, Nevada. 17 September 1999


--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Tue, 16 Mar 2010 17:36:50 -0400
somewhat related post
http://www.garlic.com/~lynn/2008f.html#92 Billion-dollar IT failure at Census Bureau

above mentions being called in to consult on the 2000 census ... they were replacing 20yr old Burroughs(?) ... and were looking at what was going to be replacement. also mentioned in this post
http://www.garlic.com/~lynn/2008d.html#63 was: 1975 movie "Three Days of the Condor" tech stuff

the commerce dept. should have some number of PIAs for the census.

this mentions a data management effort
http://www.garlic.com/~lynn/2010f.html#13 What was the historical price of a P/390?

that had a dozen or so different consumer privacy organizations coming in every couple months for reviews.

when doing x9.99 financial industry standard ... we visited some number of fed. agencies and reviewed some number of fed. gov. PIAs ... including IRS ... but some number would have large amount of blacked-out areas (aka "redacted").

census related PIA info
http://www.census.gov/po/pia/pias/Print_2010_Abstract.pdf

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

history of RPG and other languages, was search engine history

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: history of RPG and other languages, was search engine history
Newsgroups: alt.folklore.computers
Date: Tue, 16 Mar 2010 19:39:34 -0400
despen writes:
And only fools used IBM access methods on the 1401 where you really had little choice on the S/360. The 360 was way too complicated to try bare metal programming.

as undergraduate ... my first programming job was redoing the 1401 MPIO program for 360/30. univ. had 709 using 1401 as unit record front end ... doing tape<->unitrecord ... and manually carrying tapes between 1401 drives and 709 drives.

they could have run the 1401 mpio on 360/30 in 1401 hardware emulation ... but i got paid to rewrite it in 360 assembler. i got to do my own storage management, device drivers, multi-tasking, console interface, interrupt handlers, etc. it ran to about 2000 cards and took about 30 minutes elapsed time to assemble.

i put in conditional assemble to use os/360 system services ... for a version that would run under os/360 ... instead of stand alone on bare metal. the os/360 version conditional assembly would expand five DCB (access methods) macros ... each DCB macro taking over five minutes to assemble ... the os/360 version took approx. an hour to assemble while the stand alone version only took about half hour.

recent post mentioning 1401 mpio:
http://www.garlic.com/~lynn/2010c.html#73 OT: PC clock failure--CMOS battery?

some amount of the unit record & tape channel programming shows up in green card ... q&d conversion of a "ios3270" green card to html
http://www.garlic.com/~lynn/gcard.html

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

history of RPG and other languages, was search engine history

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: history of RPG and other languages, was search engine history
Newsgroups: alt.folklore.computers
Date: Tue, 16 Mar 2010 20:14:57 -0400
Charles Richmond <frizzle@tx.rr.com> writes:
At a PPoE in the mid-80's, the financial people were still running some COBOL programs that were automatically translated from AutoCoder.

univ. admin dept had a 360 cobol program that had been translated from 709 cobol ... that had come via some process that simulated 407. when it finished ... it printed a page that had the 407 sense switch settings.

one day ... 360 cobol completed with some unknown (407) switch settings hadn't been seen and operators in datacenter didn't recognize ... all processing stopped while attempts were made to contact somebody that might know what was going on. after a couple hrs, nobody was found, it was decided to rerun the program and see if it came out the same.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Would you fight?

Refed: **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 16 Mar, 2010
Subject: Would you fight?
Blog: Greater IBM
re:
http://www.garlic.com/~lynn/2010f.html#20 Would you fight?

one of my hobbies during 70s and much of 80s ... was enhanced internal system distribution (first csc/cp67 system, then csc/vm system and later sjr/vm) ... one of my leading customers was HONE world-wide sales&marketing support system. some number of past posts mentioning HONE
http://www.garlic.com/~lynn/subtopic.html#hone

some old email moving code from cp67 to vm370 for csc/vm system (as well as some of the stuff getting picked up for standard vm370 product after demise of future system)
http://www.garlic.com/~lynn/2006v.html#email731212
http://www.garlic.com/~lynn/2006w.html#email750102
http://www.garlic.com/~lynn/2006w.html#email750430

recent post about branch people getting promoted into DP hdqtrs job and discovering to their horror that company ran on vm (not mvs)
http://www.garlic.com/~lynn/2010e.html#57

One of the eventual ploys in the 80s was to raise the issue about where did HONE get its highly enhanced vm370 system ... that just would magically appear periodically. Then the question was where are the officially signed MOUs from executives in my management chain and what were the contingencies if i ever got hit by a bus.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Should the USA Implement EMV?

Refed: **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 16 Mar, 2010
Subject: Should the USA Implement EMV?
Blog: Payment Systems Network
re:
http://www.garlic.com/~lynn/2010f.html#19 Should the USA Implement EMV?

it is easily possible for a person-centric token to go from single token that is capable of doing everything ... to being used by a person in any such combination that they personally prefer (it is one of the characteristics of person-centric).

however, there is issue of confusing authentication with authorization. for instance in a biometric scenario would there be four different thumbs for each of different environments.

from three factor authentication paradigm
http://www.garlic.com/~lynn/subintegrity.html#3factor

1) something you have (token, magstripe) 2) something you know (pin, password, ec) 3) something you are (biometric, iris, thumb)

somewhat orthogonal to the above is the issue of shared-secrets and/or "static data". "static data" (whether magstripe or pin/password) there is vulnerability to replay attacks (this was somewhat the yes card scenario ... skimming chip static data ... effectively technology identical to some used for magstripe skimming ... to create counterfeit chip yes card ... very analogous the way counterfeit magstripe is created)
http://www.garlic.com/~lynn/subintegrity.html#yescard

So in the past, kindergarten security had static data and shared-secrets supposedly needed to be unique for every unique security environment ... in part as countermeasure to cross-domain attacks ... but also to limit the scope of trivial compromise (eliminating the trivial compromises, replay attacks, static data, repeated use evesdropping, etc ... significantly mitigates the requirement to have unique authentication for every unique environment ... aka parameterised risk management). Lots of the multiple separate recommendations are because of static, shared-secret and/or trivially compromised authentication technologies
http://www.garlic.com/~lynn/subintegrity.html#secret

Another issue was lost/stolen card ... that having large number of cards would limit the scope of any specific lost/stolen card. However, common lost/stolen scenario involves wallet or purse ... which means all goes at the same time (common vulnerability). This is the traveler's check scenario that recommends not carrying the receipt with the checks.

So in the person-centric scenario ... if the individual decides that they want to use multiple different tokens in different domains, they can (it is orders of magnitude more difficult to go from institution centric, unique token per institution to person choice ... than it is to go from generalized, ubiquitous person choice to multiple tokens for specific environments).

We had been called in to consult with small client/server startup that wanted to do payment transactions on their servers ... they had also invented this technology they called "SSL" they wanted to use; the result is now frequently referred to as "electronic commerce"

Somewhat as a result, we were asked to participate in the x9a10 financial standard working group ... where there were detailed, in-depth, end-to-end threat and vulnerability analysis for the different environments. A major threat was leaking account number and/or transaction detail. Part of x9.59 financial transaction standard for all retail payments was slightly tweaking the environment so that leaking of account number and transaction details no longer could be used for fraudulent transactions (this addressed the majority of payment vulnerabilities, skimming, breaches, etc).
http://www.garlic.com/~lynn/subintegrity.html#harvest

Now, the major use of SSL in the world today was this earlier work we had done for electronic commerce that involves hiding the account number and transaction details while being transmitted on the internet. The x9.59 protocol eliminates such leakage as a vulnerability and so also eliminates the major use of SSL in the world today.
http://www.garlic.com/~lynn/x959.html#x959

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Should the USA Implement EMV?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 17 Mar, 2010
Subject: Should the USA Implement EMV?
Blog: Payment Systems Network
re:
http://www.garlic.com/~lynn/2010f.html#19 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#25 Should the USA Implement EMV?

In the mid-90s, working on x9.59 standard (for ALL environments ... credit, debit, stored-value, POS, unattended, internet, low-value, high-value, etc) ... I would semi-facetiously comment about taking a $500 milspec part, aggressive cost reduction by 2-3 orders of magnitude, while making it more secure. The requirement was also be able to do dynamic data within the power limitation & elapsed time limitations of contactless transit turnstile. The technology approached that of EPC RFID (i.e. the chips designed to replace UPC on grocery items) ... while maintaining much higher integrity & security. Also got rid of nearly all post-fab processing ... which was also instrumental in doing person-centric

Basically chips are cost/wafer ... and the basic cost/chip is the number of chips obtained from wafer (one of the reasons for increasing wafer size from 8in to 12in). The EPC RFID (& aads chip strawman) temporarily hit a wall for a period when the area for cutting wafers into chips was larger than the aggregate chip area (i.e. increasingly smaller circuit sizes resulted in much smaller chips ... when the circuits per chip are held constant). EPC RFID developed new wafer cutting technology that significantly reduced wafer area lost to cuts ... for the next big bump in chips/wafer ... and the next big reduction in cost/chip (as well for aads chip strawman).

A straight institutional-centric cut-over from static data & pin/password paradigm to (dynamic data) token paradigm ... would result in everybody having a unique token for every current magstripe &/or pin/password they currently have (potentially hundreds). In the person-centric scenario this can be reduced by two orders of magnitude to one or a very few.

First, approx. three orders magnitude reduction in cost/chip ... and then two orders magnitude reduction in number of tokens (in transition to token-based authentication infrastructure) ... is approx. five orders of magnitude difference in widely deployed person-centric vis-a-vis a widely deployed institutional-centric.

X9.59 retail payment transaction standard works identically regardless the numbers and types of authentication ... allowing infrastructure to dynamically adjust authentication based on risk and/or value (somewhat analogous to whether lower value credit transactions require signature).

for aads chip strawman, 90s circuits, 90s wafers, and 90s slice&dice technologies ... limited aggressive cost reduction of $500 milspec part to only three orders of magnitude. This still met strong crypto dynamic data done within power limitations and elapsed time constraint of contactless transit turnstile.

there was various slight of hand that went on in the fab ... so the chip left the fab fully functional ... but was done in the way so the operations were merged into existing fab processes with zero additional cost.

the advantage was that chip required very little post-fab processing. the downside is normal evaluations are done on chips leaving the fab; this fully functional chip only got an EAL4+ evaluation primarily because all the function and crypto were included in the evaluation (many others get higher evaluation level leaving the fab on bare-bones silicon w/o any function included). The biggest limitation to going higher than EAL4+ was that the crypto was already fully functional and various parties were dithering over crypto evaluation criteria at higher than EAL4+

the technology progress in the last decade+ ... ever decreasing circuit sizes and power along with newer technologies for slicing&dicing wafers to drastically reduce lost area ... allows for possibly another two orders of magnitude reduction (i.e. fully functional highly secure chip at possibly 1/100000 the cost of the $500 milspec part). this is only a chip that works both with and without pin. To add on-chip biometric matching would somewhat drive up the circuit area reducing chips/wafer (and increasing cost/chip).

misc. past AADS references
http://www.garlic.com/~lynn/x959.html#aads

There was a rather large POS chip deployment in US nearly a decade ago .... a little before the yes card presentation at cartes2002 (as well as yes card presentation at ATM Integrity Task Force meeting) .... after that it seemed to evaporate w/o a trace.

there was also an internet oriented chip deployment in about the same time that came along with serial-port card reader. several yrs earlier the dialup online banking organizations had been making presentations about move to internet in large part motivated by enormous consumer support costs and problems related to aftermarket serial-port devices (which turns out to have also been major motivation for USB). That institutional knowledge regarding serial-port issues appeared to have evaporated in those few short years.

The combination created quite a bit of resistance in the industry to trying chips again any time soon (along with big pullback from other chip oriented efforts in progress or planned).

another one of the efforts pulled back from ... we weren't member of nacha so got somebody else to submit RFI response ... copy here
http://www.garlic.com/~lynn/nacharfi.htm

the nacha internet council web page has gone 404, but still lives on at the wayback machine:
http://web.archive.org/web/20070706004855/http://internetcouncil.nacha.org/News/news.html

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Should the USA Implement EMV?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 17 Mar, 2010
Subject: Should the USA Implement EMV?
Blog: Payment Systems Network
re:
http://www.garlic.com/~lynn/2010f.html#19 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#25 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#26 Should the USA Implement EMV?

Issue with magneprint is similar to issue with biometrics ... a trusted end-point is required ... otherwise you have attackers skimming the value ... and replaying them on non-trusted end-points. trying to apply this to truely open environment (like arbitrary internet locations) then can be problem (aka while magneprint & biometric values are "fuzzy" ... they still can be skimmed/recorded and then replayed).

the topic of magneprint was raised in (70 years of ATM Innovation) discussion in this group last dec2009 ... part of which I've archived here
http://www.garlic.com/~lynn/2009q.html#78

above references the early magstripe and ATM cash machine work done at the Los Gatos lab. ... also has part of email exchange with magneprint company from 2003.

There was a rather large POS chip deployment in US nearly a decade ago .... a little before the yes card presentation at cartes2002 (as well as yes card presentation at ATM Integrity Task Force meeting) .... after that it seemed to evaporate w/o a trace.

there was also an internet oriented chip deployment in about the same time that came along with serial-port card reader. several yrs earlier the dialup online banking organizations had been making presentations about move to internet in large part motivated by enormous consumer support costs and problems related to aftermarket serial-port devices (which turns out to have also been major motivation for USB). That institutional knowledge regarding serial-port issues appeared to have evaporated in those few short years.

The combination created quite a bit of resistance in the industry to trying chips again any time soon (along with big pullback from other chip oriented efforts in progress or planned).

one of the efforts pulled back from ... we weren't member of nacha so got somebody else to submit RFI response ... copy here
http://www.garlic.com/~lynn/nacharfi.htm

the nacha internet council web page has gone 404, but still lives on at the wayback machine:
http://web.archive.org/web/20070706004855/http://internetcouncil.nacha.org/News/news.html

somewhat along the lines of magprint ... but applied to everything

Nanotechnology breakthrough by Imperial College will help the war against terrorism
http://nanotechwire.com/news.asp?nid=2254

as referenced in the earlier post about trusted end-point ... their is a "trusted" reading (magprint, biometrics, ... or the above) ... which is recorded/stored. Then later a new "trusted" reading is done ... and compared against the saved value.

Straying from trusted end-points ... somebody may record the reading after it has been converted to electronic pattern (magprint, biometrics, any value) ... and then reply that recording from some random location (i.e. internet cafe ... not even attempting to perform an actual reading).

This is different attack from attacks that have replicated fingerprints with gummy bears ... sufficient to spoof a real finger at a trusted end-point

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

floating point, was history of RPG, Fortran

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: floating point, was history of RPG, Fortran
Newsgroups: alt.folklore.computers
Date: Wed, 17 Mar 2010 15:06:17 -0400
Eric Chomko <pne.chomko@comcast.net> writes:
John Backus and company

random trivia, when I first transferred to sjr, backus office was a few doors down the corridor. the primary person that did a lot of enhancements to fortran H ... was known as "fortran q" for a time (eventually released as fortran hx) ... was up at the palo alto science center (and had earlier also done a lot of the 370/145 apl microcode assist).

a couple past posts mentioning fortran q
http://www.garlic.com/~lynn/2002g.html#1 WATFOR's Silver Anniversary
http://www.garlic.com/~lynn/2004m.html#6 a history question
http://www.garlic.com/~lynn/2006s.html#22 Why these original FORTRAN quirks?

during part of this period ... a lot of "language" products had been moved to STL lab ... and there was some amount of internal turmoil about STL starting to outsource a lot of work on "language" products ... especially what appeared to be "giving away" a lot of corporate optimization technologies.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Cyberattacks raise e-banking security fears

Refed: **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 18 Mar, 2010
Subject: Cyberattacks raise e-banking security fears
Blog: Financial Crime Risk, Fraud and Security
Cyberattacks raise e-banking security fears

ttp://www.computerworld.com/s/article/9168458/Cyberattacks_raise_e_banking_security_fears&urlhash=paly&trk=news_discuss

from above:
Increasing cyberattacks against the online bank accounts of small and midsize businesses have prompted growing calls for improved online banking security

... snip ...

We were tangentially involved in the cal. state data breach notification legislation. We had been called in to help wordsmith some of the cal. electronic signature legislation and several of the parties were heavily involved in privacy issues. They had done in depth consumer studies of privacy issues and the no.1 was financial fraud "identity theft" ... in large part from data breaches which was getting little or no attention. The reasoning seemed to be that the publicity from the data breach notifications would motivate corrective actions.

We had earlier been brought in to consult with small client/server company that wanted to do payment transactions on their server and had invented this technology called SSL they wanted to use. The largest use of SSL in the world today is now this "electronic commerce" stuff for hiding account numbers and transaction details while be transmitted thru the internet (however does nothing for protecting "data at rest").

Somewhat as result of the "electronic commerce" work, in the mid-90s we got invited to participate in the x9a10 financial standard working group which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. The result was the x9.59 financial transaction standard. One of the things that x9.59 standard did was slightly tweak the paradigm, eliminating the fraudulent transaction threat & vulnerability from leaking account numbers and transaction details ... which also eliminates the major current threat & vulnerability from data breaches ... as well as eliminates the need for SSL hiding account number and transaction details.

related discussion in Computer Security and Forensics, partially archived here:
http://www.garlic.com/~lynn/2010f.html#6 Online Banking & Password Theft

There have been a number of metaphors to characterize the current situation/paradigm:

security proportional to risk; in the current paradigm, the value of the information to the merchant is the profit on the transaction (possibly a couple dollars) and the value of the information to the processor can be a few cents per transaction ... while the value of the information to the crooks can be the credit limit and/or account balance (the crooks attacking the infrastructure may be able to outspend the merchant & processor defenders by a factor of one hundred times)

dual-use vulnerability; in the current paradigm, the knowledge of the account number may be sufficient to perform a fraudulent transaction (effectively authentication, as such it needs to be kept confidential and never divulged anywhere) ... while at the same time the account number needs to be readily available for a large number of business processes. The conflicting requirements (never divulged and at the same time readily available) has led to comments that even if the planet was buried under miles of information hiding encryption, it still couldn't prevent information leakage.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Should the USA Implement EMV?

Refed: **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 18 Mar, 2010
Subject: Should the USA Implement EMV?
Blog: Payment Systems Network
re:
http://www.garlic.com/~lynn/2010f.html#19 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#25 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#26 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#27 Should the USA Implement EMV?

somewhat in the spirit of parameterised risk management and "trusted endpoint", x9.59 financial standard has always allowed for the endpoint authenticaton to be optionally included in the x9.59 transaction (aka how much and what level of trust/assurance is required of the endpoint where the transaction originates).

this somewhat shows up in later 90s with the EU FINREAD standard (also fell victim to retrenching from chips in the earlier part of this century) which was a countermeasure to the enormous number of threats and vulnerabilities that can involve a PC endpoint. Some of this intertwines in recent ("Online Banking & Password Theft") discussion in Computer Security and Forensic group ... some of which is archived here:
http://www.garlic.com/~lynn/2010f.html#6

The issue was how did the issuing/approving entity know that trusted EU FINREAD endpoint was used ... or just something claiming to be a trusted EU FINREAD endpoint. A scenario was to included an AADS chip strawman in the manufacture of each EU FINREAD and have its authentication be included as part of every operation.

