From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: First successful PC OS? Newsgroups: alt.folklore.computers Date: Fri, 12 Dec 2008 20:05:32hawk writes:
a popular document formating program on trs80 was port of cms script
done by LA branch office (vm370) system engineer ... discussed in this
old post
https://www.garlic.com/~lynn/2004l.html#74 Specifying all biz rules in relational data
above also has url references to library of available software for trs80
old email mentioning stopping by to talk to him
https://www.garlic.com/~lynn/2007.html#email801016
in this post
https://www.garlic.com/~lynn/2007.html#1 "The Elements of Programming Style"
and where he talks having a trs80 at home and there should be crash program to get most of the CMS function into a "user's terminal" (aka "personal computer").
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: PCI's Bob Russo: Data loss hurts brand more than a fine Date: December 8, 2008 Blog: Payment Systems NetworkPCI's Bob Russo: Data loss hurts brand more than a fine
from above:
The Payment Card Industry Data Security Standard (PCI DSS) and the
global forum formed to administer it, the PCI Security Standards
Council (PCI SSC), pre-dated the biggest security breaches that have
come to mark a new era of unprecedented cyber criminal activity.
... snip ...
we were tangentially involved in the cal. state data breach notification legislation. we had been brought in to help wordsmith the cal. state electronic signature legislation. several of the involved organizations were also involved in privacy issues and had done in-depth, detailed consumer surveys on privacy. they found that the number one privacy issue was identity theft ... primarily fraudulent financial transactions against existing accounts (account fraud) as the result of data breach. This was an area that little or nothing was being done about, so there was possibly feeling that publicity could prompt action. since then several other states have passed similar legislation.
this possibly corresponds with the article's reference that "data loss hurts brand more than a fine" (which wouldn't have happened w/o notification legislation).
there has been conflicting efforts at the federal level with competing notification legislation, on one side is legislation similar to cal and on the other side is "breach notification" legislation that would eliminate requirement for notification.
the article also points out that the worst breaches have occurred this year after the advent of PCI.
the work in the x9a10 financial standard working group on the x9.59
financial standard took a different approach. rather than attempting
to secure the information from skimming, harvesting, breaches, and
various other vulnerabilities ... x9.59 slightly tweaked the paradigm,
making the information useless to the crooks for fraudulent
transactions. misc. references to x9.59
https://www.garlic.com/~lynn/x959.html#x959
related comments about "21 million German bank account details on
black market" ... also archived here
https://www.garlic.com/~lynn/2008r.html#53
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Anyone know much about z/VM? Newsgroups: bit.listserv.ibm-main Date: Sat, 13 Dec 2008 13:40:07loga3870@COMCAST.NET (David Logan) writes:
the first set of error messages indicate that the (z/OS) environment that you attempt to have ipl cms ... has none of the cms disks defined (akin to attempting to ipl z/OS in an LPAR environment that has none of the z/OS disks defined).
the details are slightly obfuscated by the VM "ipl-by-name" facility ... which allows somebody to ipl the CMS kernel from a CMS disk and then "save" a partially initialized copy of the kernel to VM (for a quick reboot). then this partially initialized kernel image is accessible with the "ipl-by-name" facility ... bypassing part of the "ipl 190" overhead.
the analogy would be to ipl z/OS from a z/OS disk and let it get partially initialized ... and then saving a memory image of the z/OS system to some (new) LPAR facility ... and then attempting to run that z/OS in a different LPAR image that had no z/OS disks defined.
there are still a lot of vestiges of when CMS stood for "Cambridge Monitor System" and could be ipl'ed on a real 360/40. once you get past the part of having the appropriate devices defined in the configuration .. there is still the issue of having knowledge about cp&cms ... possibly not as steep a learning curve as needed for z/OS .. but still there is some fundamental knowledge required.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: New machine code Newsgroups: alt.folklore.computers Date: Sun, 14 Dec 2008 08:47:45Rich Alderson <news@alderson.users.panix.com> writes:
I would expect that if anybody, it most likely would have been Tymshare (bay area) ... but I don't remember them mentioning it. Tymshare had extensive experience modifying vm/370 and also ran a pdp-10 ... however, I don't have any recollection of them saying anything about porting tenex to vm370.
Tymshare had adventure running on pdp-10 and ported the fortran source over to vm/cms.
Tymshare had also hired Doug Engelbart
https://www.garlic.com/~lynn/2008r.html#57 PC premiered 40 years ago to awed crowd
above references "PC" ... but as per following NLS/Augment descriptions
it was timesharing "personal computing" (as opposed to "personal
computer"). lots of past posts mentioning vm/cms ("personal computing")
timesharing ... including Tymshare
https://www.garlic.com/~lynn/submain.html#timeshare
Tymshare was offering Augment on the pdp-10. A couple references
http://www.inwap.com/pdp10/index.shtml
http://neil.franklin.ch/Usenet/alt.sys.pdp10/20011202_Pictures_of_Tymshare_s_KI_and_KL_systems_1980
http://www.knowledgerush.com/kr/encyclopedia/On-Line_System/
https://en.wikipedia.org/wiki/Tymshare
and
http://www.bootstrap.org/augdocs/augment-132615.htm
some augment history from above:
In 1978 Tymshare acquired the rights to the software and renamed it
AUGMENT. The system entered a phase of commercialization and also became
accessible via Tymnet. By the early 80s Tymshare was manufacturing their
own mini-computers and on-site installation of complete systems
(hardware, software, communications, workstations, training,
applications consulting) was being offered. At the peak, there were
approximately 15 machines in operation serving a user population of
several thousand people.
... snip ...
tymshare pdp-10 & augment also mentioned in this article
http://www.nationmaster.com/encyclopedia/Tymshare
minor topic drift from above:
In 1968, Ann & Norm Hardy, Bill Frantz, Joe Rinde (writer of the
original supervisor program) and LaRoy Tymes developed the idea of using
remote sites with minicomputers to communicate with the mainframes. This
was the beginning of the Tymnet network. During those first years,
Tymshare and its direct customers were its only users. When Tymshare
started using Interdata 7/32 minicomputers as nodes, they started
developing Tymnet on PDP-10. Tymshare sold the Tymnet network software
to TRW, who created their own private network (which was not called
Tymnet).
... snip ...
The above entry also mentions Tymshare being bought by M/D in 1984. As part of that sale, I was brought in to evaluate GNOSIS (a new 370 operating system) as part of spinning it off into KeyKos. I was also asked if there was someplace for Doug ... and I set up some introductions, interviews, etc (trying to find a match)
from long ago and far away (this is in bldg. 28 before almaden was
built):
Date: 07/20/84 12:45:56
To: Distribution
SEMINAR and DEMONSTRATION
Monday, July 23, 1984
9:00 - 12:00 Cafeteria A
Speaker: Doug Engelbart
Tymshare, Inc.
Doug Engelbart will give a talk and demonstration of his ideas for
interactive software systems. This talk uses three slide projectors
and a moire projector. The demonstration uses hardware that attaches
to a PC.