A more recent thread from today on the same subject is in this ("Cyberattacks raise e-bnanking security fears") discussion in the Financial Crime Risk, Fraud and Security group ... some of which is archived here:
http://www.garlic.com/~lynn/2010f.html#29

misc. past posts mentioning EU FINREAD
http://www.garlic.com/~lynn/subintegrity.html#finread

careful design and choosing components carefully ... it is possible to effectively make the chip costs negligible (especially compared to fully loaded per card issuance ... if not done solely to replace current card with a chip card) ... including being able to do DDA within elapsed time&power constraints of transit turnstile.

as an aside, the us deployment in the early part of this century was extremely chip myopic. it seemed impossible to convey that the yes card exploit was a POS/infrastructure attack ... not a chip attack; aka the response to the explanation was to configure valid cards to go online more often.

The POS compromise to skim the data is effectively identical for magstripe and chip. The total criminal effort is essentially identical. The cost difference between counterfeit magstripe and counterfeit yes card is trivial (yes card chips don't require any special security characteristics) ... especially compared to the overall criminal effort and/or compared to the expected fraud return.

This really comes in to play when it is considered that countermeasure to counterfeit magstripe is to deactivate the account ... which doesn't work for counterfeit yes card. A counterfeit yes card also ignored being forced online as well as ignored any poison suicide pill sent down (aka the potential fraud for the yes card could go on long after the account has been deactivated).

re:
http://www.garlic.com/~lynn/subintegrity.html#yescard

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Terse for PC

From: lynn@GARLIC.COM (Anne & Lynn Wheeler)
Subject: Re: Terse for PC
Newsgroups: bit.listserv.ibm-main
Date: 18 Mar 2010 14:14:17 -0700
eamacneil@YAHOO.CA (Ted MacNEIL) writes:
Correct me if I'm wrong; didn't terse start out on VM (pre-z)?

HUFF/PUFF predated terse (done in YKT on cms from the 70s) ... mentioned here
http://vm.marist.edu/~vmshare/browse?fn=PACKED&ft=PROB

some number of 1991 posts that mention applications/tools that should be part of every toolkit (including TERSE)
http://vm.marist.edu/~vmshare/browse?fn=TOOLKIT&ft=MEMO

1994 post goes into some discussion of data compression APIs and TERSE mentioned here
http://vm.marist.edu/~vmshare/browse?fn=ESAV2&ft=MEMO

... not on vmshare ... but earliest reference I have to using TERSE for package distributions on the internal network is 1985.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

history of RPG and other languages, was search engine history

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: history of RPG and other languages, was search engine history
Newsgroups: alt.folklore.computers
Date: Thu, 18 Mar 2010 18:00:19 -0400
Peter Flass <Peter_Flass@Yahoo.com> writes:
I think some people are. For a while FSI sold "Flex/es", basically a 370 emulator, as an IBM business partner. IBM killed their business, but I wouldn't be surprised if some customers were still running that or other emulators.

re:
http://www.garlic.com/~lynn/2010e.html#42 search engine history, was Happy DEC-10 Day

... and recent thread in mainframe mailing list (x-posted here) ... including some comment whether latest gulftown would get over 1000 370mips and below $5/370mip
http://www.garlic.com/~lynn/2010e.html#68 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#70 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#71 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#72 Entry point for a Mainframe?

since the above posts ... official product announcements
http://news.cnet.com/business-tech/?keyword=Core+i7-980X
http://news.cnet.com/8301-13924_3-10468754-64.html

overclocked to 4.3GHz
http://www.tomshardware.com/news/origin-pc-gulftown-intel-core-i7-980x,9888.html

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Thu, 18 Mar 2010 19:01:19 -0400
scott@slp53.sl.home (Scott Lurndal) writes:
I've no problem with reinstating the 90% bracket on, say, income over USD1,000,000, and 90% for any wall-street bonus or stock option :-)

wall street bonuses spiked by nearly four times during the toxic CDO frenzy ($27T) years ... and then in the years since, they appear attempting to maintain the peak bonus level ... even when operating at a loss ... recent references (to the data from New York State Office of the Controller)
http://www.garlic.com/~lynn/2010d.html#11 search engine history, was Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#19 search engine history, was Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#26 search engine history, was Happy DEC-10 Day

previous guess that commissions/bonuses/etc from that $27T might hit 15-20% aggregate or possibly $5T.
http://www.garlic.com/~lynn/2010e.html#74 LPARs: More or Less?
http://www.garlic.com/~lynn/2010f.html#15 LPARs: More or Less?

which would approx. correspond with statements that financial services industry tripled (measured as percent of GDP) during the toxic CDO frenzy years
http://www.garlic.com/~lynn/2010d.html#10 search engine history, was Happy DEC-10 Day

there have been references ... that corporate america in general ... the top executive compensation has exploded to nearly 400:1 that of avg. worker ... after having been 20:1 for a long time and 10:1 in much of the rest of the world. a couple recent posts mentioning the 400:1 compensation ratio
http://www.garlic.com/~lynn/2010d.html#8 search engine history, was Happy DEC-10 Day
http://www.garlic.com/~lynn/2010e.html#39 Agile Workforce

also during the toxic CDO frenzy years, there were corporate executives fiddling the financial reporting numbers to boost their compensation (in spite of sarbanes-oxley) ... and then sometimes the numbers would later be restated (w/o having to forfeit the bonuses). there have been number of references to large drop off in prosecution by SEC during the toxic CDO frenzy years ... and possibly as a result, it motivated the GAO to start publishing their own reports about fraudulent financial reports (even if they had no prosecution capability). The person that attempted for a decade to try and get SEC to something about Madoff was recently asked what would he do if he was made head of SEC ... basically said he would start by firing everybody there ... recent reference:
http://www.garlic.com/~lynn/2010e.html#77 Madoff Whistleblower Book

of course, during much of this period, the head of GAO (comptroller general) was also rather outspoken about nobody in congress for past 50 yrs appears to know middle school math (based on fiscal responsibility)

a few past posts referencing the gao.gov URL reporting on fraudulent financial filings.
http://www.garlic.com/~lynn/2009b.html#25 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
http://www.garlic.com/~lynn/2009b.html#36 A great article was posted in another BI group: "To H*** with Business Intelligence: 40 Percent of Execs Trust Gut"
http://www.garlic.com/~lynn/2009b.html#48 The blame game is on : A blow to the Audit/Accounting Industry or a lesson learned ???
http://www.garlic.com/~lynn/2009b.html#49 US disaster, debts and bad financial management
http://www.garlic.com/~lynn/2009b.html#52 What has the Global Financial Crisis taught the Nations, it's Governments and Decision Makers, and how should they apply that knowledge to manage risks differently in the future?
http://www.garlic.com/~lynn/2009b.html#53 Credit & Risk Management ... go Simple ?
http://www.garlic.com/~lynn/2009b.html#54 In your opinion, which facts caused the global crise situation?
http://www.garlic.com/~lynn/2009b.html#73 What can we learn from the meltdown?
http://www.garlic.com/~lynn/2009b.html#80 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009c.html#0 Audit II: Two more scary words: Sarbanes-Oxley
http://www.garlic.com/~lynn/2009c.html#20 Decision Making or Instinctive Steering?
http://www.garlic.com/~lynn/2009c.html#29 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009d.html#0 PNC Financial to pay CEO $3 million stock bonus
http://www.garlic.com/~lynn/2009d.html#3 Congress Set to Approve Pay Cap of $500,000
http://www.garlic.com/~lynn/2009d.html#37 NEW SEC (Enforcement) MANUAL, A welcome addition
http://www.garlic.com/~lynn/2009d.html#42 Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
http://www.garlic.com/~lynn/2009d.html#61 Quiz: Evaluate your level of Spreadsheet risk
http://www.garlic.com/~lynn/2009d.html#62 Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?
http://www.garlic.com/~lynn/2009d.html#63 Do bonuses foster unethical conduct?
http://www.garlic.com/~lynn/2009d.html#73 Should Glass-Steagall be reinstated?
http://www.garlic.com/~lynn/2009e.html#36 Architectural Diversity
http://www.garlic.com/~lynn/2009e.html#37 How do you see ethics playing a role in your organizations current or past?
http://www.garlic.com/~lynn/2009f.html#2 CEO pay sinks - Wall Street Journal/Hay Group survey results just released
http://www.garlic.com/~lynn/2009f.html#29 What is the real basis for business mess we are facing today?
http://www.garlic.com/~lynn/2009f.html#51 On whom or what would you place the blame for the sub-prime crisis?
http://www.garlic.com/~lynn/2009g.html#7 Just posted third article about toxic assets in a series on the current financial crisis
http://www.garlic.com/~lynn/2009g.html#33 Treating the Web As an Archive
http://www.garlic.com/~lynn/2009h.html#17 REGULATOR ROLE IN THE LIGHT OF RECENT FINANCIAL SCANDALS
http://www.garlic.com/~lynn/2009i.html#60 In the USA "financial regulator seeks power to curb excess speculation."
http://www.garlic.com/~lynn/2009j.html#12 IBM identity manager goes big on role control
http://www.garlic.com/~lynn/2009j.html#30 An Amazing Document On Madoff Said To Have Been Sent To SEC In 2005

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Fri, 19 Mar 2010 00:18:20 -0400
Peter Flass <Peter_Flass@Yahoo.com> writes:
All other things being equal, you're probably right. The problem is that this stuff is driving us into bankruptcy. I just read an analysis that by 2040 our national debt will be 200% of GDP in the optimistic scenario, and 700% in the worst case.

re:
http://www.garlic.com/~lynn/2010f.html#33 The 2010 Census

I think you get that w/o bothering to take into consideration any legislation that may have passed within the past two years. There was some recent reference to some legislation expiring in 2002 that had mandates about fiscal responsibility ... including unfunded mandates ... and things got really bad after that ... reference:
http://www.garlic.com/~lynn/2010b.html#60 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010c.html#9 Oldest Instruction Set still in daily use?

i.e. it seemed like after what he saw congress doing after the fiscal responsibility legislation expired in 2002 that he became really vocal (and nobody in congress seem to have any interest to maintain any sort of fiscal responsibility).

there was something about worst offender was medicare part-d that was a $40 trillion unfunded mandate (passed in 2003 after the 2002 fiscal responsibility legislation expired):
https://en.wikipedia.org/wiki/Medicare_Part_D

60 minutes did a segment how it got passed ... something about one line sentence added that exempted medicare part-d from competitive biddings and GAO did updated report on the change ... and there was 12-18 congressman & staffers that somehow managed to keep the updated report from being distributed until after the vote. supposedly something like six months later ... all had resigned and were working for drug companies in one way or another. recent reference
http://www.garlic.com/~lynn/2010c.html#0
a few earlier posts
http://www.garlic.com/~lynn/2007e.html#30 Health Care
http://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying
http://www.garlic.com/~lynn/2007s.html#1 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2009m.html#46 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer

old post on comptroller general report
http://www.garlic.com/~lynn/2006o.html#61

above mentions dept per capita exceeds gdp by 2030 ... that appropriations burden (including unfunded mandates) per person nearly tripled between 2000 & 2005.

and
http://www.garlic.com/~lynn/2008n.html#17

mentions in 2008 report that long-term deficit for medicare is nearly five times that of social security. ... also from 2008 GAO report


                       percent of federal budget
1966      1986      2006
defense                     43        28        20
social security             15        20        21
medicare/medicaid            1        10        19
interest                     7        14         9
all other                   34        29        32

... snip ...

misc past posts mentioning comptroller general reports:
http://www.garlic.com/~lynn/2006f.html#41 The Pankian Metaphor
http://www.garlic.com/~lynn/2006f.html#44 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#9 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#14 The Pankian Metaphor
http://www.garlic.com/~lynn/2006g.html#27 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#2 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#3 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#4 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#17 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#19 The Pankian Metaphor
http://www.garlic.com/~lynn/2006h.html#33 The Pankian Metaphor
http://www.garlic.com/~lynn/2006o.html#61 Health Care
http://www.garlic.com/~lynn/2006p.html#17 Health Care
http://www.garlic.com/~lynn/2006r.html#0 Cray-1 Anniversary Event - September 21st
http://www.garlic.com/~lynn/2006t.html#26 Universal constants
http://www.garlic.com/~lynn/2007j.html#20 IBM Unionization
http://www.garlic.com/~lynn/2007j.html#91 IBM Unionization
http://www.garlic.com/~lynn/2007k.html#19 Another "migration" from the mainframe
http://www.garlic.com/~lynn/2007o.html#74 Horrid thought about Politics, President Bush, and Democrats
http://www.garlic.com/~lynn/2007p.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying
http://www.garlic.com/~lynn/2007s.html#1 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#13 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#14 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#15 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#24 Translation of IBM Basic Assembler to C?
http://www.garlic.com/~lynn/2007t.html#25 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#33 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#35 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007v.html#26 2007 Year in Review on Mainframes - Interesting
http://www.garlic.com/~lynn/2008.html#57 Computer Science Education: Where Are the Software Engineers of Tomorrow?
http://www.garlic.com/~lynn/2008d.html#40 Computer Science Education: Where Are the Software Engineers of Tomorrow?
http://www.garlic.com/~lynn/2008e.html#50 fraying infrastructure
http://www.garlic.com/~lynn/2008f.html#86 Banks failing to manage IT risk - study
http://www.garlic.com/~lynn/2008g.html#1 The Workplace War for Age and Talent
http://www.garlic.com/~lynn/2008h.html#3 America's Prophet of Fiscal Doom
http://www.garlic.com/~lynn/2008h.html#26 The Return of Ada
http://www.garlic.com/~lynn/2008i.html#98 dollar coins
http://www.garlic.com/~lynn/2008n.html#8 Taxcuts
http://www.garlic.com/~lynn/2008n.html#9 Taxcuts
http://www.garlic.com/~lynn/2008n.html#17 Michigan industry
http://www.garlic.com/~lynn/2009f.html#20 What is the real basis for business mess we are facing today?
http://www.garlic.com/~lynn/2009n.html#55 Hexadecimal Kid - articles from Computerworld wanted
http://www.garlic.com/~lynn/2009p.html#86 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009p.html#87 IBM driving mainframe systems programmers into the ground
http://www.garlic.com/~lynn/2010.html#36 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010.html#37 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010b.html#60 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010c.html#3 Oldest Instruction Set still in daily use?
http://www.garlic.com/~lynn/2010c.html#9 Oldest Instruction Set still in daily use?
http://www.garlic.com/~lynn/2010c.html#23 Happy DEC-10 Day

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Fri, 19 Mar 2010 09:16:20 -0400
jmfbahciv <jmfbahciv@aol> writes:
If you want a realistic estimate of how much the medical edict will cost, just take a look a Massachusetts' mess.

re:
http://www.garlic.com/~lynn/2010f.html#33 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#34 The 2010 Census

but medicare part-d numbers are still larger than the worst case predictions for any/all of the pending legislation.

it is hard to even figure out what is going on now ... there is some possibility that huge amount is obfuscation and misdirection to make sure that things like medicare part-d aren't touched.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Fri, 19 Mar 2010 10:01:02 -0400
jmfbahciv <jmfbahciv@aol> writes:
If you want a realistic estimate of how much the medical edict will cost, just take a look a Massachusetts' mess.

re:
http://www.garlic.com/~lynn/2010f.html#33 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#34 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#35 The 2010 Census

it would be interesting if there could be a decade do-over ... go back undo GLBA and repeal of Glass-Steagall, undo commodities act that exempted regulating the enron and aig machinations, put back in the fidiciary responsibility legislation ... and see what kind of legislation is done when it has to meet some financial responsibility standards.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Fri, 19 Mar 2010 16:44:28 -0400
Dave Garland <dave.garland@wizinfo.com> writes:
So clearly there _are_ plans to pay back some of that debt. In some cases (because stock prices have risen since the cataclysm) the gummint has actually made a profit on the deal when the companies bought back their stock. That's not to say it's _all_ going to get paid back, of course.

re:
http://www.garlic.com/~lynn/2010f.html#33 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#34 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#35 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#36 The 2010 Census

the TARP funds were originally appropriate to purchase toxic assets ... but apparently when they discovered that the total appropriated was barely a drop in the bucket for just the toxic assets carried offbook by the four largest too-big-to-fail institutions ... they had to come up with other mechanisms to use the money.

while that was going on ... to make the institutions to appear whole again, the Fed Reserve stepped in and started offering money at zero percent to financial institutions ... aka the member banks could borrow money from the Fed Reserve at zero percent and then loan it out at 4-6 percent ... or has been documented "gamble" with the money in the markets. It is possibly major reason that Goldman-Sachs got a bank charter ... so it could also get zero percent fed money (and by many reports; using for speculating in the market ... with it all going to the institutions bottom line).

Enough is this is going on that many institutions are able to report significant profits ... although there is still the issue with much of the toxic assets are still back there someplace waiting to be reckoned with. There seems to be a lot of audit rules are still being bent and broken ... possibly with the fear that if everything came to light, the whole precarious house of cards could still come tumbling down.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

F.B.I. Faces New Setback in Computer Overhaul

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: F.B.I. Faces New Setback in Computer Overhaul
Newsgroups: alt.folklore.computers
Date: Fri, 19 Mar 2010 16:54:39 -0400
F.B.I. Faces New Setback in Computer Overhaul
http://www.nytimes.com/2010/03/19/us/19fbi.html

besides FBI this seems to have also affected IRS, FAA, & others every few years.

misc. past reference to an article titled The Success of Failure; that the big system integrators have discovered that they make significantly more money (from the fed) off a series of failures than they ever make off of having a success.
http://www.garlic.com/~lynn/2009o.html#25 Opinions on the 'Unix Haters' Handbook'
http://www.garlic.com/~lynn/2009o.html#41 U.S. house decommissions its last mainframe, saves $730,000
http://www.garlic.com/~lynn/2010b.html#19 STEM crisis
http://www.garlic.com/~lynn/2010b.html#26 Happy DEC-10 Day

a few past refs:
http://www.garlic.com/~lynn/2005.html#37 [OT?] FBI Virtual Case File is even possible?
http://www.garlic.com/~lynn/2005.html#48 [OT?] FBI Virtual Case File is even possible?
http://www.garlic.com/~lynn/2005b.html#3 [OT?] FBI Virtual Case File is even possible?

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Fri, 19 Mar 2010 17:35:21 -0400
re:
http://www.garlic.com/~lynn/2010f.html#33 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#34 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#35 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#36 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#37 The 2010 Census

and ...

Public, 2; Fed, 0
http://blogs.forbes.com/streettalk/2010/03/19/public-2-fed-0/?boxes=Homepagelighttop

from above:
The Fed argued against disclosing the information because it might harm banks on the list. Discount window borrowing carries a stigma with it -- it is a sign that a bank can't even get other banks to lend to it and has no other recourse to get overnight cash. After the collapse of Lehman Brothers in September 2008, the inter-bank loan market froze and discount window lending soared to over $100 billion a day, according to Fed statistical releases.

... snip ...