... snip ... top of post, old email index
recent post with reference to above:
https://www.garlic.com/~lynn/2008g.html#23 Doug Engelbart's "Mother of All Demos"
a couple other past posts mentioning Augment
https://www.garlic.com/~lynn/2005s.html#12 Flat Query
https://www.garlic.com/~lynn/2006p.html#54 Douglas Engelbart's HyperScope 1.0 Launched
misc. past posts mentioning gnosis &/or keykos:
https://www.garlic.com/~lynn/2000f.html#69 TSS ancient history, was X86 ultimate CISC? designs)
https://www.garlic.com/~lynn/2000g.html#22 No more innovation? Get serious
https://www.garlic.com/~lynn/2001b.html#73 7090 vs. 7094 etc.
https://www.garlic.com/~lynn/2001g.html#33 Did AT&T offer Unix to Digital Equipment in the 70s?
https://www.garlic.com/~lynn/2001g.html#35 Did AT&T offer Unix to Digital Equipment in the 70s?
https://www.garlic.com/~lynn/2001n.html#10 TSS/360
https://www.garlic.com/~lynn/2002f.html#59 Blade architectures
https://www.garlic.com/~lynn/2002g.html#0 Blade architectures
https://www.garlic.com/~lynn/2002g.html#4 markup vs wysiwyg (was: Re: learning how to use a computer)
https://www.garlic.com/~lynn/2002h.html#43 IBM doing anything for 50th Anniv?
https://www.garlic.com/~lynn/2002i.html#63 Hercules and System/390 - do we need it?
https://www.garlic.com/~lynn/2002j.html#75 30th b'day
https://www.garlic.com/~lynn/2003g.html#18 Multiple layers of virtual address translation
https://www.garlic.com/~lynn/2003h.html#41 Segments, capabilities, buffer overrun attacks
https://www.garlic.com/~lynn/2003i.html#15 two pi, four phase, 370 clone
https://www.garlic.com/~lynn/2003j.html#20 A Dark Day
https://www.garlic.com/~lynn/2003k.html#50 Slashdot: O'Reilly On The Importance Of The Mainframe Heritage
https://www.garlic.com/~lynn/2003l.html#19 Secure OS Thoughts
https://www.garlic.com/~lynn/2003l.html#22 Secure OS Thoughts
https://www.garlic.com/~lynn/2003l.html#26 Secure OS Thoughts
https://www.garlic.com/~lynn/2003m.html#24 Intel iAPX 432
https://www.garlic.com/~lynn/2003m.html#54 Thoughts on Utility Computing?
https://www.garlic.com/~lynn/2004c.html#4 OS Partitioning and security
https://www.garlic.com/~lynn/2004e.html#27 NSF interest in Multics security
https://www.garlic.com/~lynn/2004m.html#29 Shipwrecks
https://www.garlic.com/~lynn/2004m.html#49 EAL5
https://www.garlic.com/~lynn/2004n.html#41 Multi-processor timing issue
https://www.garlic.com/~lynn/2004o.html#33 Integer types for 128-bit addressing
https://www.garlic.com/~lynn/2005.html#7 How do you say "gnus"?
https://www.garlic.com/~lynn/2005b.html#6 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005b.html#7 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005b.html#12 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005c.html#67 intel's Vanderpool and virtualization in general
https://www.garlic.com/~lynn/2005d.html#43 Secure design
https://www.garlic.com/~lynn/2005d.html#50 Secure design
https://www.garlic.com/~lynn/2005h.html#13 Today's mainframe--anything to new?
https://www.garlic.com/~lynn/2005k.html#30 Public disclosure of discovered vulnerabilities
https://www.garlic.com/~lynn/2005s.html#12 Flat Query
https://www.garlic.com/~lynn/2006k.html#37 PDP-1
https://www.garlic.com/~lynn/2006m.html#34 PDP-1
https://www.garlic.com/~lynn/2006p.html#13 What part of z/OS is the OS?
https://www.garlic.com/~lynn/2006s.html#7 Very slow booting and running and brain-dead OS's?
https://www.garlic.com/~lynn/2006w.html#42 vmshare
https://www.garlic.com/~lynn/2006y.html#11 Multiple mappings
https://www.garlic.com/~lynn/2006y.html#16 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007o.html#25 LAX IT failure: leaps of faith don't work
https://www.garlic.com/~lynn/2007s.html#17 Oddly good news week: Google announces a Caps library for Javascript
https://www.garlic.com/~lynn/2008b.html#24 folklore indeed
https://www.garlic.com/~lynn/2008b.html#50 How does ATTACH pass address of ECB to child?
https://www.garlic.com/~lynn/2008e.html#12 Kernels
https://www.garlic.com/~lynn/2008g.html#7 was: 1975 movie "Three Days of the Condor" tech stuff
https://www.garlic.com/~lynn/2008h.html#14 Two views of Microkernels (Re: Kernels
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Expanding U.S. Tactical Aviation's "Approved Belief" Date: December 13, 2008 Blog: Boyd Conference 2008Boyd's briefings in the 80s ... strongly suggested he had a hand in F20/tigershark as the "F16" for the 80s/90s (much cheaper, much easier to maintain, lower skill level to maintain, fewer hrs maintenance per flt hrs, etc) ... although I don't remember John actually saying F20 or tigershark ... he did make reference to visits to Northrup. All the articles from the period seemed to indicate that F20 fell pray to lobbying and US subsidies to foreign govs. explicitly for F16 purchases. wiki page
past posts mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html
past posts mentioning tigershark:
https://www.garlic.com/~lynn/94.html#8 scheduling & dynamic adaptive ... long posting warning
https://www.garlic.com/~lynn/2002c.html#14 OS Workloads : Interactive etc
https://www.garlic.com/~lynn/2002d.html#1 OS Workloads : Interactive etc
https://www.garlic.com/~lynn/2005d.html#45 Thou shalt have no other gods before the ANSI C standard
https://www.garlic.com/~lynn/2006g.html#13 News Release
https://www.garlic.com/~lynn/2007i.html#3 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#4 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#6 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#7 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#8 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#10 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007o.html#40 EZPass: Yes, Big Brother IS Watching You!
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations? Date: December 13, 2008 Blog: Organizational DevelopmentThere is old saying that a major qualification for such jobs should be not wanting the job ... frequently the desire for such positions is motivated by greed. There is a related quote from Boyd giving career advice:
misc. post posts mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html
There was a an article a couple months ago that ratio of avg. executive compensation to avg. worker compensation recently had exploded to 400:1 after having been 20:1 for a long time ... and 10:1 in much of the rest of the world.
GAO has been doing database of increasing number of public company financial restatements. Basically, executives fiddle the books in order to boost the bonuses (despite SOX). Then later the financials may be restated but the bonuses aren't forfeited. One of the worst examples was freddie was fined $400m in 2004 for $10b statement fiddling/inflation and the CEO replaced ... but allowed to keep tens (hundred?) of millions.
There was recent published study of 270(?) some public companies that redid their executive compensation plan after having problems with financial statement fiddling and executive bonuses. Supposedly executive compensation has been changed to be much more closely aligned with the health and well being of the corporation ... and as a result the companies are performing much better.
...
Yesterday (Sunday), CSPAN had a panel discussing the situation and then CBS 60 minutes had segment on the meltdown. The industry seems to be torn between claiming to being ignorant and totally incompetent and admitting they just ignored all the indicators.
...
there was a couple billion dollar lawsuit in the early 80s regarding theft of industrial espionage. the court seemed to take the position that given sufficient temptation, all people are naturally crooked. in order to substantiate damages, security proportional to risk had to be demonstrated. the analogy is fences around swimming pools ... it isn't enough to post warnings ... the fences have to be adequate to keep out minors (who can't be held responsible). In the case of financial temptation ... everybody was assumed to be susceptible ... so countermeasures (to theft, fraudulent behavior, etc) had to be demonstrated that were proportional to the temptation.
somewhat related theme from last week:
The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php
from above:
Markets need regulation to stay stable. We have had thirty years of
financial deregulation. Now we are seeing chickens coming home to
roost. This is the key argument of Professor Nick Bingham, a
mathematician at Imperial College London, in an article published
today in Significance, the magazine of the Royal Statistical Society.