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

F.B.I. Faces New Setback in Computer Overhaul

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: F.B.I. Faces New Setback in Computer Overhaul
Newsgroups: alt.folklore.computers
Date: Sat, 20 Mar 2010 09:52:33 -0400
jmfbahciv <jmfbahciv@aol> writes:
That reporting to Congress is part of the mess. If you had to report to your manager every day each line of code you wrote, in detail, you might get time to write one line. then your train of thought is interrupted by the meeting and it's impossible to get back into the coding groove again.

re:
http://www.garlic.com/~lynn/2010f.html#38 F.B.I. Faces New Setback in Computer Overhaul

i think there is stereotype of less competent people smoozing thier boss as part of keeping their jobs. there have been numerous references to congress being the most corrupt institution on the planet ... it is frequently referred to as lobbying when applied to congress.

past references to economists discussing that one of the single improvements to the enormous corruption is going to flat rate tax ... because that would eliminate the enormous amount of lobbying related to special tax provisions (and humorous observatoin that ireland has lobbied against US not going to flat rate tax ... because the current tax code is one of the things claimed for US companies setting up in Ireland).
http://www.garlic.com/~lynn/2008m.html#49 Taxes
http://www.garlic.com/~lynn/2008m.html#87 Fraud due to stupid failure to test for negative
http://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
http://www.garlic.com/~lynn/2009h.html#20 China's yuan 'set to usurp US dollar' as world's reserve currency
http://www.garlic.com/~lynn/2009i.html#13 64 Cores -- IBM is showing a prototype already
http://www.garlic.com/~lynn/2009p.html#31 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009q.html#77 Now is time for banks to replace core system according to Accenture
http://www.garlic.com/~lynn/2010d.html#49 search engine history, was Happy DEC-10 Day

so the scenario is the current tax code is just another graft & corruption scam for the benefit of congress ... even tho it also costs something like 2-3% of GDP in lost productivity (overhead dealing with the tax code ... separate from establishing the environment for the enormous graft & courruption). That enormous complexity and overhead has also created a whole "tax preparation" industry ... that also heavily contributes to congress ... opposing any flat rate tax.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Should the USA Implement EMV?

From: lynn@garlic.com (Lynn Wheeler)
Date: 18 Mar, 2010
Subject: Should the USA Implement EMV?
Blog: Payment Systems Network
re:
http://www.garlic.com/~lynn/2010f.html#19 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#25 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#26 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#27 Should the USA Implement EMV?
http://www.garlic.com/~lynn/2010f.html#30 Should the USA Implement EMV?

The AADS chip strawman infrastructure allows for arbitrary something you know and something you are (biometrics). Biometrics has a lot of stuff for fuzzy matching (fuzzy matching thresh holds, false positives and false negatives, etc). I used repeated (fuzzy) reading as countermeasure to static replay ... can't remember now for sure whether the lawyers included claims on repeated fuzzy matching in the AADS patent portfolio (we are now long departed and have no involvement, even AADS patents being filed long after we are gone).

However, there are potential issues with attackers fiddling the recording replay sufficient to pass the identical matching. It all has interplay with the level of trust in the end-point (i.e. compromised end-point, counterfeit end-point, or maybe a parasite network connection).

AADS references:
http://www.garlic.com/~lynn/x959.html#aads

AADS patent portfolio reference:
http://www.garlic.com/~lynn/aadssummary.htm

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

the very slow 1130, was history of RPG and other languages

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: the very slow 1130, was history of RPG and other languages
Newsgroups: alt.folklore.computers
Date: Sat, 20 Mar 2010 11:12:41 -0400
Walter Bushell <proto@panix.com> writes:
And it was IBM and thus easier to get approval. Management was used to dealing with IBM and they liked it. Another vendor, not so much.

amoco research in tulsa had an 1800 ... that they "upgraded" to vm/135 ... which then went thru very rapid evolution to a couple vm/16Xs. they become a major VM poster child at (ibm user group) SHARE meetings ... much to the consternation of the favorite son operating system in POK. Part of the "poster child" scenarios was VM (personal computing) liberating each person to do what-ever they wanted to do (which then resulted in enormous expansion in their computer use) ... compared to the constricted rigid environments typical of the favorite son operating system.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

F.B.I. Faces New Setback in Computer Overhaul

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: F.B.I. Faces New Setback in Computer Overhaul
Newsgroups: alt.folklore.computers
Date: Sun, 21 Mar 2010 08:32:47 -0400
Charles Richmond <frizzle@tx.rr.com> writes:
That's why programming groups need a "shit shield"' supervisor to keep all this red tape off your back!!! Worth their weight in gold!!!

re:
http://www.garlic.com/~lynn/2010f.html#38 F.B.I. Faces New Setback in Computer Overhaul
http://www.garlic.com/~lynn/2010f.html#40 F.B.I. Faces New Setback in Computer Overhaul

long ago and far away, somebody observed that programming productivity tends to be highly skewed ... and managers tend to spend the majority of their time on the bottom producers (that have the most problems) ... when they should be spending their time facilitating the top ten percent ... which can frequently double the productivity of the group.

the other observation is that many succesful executives spend all their time "managing" their career ... frequently totally orthogaonal to their corporate duties ... a variation on previously mentioned "smoozing".

then there is the boyd corollary:
"There are two career paths in front of you, and you have to choose which path you will follow. One path leads to promotions, titles, and positions of distinction.... The other path leads to doing things that are truly significant for the Air Force, but the rewards will quite often be a kick in the stomach because you may have to cross swords with the party line on occasion. You can't go down both paths, you have to choose. Do you want to be a man of distinction or do you want to do things that really influence the shape of the Air Force? To be or to do, that is the question." Colonel John R. Boyd, USAF 1927-1997

From the dedication of Boyd Hall, United States Air Force Weapons School, Nellis Air Force Base, Nevada. 17 September 1999


--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Can't PIN be mandated in normal POS machines ? to avoid Losses / Frauds / NPA's ?

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 21 Mar, 2010
Subject: Can't PIN be mandated in normal POS machines ? to avoid Losses / Frauds / NPA's ?
Blog: Payment Systems Network
There was article a couple years ago about signature-debit being 15 times that of PIN-debit. It is also somewhat a variation on the old walmart/merchant class-action suit.

Study: Signature Debit Fraud Runs 15 Times Higher Than on PIN Debit
http://www.digitaltransactions.net/newsstory.cfm?newsid=738

other related articles:
http://www.pirg.org/consumer/banks/debit/debitcards1.htm
http://www.digitaltransactions.net/newsstory.cfm?newsid=768

possibly motivations leading up to the walmart/merchant class-action suit ... the signature debit would run thru the credit card networks with higher interchange fees ... while PIN-debit would run thru debit-networks with lower interchange fees (both who earned the fees as well as how much fees were being taken).

There is the "march" of time/technology ... the default assumption is that two-factor authentication is more secure than single-factor authentication ... as long as the different factors have independent threats&vulnerabilities. In theory, PINs are countermeasure to loss/stolen card.

The counter examples are:

1) counterfeit yes card scenario ... only required the card/chip data to be skimmed ... since POS terminal would ask the chip if the correct pin was entered ... a counterfeit yes card would always reply YES ... regardless of value entered

2) the enormous proliferation in unique shared-secret something you know authentication ... saturates human ability to remember huge numbers of different values. one study has claimed that 1/3rd of debit cards had the PIN written on them

3) more advanced counterfeit and compromised end-points/terminals ... skim both the card data and the PIN data simultaneously ... invalidating the assumption that the different authentication factors have independent threats/vulnerabilities.

another countermeasure in the lost/stolen card scenario was that the person would notice that it was lost/stolen and report it ... then the account would be deactivated. The downside of skimming threat is that the card owner doesn't immediately recognize that it has happened ... and therefor relying on reporting for account deactivation is much less dependable.

the yes card exploit managed to defeat the account deactivation countermeasure. a skimmed yes card would not only always answer "YES" to whether the correct PIN had been entered ... but also answer "YES" to offline transactions ... allowing yes card fraud to continue long after the account had been deactivated.

The yes card doesn't directly work with lost/stolen card ... but the thief could purposefully use the lost/stolen card with a counterfeit/compromised terminal ... and then use the skimmed data to create a counterfeit yes card.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

not even sort of about The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: not even sort of about The 2010 Census
Newsgroups: alt.folklore.computers
Date: Sun, 21 Mar 2010 09:12:16 -0400
jmfbahciv <jmfbahciv@aol> writes:
I know. Do you honestly believe that medical business is going to come back here when the prices will have to be triple or quadruple what they are now? Do you really think that the talented medical care providers are going to stay in the US and have their income reduced? do you really think that kids will study medicine when there the salaries are matched to the postal service job classifications?

medical is at least a booming business (especially with the aging baby boomers) ... postal seems to be going thru decline ... somewhat akin to engine crewmember that rode in the train caboose.

references to baby boomer generation being four times as large as previous generation ... the huge mismatch contributed to the significant retirement benefits ... easily being able to tax the baby boomers to pay for the retirement benefits of the previous generation ... this inverts when the generation following baby boomers is only half as large ... the baby boomer bubble moving into retirement goes from 4:1 to 1:2 ... or a change in the ratio by factor of eight.
http://www.garlic.com/~lynn/2003k.html#61 The Incredible Shrinking Legacy Workforces
http://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
http://www.garlic.com/~lynn/2007p.html#7 what does xp do when system is copying
http://www.garlic.com/~lynn/2007p.html#14 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#16 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#21 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#27 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#28 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#29 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#30 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#31 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#35 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#38 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007p.html#50 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007q.html#41 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007q.html#42 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007s.html#32 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007s.html#63 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007s.html#67 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007s.html#68 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#0 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#1 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#2 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#13 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#14 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#15 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#17 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#18 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#25 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#31 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#33 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#34 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#35 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#38 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#41 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#43 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#46 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#50 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#51 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#52 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007t.html#53 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007v.html#25 Newsweek article--baby boomers and computers
http://www.garlic.com/~lynn/2007v.html#26 2007 Year in Review on Mainframes - Interesting
http://www.garlic.com/~lynn/2007v.html#72 whats the world going to do when all the baby boomers retire
http://www.garlic.com/~lynn/2008b.html#3 on-demand computing
http://www.garlic.com/~lynn/2008c.html#16 Toyota Sales for 2007 May Surpass GM
http://www.garlic.com/~lynn/2008c.html#69 Toyota Beats GM in Global Production
http://www.garlic.com/~lynn/2008f.html#99 The Workplace War for Age and Talent
http://www.garlic.com/~lynn/2008g.html#1 The Workplace War for Age and Talent
http://www.garlic.com/~lynn/2008g.html#50 CA ESD files Options
http://www.garlic.com/~lynn/2008h.html#3 America's Prophet of Fiscal Doom
http://www.garlic.com/~lynn/2008h.html#11 The Return of Ada
http://www.garlic.com/~lynn/2008h.html#26 The Return of Ada
http://www.garlic.com/~lynn/2008h.html#57 our Barb: WWII
http://www.garlic.com/~lynn/2008i.html#56 The Price Of Oil --- going beyong US$130 a barrel
http://www.garlic.com/~lynn/2008i.html#98 dollar coins
http://www.garlic.com/~lynn/2008j.html#80 dollar coins
http://www.garlic.com/~lynn/2008k.html#5 Republican accomplishments and Hoover
http://www.garlic.com/~lynn/2008l.html#37 dollar coins
http://www.garlic.com/~lynn/2008m.html#3 Medical care
http://www.garlic.com/~lynn/2008n.html#13 Michigan industry
http://www.garlic.com/~lynn/2008n.html#20 Michigan industry
http://www.garlic.com/~lynn/2008n.html#29 Blinkylights
http://www.garlic.com/~lynn/2008o.html#8 The end of the baby boomers, US bonds maturing, and then what?
http://www.garlic.com/~lynn/2008o.html#58 Everyone is getting same deal out of life: babyboomers can't retire but they get SS benefits intact
http://www.garlic.com/~lynn/2009m.html#61 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer
http://www.garlic.com/~lynn/2009m.html#64 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer
http://www.garlic.com/~lynn/2009m.html#72 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer
http://www.garlic.com/~lynn/2009o.html#37 Young Developers Get Old Mainframers' Jobs
http://www.garlic.com/~lynn/2009o.html#72 I would like to understand the professional job market in US. Is it shrinking?
http://www.garlic.com/~lynn/2010.html#37 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010.html#38 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010b.html#19 STEM crisis
http://www.garlic.com/~lynn/2010b.html#24 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010b.html#56 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010b.html#59 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#18 search engine history, was Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#46 search engine history, was Happy DEC-10 Day

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

not even sort of about The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: not even sort of about The 2010 Census
Newsgroups: alt.folklore.computers
Date: Sun, 21 Mar 2010 12:47:22 -0400
Dave Garland <dave.garland@wizinfo.com> writes:
Not for people who have to pay for their own drugs. Name-brand drugs are still much cheaper (maybe half as much) in Canada. Little or no savings on generics (except when they've got a generic for a drug that we can't get in generic form).

re:
http://www.garlic.com/~lynn/2010f.html#34 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#35 The 2010 Census

60 minutes on how medicare part-d in 2003 ... included the effect of one sentence late addition (something like within week of vote) to the bill which exempted part-d from competitive bidding ... the should a whole raft of identical drugs priced under part-d and identical drug price for VA ... which allows competitive bidding. VA was paying 1/3rd what part-d was paying for identical drugs (because of competitive bidding being allowed) ... which amounts to enormous profits to the drug industry (and in aggregate, GAO reports as $40TRILLION unfunded mandate ... dwarfing everying else)

60 minutes show highlighted the 12-18 members & staffers that managed to sideline the GAO revised cost estimate of the one-sentence change (until after the vote) ... and who within very short time after the vote had all resigned and were employed by the drug industry.

this may have been what really triggered the comptroller general to become really vocal about congressional fiscal responsibility (although recent book interview was that it all seem to really start by some fical responsibility legislation that had expired in 2002)

of course going on at the same time was the whole enron/anderson stuff and the sarbanes-oxley bill ... which relied on SEC to enforce ... and didn't appear to be doing anything ... then appeared to motivate GAO starting to audit and release reports on public company financial reports that were fraudulent (and theoritically should have been prosecuted by SEC ... and at least under sarbanes-oxley would be sending the executives to prison).

I had been invited to conference of EU executives (financial institutions, stock markets, large corporations) which was talking about the enormous cost of SOX audits that was starting to apply to EU corporations. My position was that SOX audits didn't appear to actually change the effectiveness of audits to catch/prevent purposeful fraud (it would primarily catch sloppy work and/or mistakes). That seemed to somewhat correspond with what GAO reports started publishing.

then there is this more recent item:

Two Madoff computer admins indicted
http://www.computerworld.com/s/article/9173138/Two_Madoff_computer_admins_indicted
Two Madoff computer admins indicted
http://www.networkworld.com/news/2010/041010-java-founder-james-gosling-leaves.html

and

Lehman autopsy throws Ernst & Young into spotlight
http://www.marketwatch.com/story/lehman-autopsy-throws-ernst-young-into-spotlight-2010-03-12
Lehman, Ernst & Young and accounting
http://insider.accountancyage.com/2010/03/lehman-ernst-yo.html
Will Ernst & Young Survive The Lehman Fiasco?
http://www.businessinsider.com/will-ernst-and-young-survive-the-lehman-fiasco-2010-3
Ernst & Young faces legal action over Lehman collapse
http://business.timesonline.co.uk/tol/business/industry_sectors/banking_and_finance/article7059469.ece
Lehman Fraudulently Cooked Its Books, Accounting Giant Ernst & Young Helped, Geithner and Bernanke Winked and Slapped Them on the Back
http://www.prisonplanet.com/lehman-fraudulently-cooked-its-books-accounting-giant-ernst-young-helped-geithner-and-bernanke-winked-and-slapped-them-on-the-back.html

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Nonlinear systems and nonlocal supercomputing

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Nonlinear systems and nonlocal supercomputing
Newsgroups: comp.arch
Date: Sun, 21 Mar 2010 13:17:23 -0400
Del Cecchi <delcecchi@gmail.com> writes:
The original motivation was to do molecular simulations in the bio-tech field, hence the name. Sure, IBM seized on the desire of the National Labs for prestige and bomb simulation and used it to make a profit.

or seized on national labs (& numerical intensive) only as possible walling off move into commercial at the same time.

old email
http://www.garlic.com/~lynn/lhwemail.html#medusa

old post about jan92 moving into commercial also
http://www.garlic.com/~lynn/95.html#13

a few weeks before being told it was transferred and couldn't work on anything with more than four processors.

old email, hrs before the hammer fell (may had already happened, we just hadn't been told yet)
http://www.garlic.com/~lynn/2006x.html#email920129

discussing the national lab scenario (I had to skip a LLNL meeting because of other commitments ... but some of the people at the meeting dropped by afterwards to bring me up to date).

then the press item shortly after the hammer fell (17feb92)
http://www.garlic.com/~lynn/2001n.html#6000clusters1

and another press item later that summer (we were both gone within a few weeks):
http://www.garlic.com/~lynn/2001n.html#6000clusters2

the kingston engineering & scientific had been doing molecular simulation with numerous Floating Point Systems boxes tied to 3090 with vector facility.

In 1980, I had done some HYPERChannel work to allow overflow in the Santa Teresa lab. (300 people from IMS group) to be moved to offsite bldg ... but getting local interactive performance using HYPERChannel as mainframe channel extension. Then basically did the same installation for large IMS field support group in boulder. recent reference
http://www.garlic.com/~lynn/2010f.html#17

The person that I worked with for the Boulder installation then moved to Kingston to manage the Kingston E&S operation. I worked with him there to do high-speed HYPERChannel satellite link between Kingston E&S lab and the west coast. This was somewhat totally unrelated to the operation that was supposedly designing their own numerical intensive supercomputer and also providing funding for Steve Chen's effort. recent post with a little more of the gory details:
http://www.garlic.com/~lynn/2010b.html#71 Happy DEC-10 Day

The above tended to have some LLNL ties, in part because early backing for FCS was standards moving to fiber-optics ... something that LLNL had installed in serial-copper form.

The SCI stuff was with Gustafson out of SLAC.

Later one of the sparc-10 engineers was at another chip-shop and designing a fast/inexpensive SCI subset ... and tried to interest me into taking over the SUN SPRING/DOE operating system effort and adapting it to a large distributed SCI infrastructure. This was about the time SUN was shutting down the SPRING/DOE effort and transferring everybody over to Java group.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Nonlinear systems and nonlocal supercomputing

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Nonlinear systems and nonlocal supercomputing
Newsgroups: comp.arch
Date: Sun, 21 Mar 2010 17:12:57 -0400
"Del Cecchi" <delcecchi@gmail.com> writes:
And Rochester had an effort to use SCIL (SCI Like) interface to couple AS400 Boxes in something we called "firmly coupled". The software guys had even signed up. But some guy from POK (Baum?) put the kibosh on it since he didn't believe the Rochester guys could make OS400 NUMA when the Z folks said it would take hundreds of PY. POK always had a NIH complex.

But in the end the SCI knock off ended up in Xseries NUMA box.

The topology was dual counter rotating rings.


re:
http://www.garlic.com/~lynn/2010f.html#47 Nonlinear systems and nonlocal supercomputing

by the time of SCIL ... we were gone from IBM ... and was only intermediately involved with SCI (couldn't do a whole lot of self-funding on standards committees).

long ago and far away, baum was hired into pok to be in charge of (mainframe) tightly-coupled shared-memory multiprocessor architecture ... at the same time my wife was con'ed into moving from the JES group in G'burg to POK to be in charge of (mainframe) loosely-coupled (aka cluster) architecture .... and for a time, both reported to the same manager. mainframe shared-memory for long time required much stronger memory consistency ... than provided in NUMA.

during her stint in POK, there was almost exclusive focus on tightly-coupled ... and she didn't stay very long there. Her loosely-coupled architecture (peer-coupled shared-data) saw very little (mainframe) uptake, except for IMS hot-standby ... until sysplex.
http://www.garlic.com/~lynn/submain.html#shareddata

much later, Steve Chen was CTO at sequent and they were doing NUMA-Q (SCI) and we did some consulting for Steve. later IBM buys sequent. a few recent references:
http://www.garlic.com/~lynn/2010e.html#68 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010e.html#70 Entry point for a Mainframe?
http://www.garlic.com/~lynn/2010f.html#7 What was the historical price of a P/390?
http://www.garlic.com/~lynn/2010f.html#13 What was the historical price of a P/390?

there is a similar joke about the internal network. there was somebody from corporate hdqtrs in armonk who had participated in SNA investigation on what would be required to implement a world-wide distributed network ... that came up with enormous amounts of PY ... in part because SNA is so fundamentally opposite to real distributed network. It turns out the majority internal network was done by a single person ... but it used a totally different approach that made world-wide distributed network a relatively trivial result. In anycase, the armonk expert stated that the internal network could not exist because the corporation had never provided funding for such an enormous PY for networking.

totally unrelated recent reference to dual counter-rotating rings from long ago and far away:
http://www.garlic.com/~lynn/2010e.html#69 search engine history, was Happy DEC-10 Day

aka 1mbit/sec LAN being done for replacing copper wiring harness bundles in autos.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Nonlinear systems and nonlocal supercomputing

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Nonlinear systems and nonlocal supercomputing
Newsgroups: comp.arch
Date: Sun, 21 Mar 2010 17:41:04 -0400
re:
http://www.garlic.com/~lynn/2010f.html#47 Nonlinear systems and nonlocal supercomputing
http://www.garlic.com/~lynn/2010f.html#48 Nonlinear systems and nonlocal supercomputing

in fact, one of the reason for doing (rios) cluster scaleup ... was at the time, there was no cache consistency support to allow doing anything at all with SCI (the only scaleup was cluster). the engineering manager that we reported to (when starting cluster scaleup) ... had only recently moved over to head up the new somerset organization (motorola, ibm, apple, etc) ... which would do a single-chip 801/risc and eventually produce something that had any kind of cache-consistency primitives for any kind of shared memory operations. but by the time any kind of cache consistency support existed, we were long gone.

he does later show up as president of mips for a stint ... and we do some stuff.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.os.linux.advocacy, comp.os.linux.hardware, comp.arch
Date: Mon, 22 Mar 2010 09:38:53 -0400
Mike Jr <n00spam@comcast.net> writes:
Thank you. In the far distant past, IBM had a machine called the SP2 that used a shared nothing architecture to get around the SMP shared memory bottleneck. The SP2 was a supercomputer.

before SP2 ... there was SP1 ... some of the genesis mentioned in this jan92 meeting in ellison's conference room
http://www.garlic.com/~lynn/95.html#13

and this old email
http://www.garlic.com/~lynn/lhwemail.html#medusa

before it was transferred and positioned as numerical intensive only.

recent thread in c.a.
http://www.garlic.com/~lynn/2010f.html#47 Nonlinear systems and nonlocal supercomputing
http://www.garlic.com/~lynn/2010f.html#48 Nonlinear systems and nonlocal supercomputing
http://www.garlic.com/~lynn/2010f.html#49 Nonlinear systems and nonlocal supercomputing

as mentioned in the above thread ... the reason for doing message passing was the rios chip set didn't support cache consistency for shared memory (aka "scale" past one). the engineering manager that we reported to (when starting the project), had only relatively recently moved to be head of somerset (joint motorola, ibm, apple, etc) that would do single chip 801/risc and eventually support for cache consistency and shared memory. as mentioned in the above thread, had also been doing some stuff with SCI (which was numa shared memory) ... but until had a chip with cache consistency semantics ... there wasn't much to do.

in any case, within hrs of this email ... the hammer fell, the effort transferred, we were told we couldn't work on anything with more than four processors
http://www.garlic.com/~lynn/2006x.html#email920129

it was then announced as product for numerical intensive only ... some past press ... one from 17feb92
http://www.garlic.com/~lynn/2001n.html#6000clusters1

and another from later that summer
http://www.garlic.com/~lynn/2001n.html#6000clusters2

and we were gone within weeks of the above (got paid to leave and not come back ... extra enducement was structured as sabbatical w/some benefits to retirement). recent mention getting letter on the last day claiming was promoted the following day ... this was after a decade of being told that there were no promotions in my future
http://www.garlic.com/~lynn/2009r.html#6 Have you ever though about taking a sabbatical?
http://www.garlic.com/~lynn/2010f.html#20 Would you fight?

the SCI NUMA (multi-core) flavor from the 90s was multiple (2-4, single-core) chips on the same board with shared L2 ... that were then interconnected with SCI. sequent and data general both did four intel processor boards with SCI & convex did a two hp risc processor boards (with SCI).

note that some of same the people involved in transferring the project and telling us that we couldn't work on anything with than four processors ... had also been involved in blocking our bidding on NSFNET RFP; a couple recent references (i.e. director of NSF even wrote letter to company execs ... but that just aggravated the internal politics)
http://www.garlic.com/~lynn/2010e.html#64 LPARs: More or Less?
http://www.garlic.com/~lynn/2010e.html#80 Entry point for a Mainframe?

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Mon, 22 Mar 2010 10:51:19 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
the TARP funds were originally appropriate to purchase toxic assets ... but apparently when they discovered that the total appropriated was barely a drop in the bucket for just the toxic assets carried offbook by the four largest too-big-to-fail institutions ... they had to come up with other mechanisms to use the money.

re:
http://www.garlic.com/~lynn/2010f.html#37 The 2010 Census

MIT's Johnson Says Too-Big-to-Fail Banks Will Spark New Crisis
http://www.bloomberg.com/apps/news?pid=20601103
http://www.bloomberg.com/apps/news?pid=20601088&sid=agtzzM.WMObI

from above:
It was October 2009, and the man who helped make megabanks possible was sounding more like Teddy Roosevelt than the Maestro as he entertained what he called a radical solution.

... snip ...

this was repeal of Glass-Steagall in glba and various other actions a decade ago. the recent actions taken to try and prevent much worse problems seem to have gone in the opposite direction.

every so often there is an industry publication that compares the avg financials for the largest national institutions with the avg financials of the largest regional institutions. the funny thing was a decade ago ... this showed that the regional institutions were more profitable than the national institutions ... aka one of the justifications for enabling too-big-to-fail was improved efficiency and competition ... it appeared that just the reverse was true ... as they got that big, they appeared to get bloated and less efficient.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.arch
Date: Mon, 22 Mar 2010 11:30:08 -0400
jgd writes:
Well, it exists, a bit. There's a version of Windows Server that's intended to be distributed across many x86-64 modes. Its main selling point is that you don't need those snobby, awkward Linux/UNIX people to run it; your corporate Windows support people can supposedly handle it.

The general reaction from potential customers has apparently been "Huh?" although apparently a few corporations have signed up.


re:
http://www.garlic.com/~lynn/2010f.html#50 Handling multicore CPUs; what the competition is thinking

at '91 asilomar acm sigops conference, i had a running argument with jim about whether commodity chips could be used for both high availability and cluster scaleup (he was still at dec at the time ... so there possibly was some bias for vax/clusters). later he went to work for redmond and had to be up on the stage with the ceo for their cluster announcement.
http://web.archive.org/web/20081115000000*/http://research.microsoft.com/en-us/um/people/gray/

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

F.B.I. Faces New Setback in Computer Overhaul

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: F.B.I. Faces New Setback in Computer Overhaul
Newsgroups: alt.folklore.computers
Date: Mon, 22 Mar 2010 12:29:32 -0400
Charles Richmond <frizzle@tx.rr.com> writes:
You mentioned the Boyd corollary before, and I pointed out the Woody Allen corollary:

"... despair and utter hopelessness ... or total extinction ..."


re:
http://www.garlic.com/~lynn/2010f.html#38 F.B.I. Faces New Setback in Computer Overhaul
http://www.garlic.com/~lynn/2010f.html#40 F.B.I. Faces New Setback in Computer Overhaul
http://www.garlic.com/~lynn/2010f.html#43 F.B.I. Faces New Setback in Computer Overhaul

i somewhat biased for boyd since I knew him and sponsored his briefings at ibm. misc. boyd references:
http://www.garlic.com/~lynn/subboyd.html

the quote also reminds me that it was about the period first getting involved with boyd, that I was getting told that I had managed to alienate so many corporate political forces that there wasn't going to be a career, awards, promotions, etc. some recent references to bringing down the wrath of the favorite son operating system organization:
http://www.garlic.com/~lynn/2010b.html#38 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010b.html#100 "The Naked Mainframe" (Forbes Security Article)
http://www.garlic.com/~lynn/2010c.html#28 Processes' memory
http://www.garlic.com/~lynn/2010d.html#45 What was old is new again (water chilled)
http://www.garlic.com/~lynn/2010d.html#59 LPARs: More or Less?
http://www.garlic.com/~lynn/2010e.html#30 SHAREWARE at Its Finest

recent reference to getting letter on my last day that i had been promoted effectively the following day (after decade or more of being told there would never be a promotion)
http://www.garlic.com/~lynn/2010f.html#20 Would you fight?
http://www.garlic.com/~lynn/2010f.html#50 Handling multicore CPUs; what the competition is thinking

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Mon, 22 Mar 2010 15:15:46 -0400
Seebs <usenet-nospam@seebs.net> writes:
The term "mess" is broad enough to make it very hard to determine whether or not it was made by Bush, or by anyone else. It is not particularly obvious to me that the removal of the separation between commercial and investment banks was particularly essential to our recent financial meltdown, though.

a little x-over from another part of the thread:
http://www.garlic.com/~lynn/2010f.html#51 The 2010 Census

a major scenario was unrequlated non-depository loan originators making loans w/o regard to buyers qualifications or loan quality, packaging them as toxic CDOs, paying the rating agencies for triple-A ratings (when both knew that they weren't worth triple-A rating) and then selling them off. The unregulated investment banking arms of too-big-to-fail institutions were buying up much these toxic CDOs (using institutions funds) and carrying them off-book. There were enormous individual commissions & bonuses at various points along the processes ... which appeared to swamp any consideration they might have had for their institutions, the economy, and/or the country (total transactions in these toxic assets during the period was reported at $27T ... with potentially $5T going to commissions, bonuses, etc).
Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=a0jln3.CSS6c

Just the top four too-big-to-fail institutions are reported to have had $5.2T of the toxic assets being carried off-book. W/o the unregulated investment banking arms making the purchases (and any attempt by the regulated institution directly making such purchases would have been prevented by regulations), there would have been drastically reduced purchases of toxic assets ... which would have drastically reduced the funds available to unrequlated non-depository loan originators for making loans ... and the magnitude of the mess would have been significantly smaller. Futhermore, the too-big-to-fail institutions wouldn't have the enormous amount of toxic assets being carried off-book (sufficient to take down the institutions, if they have been required to directly bring them back onto the books).

recent posts touching on the subject:
http://www.garlic.com/~lynn/2010.html#37 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010.html#61 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010b.html#82 Oldest Instruction Set still in daily use?
http://www.garlic.com/~lynn/2010c.html#48 Happy DEC-10 Day

and from some past posts:

People to Blame for the Financial Crisis; Phil Gramm
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877330,00.html

from above:
He played a leading role in writing and pushing through Congress the 1999 repeal of the Depression-era Glass-Steagall Act, which separated commercial banks from Wall Street. He also inserted a key provision into the 2000 Commodity Futures Modernization Act that exempted over-the-counter derivatives like credit-default swaps from regulation by the Commodity Futures Trading Commission. Credit-default swaps took down AIG, which has cost the U.S. $150 billion thus far.

... snip ...

the past stories are that GLBA passed the senate with (republican) majority ... but not veto proof (and the folklore was the president was prepared to veto it) ... then after some interchange with the house ... there were various amendments added that finally resulted in it passing senate 90-8 (making any veto pointless). a few past references:
http://www.garlic.com/~lynn/2009c.html#38 People to Blame for the Financial Crisis
http://www.garlic.com/~lynn/2010b.html#94 Oldest Instruction Set still in daily use?

business school article that estimated 1000 executives are responsible for 80% of the current mess and it would go a long way to fixing the problem if the gov could figure out how they could loose their jobs:
http://knowledge.wharton.upenn.edu/article.cfm?articleid=1933 (gone 404 and/or requires registration)

In the session that repealed Glass-Steagall, the financial industry contributed $250M to Congress, and in the session that passed TARP, they contributed $2B. More recent was comment that financial industry contributed a total of $5B during the period.

Gramm and the 'Enron Loophole'
http://www.nytimes.com/2008/11/17/business/17grammside.html

from above:
Enron was a major contributor to Mr. Gramm's political campaigns, and Mr. Gramm's wife, Wendy, served on the Enron board, which she joined after stepping down as chairwoman of the Commodity Futures Trading Commission.

... snip ...

Phil Gramm's Enron Favor
http://www.villagevoice.com/2002-01-15/news/phil-gramm-s-enron-favor/

from above:
A few days after she got the ball rolling on the exemption, Wendy Gramm resigned from the commission. Enron soon appointed her to its board of directors, where she served on the audit committee, which oversees the inner financial workings of the corporation. For this, the company paid her between $915,000 and $1.85 million in stocks and dividends, as much as $50,000 in annual salary, and $176,000 in attendance fees,

... snip ...

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=20601109&refer=home&sid=aYJZOB_gZi0I

from above:
That same year Greenspan, Treasury Secretary Robert Rubin and SEC Chairman Arthur Levitt opposed an attempt by Brooksley Born, head of the Commodity Futures Trading Commission, to study regulating over-the-counter derivatives. In 2000, Congress passed a law keeping them unregulated.

... snip ...

Born must have been fairly quickly replaced by Gramm's wife before she then left to join Enron.

past posts referencing generating bunch of HTML from the scanned transcripts of the Pecora hearings (which were involved in passing of Glass-Steagall) ... and drawing some correspondance between current activities and things brought out in the Pecora hearings (when I was originally asked to do the work, there was some expectation that congress had some appetite to launch a similar activity ... but later word was that the lobbying was way too intense):
http://www.garlic.com/~lynn/2009b.html#58 OCR scans of old documents
http://www.garlic.com/~lynn/2009b.html#59 As bonuses...why breed greed, when others are in dire need?
http://www.garlic.com/~lynn/2009d.html#62 Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?
http://www.garlic.com/~lynn/2009d.html#73 Should Glass-Steagall be reinstated?
http://www.garlic.com/~lynn/2009d.html#77 Who first mentioned Credit Crunch?
http://www.garlic.com/~lynn/2009e.html#8 The background reasons of Credit Crunch
http://www.garlic.com/~lynn/2009e.html#23 Should FDIC or the Federal Reserve Bank have the authority to shut down and take over non-bank financial institutions like AIG?
http://www.garlic.com/~lynn/2009e.html#40 Architectural Diversity
http://www.garlic.com/~lynn/2009f.html#56 What's your personal confidence level concerning financial market recovery?
http://www.garlic.com/~lynn/2009f.html#65 Just posted third article about toxic assets in a series on the current financial crisis
http://www.garlic.com/~lynn/2009g.html#5 Do the current Banking Results in the US hide a grim truth?
http://www.garlic.com/~lynn/2009g.html#33 Treating the Web As an Archive
http://www.garlic.com/~lynn/2009h.html#22 China's yuan 'set to usurp US dollar' as world's reserve currency
http://www.garlic.com/~lynn/2009h.html#25 The Paradox of Economic Recovery
http://www.garlic.com/~lynn/2009h.html#29 Analysing risk, especially credit risk in Banks, which was a major reason for the current crisis
http://www.garlic.com/~lynn/2009i.html#40 64 Cores -- IBM is showing a prototype already
http://www.garlic.com/~lynn/2009i.html#57 In the USA "financial regulator seeks power to curb excess speculation."
http://www.garlic.com/~lynn/2009j.html#35 what is mortgage-backed securities?
http://www.garlic.com/~lynn/2009o.html#23 Opinions on the 'Unix Haters' Handbook'
http://www.garlic.com/~lynn/2009p.html#2 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009p.html#20 U.K. lags in information security management practices
http://www.garlic.com/~lynn/2009p.html#25 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009r.html#53 70 Years of ATM Innovation
http://www.garlic.com/~lynn/2009r.html#73 70 Years of ATM Innovation
http://www.garlic.com/~lynn/2010b.html#6 Bookshelves under BookMangler

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.os.linux.advocacy, comp.os.linux.hardware, comp.arch
Date: Tue, 23 Mar 2010 09:38:31 -0400
Mike Jr <n00spam@comcast.net> writes:
Wow. Back in the 90's I did some high level consulting for IBM up in Somers. That was just around the time that the main frame business imploded. I was both appalled by how decisions had been focused through the main frame lens and how innovation in other labs, like Toronto, was stifled. A bunch of good people trying to do the right thing and getting nowhere. I heard numerous stories very similar to what you describe. It was disheartening.

re:
http://www.garlic.com/~lynn/2010f.html#50 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#52 Handling multicore CPUs; what the competition is thinking

I've posted before in the (very early) 90s about periodically going by somers and dropping in on various people (somers was staff/executives) and having long discussion about what needed to be done ... and they were able to very clearly articulate the issues ... and then going back a month or so later and nothing had happened. another possible explanation we had was that several was striving to delay change until after their retirement (since they were earning a large premium based on decades of experience with the status quo). Some of the people had corner offices on the top floor that had magnificent views of the area.

in the same time-frame, one of the big three had C4 task force to look at what they had to do to remake themselves and make them more competitive (especially those coming in from the other side of the pacific). they were looking at heavily leveraging technology to totally remake themselves and invited in various technology vendors to participate. One of the scenarios that they highlighted was 7-8 yr product cycle from idea to rolling off the line. The competition had cut the product cycle to 3-4yrs and looked to be cutting it in half again, allowing the competition to be significantly more agile and adaptable responding to changing consumer tastes and market conditions ... as well as be much more quickly adopt new technologies. I would chide some of the mainframe brethern that they were suffering from similar operations and so how could they expect to provide any advice.

Another example was that different parts of the auto industry was on different development/cycles ... and changes in industry was resulting in designs that had much tighter tolerances. Examples were finished design ... still took so long, that there were instances that several components had changed and no longer fit in the original design ... requiring expensive redesign/rework and delay.

So we roll forward 20yrs ... and although the problems and solutions were well articulated and understood ... nearly all the stakeholders were entrenched in the status quo ... that they were unable to change and adapt.

a few past posts mentioning C4 task force:
http://www.garlic.com/~lynn/2009i.html#3 IBM interprets Lean development's Kaizen with new MCIF product
http://www.garlic.com/~lynn/2009i.html#31 Why are z/OS people reluctant to use z/OS UNIX?
http://www.garlic.com/~lynn/2010b.html#14 360 programs on a z/10
http://www.garlic.com/~lynn/2010e.html#47 z9 / z10 instruction speed(s)

I had also sponsored Boyd's briefings at IBM ... and major theme that runs thru his OODA-loops are being agile and quickly adapt to changing conditions and competition. Desert storm also happened in that era and one of the magizines had an article on Boyd titled "the fight to change how america fights" ... and the crop of majors & cols. as Boyd's "jedi knights". he has been credited with the strategy & tactics for desert storm ... there are references about major issue/problem in the current conflict was that Boyd had died during the interim. misc. past posts & references from around the web references Boyd and/or OODA-loops
http://www.garlic.com/~lynn/subboyd.html

A reference to John:
"There are two career paths in front of you, and you have to choose which path you will follow. One path leads to promotions, titles, and positions of distinction.... The other path leads to doing things that are truly significant for the Air Force, but the rewards will quite often be a kick in the stomach because you may have to cross swords with the party line on occasion. You can't go down both paths, you have to choose. Do you want to be a man of distinction or do you want to do things that really influence the shape of the Air Force? To be or to do, that is the question." Colonel John R. Boyd, USAF 1927-1997

From the dedication of Boyd Hall, United States Air Force Weapons School, Nellis Air Force Base, Nevada. 17 September 1999


--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.os.linux.advocacy, comp.os.linux.hardware, comp.arch
Date: Tue, 23 Mar 2010 11:38:43 -0400
Penang <kalambong@gmail.com> writes:
So what happened next?