... snip ...
past posts mentioning industrial espionage case & security proportional to risk
https://www.garlic.com/~lynn/2001d.html#42 IBM was/is: Imitation...
https://www.garlic.com/~lynn/2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2005f.html#60 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005r.html#7 DDJ Article on "Secure" Dongle
https://www.garlic.com/~lynn/2006q.html#36 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006r.html#29 Intel abandons USEnet news
https://www.garlic.com/~lynn/2008.html#25 Tap and faucet and spellcheckers
https://www.garlic.com/~lynn/2008.html#26 Tap and faucet and spellcheckers
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Memory Instrumentation - was "largest parallel sysplex around?" Newsgroups: bit.listserv.ibm-main Date: Mon, 15 Dec 2008 07:58:27R.Skorupka@BREMULTIBANK.COM.PL (R.S.) writes:
wasn't this lesson learned in the days of 3270 coax cables?
besides the huge numbers (some cases, tens of thousands) ... there was the shear weight ... some installations, the weight of the 3270 coax cables was starting to exceed bldg. loading limits ... one of the reasons for change over to LAN CAT4.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Is anyone interested in starting a CICS specific group? Date: December 15, 2008 Blog: Mainframe ExpertsBeen a long time ... I was undergraduate in 60s at univ that was selected for beta-test for (new) CICS product (univ. had ONR grant for digital library project) ... and I got tasked to support it. There were some number of bugs I had to shoot ... in part because the library was using different BDAM options ... than what was used by the customer shop where CICS originated. misc. past posts
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations. Date: December 15, 2008 Blog: Risk ManagementYesterday, CSPAN had panel discussion on the subject ... the industry appears to be torn between claiming being ignorant and totally incompetent vis-a-vis admitting to ignoring all the indications (and risk management).
Other reports have indicated input was fiddled for the computer models until the desired output was achieved (garbage-in, garbage-out).
How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
In congressional hearings that looked at how the toxic CDOs received triple-A ratings, the word fraud was periodically used (both the toxic CDO issuers and the rating agencies knew the toxic CDOs weren't worth triple-A ratings)
Supposedly SOX required SEC to do something with respect to the rating agencies ... but there doesn't seem to have been anything besides a Jan2003 report.
Report on the Role and Function of Credit Rating Agencies in the
Operation of the Securities Markets; As Required by Section 702(b) of
the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf
long winded, decade old post discussing some of the current issues
https://www.garlic.com/~lynn/aepay3.htm#riskm
related recent posts:
https://www.garlic.com/~lynn/2008n.html#49 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#65 Whether, in our financial crisis, the prize for being the biggest liar is
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#72 Why was Sarbanes-Oxley not good enough to sent alarms to the regulators about the situation arising today?
https://www.garlic.com/~lynn/2008n.html#78 Isn't it the Federal Reserve role to oversee the banking system??
https://www.garlic.com/~lynn/2008n.html#80 Why did Sox not prevent this financal crisis?
https://www.garlic.com/~lynn/2008n.html#82 Fraud in financial institution
https://www.garlic.com/~lynn/2008o.html#15 Financial Crisis - the result of uncontrolled Innovation?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#19 What's your view of current global financial / economical situation?
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#34 The human plague
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008q.html#49 Have not the following principles been practically disproven, once and for all, by the current global financial meltdown?
https://www.garlic.com/~lynn/2008q.html#50 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008q.html#58 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008r.html#58 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Blind-sided, again. Why? Date: December 15, 2008 Blog: Systems Thinkingassumption about "regulated country" may not be valid, related article
The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php
from above:
Markets need regulation to stay stable. We have had thirty years of
financial deregulation. Now we are seeing chickens coming home to
roost. This is the key argument of Professor Nick Bingham, a
mathematician at Imperial College London, in an article published
today in Significance, the magazine of the Royal Statistical Society.
There is no such thing as laying off risk if no one is able to insure
it. Big new risks were taken in extending mortgages to far more people
than could handle them, in the search for new markets and new profits.
Attempts to insure these by securitisation -- aptly described in this
case as putting good and bad risks into a blender and selling off the
results to whoever would buy them -- gave us toxic debt, in vast
quantities.
... snip ...
a long-winded, decade old post that included mention needing
visibility into the underlying value of securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm
during the congressional hearings into (securitized mortgages) toxic CDOs ... the word "fraud" was used several times referring to toxic CDO issuing organizations paying rating organizations for triple-A ratings (even though both parties knew that the toxic CDOs didn't deserve triple-A ratings). The triple-A rating significantly increased the organizations that would deal with the instruments ... and funds available to the issuers.
Supposedly SOX required SEC to do something with respect to the rating agencies ... but there doesn't seem to have been anything besides a Jan2003 report:
Report on the Role and Function of Credit Rating Agencies in the
Operation of the Securities Markets; As Required by Section 702(b) of
the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf
In other cases, input was fiddled for the computer models until the desired output was achieved (garbage-in, garbage-out).
How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
GAO has been doing database of increasing number of public company financial restatements. Basically, executives fiddle the books in order to boost the bonuses (despite SOX). Then later the financials may be restated but the bonuses aren't forfeited. One of the worst examples was freddie was fined $400m in 2004 for $10b statement fiddling/inflation and the CEO replaced ... but allowed to keep tens (hundred?) of millions.
I made the assertion at a 2004 European Financial Executive conference that SOX wasn't going to make any significant difference (it was more like window dressing).
there were numerous things wrong with toxic CDOs, another example:
The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html
from above:
Watsa's only sin was in being a little too early with his prediction
that the era of credit expansion would end badly. This is what he said
in Fairfax's 2003 annual report: "It seems to us that securitization
eliminates the incentive for the originator of [a] loan to be credit
sensitive. Prior to securitization, the dealer would be very concerned
about who was given credit to buy an automobile. With securitization,
the dealer (almost) does not care."
... snip ...
The example of unregulated mortgage originators is even more significant than the auto loans. There has been a lot subprime mortgages in all this ... but it actually was the huge influx of money available to the unregulated mortgage originators (via sales of triple-A rated toxic CDOs. Subprime mortgages was originally suppose to be for low-income, first-time home owners. There was panel discussion yesterday (Sunday) on CSPAN (as well as related segment on CBS 60 minutes). The comment on the CSPAN program was that only 10percent of these loans went to low-income first-time home owners ... a lot of the rest went to speculation (no-down, no-documentation, 1-2percent introductory, interest only payments ... enormously attractive to speculators that were planning on flipping after 15-30% appreciation before rates reset).
The CSPAN panel also seemed to be torn between the industry claiming being ignorant and totally incompetent and admitting they just ignored all the indications.
On CSPAN a couple months there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250m in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.
The PBS programs/webpages discussing some of the wall street influence
on congress, wall street fix (including repeal of
Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet
On the institution side buying these (toxic CDO, packaged) mortgages .... the institutions were 1) playing long/short mismatch and 2) heavily leveraging. Playing long/short mismatch (alone) has been known to take down institutions for centuries (in this case, even if the toxic CDOs had been worth their triple-A ratings). Comments were that Bear-Stearn and Lehman had marginal chance of surviving playing long/short mismatch. This was further aggravated with heavy leverage ... in some cases leveraging capital 40-80 times in buying triple-A rated toxic CDOs.
article from year ago about playing long/short mismatch (including
transactions being carried offbalance ... and possibly may still be
lurking)
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html
decade old article from SanFran FED on problems with long/short
mismatch
http://www.frbsf.org/economic-research/publications/economic-letter/2000/september/short-term-international-borrowing-and-financial-fragility/
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Data leakage - practical measures to improve Information Governance Date: December 15, 2008 Blog: Systems ThinkingWe have tried to characterize some of this with three metaphors.