You guys got the severance checks and just go home?

That's it?

Wow !


re:
http://www.garlic.com/~lynn/2010f.html#50 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#52 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#55 Handling multicore CPUs; what the competition is thinking

so we got better deal than other people that were turfed even a few months later.

now two of the people also referred to in this jan92 meeting
http://www.garlic.com/~lynn/95.html#13

later depart and show up at a small client/server startup responsible for something called "commerce server". we get brought in as consultants because they want to do payment transactions on their server. part of that effort included deploying something called a payment gateway ... some past posts
http://www.garlic.com/~lynn/subnetwork.html#gateway

the small client/server startup had also invented something they called "SSL" they wanted to use ... we had to map the "SSL" stuff to payment transactions as well as doing security and business walkthrus of various pieces of the infrastructure ... including some of these new things calling themselve Certification Authorities. At one point I'm in front of class room full of recent graduate young employees (all worth many times more than we are) trying to instruct about how to use TCP/IP in secure & business critical dataprocessing.

older long-winded post mention some of the thread between loosely-coupled, sysplex, clusters, supercomputers and electronic commerce
http://www.garlic.com/~lynn/2001i.html#52

in the mid-90s, somewhat because of having done this stuff frequently now called "electronic commerce" ... we get brought into the x9a10 financial standard working group that had been given the requirement to preserve the integrity of the financial infrastructure. part of the effort involved doing detailed, end-to-end, threat and vulnerability studies of a number of retail payment environments (including internet). we attempted to address majority of all threats in the x9.59 financial transaction standard ... some past references
http://www.garlic.com/~lynn/x959.html#x959

also since having done a lot of dbms & scaleup work in the past ... we get brought in to commerce dept ... to do some consulting on new generation of stuff for the 2000 census (they were replacing dataprocessing that had gone in for the 1980 census)

then, somewhat as a result of x9.59 financial standard work, late in the last century, we get brought into NSCC (since merged with DTC for DTCC) to look at doing something similar for exchanges and trading systems. However, part way into the effort, it was suspended because a side effect of security & integrity was significantly improved visibility and transparency ... which apparently is totally antithetical to trading culture.

Now, in congressional hearings last year into the Madoff ponzi scheme ... the person that had been trying for a decade to get the SEC to do something about Madoff ... testified that while new regulations are required .... that significantly more important is changing how things operate to make them much more visible and transparent (he had started trying to get SEC to do something about Madoff about the same time we had been brought into NSCC).

misc. posts mentioning madoff stuff:
http://www.garlic.com/~lynn/2009b.html#65 What can agencies such as the SEC do to insure us that something like Madoff's Ponzi scheme will never happen again?
http://www.garlic.com/~lynn/2009b.html#73 What can we learn from the meltdown?
http://www.garlic.com/~lynn/2009b.html#80 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009c.html#0 Audit II: Two more scary words: Sarbanes-Oxley
http://www.garlic.com/~lynn/2009c.html#20 Decision Making or Instinctive Steering?
http://www.garlic.com/~lynn/2009c.html#29 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009c.html#39 'WHO IS RESPONSIBLE FOR THE GLOBAL MELTDOWN'
http://www.garlic.com/~lynn/2009c.html#51 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009d.html#0 PNC Financial to pay CEO $3 million stock bonus
http://www.garlic.com/~lynn/2009d.html#3 Congress Set to Approve Pay Cap of $500,000
http://www.garlic.com/~lynn/2009d.html#37 NEW SEC (Enforcement) MANUAL, A welcome addition
http://www.garlic.com/~lynn/2009d.html#42 Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
http://www.garlic.com/~lynn/2009d.html#61 Quiz: Evaluate your level of Spreadsheet risk
http://www.garlic.com/~lynn/2009d.html#62 Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?
http://www.garlic.com/~lynn/2009d.html#63 Do bonuses foster unethical conduct?
http://www.garlic.com/~lynn/2009d.html#73 Should Glass-Steagall be reinstated?
http://www.garlic.com/~lynn/2009d.html#75 Whistleblowing and reporting fraud
http://www.garlic.com/~lynn/2009e.html#0 What is swap in the financial market?
http://www.garlic.com/~lynn/2009e.html#15 The background reasons of Credit Crunch
http://www.garlic.com/~lynn/2009e.html#36 Architectural Diversity
http://www.garlic.com/~lynn/2009e.html#37 How do you see ethics playing a role in your organizations current or past?
http://www.garlic.com/~lynn/2009e.html#40 Architectural Diversity
http://www.garlic.com/~lynn/2009e.html#53 Are the "brightest minds in finance" finally onto something?
http://www.garlic.com/~lynn/2009f.html#2 CEO pay sinks - Wall Street Journal/Hay Group survey results just released
http://www.garlic.com/~lynn/2009f.html#29 What is the real basis for business mess we are facing today?
http://www.garlic.com/~lynn/2009f.html#31 What is the real basis for business mess we are facing today?
http://www.garlic.com/~lynn/2009f.html#43 On whom or what would you place the blame for the sub-prime crisis?
http://www.garlic.com/~lynn/2009f.html#45 Artificial Intelligence to tackle rogue traders
http://www.garlic.com/~lynn/2009f.html#47 TARP Disbursements Through April 10th
http://www.garlic.com/~lynn/2009f.html#49 Is the current downturn cyclic or systemic?
http://www.garlic.com/~lynn/2009f.html#51 On whom or what would you place the blame for the sub-prime crisis?
http://www.garlic.com/~lynn/2009f.html#65 Just posted third article about toxic assets in a series on the current financial crisis
http://www.garlic.com/~lynn/2009f.html#67 Just posted third article about toxic assets in a series on the current financial crisis
http://www.garlic.com/~lynn/2009g.html#1 Future of Financial Mathematics?
http://www.garlic.com/~lynn/2009g.html#5 Do the current Banking Results in the US hide a grim truth?
http://www.garlic.com/~lynn/2009g.html#29 Transparency and Visibility
http://www.garlic.com/~lynn/2009g.html#33 Treating the Web As an Archive
http://www.garlic.com/~lynn/2009h.html#17 REGULATOR ROLE IN THE LIGHT OF RECENT FINANCIAL SCANDALS
http://www.garlic.com/~lynn/2009i.html#23 Why are z/OS people reluctant to use z/OS UNIX? (Are settlements a good argument for overnight batch COBOL ?)
http://www.garlic.com/~lynn/2009i.html#54 64 Cores -- IBM is showing a prototype already
http://www.garlic.com/~lynn/2009i.html#60 In the USA "financial regulator seeks power to curb excess speculation."
http://www.garlic.com/~lynn/2009j.html#12 IBM identity manager goes big on role control
http://www.garlic.com/~lynn/2009j.html#30 An Amazing Document On Madoff Said To Have Been Sent To SEC In 2005
http://www.garlic.com/~lynn/2009m.html#89 Audits V: Why did this happen to us ;-(
http://www.garlic.com/~lynn/2009o.html#71 "Rat Your Boss" or "Rats to Riches," the New SEC
http://www.garlic.com/~lynn/2009p.html#51 Opinions on the 'Unix Haters' Handbook
http://www.garlic.com/~lynn/2009p.html#57 MasPar compiler and simulator
http://www.garlic.com/~lynn/2009r.html#47 70 Years of ATM Innovation
http://www.garlic.com/~lynn/2009s.html#45 Audits VII: the future of the Audit is in your hands
http://www.garlic.com/~lynn/2010d.html#8 search engine history, was Happy DEC-10 Day
http://www.garlic.com/~lynn/2010e.html#77 Madoff Whistleblower Book
http://www.garlic.com/~lynn/2010f.html#33 The 2010 Census

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.os.linux.advocacy, comp.os.linux.hardware, comp.arch
Date: Tue, 23 Mar 2010 11:57:16 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
decades of experience with the status quo). Some of the people had corner offices on the top floor that had magnificent views of the area.

re:
http://www.garlic.com/~lynn/2010f.html#50 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#52 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#55 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#56 Handling multicore CPUs; what the competition is thinking

oh ... one of the people with top floor corner office had been given responsibility for SAA ... which has been characterized as attempting to stall client/server and preserve the communication groups terminal emulation paradigm ... some past posts
http://www.garlic.com/~lynn/subnetwork.html#emulation

as we had earlier came up with 3-tier networking architecture and was out making customer executives pitches ... and taking lots of barbs from communication group (and token-ring forces)
http://www.garlic.com/~lynn/subnetwork.html#3tier

we thot it only appropriate to periodically drop in and hassle him about how long did he think they can keep their finger in the dike.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.arch
Date: Tue, 23 Mar 2010 14:05:49 -0400
"Del Cecchi" <delcecchi@gmail.com> writes:
Don't forget that 1992 was the year that IBM damn near went belly up. Kingston got closed, many people at many sites got whacked. Even Poughkeepsie the Sacred was not spared. It was Cattle trucks and black helicopters. Real Mass extermination sort of event across the company. The stupidity of management finally stuck like that asteroid in mexico 65 million years ago, except this time the big dumb managers lived and the small nimble workers died.

The fallout from that asteroid continues today where "respect for the individual" has been replaced with "the floggings will continue until the morale improves".


re:
http://www.garlic.com/~lynn/2010f.html#50 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#52 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#55 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#56 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#57 Handling multicore CPUs; what the competition is thinking

'92 was the year it went into the red. earlier in the mid-80s there was a lot of new plant capacity being built ... to handle the projected (mostly mainframe related) doubling in sales (and profits) that was suppose to happen by the early 90s. I had earlier done some simple calculations that computing hardware was becoming increasingly commoditized and it would put severe strain on the corporation's cost structure & profit margin unless something significant was done. this is sort of logical extension of major motivation behind future system effort ... reference here:
http://web.archive.org/web/20110718153549/http://www.ecole.org/Crisis_and_change_1995_1.htm
http://www.ecole.org/en/seances/CM07

from above:
IBM tried to react by launching a major project called the 'Future System' (FS) in the early 1970's. The idea was to get so far ahead that the competition would never be able to keep up, and to have such a high level of integration that it would be impossible for competitors to follow a compatible niche strategy. However, the project failed because the objectives were too ambitious for the available technology. Many of the ideas that were developed were nevertheless adapted for later generations. Once IBM had acknowledged this failure, it launched its 'box strategy', which called for competitiveness with all the different types of compatible sub-systems. But this proved to be difficult because of IBM's cost structure and its R&D spending, and the strategy only resulted in a partial narrowing of the price gap between IBM and its rivals.

... snip ...

misc. other past posts mentioning future system
http://www.garlic.com/~lynn/submain.html#futuresys

in any case, in executive interview when i departed ... there was comment that they could have forgiven me for being wrong, but they were never going to forgive me for being right.

later in '93 a friend who worked in armonk, told the story that the nearly 500 some executives in the corporate executive bonus plan spent a lot of the last half of '92 shifting expenses from '93 into '92. The issue was that '92 was already in the red ... so driving it further into the red didn't make any difference ... but supposedly as a result, '93 showed slight improvment over '92. the claim was then that the way the executive bonus plan worked was bonus calculated on improvement over the prior year ... and the '93 comparison to '92 (no matter how bad it was in absolute terms) resulted in bonuses that were more than twice as large as any previous bonus (they actually made out better with the company go into the red).

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

More calumny: "Secret Service Uses 1980s Mainframe"

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: More calumny: "Secret Service Uses 1980s Mainframe"
Newsgroups: bit.listserv.ibm-main, alt.folklore.computers
Date: Tue, 23 Mar 2010 20:55:10 -0400
Morten Reistad <first@last.name> writes:

re:
http://www.garlic.com/~lynn/2010e.html#37 More calumny: "Secret Service Uses 1980s Mainframe"
http://www.garlic.com/~lynn/2010e.html#59 More calumny: "Secret Service Uses 1980s Mainframe"
http://www.garlic.com/~lynn/2010e.html#63 More calumny: "Secret Service Uses 1980s Mainframe"
http://www.garlic.com/~lynn/2010f.html#1 More calumny: "Secret Service Uses 1980s Mainframe"

MLS?
https://en.wikipedia.org/wiki/Multilevel_security
reference from above:
http://www.freebsd.org/cgi/man.cgi?mac_mls

or ...
http://web.archive.org/web/20090117083033/http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.os.linux.advocacy, comp.os.linux.hardware, comp.arch
Date: Tue, 23 Mar 2010 22:29:42 -0400
Mike Jr <n00spam@comcast.net> writes:
The people I respect the most, a colonel in space command who must go nameless and a couple-three Ph.Ds that invented GPS, all put mission before career to the great benefit of us all.

re:
http://www.garlic.com/~lynn/2010f.html#50 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#52 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#55 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#56 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#57 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#58 Handling multicore CPUs; what the competition is thinking

space command uniform patch somebody brought back from space city
http://www.garlic.com/~lynn/spcommand.jpg

uniform patch from this post
http://www.garlic.com/~lynn/2006r.html#48 cold war again

earl ... no relationship ... at one point he was funding internal tools and i tried to get some money ... but never happened. just became another hobby in my spare time ... recent posting of some old email related to tools
http://www.garlic.com/~lynn/2010e.html#email861031
http://www.garlic.com/~lynn/2010e.html#email861223
in these posts
http://www.garlic.com/~lynn/2010e.html#32 Need tool to zap core
http://www.garlic.com/~lynn/2010e.html#38 Need tool to zap core

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.os.linux.advocacy, comp.os.linux.hardware, comp.arch
Date: Wed, 24 Mar 2010 11:12:07 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
older long-winded post mention some of the thread between loosely-coupled, sysplex, clusters, supercomputers and electronic commerce
http://www.garlic.com/~lynn/2001i.html#52


re:
http://www.garlic.com/~lynn/2010f.html#56 Handling multicore CPUs; what the competition is thinking

for other connection between supercomputers & electronic commerce, we were doing ha/cmp and cluster scaleup at los gatos lab.
http://www.garlic.com/~lynn/subtopic.html#hacmp

even tho reported to austin. actually i had offices and labs in the los gatos lab during all of the 80s ... even when reporting elsewhere ... including temporary period when moved to austin before coming back Los Gatos to do the ha/cmp & cluster scaleup.

a couple recent posts
http://www.garlic.com/~lynn/2010d.html#7 "Unhackable" Infineon Chip Physically Cracked - PCWorld
http://www.garlic.com/~lynn/2010d.html#21 Credit card data security: Who's responsible?

mentioning magstripe standard was managed out of the los gatos lab for much of its early life as well as ATM cash machine being done out of los gatos lab.

wiki references
https://en.wikipedia.org/wiki/Magnetic_stripe_card
https://en.wikipedia.org/wiki/IBM_3624

above even references one of my old postings.

some of the cluster scaleup required knowing something about dbms. this reference
http://www.garlic.com/~lynn/95.html#13

involved doing some slight of hand with transaction logging and distributed (DBMS) caches ... which is not all that different problem to some of processor cache consistency scaleup
http://www.garlic.com/~lynn/2010b.html#41 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#61 LPARs: More or Less?

recent post referencing Kingston E&S having 20 FPS boxes
http://www.garlic.com/~lynn/2010b.html#72 Happey DEC-10 Day

but the above post also references Jim earlier palming off various DBMS work on me when he left for Tandem.

other posts referencing intersection of Jim's work for formalizing semantics of transactions and effect on financial dataprocessing
http://www.garlic.com/~lynn/2010b.html#41 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#61 LPARs: More or Less?

more recent reference to Jim in this thread:
http://www.garlic.com/~lynn/2010f.html#52 Handling multicore CPUs; what the competition is thinking

... and past reference to celebration for jim held at berkeley
http://www.garlic.com/~lynn/2008i.html#32 A Tribute to Jim Gray: Sometimes Nice Guys Do Finish First
http://www.garlic.com/~lynn/2008i.html#36 A Tribute to Jim Gray: Sometimes Nice Guys Do Finish First
http://www.garlic.com/~lynn/2008i.html#50 Microsoft versus Digital Equipment Corporation
http://www.garlic.com/~lynn/2008i.html#51 Microsoft versus Digital Equipment Corporation
http://www.garlic.com/~lynn/2008p.html#27 Father Of Financial Dataprocessing
http://www.garlic.com/~lynn/2009e.html#66 Architectural Diversity
http://www.garlic.com/~lynn/2009m.html#78 ATMs by the Numbers
http://www.garlic.com/~lynn/2009o.html#51 8 ways the American information worker remains a Luddite
http://www.garlic.com/~lynn/2009r.html#4 70 Years of ATM Innovation

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Wed, 24 Mar 2010 11:56:55 -0400
Patrick Scheible <kkt@zipcon.net> writes:
Sure you can. Not completely, but you can have lots of influence for that. Say you live on $200,000 a year and channel the other $1.8M into political action, that's $3.6M per House of Representatives election cycle, that's enough for a lot of influence. Congresscritters are cheaper than you think.

there was a joke i heard in the early part of this century about it used to be possible to buy them ... but with the enormous amount of money floating around ... it was now only possible to rent them.

however, a recent reference to FIRE (lobby) "owning" the senate:
http://www.garlic.com/~lynn/2010c.html#23 Happy DEC-10 Day

by head of the congressional oversight panel investigating TARP.

some past posts referencing $250m during session passing GLBA and total of $5B in the past decade of the economic mess
http://www.garlic.com/~lynn/2008n.html#99 Blinkylights
http://www.garlic.com/~lynn/2008o.html#12 The human plague
http://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
http://www.garlic.com/~lynn/2008o.html#19 What's your view of current global financial / economical situation?
http://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
http://www.garlic.com/~lynn/2008o.html#44 The human plague
http://www.garlic.com/~lynn/2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
http://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
http://www.garlic.com/~lynn/2008p.html#9 Do you believe a global financial regulation is possible?
http://www.garlic.com/~lynn/2008q.html#66 Blinkenlights
http://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
http://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
http://www.garlic.com/~lynn/2008s.html#20 Five great technological revolutions
http://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
http://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
http://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?
http://www.garlic.com/~lynn/2009.html#58 HONEY I LOVE YOU, but please cut the cards
http://www.garlic.com/~lynn/2009b.html#54 In your opinion, which facts caused the global crise situation?
http://www.garlic.com/~lynn/2009b.html#60 OCR scans of old documents
http://www.garlic.com/~lynn/2009b.html#80 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009d.html#73 Should Glass-Steagall be reinstated?
http://www.garlic.com/~lynn/2009d.html#74 Why is everyone talking about AIG bonuses of millions and keeping their mouth shut on billions sent to foreign banks?
http://www.garlic.com/~lynn/2009e.html#23 Should FDIC or the Federal Reserve Bank have the authority to shut down and take over non-bank financial institutions like AIG?
http://www.garlic.com/~lynn/2009e.html#35 Architectural Diversity
http://www.garlic.com/~lynn/2009e.html#59 Tesco to open 30 "bank branches" this year
http://www.garlic.com/~lynn/2009e.html#79 Are the "brightest minds in finance" finally onto something?
http://www.garlic.com/~lynn/2009f.html#29 What is the real basis for business mess we are facing today?
http://www.garlic.com/~lynn/2009f.html#51 On whom or what would you place the blame for the sub-prime crisis?
http://www.garlic.com/~lynn/2009g.html#7 Just posted third article about toxic assets in a series on the current financial crisis
http://www.garlic.com/~lynn/2009i.html#44 64 Cores -- IBM is showing a prototype already
http://www.garlic.com/~lynn/2009i.html#54 64 Cores -- IBM is showing a prototype already
http://www.garlic.com/~lynn/2009j.html#36 Average Comp This Year At Top Firm Estimated At $700,000
http://www.garlic.com/~lynn/2009r.html#5 The 50th Anniversary of the Legendary IBM 1401
http://www.garlic.com/~lynn/2010f.html#54 The 2010 Census

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.os.linux.advocacy, comp.os.linux.hardware, comp.arch
Date: Wed, 24 Mar 2010 13:15:39 -0400
re:
http://www.garlic.com/~lynn/2010f.html#60 Handling multicore CPUs; what the competition is thinking

oh, and a facebook profile picture in space forces cap
http://www.garlic.com/~lynn/billcap2.jpg

space forces

Boyd would periodically make comments about having done a stint in 1970 running "spook base" ... but it wasn't until a recent Boyd biography mentioned that "spook base" was a $2.5BILLION windfall for IBM

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.arch
Date: Wed, 24 Mar 2010 14:37:18 -0400
re:
http://www.garlic.com/~lynn/2010f.html#58 Handling multicore CPUs; what the competition is thinking

the big build-out of new manufacturing capacity in the mid-80s (massive bldg. 50 on the san jose plant site one example) based on their predictions that sales would double by the early 90s ... was just one of the indications how far out-of-touch the executives had gotten with what was going on in the dataprocessing industry.

old post show a decade of vax sales sliced and diced by year, model, us/non-us, etc
http://www.garlic.com/~lynn/2002f.html#0 Computers in Science Fiction

43xx machines were selling into same mid-range market in the same time frame and saw similar big explosion in sales ... although the 43xx machines also had very big corporate orderes that were multiple hundreds at a time (not seen by vax). however by mid-80s, the mid-range was starting to be overrun by workstations and large PCs and the 43xx follow-ons (in the mid-80s) didn't see the continued large increase in sales. misc. old 43xx email references
http://www.garlic.com/~lynn/lhwemail.html#43xx

old '79 email referencing AFDS deciding to increase 43xx order from 20 to 210
www.garlic.com/~lynn/2001m.html#email740404b
in this post
http://www.garlic.com/~lynn/2001m.html#15 departmental servers

it also had impact internally in early 80s ... vm/4341s were being installed in every nook&cranny ... including conference rooms ... contributing to making conference rooms a scarce resource at some locations.

the internal network had been larger than the arpanet/internet from just about the beginning until sometime late 85 or possibly early 86. in '83, the internet saw a big boost with move off of arpanet w/IMPs to internetworking protocol. The internal network saw a big boost in '83 with the large number of 43xx machines ... past post with some of the '83 internal network install notices ... along with list of cities around the world that had one or more new internal network machines added during 1983:
http://www.garlic.com/~lynn/2006k.html#8 Arpa address

misc. past internal network posts
http://www.garlic.com/~lynn/subnetwork.html#internalnet

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Mainframe Executive article on the death of tape

Refed: **, - **, - **
From: lynn@GARLIC.COM (Anne & Lynn Wheeler)
Subject: Re: Mainframe Executive article on the death of tape
Newsgroups: bit.listserv.ibm-main
Date: 24 Mar 2010 12:35:07 -0700
rfochtman@YNC.NET (Rick Fochtman) writes:
Just having it available for portable backup media makes tape well worth using. Considering the quality, capacity and ease of use, it's still a looooooong way ahead of anything else for portable backups.

Just consider: how many of us can afford a complete DASD farm at all our possible DR sites? With real-time currency? The costs can be downright obscene and the vagaries of communications facilities can still put that whole scheme at risk.


when we were out marketing ha/cmp
http://www.garlic.com/~lynn/subtopic.html#hacmp

I coined the terms disaster survivability and geographic survivability (to differentiate from disaster/recovery) ... was also asked to write a section for the corporate continuous availability strategy document (but the section got pulled because both rochester and POK complained that they couldn't meet the objectives ... at least back then).
http://www.garlic.com/~lynn/submain.html#available

one of the datacenters we looked at was in a large downtown skyscraper ... and the claim was that the datacenter earned more profit in 24hr period than the annual rent on the whole bldg plus the annual salaries of everybody that worked in the bldg.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

asymmetric multiprocessing

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: asymmetric multiprocessing
Newsgroups: alt.folklore.computers
Date: Wed, 24 Mar 2010 16:25:54 -0400
Jonathan de Boyne Pollard <J.deBoynePollard-newsgroups@NTLWorld.COM> writes:
It's sad (and ironic) that you're relying upon Wikipedia here. It's sad because the Wikipedia article on asymmetric multiprocessing is fairly deficient, pretty much regarding it as the sole province of DEC systems, and as something that largely disappeared from the world in 1981. (It's ironic that you're relying upon Wikipedia, when the

old post
http://www.garlic.com/~lynn/2007.html#46 How many 36-bit Unix ports in the old days?

with vax/vms mar88 announcement getting around to supporting symmetric multiprocessing ... some old email in the above post
http://www.garlic.com/~lynn/2007.html#email880324
http://www.garlic.com/~lynn/2007.html#email880329

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Wed, 24 Mar 2010 18:08:49 -0400
Jim Stewart <jstewart@jkmicro.com> writes:
Anyone remember Scoop Jackson, the senator from Boeing?

there was recent reference to the city of houston having more people and bigger budget than the state of wash.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

But... that's *impossible*

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: But... that's *impossible*
Newsgroups: alt.folklore.computers
Date: Thu, 25 Mar 2010 05:54:15 -0400
bbreynolds <bbreynolds@aol.com> writes:
And with similar pride, owners of Stratus and/or IBM System/88 could show off by pulling a card and seeing how long it took for the phone to ring from the support center to report the error and to ask if a replacement card was needed, and if so, would state when the card would arrive (no, I never did that).

Depending on the maintenance agreement (my knowledge here is for IBM), routine ECs would be shipped to the customer for installation.


a recent reference to getting asked to write a section for the corporate continuous availability strategy document
http://www.garlic.com/~lynn/2010f.html#65 Mainframe Executive article on the death of tape
and
http://www.garlic.com/~lynn/submain.html#available

turns out it was by somebody associated with the System/88. They told stories that even after the enormous amount of money the corporation paid to logo/sell System/88 ... that a large majority of the pending sales would have sales person go in and take over the sale by offering a "real" box at lower price ... resulting in very few actual 88 boxes being installed (there supposedly were constaint corporate complaints about the practice with little result).

one of the issues we had in selling ha/cmp against the box was that they still required downtime for software maintenance ... an annual software downtime could burn a century of outage in a five nines environment. their initial response was doing ha/redundant boxes ... which was redundant ... since a big part of ha/cmp was masking hardware failures and doing system-level take-over ... it would be redundant to have to do it with fault-tolerant hardware.
http://www.garlic.com/~lynn/subtopic.html#hacmp

this goes back to jim's paper that hardware outages were becoming increasingly rare by the early 80s ... and other kinds of outages were starting to dominate. past posts
http://www.garlic.com/~lynn/2009.html#39 repeat after me: RAID != backup
http://www.garlic.com/~lynn/2009.html#47 repeat after me: RAID != backup
http://www.garlic.com/~lynn/2009.html#65 The 25 Most Dangerous Programming Errors
http://www.garlic.com/~lynn/2009p.html#0 big iron mainframe vs. x86 servers
http://www.garlic.com/~lynn/2009q.html#26 Check out Computer glitch to cause flight delays across U.S. - MarketWatch
http://www.garlic.com/~lynn/2009q.html#28 Check out Computer glitch to cause flight delays across U.S. - MarketWatch

mentioning Jim's paper
http://www.garlic.com/~lynn/grayft84.pdf

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Thu, 25 Mar 2010 06:23:17 -0400
Patrick Scheible <kkt@zipcon.net> writes:
And my neighborhood of Seattle has more people and probably more money than the state of Wyoming. Is that important?

re:
http://www.garlic.com/~lynn/2010f.html#67 The 2010 Census

the reference made me think of the boeing lobby was totally dwarfed by the oil lobby (lot of which is from houston) ... and even the oil lobby was outspent by the financial lobby ... recent reference to having spent $250m (evenly divided between the two parties in congress) in the session that passed GLBA ... and $2B in the session that passed TARP (supposedly $5B total in the period of the financial mess). previous reference in this thread:
http://www.garlic.com/~lynn/2010f.html#54 The 2010 Census

Also along with TARP has some houses acquiring regulated banking charter ... and the too-big-to-fail institutions getting zero percent loans from the Federal Reserve. I think in the past that the purpose of Federal Reserve loans were to facilitate the regulated banks being able to turn around and make commercial and consumer loans. However, there have been several articles that the loans are being used to make institional investments. a few past posts in this thread mentioning TARP
http://www.garlic.com/~lynn/2010f.html#37 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#51 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#62 The 2010 Census

Imagine that you can get $1T at zero percent interest and turn around and buy $1T in US treasuries paying 5percent. That is $50B ... which then can be declared as corporate profit, used to pay off TARP and also provide for $10B in bonuses (besides paying commissions for whoever is handling the sale). It would turn the whole US financial infrastructure on its head if the Federal Reserve was allowed to loan trillions of dollars to the US treasury directly at zero percent interest.

Possibly one of the issues in the news about the bonuses ... are the references to wall street bonuses spiked 400 percent during the period that they were cycling the transactions for the $27T in toxic CDOs thru the system (causing the current financial mess) ... and they want to continue to maintain the bonuses at that level. some recent references:
http://www.garlic.com/~lynn/2010d.html#11 search engine history, was Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#19 search engine history, was Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#26 search engine history, was Happy DEC-10 Day
http://www.garlic.com/~lynn/2010f.html#33 The 2010 Census

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.os.linux.advocacy, comp.os.linux.hardware, comp.arch
Date: Thu, 25 Mar 2010 10:49:13 -0400
Mike Jr <n00spam@comcast.net> writes:
Regarding Boyd and his decision loop you are again right on. It's what the US military is trying to do to the Taliban.

re:
http://www.garlic.com/~lynn/2010f.html#55 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#63 Handling multicore CPUs; what the competition is thinking

note marine warfighting was rewritten based on boyd and his OODA-loops ... and his writings, library and other stuff went to quantico after he died ... and it was the marines that were at arlington.
https://en.wikipedia.org/wiki/John_Boyd_%28military_strategist%29

a little Boyd x-over with '92 incident going into the red and what were the executives thinking:
http://www.garlic.com/~lynn/2010f.html#58 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#64 Handling multicore CPUs; what the competition is thinking

one of the stories he told in his briefings was about air force missile and the people doing it, who didn't have good appreciation for the nuances of dogfights (even tho in their demos the missile hits the flares on drones everytime). roll forward to vietnam and the missile is performing like he predicted ... until finally the general in vietnam grounds all fighters until they are refitted with sidewinders. it lasts 3 months until the higher ups in the pentagon (notice the numbers? and) have him replaced and called on the carpet. the generals in the pentagon are focused on service budget share. using sidewinders means winning more dogfights, loosing fewer planes and pilots, needing fewer replacements and reducing budget requirements. however, he had commited the worst possible sin by using sidewinders and (also) increasing navy budget share (there was some reference to the air force academy turning out accountants).

news item from today ...

GM Cars to Get F-16 Fighter Jet Display Technology
http://news.yahoo.com/s/livescience/20100325/sc_livescience/gmcarstogetf16fighterjetdisplaytechnology

Boyd was responsible for F16 (forces behind the F15 tried to get him convicted of stealing tens of millions in gov. property ... i.e. the supercomputer time he was using for the F16 design) ... but he objected to the early HUD in F16 ... a lot of scrolling digital numbers ... which he claimed were pure distraction in hostile engagement (converting scrolling digital numbers to meaning was incompatible tempo with what would be going on).

Above also has some x-over with the previous C4 taskforce reference.

misc. past posts mentioning either the air force missile story and/or attempts to have him thrown in Leavenworth for the rest of his life (for doing f16)
http://www.garlic.com/~lynn/99.html#120 atomic History
http://www.garlic.com/~lynn/2007h.html#75 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2007i.html#6 John W. Backus, 82, Fortran developer, dies
http://www.garlic.com/~lynn/2008c.html#43 Current Officers
http://www.garlic.com/~lynn/2008c.html#52 Current Officers
http://www.garlic.com/~lynn/2009.html#83 F111 related discussion x-over from Facebook
http://www.garlic.com/~lynn/2009q.html#38 The 50th Anniversary of the Legendary IBM 1401
http://www.garlic.com/~lynn/2009q.html#62 Did anybody ever build a Simon?
http://www.garlic.com/~lynn/2010.html#94 Daylight Savings Time again
http://www.garlic.com/~lynn/2010d.html#76 Senior Java Developer vs. MVS Systems Programmer (warning: Conley rant)

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Law Enforcement Appliance Subverts SSL

Refed: **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 25 Mar, 2010
Subject: Law Enforcement Appliance Subverts SSL
Blog: Financial Crime Risk, Fraud and Security
Law Enforcement Appliance Subverts SSL
http://www.wired.com/threatlevel/2010/03/packet-forensics/

from above:
... security researcher Chris Soghoian discovered that a small company was marketing internet spying boxes to the feds. The boxes were designed to intercept those communications -- without breaking the encryption -- by using forged security certificates,

... snip ...

financial crypto blog discussion:

Why the browsers must change their old SSL security (?) model
http://financialcryptography.com/mt/archives/001232.html

this is recent computer architecture blog (posting) discussing connection between supercomputing and electronic commerce:
http://www.garlic.com/~lynn/2010f.html#56

i.e. two of the people mentioned in the jan92 cluster scaleup meeting
http://www.garlic.com/~lynn/95.html#13

leave and show up at small client/server startup responsible for something for something called "commerce server". We are brought in as consultants because they want to do payments transactions on the server; the startup had also invented this technology they called "SSL" that they wanted to use. As part of mapping "SSL" to payment operations (now frequently called "electronic commerce"), required threat & vulnerability studies ... which included lots of assumptions about how SSL had to be deployed and used.

As mentioned in the financial cryptography blog ... majority of exploits over the period since then ... have long been known.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Subpools - specifically 241

Refed: **, - **, - **, - **, - **
From: lynn@GARLIC.COM (Anne & Lynn Wheeler)
Subject: Re: Subpools - specifically 241
Newsgroups: bit.listserv.ibm-main
Date: 25 Mar 2010 11:25:05 -0700
eamacneil@YAHOO.CA (Ted MacNEIL) writes:
Mind you, I have no experience with it, so I don't know what VSPC is.

originally called PCO (personal computing option) ... something for VS1. the name got changed when somebody pointed out that PCO already referred to something outside the US.

In the very early days of VM370/CMS ... there was a whole lot of smoke and churn between PCO & CMS ... PCO group constantly claiming that PCO thruput was much, much better than CMS ... this frequently tied up the (small) CMS development into knots for extended period of time ... doing benchmarks showing CMS numbers for comparable activity (when they should have been doing development).

So it eventually comes out that the PCO numbers were being generated by somebody that had written a PCO "model" ... and when PCO was actually operational ... it turned out that the model was predicting something nearly ten times faster than actual measured numbers.

misc. past posts mentioning PCO &/or VS/PC
http://www.garlic.com/~lynn/2000.html#1 Computer of the century
http://www.garlic.com/~lynn/2001f.html#49 any 70's era supercomputers that ran as slow as today's supercompu
http://www.garlic.com/~lynn/2001i.html#30 IBM OS Timeline?
http://www.garlic.com/~lynn/2002h.html#51 Why did OSI fail compared with TCP-IP?
http://www.garlic.com/~lynn/2002q.html#26 LISTSERV Discussion List For USS Questions?
http://www.garlic.com/~lynn/2003k.html#0 VSPC
http://www.garlic.com/~lynn/2004.html#4 TSS/370 source archive now available
http://www.garlic.com/~lynn/2005p.html#38 storage key question
http://www.garlic.com/~lynn/2005q.html#19 HASP/ASP JES/JES2/JES3
http://www.garlic.com/~lynn/2006x.html#8 vmshare

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Handling multicore CPUs; what the competition is thinking

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Handling multicore CPUs; what the competition is thinking
Newsgroups: comp.arch
Date: Fri, 26 Mar 2010 09:13:42 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
old '79 email referencing AFDS deciding to increase 43xx order from 20 to 210
www.garlic.com/~lynn/2001m.html#email740404b
in this post
http://www.garlic.com/~lynn/2001m.html#15 departmental servers


re:
http://www.garlic.com/~lynn/2010f.html#64 Handling multicore CPUs; what the competition is thinking

finger slip ... email790404b (not email740404b)
http://www.garlic.com/~lynn/2001m.html#email790404b

same email also posted in multics n.g. (since afds was big multics shop)
http://www.garlic.com/~lynn/2001m.html#email790404
in
http://www.garlic.com/~lynn/2001m.html#12 Multics Nostalgia

some from ctss had gone to the 5th flr of 545 tech sq for multics and others had gone to the science center on the 4th flr and did virtual machines & cp40 ... on a 360/40 modified with virtual memory hardware. when standard product with virtual memory became available, cp40 morphed into cp67 (for the 360/67). later cp67 morphed into vm370. misc. past posts
http://www.garlic.com/~lynn/subtopic.html#545tech

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Is Security a Curse for the Cloud Computing Industry?

Refed: **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 26 Mar, 2010
Subject: Is Security a Curse for the Cloud Computing Industry?
Blog: Financial Crime Risk, Fraud and Security
cp40 was virtual machine online timesharing system started in 1965 (on special modified 360/40 with virtual memory hardware). It morphed into cp67 when standard product with virtual memory became available (cp/67). At least two companies spun off from the effort for commercial online timesharing service bureaus in the late 60s. Both of them moved up the value stream offering specialized financial information for the financial & wallstreet community (major issue was direct financial competitors had their information secure running on same hardware) . Some past posts
http://www.garlic.com/~lynn/submain.html#timeshare

references to others using same system in that timeframe (although i didn't find out about these guys until much later):
http://web.archive.org/web/20090117083033/http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml

There was increasing use of the systems in the 70s ... with cp67 morphing into vm370 ... both inhouse timesharing and service bureau timesharing. One such company was Tymshare.