We had been involved tangentially in cal state breach notification legislation. We had been called in to help wordsmith the cal electronic signature legislation and some of the parties involved, were also involved in privacy issues and had done extensive consumer surveys on privacy. They found the most important consumer privacy issue was identity theft and its major subtype, account fraud (fraudulent financial transactions against existing accounts) as a result of information leakage from breaches). This aspect was getting little or no notice, so it seemed there was some hope that the publicity associated from breach notification would start to prompt corrective action.
• dual-use vulnerability metaphor
account number is required in a large number of different business processes and is required to be readily available. at the same time the account number has to be kept strictly confidential and never divulged to anybody (not even those needing it for business processes, since insiders have repeatedly been shown to be the major source of identity theft). we've claimed that even if the planet was buried under miles of information hiding encryption, that it wouldn't be sufficient to prevent information leakage.
• security proportional to risk metaphor
to the merchant, knowledge of the account number is worth some percent of the profit off the transaction; that same knowledge for the crook, is worth the account balance/credit-limit. as a result, the crook may be able to outspend by a factor of 100 times attacking the system (as the merchant can afford to spend protecting/defending the system).
• naked transaction metaphor
transactions are vulnerable where ever they exist; misc archived naked
transaction metaphor blog activity & posts
https://www.garlic.com/~lynn/subintegrity.html#payments
after having been called in to consult with small client/server
startup that wanted to do payments on their server (they had also
invented this thing called SSL they wanted to use with it ... that
effort now is frequently referred to as electronic commerce), in the
mid-90s we were asked to participate in the x9a10 financial working
group (which had been given the requirement to preserve the
integrity of the financial infrastructure for ALL retail
payments) and did some in-depth, end-to-end threat and vulnerability
studies ... which resulted in the x959 financial transaction standard
... misc references
https://www.garlic.com/~lynn/x959.html#x959
part of x9.59 financial transaction standard was to slightly change the paradigm and make existing financial transaction information useless to crooks & attackers for performing fraudulent transactions. X9.59 didn't do anything about skimming, harvesting, breaches, leakages, etc ... but it eliminated the fraudulent financial transactions that has been the major threat from such activity.
some other recent posts mentioning the metaphors:
https://www.garlic.com/~lynn/2008o.html#76 Blinkenlights
https://www.garlic.com/~lynn/2008p.html#5 Privacy, Identity theft, account fraud
https://www.garlic.com/~lynn/2008p.html#7 Dealing with the neew MA ID protection law
https://www.garlic.com/~lynn/2008p.html#59 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008r.html#53 21 million German bank account details on black market
past posts mentioning security proportional to risk in industrial espionage
court case:
https://www.garlic.com/~lynn/2001d.html#42 IBM was/is: Imitation...
https://www.garlic.com/~lynn/2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2005f.html#60 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005r.html#7 DDJ Article on "Secure" Dongle
https://www.garlic.com/~lynn/2006q.html#36 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006r.html#29 Intel abandons USEnet news
https://www.garlic.com/~lynn/2008.html#25 Tap and faucet and spellcheckers
https://www.garlic.com/~lynn/2008.html#26 Tap and faucet and spellcheckers
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: First successful PC OS? Newsgroups: alt.folklore.computers Date: Mon, 15 Dec 2008 18:53:25timcaffrey@aol.com (Tim McCaffrey) writes:
but the URL has gone 404
http://www.khet.net/gmc/docs/museum/en_cpmName.html
but there is always the wayback machine
https://web.archive.org/web/20071011100440/http://www.khet.net/gmc/docs/museum/en_cpmName.html
also related recent cp/cms (and personal computing) post:
https://www.garlic.com/~lynn/2008s.html#3 New machine code
and earlier post in this thread:
https://www.garlic.com/~lynn/2008s.html#0 First successful PC OS?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: New machine code Newsgroups: alt.folklore.computers Date: Mon, 15 Dec 2008 21:59:41Rich Alderson <news@alderson.users.panix.com> writes:
in the 70s and 80s there were monthly vm/cms (baybunch) meetings at SLAC ... where all sort of things were discussed ... including tymshare mentioning games. i was trying to get the vm/cms adventure port shortly after it was done ... but actually got a copy of source from somebody in the UK before i got copy from tymshare.
and some old email related to getting copy of adventure source
https://www.garlic.com/~lynn/2006y.html#email780405
https://www.garlic.com/~lynn/2006y.html#email780405b
in this post
https://www.garlic.com/~lynn/2006y.html#18 The History of Computer Role-Playing Games...
other old email in response to looking for copy of adventure:
Date: 03/21/78 19:36:29
To: wheeler
I don't have or heard of anyone having the 'ADVENTURE' Game.
If I find it, I'll be sure to pass it on.
PS: If you're interested in a list of what we have in games or pictures,
I'll be glad to send it.
... snip ... top of post, old email index
other topic drift, tymshare had done a vm/cms computering conferencing
system and made a free service available to the (corporate user group)
share organization
http://www.share.org/
in aug76 ... archived here
http://vm.marist.edu/~vmshare/
and procedure was set up to send me monthly copies on tape ... so i could
shadow on internal machines ... some old email related to vmshare:
https://www.garlic.com/~lynn/lhwemail.html#vmshare
recent post mentioning another kind of discussion (after baybunch
meeting)
https://www.garlic.com/~lynn/2008r.html#27 CPU time/instruction table
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: New machine code Newsgroups: alt.folklore.computers Date: Mon, 15 Dec 2008 22:27:37Anne & Lynn Wheeler <lynn@garlic.com> writes:
and wiki page:
https://en.wikipedia.org/wiki/Colossal_Cave_Adventure
from above:
The game was also ported to Prime Computer's super-mini running PRIMOS
in the late 1970s, utilising Fortran 4, and to IBM mainframes running
VM/CMS in late 1978, utilizing PL/1.
... snip ...
i was making copy of the adventure game (cms) executable available internally ... and if somebody demonstrated that they had gotten all the points ... i would email them the fortran source. one such person ... took the fortran source and ported to pl/i as well as adding a bunch of new rooms and points (i think initiall 450).
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: New machine code Newsgroups: alt.folklore.computers Date: Mon, 15 Dec 2008 22:45:33re:
oh and email regarding pli verson:
https://www.garlic.com/~lynn/2007m.html#email780517
in this post
https://www.garlic.com/~lynn/2007m.html#6 Zork and Adventure
above also has another old adventure related email
https://www.garlic.com/~lynn/2007m.html#email780414
i still had a reference to this cms executable file ... but not the
file itself:
&1 &2 ADVENTUR MODULE D1()V 65535 5 40 4/11/78 19:59
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Orwellian Apple ad celebrates 25th birthday Newsgroups: alt.folklore.computers Date: Tue, 16 Dec 2008 09:29:13Orwellian Apple ad celebrates 25th birthday
from above:
It first hit the small screen little more than a month earlier, when it
aired at one o'clock in the morning on KMVT, Channel 11 in Twin Falls,
Idaho.
Without a December debut, Apple and its ad agency, Chiat\Day, couldn't
qualify for the season's advertising trophies.
... snip ...