Precursor to current cloud (public & private) was GRID (starting out mostly private ... although starting some shared use having to handle things like cross-domain staring authentication) ... reference to annual GRID conference
http://www.ggf.org/ggf_events_past_11.htm
... I happen to give a presentation on strong authentication at above:
http://forge.ggf.org/sf/go/doc12899;jsessionid=E86ACAF7A29F2E1FC2575AD0CD04E39E?nav=1

similar to presentation that I had given at assurance session in TCP track at IDF
http://web.archive.org/web/20011109072807/http://www.intel94.com/idf/spr2001/sessiondescription.asp?id=stp+s13

The early days leading up to things like GRID is discussed in this long-winded thread in computer architecture discussion (including discussing connections between supercomputing and electronic commerce).
http://www.garlic.com/~lynn/2010f.html#50
http://www.garlic.com/~lynn/2010f.html#52
http://www.garlic.com/~lynn/2010f.html#55
http://www.garlic.com/~lynn/2010f.html#56
http://www.garlic.com/~lynn/2010f.html#57
http://www.garlic.com/~lynn/2010f.html#58
http://www.garlic.com/~lynn/2010f.html#60
http://www.garlic.com/~lynn/2010f.html#61
http://www.garlic.com/~lynn/2010f.html#63
http://www.garlic.com/~lynn/2010f.html#64
http://www.garlic.com/~lynn/2010f.html#70
http://www.garlic.com/~lynn/2010f.html#73

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Is Security a Curse for the Cloud Computing Industry?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 26 Mar, 2010
Subject: Is Security a Curse for the Cloud Computing Industry?
Blog: Financial Crime Risk, Fraud and Security
re:
http://www.garlic.com/~lynn/2010f.html#74 Is Security a Curse for the Cloud Computing Industry?

early one that did both in-house time-sharing and external commercial service bureau was Boeing Computer Services. Although still undergraduate, I was brought into Boeing the summer of '69 to help with setting up BCS ... bringing internal dataprocessing into a separate entity ... some of it was establishing the facade of changing dataprocessing from purely expense to a kind of P&L center (even if a lot of funny money was involved). They gave me some sort of badge that let me use the special parking lot at Boeing field corporate hdqtrs. a couple recent posts discussing the period
http://www.garlic.com/~lynn/2010c.html#89
http://www.garlic.com/~lynn/2010c.html#90
http://www.garlic.com/~lynn/2010c.html#91

At the univ. I had done a lot of innovation on traditional dataprocessing systems as well as inventing all sort of new stuff for time-sharing. In any case, BCS started using CP67 (and later vm370) for both inhouse operations as well as offering external online time-sharing service

much of current security mechanisms are based on shared-secrets and/or other kinds of static data for authentication. majority of the major exploits in the news involve skimming, evesdropping, and/or breaches ... with the crooks being able to use the information for fraudulent financial transactions.

internet transmission specific security processes frequently involve SSL ... which had some specific requirements as to deployment and use as countermeasure to many of the exploits that have occured in the period since original introduction.

One of the things worked after the early stuff with SSL and what is now frequently called "electronic commerce" was authentication mechanisms that were countermeasure to the skimming, evesdropping and breach based exploits. One was in the x9a10 financial transaction working group which had been given the requirement to preserve the integrity of the financial infrastructure for ALL retail payments. The resulting x9.59 financial standard slightly tweaked the paradigm so that the current skimming, evesedropping and breach threats & vulnerabilities would result in fraudulent financial transactions. reference to x9.59 financial standard
http://www.garlic.com/~lynn/x959.html#x959

now the major use of SSL in the world today is this earlier work we did for "electronic commerce" to hide the account number and transactions details. one of the side-effects of x9.59 standard was eliminating the need to hide that information (as countermeasure to crooks using the information for fraudulent transactions) and therefor eliminates the primary use of SSL in the world today.

In the IDF TCPA track talk, because the guy running TPM was in the front row, I quip that is nice to see TPM has gotten simpler and KISS and starting to look more like AADS chip strawman. He quips back that I didn't have a committee of 200 people helping me with the chip design (... note however, there were constantly people that wanted to do this or that fiddling when they really didn't understand what they were doing).

now in the mid-90s, the x9a10 financial standard working group had to do detailed, end-to-end threat & vulnerability studies of all the environments as part of meeting the requirements (ALL retail payments; credit, debit, stored-value, POS, unattended, internet, low-value, high-value, transit turnstile, etc). part of that was some characterization of the existing environment

dual-use vulnerability; in the current paradigm, the knowledge of the account number may be sufficient to perform a fraudulent transaction (effectively authentication, as such it needs to be kept confidential and never divulged anywhere) ... while at the same time the account number needs to be readily available for a large number of business processes. The opposing/conflicting requirements (never divulged and at the same time readily available) has led to comments that even if the planet was buried under miles of information hiding encryption, it still couldn't prevent information leakage.

security proportional to risk; in the current paradigm, the value of the information (for business process) to the merchant is the profit on the transaction (possibly a couple dollars) and the value of the information (for business processes) to the processor can be a few cents per transaction ... while the value of the information (for authentication) to the crooks can be the credit limit and/or account balance, as a result, the crooks may be able to outspend by 100 times (attacking the infrastructure) the merchants/processors (defending the infrastructure).

x9.59 tweaked the paradigm and eliminated the dual-nature conflict ... and therefor eliminated the fraudulent financial transaction motivation for crooks to perform skimming, evesdropping, harvesting and/or breach exploits.

another metaphor

naked transaction; basically the bubble boy analogy ... transactions are trivially infected (aka skimming/breaches/etc easily resulting in crooks performing fraudulent financial transactions) ... the dual-use characteristics requiring transactions being kept in absolutely sterile environment at all times (to prevent infection/fraud). Applying this uniformly would imply that even POS has to be kept absolutely sterile (aka only clerks and customers that have passed in-depth FBI background checks are allowed near a POS terminal or an ATM cash machine).

misc. past references to naked transaction metaphor
http://www.garlic.com/~lynn/subintegrity.html#payments

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Fri, 26 Mar 2010 11:43:45 -0400
Ahem A Rivet's Shot <steveo@eircom.net> writes:
If it was worth 700,000 to you when you bought it and you don't intend to move out then it makes no difference - except in places where property taxes are based on the current value where you are now better off.

If you bought it as an investment then it was a bad investment.


several markets had 10-15 annual infllation. the unregulated (non-depository) loan originators had found a way of unloading every loan they could make ... by packaging them as toxic CDOs and paying the rating agencies to give them triple-A rating. They no longer had to care about loan quality or borrowers qualifications ... the loan originators income became purely related to how big a loan they could make and how fast they could turn it over (everybody taking their commission along the way on the transactions ... in aggregate hitting $27T).
Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=a0jln3.CSS6c

investors/speculators found the no-documentation, no-down, interest only payment, 1% ARMs extremely attractive ... the speculation was even increasing the annual inflation and the spread with the 1% payments (further driving up the speculation demand ... frenzy approaching ponzi scheme proportions) ... with the speculators planning on flipping before arm/rate adjusted (in the period there were jokes about musical chairs and who would be left holding what, when the bubble burst)

recent posts mentioning no-documentation/no-down ARMs (some places hitting 20-25% annual spread between the inflation rate and the loan carrying cost)
http://www.garlic.com/~lynn/2010.html#37 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010.html#61 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010d.html#4 alphas was: search engine history, was Happy DEC
http://www.garlic.com/~lynn/2010d.html#35 search engine history, was Happy DEC-10 Day
http://www.garlic.com/~lynn/2010e.html#52 LPARs: More or Less?

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Notes on two presentations by Gordon Bell ca. 1998

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Notes on two presentations by Gordon Bell ca. 1998
Newsgroups: comp.arch
Date: Fri, 26 Mar 2010 14:42:48 -0400
Robert Myers <rbmyersusa@gmail.com> writes:
I've never had much (credited) influence over anything, and I certainly don't claim to have played any role in developing the Beowulf idea. My only claim is that, by the mid-eighties, the future was obvious to me and that I acted accordingly with respect to my own work.

from an old thread in this newsgroup:
http://www.garlic.com/~lynn/2000c.html#21 Cache coherence [was Re: TF-1]

other pieces of above thread
http://www.garlic.com/~lynn/2000c.html#9 Cache coherence [was Re: TF-1]
http://www.garlic.com/~lynn/2000c.html#12 Cache coherence [was Re: TF-1]
http://www.garlic.com/~lynn/2000c.html#22 Cache coherence [was Re: TF-1]
http://www.garlic.com/~lynn/2001n.html#42 Cache coherence [was Re: IBM POWER4 ...]

now I did have a proposal that predated RP3 ... that would intermix blue Iliad (first 32bit 801 chip design) and 370 boards ... big problem getting to something like 96 boards (aka processors) per rack ... was all heat issues. old post/reference
http://www.garlic.com/~lynn/2004m.html#17 mainframe and microprocessor

Now, one of the things RP3 is accused of is nice professional fullsize paste board mockups for display. However, at one point my wife did get tasked with auditing RP3 to see if funding should continue ... and it was thumbs down (well before we started ha/cmp effort & cluster scaleup with rios chips). possibly the "thumbs down" contributed to the comment in the cache coherence thread.

past posts mentioning my wife getting asked to audit RP3 to see if funding should continue:
http://www.garlic.com/~lynn/2000c.html#6 TF-1
http://www.garlic.com/~lynn/2006w.html#26 Why so little parallelism?
http://www.garlic.com/~lynn/2006w.html#39 Why so little parallelism?

related recent thread:
http://www.garlic.com/~lynn/2010f.html#50 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#52 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#55 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#56 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#57 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#58 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#60 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#61 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#63 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#64 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#70 Handling multicore CPUs; what the competition is thinking
http://www.garlic.com/~lynn/2010f.html#73 Handling multicore CPUs; what the competition is thinking

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Notes on two presentations by Gordon Bell ca. 1998

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Notes on two presentations by Gordon Bell ca. 1998
Newsgroups: comp.arch
Date: Fri, 26 Mar 2010 15:10:26 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
now I did have a proposal that predated RP3 ... that would intermix blue Iliad (first 32bit 801 chip design) and 370 boards ... big problem getting to something like 96 boards (aka processors) per rack ... was all heat issues. old post/reference
http://www.garlic.com/~lynn/2004m.html#17 mainframe and microprocessor


re:
http://www.garlic.com/~lynn/2010f.html#77 Notes on two presentations by Gordon Bell ca. 1998

in that time-frame, endicott was shipping vm/pc ... a 370 board for the xt/pc (xt/370) ... a couple motorola chips that did 370 subset at about 100kips. however, i was looking a 3chip-set from germany that did full 370 at 3mips (aka 30 times faster) ... and blue iliad was targeted at running 20 (801) mips. blue iliad was an enormous chip that ran really hot ... contributing to never getting finished.

recent reference mentioning that endicott blamed me for 6month slip in shipping vm/pc ... I had done some thruput measurements and identified it was page thrashing quite a bit ... and that resulted in six month slip while they re-engineered with another 128kbytes of memory (to help with page thrashing ... however, I also provided them with enhanced page replacement algorithm especially in memory constrained environment and an improved filesystem)
http://www.garlic.com/~lynn/2010f.html#8 What was the historical price of a P/390?
http://www.garlic.com/~lynn/2010f.html#10 What was the historical price of a P/390?

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Fri, 26 Mar 2010 16:31:55 -0400
Ahem A Rivet's Shot <steveo@eircom.net> writes:
If it was worth 700,000 to you when you bought it and you don't intend to move out then it makes no difference - except in places where property taxes are based on the current value where you are now better off.

If you bought it as an investment then it was a bad investment.


re:
http://www.garlic.com/~lynn/2010f.html#76 The 2010 Census

when the bubble burst ... markets started deflating back to the start of the century when the whole mess started, the markets that had the biggest bubbles (and speculation) then had biggest deflation back to the start of the century. lots of collateral damage along the way (but the raptors possibly just figured them as prey in any case).

i've seen some number of comments about getting really great deal on property taxes with the big deflation in value. however, they fail to consider that with everybody deflating and gov. operation staying the same ... if everybody's valuation drops 30-50% ... then total gov. tax revenue drops 30-50% ... and the gov. will have to raise the property tax rate in order to compensate. big deflation only works for a few regarding property tax ... if it is everybody ... the gov. still has approx. same run rate/spending (i.e. if anything, current mess has people asking for more gov. services rather than less ... but apparently figuring they/everybody can get away paying possibly 50% less but still getting more services).

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Law Enforcement Appliance Subverts SSL

Refed: **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 26 Mar, 2010
Subject: Law Enforcement Appliance Subverts SSL
Blog: Financial Crime Risk, Fraud and Security
re:
http://www.garlic.com/~lynn/2010f.html#71 Law Enforcement Appliance Subverts SSL

one of the references are to the large number of digital certificates for Certification Authorities that have been added to standard browser distributions over the years. In some cases, the original Certification Authorities have gone bankrupt and are no longer in business (browsers have no method for differentiating business practices of the increasing number of different Certification Authorities that have been enabled).

one of the 20yr scenarios is criminal elements coming into some level of influence of any of these Certification Authorities. This is analogous to a number of situations where criminal elements were able to influence ATM cash machine manufacturing ... with skimming compromises installed at the time the machine was being built.

A compromised Certification Authority is able to issue a digital certificate that is acceptable by every browser in the world ... for any business ... even for businesses that have digital certificates issued from totally different Certificate Authority.

This is the old adage that the security trust chain is only as strong as the weakest link ... the criminal elements are likely to go after the weakest link not the strongest link ... (picking some clerk at a Certification Authority ... or a Certification Authority that has some other kind of weakness/vulnerability).

From failure mode analysis ... having also done some number of high-availability products ... a high availability infrastructure is built so that the probability of infrastructure failure is the probability of all redundant components failing at the same time (the product/multiplication of the failure probabilities of the individual redundant components ... as the number of redundant components go up the probability of system failure decreases).

However, the Certification Authority infrastructure is not a high-availability infrastructure .... its characteristic is the chain analogy ... the system fails if there is any failure in any component (basically adding the failure probability of each individual component) ... as the number of acceptable Certification Authorities increase ... the probability that there is an overall system failure increases (the inverse of high-availability operation where adding redundant components lowers the system failure risk).

There is old post about jan92 meeting in ellisons conference room that draws a thread between high-availability cluster scaleup and current SSL "electronic commerce"
http://www.garlic.com/~lynn/95.html#13

Now, two of the people named in the above meeting, leave and show up at a small client/server startup responsible for something called "commerce server". As mentioned above ... we were then called in to consult because they wanted to do payment transactions on their server; the startup had also invented this technology they called "SSL" they wanted to use.

another weak link in SSL domain name digital certificate infrastructure is the domain name system. When I apply for SSL digital certificate, I provide some information about who I am ... then the Certification Authority validates with the domain name infrastructure that I am also the true owner of the corresponding domain name.

An exploit is domain name hijacking at the domain name system ... and then going to Certification Authority (that does the weakest validation) ... and apply for a valid SSL digital certificate.

Countermeasures to domain name hijacking are using various technologies to improve the integrity of the domain name system. However, there is possibility that some of the technologies can also eliminate the need for SSL domain name certificates. I've pontificated about this catch-22 in the past
http://www.garlic.com/~lynn/subpubkey.html#catch22

another article:

Sneaking Into the Transport Layer With a Fake ID
http://www.ecommercetimes.com/story/69636.html?wlc=1269788312

If crooks can get into compromising POS terminal and ATM cash machines during manufacturing (with built in skimming devices, at one point there was an estimate that as many as 1/3rd of POS terminals being sold in particular market had built in skimming devices at manufacturing) ... what so unthinkable about crooks being able to obtain (valid) SSL digital certificates using forged identification.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Fri, 26 Mar 2010 17:50:03 -0400
Dave Garland <dave.garland@wizinfo.com> writes:
Which is exactly how they arrive at the property tax rate here. Take the government budget and divide by the total assessed base.

The property owner only wins if their property has deflated more than the average.


re:
http://www.garlic.com/~lynn/2010f.html#76 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#79 The 2010 Census

part of collaterial damage was a lot of municipalities. the speculation made it appear like there was more demand than there actually was. that resulted in developers starting a whole lot more developments. this required that the local govs. put in a lot more facilities for the new developments.

The developers took a lot of commercial loans ... and were hard hit when the bubble burst ... since all those houses stopped selling.

However, the municipalities issued a bunch of bonds for build out of new services; water, sewage, roads, etc for the new developments ... anticipating all sorts of fees and property taxes when the new developments sold. when the bubble burst ... these muni-bonds were hard hit

• for a time, bottom dropped out of muni-bonds (froze) because of fear, uncertainty and doubt about the rating agencies (which had been giving out all those triple-A ratings on toxic CDOs and now there was huge amount of apprehension about anything with a rating agency rating). Warren Buffett stepped in and "insured" muni-bonds to get that part of the market thru the mess (unfreeze).

• turns out there wasn't really the demand for all those new houses ... so they went unsold ... which resulted in the municipalities not getting all the fees and taxes for servicing the bonds.

old posts mentioning warren buffett stepping in to save the muni-bond market (along with a few other buffett references):
http://www.garlic.com/~lynn/2008g.html#66 independent appraisers
http://www.garlic.com/~lynn/2008j.html#20 dollar coins
http://www.garlic.com/~lynn/2008m.html#17 Fraud due to stupid failure to test for negative
http://www.garlic.com/~lynn/2008m.html#75 Fraud due to stupid failure to test for negative
http://www.garlic.com/~lynn/2008m.html#76 When risks go south: FM&FM to be nationalized
http://www.garlic.com/~lynn/2008m.html#78 When risks go south: FM&FM to be nationalized
http://www.garlic.com/~lynn/2008m.html#80 Fraud due to stupid failure to test for negative
http://www.garlic.com/~lynn/2008m.html#83 Fraud due to stupid failure to test for negative
http://www.garlic.com/~lynn/2008m.html#86 WSJ finds someone to blame.... be skeptical, and tell the WSJ to grow up
http://www.garlic.com/~lynn/2008m.html#87 Fraud due to stupid failure to test for negative
http://www.garlic.com/~lynn/2008m.html#92 Blinkylights
http://www.garlic.com/~lynn/2008n.html#0 Blinkylights
http://www.garlic.com/~lynn/2008n.html#74 Why can't we analyze the risks involved in mortgage-backed securities?
http://www.garlic.com/~lynn/2008n.html#80 Why did Sox not prevent this financal crises?
http://www.garlic.com/~lynn/2008o.html#15 Financial Crisis - the result of uncontrolled Innovation?
http://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
http://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
http://www.garlic.com/~lynn/2008o.html#45 The human plague
http://www.garlic.com/~lynn/2008o.html#52 Why is sub-prime crisis of America called the sub-prime crisis?
http://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
http://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
http://www.garlic.com/~lynn/2008q.html#11 Blinkenlights
http://www.garlic.com/~lynn/2009b.html#78 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009c.html#29 How to defeat new telemarketing tactic
http://www.garlic.com/~lynn/2009d.html#77 Who first mentioned Credit Crunch?
http://www.garlic.com/~lynn/2009e.html#8 The background reasons of Credit Crunch

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Notes on two presentations by Gordon Bell ca. 1998

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Notes on two presentations by Gordon Bell ca. 1998
Newsgroups: comp.arch
Date: Fri, 26 Mar 2010 21:07:02 -0400
"Del Cecchi" <delcecchi@gmail.com> writes:
Blue idiot didn't get finished for a plethora of reasons. I finally came to the conclusion that the group doing it in Los Gatos were, to put it politely, too "research oriented". Rather than do something that worked they were always chasing rainbows or something. I mean, 8 level cascode current switch logic? Brad Dunham place and route? If they had delivered something the gravy train would have ended.

re:
http://www.garlic.com/~lynn/2010f.html#77 Notes on two presentations by Gordon Bell ca. 1998
http://www.garlic.com/~lynn/2010f.html#78 Notes on two presentations by Gordon Bell ca. 1998

folklore is that one of the people that worked on blue iliad (including their last two weeks *after* they gave notice) ... went on to be principal architect of pa-risc and pa-wide word
http://www.hpl.hp.com/news/2001/apr-jun/itanium.html

some old email
http://www.garlic.com/~lynn/2003e.html#email811006
http://www.garlic.com/~lynn/2003e.html#email811006b
http://www.garlic.com/~lynn/2003e.html#email811113
http://www.garlic.com/~lynn/2003e.html#email811115

in this post
http://www.garlic.com/~lynn/2003e.html#65 801 (was Re: Reviving Multics

other old email mentioning 801, iliad, romp, etc
http://www.garlic.com/~lynn/lhwemail.html#801

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Notes on two presentations by Gordon Bell ca. 1998

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Notes on two presentations by Gordon Bell ca. 1998
Newsgroups: comp.arch
Date: Sat, 27 Mar 2010 10:20:45 -0400
Del Cecchi' <delcecchi@gmail.com> writes:
I don't know about architecture folks, but the circuit folks were pretty overambitious, to be polite about it.

Those interested, there was a paper about it at ISSCC although they never did get hardware that I am aware of.

To be historical, there was supposed to be a 5100 followon that would use Blue Iliad. The manager of the group got all upset when we proposed a bipolar gate array implementation alternative. He eventually went to boca and presided over the System/23 and later went to DEC. Dennis Roberson. Wonder what happened to him?


re:
http://www.garlic.com/~lynn/2010f.html#77 Notes on two presentations by Gordon Bell ca. 1998
http://www.garlic.com/~lynn/2010f.html#79 Notes on two presentations by Gordon Bell ca. 1998
http://www.garlic.com/~lynn/2010f.html#82 Notes on two presentations by Gordon Bell ca. 1998

old email
http://www.garlic.com/~lynn/2006u.html#email810422
in this past exchange
http://www.garlic.com/~lynn/2006u.html#38 To RISC or not to RISC

referencing going to fab feb82 for 1st pass parts ... then lots of debugging.

they did a lot with using scanning electron microscope for analysing/debugging chip. i periodically use the reference in regard to using electron microscope as part of compromising security chips.
http://www.garlic.com/~lynn/2010d.html#7 "Unhackable" Infineon Chip Physically Cracked
http://www.garlic.com/~lynn/2010e.html#3 "Unhackable" Infineon Chip Physically Cracked

I did variation using a flavor of the above chip ... giving a talk on it at 2001 IDF ... as well as having to do a walkthru of the fab in dresden ... recent reference
http://www.garlic.com/~lynn/2010f.html#74 Is Security a Curse for the Cloud Computing Industry?
http://www.garlic.com/~lynn/2010f.html#75 Is Security a Curse for the Cloud Computing Industry?

and getting a EAL4+ evaluation of the chip ... recent reference:
http://www.garlic.com/~lynn/2010f.html#26 Should the USA Implement EMV?

other references
http://www.garlic.com/~lynn/x959.html#aads

One of the other things that los gatos did was the LSM (losgatos state machine ... but appears as Logic Simulation Machine in external presentations). HSDT put in high speed link between austin (7m dish outside bldg. 45) and los gatos (4.5m dish in los gatos lab parking lot).
http://www.garlic.com/~lynn/subnetwork.html#hsdt

HSDT & LSM was cited as contributing to bringing in RIOS chipset a year early.

misc. past posts mentioning 801, risc, iliad, romp, rios, fort knox, somerset, etc
http://www.garlic.com/~lynn/subtopic.html#801

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Sat, 27 Mar 2010 11:09:10 -0400
greymausg writes:
Only way to get any idea of what property is worth, IMHO, is to get a graph of property values, say, 1965-2000, ignoring 2000-2010 (internet boom, property boom), and extend that forward to allow for 'real' inflation. Not good for anyone who bought since 2000, I have seen this done for California, and it seems to give the probability that values will still fall more.

re:
http://www.garlic.com/~lynn/2010f.html#76 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#79 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#81 The 2010 Census

there is scenario that it falls back past the starting point because of developers believing the specualation represented fundamental demand ... doing a lot of extra housing developments ... that sit around empty as excess capacity (law of supply and demand). there is also buyer fear, doubt and uncertainty about how far will it fall ... depressing demand (federal incentives attempted to offset this).

there have been references that some of the same raptors were involved in the S&L crisis, the internet ipo boom, and the current mess.

in the internet ipo boom ... there was formula that was repeatedly cranked, put in several million, run a 2yr publicity & hype ... then several billion at the ipo. it was actually better that the public company then failed ... because it left that part of the landscape still open for the next one.

there is some corollary with the recent reference to Success Of Failure
http://www.garlic.com/~lynn/2010b.html#19 STEM crisis
http://www.garlic.com/~lynn/2010b.html#26 Happy DEC-10 Day
http://www.garlic.com/~lynn/2010f.html#38 F.B.I. Faces New Setback in Computer Overhaul

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

16:32 far pointers in OpenWatcom C/C++

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 16:32 far pointers in OpenWatcom C/C++
Newsgroups: alt.sys.pdp10, alt.folklore.computers
Date: Sat, 27 Mar 2010 12:02:59 -0400
jmfbahciv <jmfbahciv@aol> writes:
What OSes don't have working sets?

"working sets" were countermeasure to page thrashing ... "working sets" was amount of real storage (in paging infrastructure) needed to run efficiently. to avoid overcommitting real storage, the number of concurrent tasks contending for real storage was limited by the sum of the "working sets" not being greater than real storage.

modern processor caches are now larger than oldtime real storage ... and the equivalent of running multiple tasks is the hyperthreading stuff (hardware simulating multiple different real processors with common/shared processor & cache).

I had added a flavor of working set to cp67 ... but later there was big uproar ... because the academic literature from that period married working sets with local page replacement algorithm ... and I had done global page replacement algorithm ... which was much more efficient use of the system resources. more than decade later this came to head when somebody was doing stanford phd thesis on global page replacement ... and encountered all sorts of academic resistance flying the "local page replacement" flag.

I was asked to step in because 1) i had shown global page replacement was more efficient more than decade earlier (as undergraduate in 60s) and 2) i had data from grenoble science center that had done the academic "local" lru on cp67 system ... and nearly identical cp67 systems and workload ... primarily differing based on local LRU vis-a-vis global LRU ... global LRU got nearly twice the thruput.

Actually grenoble had 1mbyte real storage 360/67 that had 155 4k pages after kernel & other fixed storage ... while cambridge had 768kbyte real storage 360/67 that had 104 4k pages (after kenel & other fixes storage). cambridge had better interactive response and thruput with 80 active users compared to grenoble system with 35 active users (running similar workloads)

old communication on the thesis issue
http://www.garlic.com/~lynn/2006w.html#email821019
in this post
http://www.garlic.com/~lynn/2006w.html#46 The Future of CPUs: What's After Multi-Core?

misc. past posts mentioning working set, page replacement, etc
http://www.garlic.com/~lynn/subtopic.html#wsclock

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Sat, 27 Mar 2010 12:16:20 -0400
jmfbahciv <jmfbahciv@aol> writes:
I've been wondering if statesmanship disappeared because the upper class stopped training their kids in those [can't think of a descriptive word] schools where the kids lived on campus when they were 10-18 years old.

prep schools? ... there is prominent one in north andover
https://en.wikipedia.org/wiki/Brooks_School

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

The 2010 Census

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The 2010 Census
Newsgroups: alt.folklore.computers
Date: Sat, 27 Mar 2010 12:56:23 -0400
Walter Bushell <proto@panix.com> writes:
California has a limit of housing tax increases. We must see what happens when the irresistible object meets the immovable force.

re:
http://www.garlic.com/~lynn/2010f.html#76 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#79 The 2010 Census
http://www.garlic.com/~lynn/2010f.html#81 The 2010 Census

the old prop13 ... i had a house in silicon valley when it passed. it has been blamed for also destroying the cal. educational system.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

"Son of 1036": News Article Format and Transmission

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: "Son of 1036": News Article Format and Transmission
Newsgroups: alt.folklore.computers
Date: Sat, 27 Mar 2010 16:04:26 -0400
from today's distribution :

Title:      "Son of 1036": News Article
                    Format and Transmission
Author:     H. Spencer
Status:     Historic
Date:       March 2010
        Mailbox:    henry@zoo.utoronto.ca
Pages:      106
        Characters: 259422
Obsoleted by:   RFC 5536, RFC 5537

I-D Tag:    draft-spencer-usefor-son-of-1036-01.txt

URL:        http://www.rfc-editor.org/rfc/rfc1849.txt

By the early 1990s, it had become clear that RFC 1036, then the
specification for the Interchange of USENET Messages, was badly in need
of repair.  This "Internet-Draft-to-be", though never formally published
at that time, was widely circulated and became the de facto standard for
implementors of News Servers and User Agents, rapidly acquiring the
nickname "Son of 1036".  Indeed, under that name, it could fairly be
described as the best-known Internet Draft (n)ever published, and it
formed the starting point for the recently adopted Proposed Standards
for Netnews.

It is being published now in order to provide the historical background
out of which those standards have grown.  Present-day implementors
should be aware that it is NOT NOW APPROPRIATE for use in current
implementations.  This document defines a Historic Document for the
Internet community.

... snip ...

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

16:32 far pointers in OpenWatcom C/C++

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 16:32 far pointers in OpenWatcom C/C++
Newsgroups: alt.sys.pdp10, alt.folklore.computers
Date: Sun, 28 Mar 2010 10:34:39 -0400
Pat Farrell <pfarrell@pfarrell.com> writes:
I was specifically referring to Working Sets as defined by Peter J Denning's Thesis and in 1968. "The Working Set Model for Program Behavior". ACM Communications.

This was implemented by BB&N for Tenex, and thus later used by Tops-20 when DEC renamed Tenex to Tops-20.


re:
http://www.garlic.com/~lynn/2010f.html#85 16:32 far pointers in OpenWatcom C/C++

it was in the time period that i made the modifications to CP67 ... for both working set and page replacement ... and science center then adopted and started shipping. besides the global vis-a-vis local LRU difference ... i had also fudged (at least based on the thesis definition) to factor in the efficiency of the paging environment (aka things like fixed-head or electronic paging device ... vis-a-vis moveable head paging device). the page replacement strategy in cp67 previously had been a kind of FIFO (before i rewrote the whole thing).

the above was also exactly what genoble science center for cp67, had implemented so I had the comparison with what i had implemented. the grenoble paper was cacm16, apr73.

and the author of the '68 thesis was lobbying hard in the early 80s, that the "clock" (global replacement) thesis not be approved (at one time there was the email exchange with thesis advisor, hennessy, on the web).

misc. past posts discussing the above topic:
http://www.garlic.com/~lynn/93.html#7 HELP: Algorithm for Working Sets (Virtual Memory)
http://www.garlic.com/~lynn/94.html#1 Multitasking question
http://www.garlic.com/~lynn/99.html#18 Old Computers
http://www.garlic.com/~lynn/2001h.html#26 TECO Critique
http://www.garlic.com/~lynn/2001l.html#6 mainframe question
http://www.garlic.com/~lynn/2002c.html#49 Swapper was Re: History of Login Names
http://www.garlic.com/~lynn/2002o.html#30 Computer History Exhibition, Grenoble France
http://www.garlic.com/~lynn/2003f.html#50 Alpha performance, why?
http://www.garlic.com/~lynn/2004.html#25 40th anniversary of IBM System/360 on 7 Apr 2004
http://www.garlic.com/~lynn/2004c.html#59 real multi-tasking, multi-programming
http://www.garlic.com/~lynn/2004g.html#13 Infiniband - practicalities for small clusters
http://www.garlic.com/~lynn/2004q.html#73 Athlon cache question
http://www.garlic.com/~lynn/2005d.html#37 Thou shalt have no other gods before the ANSI C standard
http://www.garlic.com/~lynn/2005f.html#47 Moving assembler programs above the line
http://www.garlic.com/~lynn/2005h.html#10 Exceptions at basic block boundaries
http://www.garlic.com/~lynn/2005h.html#15 Exceptions at basic block boundaries
http://www.garlic.com/~lynn/2006f.html#0 using 3390 mod-9s
http://www.garlic.com/~lynn/2006i.html#31 virtual memory
http://www.garlic.com/~lynn/2006i.html#36 virtual memory
http://www.garlic.com/~lynn/2006i.html#37 virtual memory
http://www.garlic.com/~lynn/2006i.html#42 virtual memory
http://www.garlic.com/~lynn/2006j.html#1 virtual memory
http://www.garlic.com/~lynn/2006j.html#17 virtual memory
http://www.garlic.com/~lynn/2006q.html#19 virtual memory
http://www.garlic.com/~lynn/2006w.html#46 The Future of CPUs: What's After Multi-Core?
http://www.garlic.com/~lynn/2007u.html#79 IBM Floating-point myths
http://www.garlic.com/~lynn/2008h.html#70 New test attempt
http://www.garlic.com/~lynn/2008h.html#79 Microsoft versus Digital Equipment Corporation
http://www.garlic.com/~lynn/2008r.html#21 What if the computers went back to the '70s too?
http://www.garlic.com/~lynn/2009l.html#12 August 7, 1944: today is the 65th Anniversary of the Birth of the Computer
http://www.garlic.com/~lynn/2009r.html#54 While watching Biography about Bill Gates on CNBC last Night

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

16:32 far pointers in OpenWatcom C/C++

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 16:32 far pointers in OpenWatcom C/C++
Newsgroups: alt.sys.pdp10, alt.folklore.computers
Date: Sun, 28 Mar 2010 10:47:34 -0400
Anne & Lynn Wheeler <lynn@garlic.com> writes:
it was in the time period that i made the modifications to CP67 ... for both working set and page replacement ... and science center then adopted and started shipping. besides the global vis-a-vis local LRU difference ... i had also fudged (at least based on the thesis definition) to factor in the efficiency of the paging environment (aka things like fixed-head or electronic paging device ... vis-a-vis moveable head paging device). the page replacement strategy in cp67 previously had been a kind of FIFO (before i rewrote the whole thing).

re:
http://www.garlic.com/~lynn/2010f.html#85 16:32 far pointers in OpenWatcom C/C++
http://www.garlic.com/~lynn/2010f.html#89 16:32 far pointers in OpenWatcom C/C++

some cp67 installations had 2311 disks for paging, some had (faster) 2314 disks, and some had 2301 drums (aka fixed head). the original paging code for the 2301 drums did a single page i/o at a time which still resulted in avg. rotational delay and peaked at 80 4k page transfers per second. I modified the 2301 page i/o routine to "chain" multiple queue requests in rotational order ... increasing peak 2301 paging thruput to 300 requests per second. I also modified the disk i/o routine to do order arm seaking (as opposed to purely FIFO) ... improving all disk i/o thruput.

in any case, working set objective is to limit the concurrent contention for real storage (multiprogramming level) to prevent page thrashing so execution can proceed efficiently. if I nearly quadruple the efficiency of paging thruput ... then I can allow a higher level of multiprogramming and greater real storage contention ... while still maintaining effective execution thruput. In order to dynamically adapt to the configuration (and workload) ... I had to make the limits on multiprogramming level (and real storage contention) dynamically adaptable ... which required that I make the definition of working set dynamically adaptable.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

16:32 far pointers in OpenWatcom C/C++

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 16:32 far pointers in OpenWatcom C/C++
Newsgroups: alt.sys.pdp10, alt.folklore.computers
Date: Sun, 28 Mar 2010 11:42:08 -0400
re:
http://www.garlic.com/~lynn/2010f.html#85 16:32 far pointers in OpenWatcom C/C++
http://www.garlic.com/~lynn/2010f.html#89 16:32 far pointers in OpenWatcom C/C++
http://www.garlic.com/~lynn/2010f.html#90 16:32 far pointers in OpenWatcom C/C++

belady defined "optimal" page replacement ... that knowing future page references, the current page selected for replacement results in the fewest future page faults.

LRU approx. "optimal" under some number of assumptions about page references. there are some number of page reference patterns that result in LRU degenerating to FIFO ... and/or other reasons that LRU is much worse than "optimal".

in the mid-70s, I came up with variation on global/clock-like LRU that resulted in LRU degenerating to RANDOM (instead of FIFO) in those conditions. The code looked and worked like standard LRU ... but had slight-of-hand twist that would result in approximating RANDOM (under those conditions, rather than degenerating to FIFO) for better thruput.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970

Why do most websites use HTTPS only while logging you in...and not for the entire session?

Refed: **, - **, - **, - **, - **, - **
From: lynn@garlic.com (Lynn Wheeler)
Date: 28 Mar, 2010
Subject: Why do most websites use HTTPS only while logging you in...and not for the entire session?
Blog: Information Security
HTTPS was supposed to provide for both 1) authentication of the webserver and 2) hiding of information flowing over the internet.

we had been called in to consult with small client/server company that wanted to do payment transactions on their server. They had also invented this technology they called "SSL" they had wanted to use. As part of mapping the technology to business practices we had to do some indepth look at how it is supposed to be deployed and operates.

One of the assumptions about validating the webserver is that the webserver that the person thinks they are talking to is actually the webserver they are talking to. This assumption required that the end-user understand the relationship between the webserver they think they are talking to and the URL they provided to the browser. The browser then uses SSL to validate that the webserver being talked to corresponds to the URL.

Almost immediately this assumption was violated ... with merchants finding that SSL cutting their thruput by 90% or more ... dropping back to just using SSL for "check-out/paying". Instead of the original merchant URL being validated ... the user clicks on a "PAY" button (on an unvalidated page) which provides the URL. This changes the paradigm "is the user talking to the webserver that they think they are talking to" .... TO .... "the webserver is the webserver that it claims to be".

The implicit requirement for HTTPS is that the user understands & provides the initial URL that the browser than validates against the webserver being talked to. Violating this paradigm also results in all sorts of exploits involving email where user is asked to "CLICK" on a field (which is automatically passed to the browser).

That is separate threat/vulnerability from the recent articles about the whole certification authority infrastructure (that is responsible for the SSL digital certificates) having various weaknesses.

In the mid-90s, the consumer dialup online banking services were making presentations about moving to the internet ... major motivation being the customer support costs for their proprietary dialup infrastructure. At the same time, the dialup online commercial banking/cash-management services were saying they would never move to the internet because a long litney of vulnerabilities (even if HTTPS was used).

the major use of SSL in the world today is this earlier work we did that is now frequently called "electronic commerce".

From security CAIN acronym (or sometimes PAIN)

C - confidentiality (P - privacy)
A - authentication
I - integrity
N - non-repudiation

For banking and financial transactions ... SSL is used for confidentiality ... hiding the transaction details. some past posts mentioning SSL domain name digital certificates
http://www.garlic.com/~lynn/subpubkey.html#sslcerts

Somewhat as a result of the "electronic commerce" work ... in the mid-90s, we were invited to participate in the x9a10 financial standard working group which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. Part of the work involved doing detailed, end-to-end threat & vulnerability studies of large number of different environments (debit, credit, stored-value, gift card, point-of-sale, unattended, internet, high-value, low-value, transit turnstile, online banking, etc). The result was the x9.59 financial transaction standard.
http://www.garlic.com/~lynn/x959.html#x959

Now x9.59 slightly changed the paradigm and used strong authentication and strong integrity ... in lieu of confidentiality ... to preserve the integrity of the financial infrastructure for all retail payments ... aka it is no longer necessary to hide the account number and transaction details to prevent fraud. This eliminates the threats from skimming, harvesting, evesdropping, breaches, etc ... which could use information from previous transactions to perform fraudulent financial transactions.

Also, since it is no longer necessary to hide the transaction details ... it also eliminates the major use of SSL in the world today.

--
42yrs virtualization experience (since Jan68), online at home since Mar1970




previous, next, index - home