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Orwellian Apple ad celebrates 25th birthday Newsgroups: alt.folklore.computers Date: Tue, 16 Dec 2008 09:48:17re:
After the IBM/PC was announced, Tymshare created a 2nd computer
conferencing facility for the SHARE organization
http://www.share.org/
to compliment the vmshare conferencing that had been launced aug76. I
started getting monthly tape copies of the vmshare (deploy shadows on
internal machines) ... after pcshare was launced, the pcshare files were
also added to the tape. recent post regarding vmshare
https://www.garlic.com/~lynn/2008s.html#12 New machine code
I had also gotten some of the information from my brother ... previous
mention that he was Apple regional marketing rep:
https://www.garlic.com/~lynn/2008r.html#5 What if the computers went back to the '70s too?
who had been in town getting week class on the new machine.
from long ago and far away:
Date: 22 December 1983, 00:37:08 PST
To: small distribution
This week's interesting tidbit from PCSHARE:
= = = = = = = = = = = = = = = = = = = = = = = = = = =
Lucky me, I got my hands on an illicit copy of an advertising brochure for
the new Apple MacIntosh! It is a blow by blow, screen by screen comparison
(somewhat unfair) between the IBM PC and the Mac. They even show side by
side pictures of the 8088 and 68000 chips. The Mac's is bigger therefor its
better?? Anyway, there is lots of interesting technical stuff. No prices tho.
Of course, if they are comparing it to the PC, its obviously around $2500.
Here's the dope:
MC6800DL8 CPU with 128K RAM and 64K ROM (probably 5 MHZ to support the
graphics.)
Doesn't look like you can add more RAM.
9 inch 512 x 342 pixel bit-mapped monochrome display.
The basic box is 10.9in deep by 9.7in wide by 13.5in high (very small). Comes with
carrying handle -- supposed to be lighter than most portables. It looks like a
baby 3278 with built-in diskette drive.
Built-in 3.5in floppy diskette drive using 400K Sony-style diskettes.
Optical track ball mouse with a single button ("So it's extremely difficult to
press the wrong button").
No fan -- clever venting.
Calendar/clock
Connectors in the back: mouse; external disk drive (second diskette drive);
RS232 and RS422 DB9 connectors; polyphonic sound port (it talks!).
Keyboard is detached with telephone type jack. I count 58 keys. Not as extensive
as IBM's.
Supposedly you can generate 217 characters, including accented letters and
math symbols.
Also described are the Apple Imagewriter printer (Epson-like) and a modem.
Software includes:
- Standard LISA pull-down menus and icons (there's the little trash can!)
- MacWrite word processor (multiple fonts, proportional spacing, etc.)
- MacPaint for making pictures
- MacProject for critical path charting
- MacTerminal VT100, 3278 emulation, VT52, or TTY.
- MacIntosh BASIC and MacIntosh Pascal
- MacDraw (whatever that is)
- Also, 3rd party offerings including: Lotus 1-2-3, PFS, MultiPlan, and
Microsoft Chart, File, and Word.
All software is integrated with windows, icons, pull-down menus, and mouse
control.
There is also support for Apple's local area network, AppleBus.
The basic unit comes with: computer, display, built-in disk drive, and
firmware, a detached keyboard, the mouse, a system disk (Finder and
Desk Accessories {eg. calculator, etc.}), a tutorial diskette and audio
diskette ("A Guided Tour of Macintosh"), and "one -- count it -- one manual."
I guess I will have to try to find room in my home computer room for yet
ANOTHER goodie!
Don Worth - UCLA
*** APPENDED 12/21/83 12:44:37 BY UR ***
... snip ... top of post, old email index
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM PC competitors Newsgroups: alt.folklore.computers Date: Tue, 16 Dec 2008 15:04:00hancock4 writes:
this then involved into an interdata/4 handling the channel interface and multiple interdata/3s handling the line-scanner/port interface. this became a product from interdata ... and then as perkin/elmer product, after they bought interdata.
this references a major motivation for future system product was clone controllers
reference from "IBM Crisis and Change" article:
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
quote from the above (i.e. response to clone controllers):
IBM tried to react by launching a major project called the 'Future
System' (FS) in the early 1970's. The idea was to get so far ahead that
the competition would never be able to keep up, and to have such a high
level of integration that it would be impossible for competitors to
follow a compatible niche strategy. However, the project failed because
the objectives were too ambitious for the available technology. Many of
the ideas that were developed were nevertheless adapted for later
generations. Once IBM had acknowledged this failure, it launched its
'box strategy', which called for competitiveness with all the different
types of compatible sub-systems. But this proved to be difficult because
of IBM's cost structure and its R&D spending, and the strategy only
resulted in a partial narrowing of the price gap between IBM and its
rivals
... snip ...
other past posts mentioning future system
https://www.garlic.com/~lynn/submain.html#futuresys
in early 70s, Amdahl gave a talk on his new (360 processor clone) company at MIT (large auditorium). one of the students asked what justification did Amdahl use with the VCs to back his new company. the response was something about customers had already spent something like $200B on 360 application software development and that even if IBM were to totally walk away from 360 (which might considered a veiled reference to future system project), there would still be enough 360 business to last through the end of the century.
part of 23jun69 "unbundling" announcement (in response to various legal
actions) including starting to charge for application software as well
as system engineering services. There was a successful argument made
that "kernel" software should continue to be "free". misc. past
posts mentioning unbundling announcement
https://www.garlic.com/~lynn/submain.html#unbundle
The charging for SE services pretty much put an end to SE support teams
at customer sites ... where new SEs learned the trade ... sort of as
apprentices (since they couldn't figure out how not to charge for new,
inexperienced SEs at customer site). In reaction, HONE (Hands-On Network
Environment) was setup ... a number of internal cp67 data centers
providing virtual machine access to SEs in the branch office. The
concept was that SEs could get hands-on operating experience via remote
access running in (CP67) virtual machines. misc. past posts mentioning
HONE:
https://www.garlic.com/~lynn/subtopic.html#hone
However, the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
had ported apl\360 to CMS (for cms\apl) and a number of sales & marketing support applications were developed in CMS\APL and (also) deployed on HONE. Relatively quickly the sales&marketing applications came to dominate all HONE activity (personal computing, time-sharing) ... and the original objective of SE training (using other operating systems in virtual machines) withered away.
Later when future system was canceled, there was a mad rush to get products back into the 370 (software and hardware) product pipeline ... which had been neglected with all the focus on future system effort ... and had also contributed to 370 clone processors being able to get a foothold in the market.
Part of that contributed to deciding to pick up some amount of 370 stuff
that I had been doing all during the future system period ... some old
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
https://www.garlic.com/~lynn/2006w.html#email750430
part of that was specific, separate "resource manager" project. The
appearance of 370 clone processors appeared to contribute to the
decision to (reverse earlier decision to not charge for kernel software)
start charging for kernel software ... and my "resource manager" was
selected for the guinea pig. misc. past posts mentioning resource
manager
https://www.garlic.com/~lynn/subtopic.html#fairshare
as a consequences, I got roped into spending time with lawyers and business people regarding policy for kernel software pricing.
I've also mentioned getting to play disk engineer in bldg. 14 & 15 ...
misc. past posts
https://www.garlic.com/~lynn/subtopic.html#disk
and periodically getting roped into architecture meetings and/or conference calls with POK channel engineers. I asked why I was getting tasked for this (somebody from research that would wander in & out) ... and the reply was that just about all the senior engineers (that had previously handled high level architecture detail) had departed at one point or another. The departure of these senior engineers hadn't been a case of burn-out ... but new startups being able to lure them away with significantly better offers (equity, stock options, etc).
The big departures were after 360 had gained a large market foothold ... so there was an extremely large customer base for the clone controllers to sell into (and therefor attractive business case for VCs and startups).
For a little topic drift regarding the R&D cost structure ... recent
(linkedin) post about greed
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
mentioning early 80s court case regarding theft of (new disk) industrial information. the couple billion damages mentioned was supposedly six month revenue for a clone disk company ... the difference between having a product ready to ship the same day the first original shipped to customers (by using stolen information) and the (typical) six month delay it would take to acquire one of the new products, reverse engineer the product and develop a clone.
misc. past PC clone posts/threads:
https://www.garlic.com/~lynn/2000.html#6 Computer of the century
https://www.garlic.com/~lynn/2000b.html#35 VMS vs. Unix (was: Why are Suns so slow?)
https://www.garlic.com/~lynn/2004b.html#1 The BASIC Variations
https://www.garlic.com/~lynn/2005f.html#14 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005r.html#20 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005r.html#34 logical block addressing
https://www.garlic.com/~lynn/2007l.html#10 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007n.html#0 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007r.html#39 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007u.html#12 folklore indeed
https://www.garlic.com/~lynn/2007v.html#76 Why Didn't Digital Catch the Wave?
https://www.garlic.com/~lynn/2008d.html#60 more on (the new 40+ yr old) virtualization
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: What do you think needs to happen with the auto makers to make them viable Date: December 16, 2008 Blog: Equity Marketsthere are already examples of auto makers in the US that are already viable ... recent article ... also referenced in other similar questions ...
Dumbest People' Industry Image May Cost Wagoner Job
http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchive&sid=ap8pS2oslvn0&refer=home
a couple quotes from above:
"There's the feeling that next to financial services, automotive execs
are the dumbest people in the world"
"It's pretty clear that management has made some pretty bad decisions
over the last 20 years"
"Toyota generated pretax profit of $922 per vehicle on North American
sales in 2007, while GM lost $729"
... snip ...
and
Honda reports record profit
http://www.foxnews.com/story/2008/07/25/honda-reports-record-profit-after-ford-suffers-huge-loss
... also archived here:
https://www.garlic.com/~lynn/2008p.html#77
https://www.garlic.com/~lynn/2008p.html#82
https://www.garlic.com/~lynn/2008q.html#22
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: What next? from where would the Banks be hit? Date: December 16, 2008 Blog: Risk ManagementOne of the TV business news shows had CEO of regional bank on yesterday. Basically the theme was that most of the regional/community banks practiced prudent lending, interviewed the applicants, etc. The claim was that the imprudent lending behavior by several institutions has resulted in change in regulations and policies that will adversely affect all institutions. An example cited is that they expect FDIC to double the assessment (in order to cover troubled institutions) next year which will reduce their ability to make new loans.
one article related to lots of institutions adopting imprudent behavior
The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html
from above:
Watsa's only sin was in being a little too early with his prediction
that the era of credit expansion would end badly. This is what he said
in Fairfax's 2003 annual report: "It seems to us that securitization
eliminates the incentive for the originator of [a] loan to be credit
sensitive. Prior to securitization, the dealer would be very concerned
about who was given credit to buy an automobile. With securitization,
the dealer (almost) does not care."
... snip ...
On Sunday, CSPAN had panel with several people from industry. One of the comments was that the subprime was supposedly targeted at low-income, first time home owners ... but only something like 10% of subprime loans went to that market.
With huge influx of funds from securitization and no regard who got loans ... they were cycling loans through the mill as fast as possible to all comers (speculator looking at 20%/annum inflation ... a no-down, no-documentation, 1% introductory, interest-only ... flipping after a year ... represents significant ROI). CBS 60mins had segment on some of these speculators in the overheated Florida and California real-estate markets.
There was comment (in the past day or two) ... that only about half the ARMs, written during the securitization lending frenzy, have reset ... and the next wave of ARM resets should be coming soon ... which could really increase downward pressure on the economy.
another article from last week:
The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php
from above:
Markets need regulation to stay stable. We have had thirty years of
financial deregulation. Now we are seeing chickens coming home to
roost. This is the key argument of Professor Nick Bingham, a
mathematician at Imperial College London, in an article published
today in Significance, the magazine of the Royal Statistical Society.
... snip ...
Other claims are that the big-3 problem has been 20-30 yrs in the making (some claiming 50yrs). In the early 80s, there was an article that said the import quotas was suppose to provide the big-3 with breathing room and significantly increased profits to completely remake themselves. Since that wasn't happening, there was a call for a 100% unearned profit tax (the import quotas, reducing competition and enabling significant price increases and therefor significant profit increase ... all at the expense of the US consumer). The industry had huge losses in 2007 ... well before the current credit crunch.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Nerdy networking kid crashes the party Date: December 17, 2008 Blog: Greater IBMNerdy networking kid crashes the party
from above:
IT SEEMS THE WORD is out and, even though Cisco is not directly
confirming reports about the firm moving into the blade server market,
it is widely expected to happen within the next couple of months,
throwing the firm into the ring with its former partners, IBM and HP.
... snip ...
We were putting in T1 links as part of HSDT project in the mid-80s
https://www.garlic.com/~lynn/subnetwork.html#hsdt
and working with NSF to have T1 links for the NSFNET backbone (the operational precursor to the modern internet) and constantly running afoul of the communication group.
We were prevented from bidding on NSFNET backbone ... even though the
director of the NSF writing the company a letter 3Apr1986, NSF Director to IBM Chief Scientist and IBM Senior VP and director of Research, copying IBM CEO)
... including some reference to what we already had running was at
least five years ahead of all bid submissions. misc. old email related
to the period
https://www.garlic.com/~lynn/lhwemail.html#nsfnet
In this period there was a corporate communication five year strategic projection that there would only be 200 T1 installed links. A quicky customer survey found over 200 T1 links already in mainframe shops.
The methodology disconnect appeared to be a problem in how the five year projection was made. The standard existing communication product only supported up to 56kbit links ... but had a feature called "fat pipes" that allowed multiple 56kbit links to be grouped together and used to simulate a faster link. There was a survey that looked at fat pipes with 2, 3, 4, 5, 6, etc 56kbit links ... which found little or no fat pipes with six or more 56kbit links. What they apparently didn't realize was telco tariff had x-over about 5-6 56kbit links being about the same as tariff for T1 link. As a result, customers needing more than 300kbit bandwidth found it cheaper to install a full T1 and support it with somebody else's product.
Part of this we've characterized as having trouble making transition from a communication paradigm that was primarily oriented towards supporting dumb terminals ... to (peer-to-peer) networking paradigm.
somewhat related posts regarding (dumb) terminal emulation
https://www.garlic.com/~lynn/subnetwork.html#emulation
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Five great technological revolutions Date: December 17, 2008 Blog: Greater IBMNote that the current scenario isn't that the environment outgrew the regulations ... but the regulations and regulation enforcement was cut way back. recent article from last week:
The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php
from above:
Markets need regulation to stay stable. We have had thirty years of
financial deregulation. Now we are seeing chickens coming home to
roost. This is the key argument of Professor Nick Bingham, a
mathematician at Imperial College London, in an article published
today in Significance, the magazine of the Royal Statistical Society.
... snip ...
CDOs (securitized mortgages) were used two decades ago in the S&L crisis to obfuscate underlying value ... so it wasn't that there wasn't awareness.
CDO use was further aggravated by giving them triple-A ratings (when both the toxic CDO issuers and the rating agencies knew they didn't deserve them). In the recent congressional hearings the word "fraud" was used several times.
the following isn't just applicable to auto loans but all kinds of securitized loans.
The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html
from above:
Watsa's only sin was in being a little too early with his prediction
that the era of credit expansion would end badly. This is what he said
in Fairfax's 2003 annual report: "It seems to us that securitization
eliminates the incentive for the originator of [a] loan to be credit
sensitive. Prior to securitization, the dealer would be very concerned
about who was given credit to buy an automobile. With securitization,
the dealer (almost) does not care."
... snip ...
long winded, decade old post discussing some of the current problems
... including needing visibility into securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm
A lot of the deregulation and pull back from regulation enforcement falls on the SEC. Supposedly SOX required SEC to do something with respect to the rating agencies ... but there doesn't seem to have been anything besides a Jan2003 report:
Report on the Role and Function of Credit Rating Agencies in the
Operation of the Securities Markets; As Required by Section 702(b) of
the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf
On CSPAN a couple months ago there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250M in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.
PBS program/webpages discussing some of the wall street influence on
congress, wall street fix (including repeal of Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet
Claims are that the big-3 problems have been 20-30 yrs in the making (some claiming 50). In the early 80s, there was an article that said the import quotas were suppose to provide the big-3 with breathing room and significantly increase profits to completely remake themselves. Since that wasn't happening, there was a call for 100% unearned profit tax (the import quotas, reducing competition and enabling significant price increases and therefor significant profit increase ... all at the expense of the US consumer). The industry had huge losses in 2007 ... well before the current credit crunch.
(archived) posts from other recent linkedin discussions
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
https://www.garlic.com/~lynn/2008s.html#8 Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations
https://www.garlic.com/~lynn/2008s.html#18 What next? from where would the Banks be hit?
With respect to globalization ... we did some interviewing when we
were running HA/CMP product ... some past posts
https://www.garlic.com/~lynn/subtopic.html#hacmp
and all the technical 4.0 graduates from cal. higher education were from foreign countries. report from the 1990 census claimed that half the 18yrs olds were functionally illiterate. a report from when the foreign auto makers started building US plants was that they needed to require junior college degree in order to get high school education.
2006 study found that of 39 industrial countries, US ranked 25th in
science and 35th in math. another study ranked US 29th in science
worldwide. old post on the subject from a year ago
https://www.garlic.com/~lynn/2007u.html#78 Education ranking
another archived post from earlier this year:
https://www.garlic.com/~lynn/2008e.html#61 Study Finds Sharp Match, Science Skills Help Expand Economy
wsj article mentioned
Study Finds Sharp Math, Science Skills Help Expand Economy
http://online.wsj.com/news/articles/SB120452027357807261?mg=reno64-wsj&url=http%3A%2F%2Fonline.wsj.com%2Farticle%2FSB120452027357807261.html
from above:
Nearly two decades ago, the National Governors Association called for
U.S. students to sharply improve in math and science by 2000. If the
U.S. had managed to achieve the goal, and joined world leaders like
Finland, Hong Kong and South Korea, GDP would be two percentage points
higher today and 4.5 points higher in 2015, the study calculated. "Had
we figured out some way to improve our schools, or do what we could to
improve the learning of our students, we would be a lot better off
today," said Mr. Hanushek.
... snip ...
note that nothing improved in the US.
Related to report that half 18yr olds being functionally illiterate from 1990 census information ... there was also a report claiming half the US manufacturing jobs (at the time) were "subsidized" (i.e. worker compensation was greater than the value of their labor). There was then a prediction that given existing trends that by 2020, the work of only 3percent of the US work force would be valued more than their compensation.
related economic issues:
https://www.garlic.com/~lynn/2008q.html#55 Can outsourcing be stopped?
https://www.garlic.com/~lynn/2008r.html#8 Can outsourcing be stopped?
I've mentioned before that I sponsored Boyd's briefings at IBM in the
80s ... greater IBM reference
https://www.garlic.com/~lynn/2008q.html#46 The Pattern of Engagement in High Value Sales Campaigns
Related to technology, educational, economic interests ... there is
things like "America's Defense Meltdown" ... which can be found in
some of the Boyd related blogs and forums.
http://www.cdi.org/friendlyversion/printversion.cfm?documentID=4402
related articles from the press:
http://www.huffingtonpost.com/john-tepper-marlin/experts-slam-dod-waste-in_b_145134.html
http://www.atimes.com/atimes/Middle_East/JK27Ak02.html
one of my archived posts in one of the related threads
https://www.garlic.com/~lynn/2008s.html#4 Expanding U.S. Tactical Aviation's "Approved Belief"
For a different kind of "futures" prediction for 2025:
http://www.dni.gov/nic/NIC_2025_project.html
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM PC competitors Newsgroups: alt.folklore.computers Date: Wed, 17 Dec 2008 13:08:15Lars Poulsen <lars@beagle-ears.com> writes:
a big problem was that the field service people mandated that the mainframes required various RAS, error recovery, and error reporting infrastructure in order for them to maintain and service the machines.
the effort to add such RAS, error recovery and error reporting to UNIX would have been an effort several times larger than the straight-forward porting of UNIX to the mainframe. running unix under VM allowed VM to provide all the RAS, error recovery, and error reporting needed by field service.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM PC competitors Newsgroups: alt.folklore.computers Date: Wed, 17 Dec 2008 13:44:54"MC" <for.address.look@www.ai.uga.edu.slash.mc> writes:
3101 had 6800 ... some of the following email references having "mod1" 3101s ... and looking to burn "mod2" EEPROMs to "field" upgrade them to mod2s.
some old email about topaz/3101 ("dumb" ascii terminal):
https://www.garlic.com/~lynn/2006y.html#email791011
https://www.garlic.com/~lynn/2006y.html#email791011b
https://www.garlic.com/~lynn/2006y.html#email800301
https://www.garlic.com/~lynn/2006y.html#email800311
https://www.garlic.com/~lynn/2006y.html#email800312
https://www.garlic.com/~lynn/2006y.html#email810820
in these posts
https://www.garlic.com/~lynn/2006y.html#0 Why so little parallelism?
https://www.garlic.com/~lynn/2006y.html#4 Why so little parallelism?
https://www.garlic.com/~lynn/2006y.html#31 "The Elements of Programming Style"
for other topic drift ... these old emails mentioned getting APL character
set support on TOPAZ
https://www.garlic.com/~lynn/2006y.html#email791011
https://www.garlic.com/~lynn/2006y.html#email800301
reference to getting 3101 as home terminal in '80 (along with
picture of screen):
https://www.garlic.com/~lynn/2008m.html#51 Baudot code direct to computers?
also in this email (along with installation of data jack at home and
delivery of 1200baud vadic modem):
https://www.garlic.com/~lynn/2006y.html#email800314
other past posts mentioning topaz/3101 ("dumb" ascii terminal):
https://www.garlic.com/~lynn/99.html#69 System/1 ?
https://www.garlic.com/~lynn/2000g.html#17 IBM's mess (was: Re: What the hell is an MSX?)
https://www.garlic.com/~lynn/2001b.html#12 Now early Arpanet security
https://www.garlic.com/~lynn/2001b.html#13 Now early Arpanet security
https://www.garlic.com/~lynn/2001h.html#32 Wanted: pictures of green-screen text
https://www.garlic.com/~lynn/2001m.html#1 ASR33/35 Controls
https://www.garlic.com/~lynn/2001m.html#54 Author seeks help - net in 1981
https://www.garlic.com/~lynn/2003c.html#34 difference between itanium and alpha
https://www.garlic.com/~lynn/2003c.html#35 difference between itanium and alpha
https://www.garlic.com/~lynn/2003n.html#7 3270 terminal keyboard??
https://www.garlic.com/~lynn/2004e.html#8 were dumb terminals actually so dumb???
https://www.garlic.com/~lynn/2005p.html#28 Canon Cat for Sale
https://www.garlic.com/~lynn/2005r.html#12 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2006n.html#56 AT&T Labs vs. Google Labs - R&D History
https://www.garlic.com/~lynn/2006y.html#0 Why so little parallelism?
https://www.garlic.com/~lynn/2006y.html#4 Why so little parallelism?
https://www.garlic.com/~lynn/2006y.html#24 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2006y.html#31 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007e.html#15 The Genealogy of the IBM PC
https://www.garlic.com/~lynn/2007h.html#39 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007k.html#40 DEC and news groups
https://www.garlic.com/~lynn/2007s.html#48 ongoing rush to the new, 40+ yr old virtual machine technology
https://www.garlic.com/~lynn/2007t.html#74 What do YOU call the # sign?
https://www.garlic.com/~lynn/2008l.html#79 Book: "Everyone Else Must Fail" --Larry Ellison and Oracle ???
https://www.garlic.com/~lynn/2008m.html#37 Baudot code direct to computers?
https://www.garlic.com/~lynn/2008m.html#38 Baudot code direct to computers?
https://www.garlic.com/~lynn/2008m.html#88 Sustainable Web
https://www.garlic.com/~lynn/2008n.html#51 Baudot code direct to computers?
https://www.garlic.com/~lynn/2008r.html#5 What if the computers went back to the '70s too?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch Date: Thu, 18 Dec 2008 16:03:58Robert Myers <rbmyersusa@gmail.com> writes:
How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
Subprime = Triple-A ratings? or 'How to Lie with Statistics' (gone 404 but lives on at the wayback machine)
https://web.archive.org/web/20071111031315/http://www.bloggingstocks.com/2007/07/25/subprime-triple-a-ratings-or-how-to-lie-with-statistics/
CDOs had been used two decades ago in the S&L crisis to obfuscate underlying values and sell-off for more than they were otherwise worth. Maybe more computer power just met that there were new ways to obfuscate what they were really doing.
long winded, decade old post discussing some of the current issues,
including needing better visibility into the underlying values of
securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm
recent congressional hearings into CDOs looked at rating agencies giving toxic CDOs triple-A ratings ... even though the toxic CDO issuers and the rating agencies both knew they weren't worth triple-A rating (the word "fraud" was also periodically used in the hearings). The toxic CDO triple-A ratings significantly increased the number of institutions that would deal in these toxic CDO instruments (as well as significantly increasing the amount of money that unregulated institutions had to lend).
related side-effect of (often) unregulated institutions being able to immediately offload loans:
The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html
from above:
Watsa's only sin was in being a little too early with his prediction
that the era of credit expansion would end badly. This is what he said
in Fairfax's 2003 annual report: "It seems to us that securitization
eliminates the incentive for the originator of [a] loan to be credit
sensitive. Prior to securitization, the dealer would be very concerned
about who was given credit to buy an automobile. With securitization,
the dealer (almost) does not care."
... snip ...
Last Sunday, CSPAN had panel with several people from industry. One of the comments was that the subprime was supposedly targeted at low-income, first time home owners ... but only something like 10% of subprime loans went to that market.
With huge influx of funds from securitization and no regard who got loans ... they were cycling loans through the mill as fast as possible to all comers (speculator looking at 20%/annum inflation ... a no-down, no-documentation, 1% introductory, interest-only ... flipping after a year ... represents significant ROI). CBS 60mins had segment on some of these speculators in the overheated Florida and California real-estate markets.
... and then a article from last week that appeared in a number of places:
The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php
from above:
Markets need regulation to stay stable. We have had thirty years of
financial deregulation. Now we are seeing chickens coming home to
roost. This is the key argument of Professor Nick Bingham, a
mathematician at Imperial College London, in an article published
today in Significance, the magazine of the Royal Statistical Society.
... snip ...
The CSPAN panel also seemed to be torn between the industry claiming being ignorant and totally incompetent vis-a-vis admitting they just ignored (and/or manipulated) all the indications.
On CSPAN, a couple months ago there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250m in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.
The PBS programs/webpages discussing some of the wall street influence
on congress, wall street fix (including repeal of Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet
On the institution side buying these (triple-A rated toxic CDO, packaged) mortgages .... the institutions were 1) playing long/short mismatch and 2) heavily leveraging. Playing long/short mismatch (alone) has been known to take down institutions for centuries (in this case, even if the toxic CDOs had been worth their triple-A ratings). Comments were that Bear-Stearn and Lehman had marginal chance of surviving playing long/short mismatch. This was further aggravated with heavy leverage ... in some cases leveraging capital 40-80 times in buying triple-A rated toxic CDOs.
article from year ago about playing long/short mismatch (including
transactions being carried offbalance ... some possibly are still
lurking more than a yr later)
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html
decade old article from SanFran FED on problems with long/short
mismatch
http://www.frbsf.org/economic-research/publications/economic-letter/2000/september/short-term-international-borrowing-and-financial-fragility/
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch,comp.sys.intel,comp.sys.ibm.pc.hardware.chips Date: Thu, 18 Dec 2008 16:58:32Andrew Reilly <andrew-newspost@areilly.bpc-users.org> writes:
GAO has been doing database of increasing numbers of financial
restatements of public companies (in spite of SOX). Basically
executives fiddle statements in order to increase bonuses. Later
statements may be restated, but executives don't forfeit bonuses. One of
the worst examples was freddie was fined $400m in 2004 for $10b
statement fiddling/inflation and the CEO replaced ... but allowed to
keep tens (hundred?) of millions. an earlier GAO reference:
http://www.gao.gov/products/GAO-03-138
2006 GAO reference:
http://www.gao.gov/new.items/d06678.pdf
post from earlier this year (with several additional references)
https://www.garlic.com/~lynn/2008f.html#96
with respect to rating agencies giving triple-A ratings to toxic CDOs, supposedly SOX required SEC to do something with respect to the rating agencies ... but there doesn't seem to have been anything besides a Jan2003 report.
Report on the Role and Function of Credit Rating Agencies in the
Operation of the Securities Markets; As Required by Section 702(b) of
the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf
another reference:
https://www.garlic.com/~lynn/2008s.html#5
and some related items:
https://www.garlic.com/~lynn/2008s.html#9
I would claim that regulation of the financial infrastructure and
insider anti-fraud processes are closely related. this recent post
mentions an early 80s court case involving (silicon valley, computer)
industrial espionage ... and the court effectively required
demonstrating that anti-theft/anti-fraud processes (which were
proportional to the value of the information, in the particular
situation, a couple billion dollars) had to be in place
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
in the above post, i also mentioned that in a 2004 european financial executive conference, i claimed that SOX was in large part window dressing.
the analogy (in the industrial espionage court case) was akin to requiring fences around swimming pools since minors can't be held responsible for going swimming. given sufficient temptation ... the court basically assumed everybody would steal something valuable ... unless there were countermeasures.
Asking why financial regulation is needed is possibly on par with wondering why banks might use vaults to keep money. The court (in the particular case from the early 80s claiming billions in damages) ... bascially wanted, in additon to showing that the information had been stolen (and used so that there was resulting damages), proof that there had been anti-theft processes in place (and considered adequate to protect something worth billions of dollars, aka security proportional to risk).
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Web Security hasn't moved since 1995 Date: December 18, 2008 Blog: First Data Networkingre:
... and some ATM & magstripe archeological background ...
wiki page mentioning adding magstripe to plastic card was invented by
IBM and that magstripe encoding standards were managed at the IBM Los
Gatos lab from 1966 to 1975:
https://en.wikipedia.org/wiki/Magnetic_stripe
wiki ATM page:
https://en.wikipedia.org/wiki/Automated_teller_machine
wiki IBM 3624 page (mentioning a lasting 3624 feature was the 3624 PIN
block format used in transmission)
https://en.wikipedia.org/wiki/IBM_3624
past posts mentioning ATM machine work at Los Gatos Lab:
https://www.garlic.com/~lynn/2002m.html#45 Wanted: the SOUNDS of classic computing
https://www.garlic.com/~lynn/2003k.html#3 Ping: Anne & Lynn Wheeler
https://www.garlic.com/~lynn/2004p.html#25 IBM 3614 and 3624 ATM's
https://www.garlic.com/~lynn/2004p.html#26 IBM 3614 and 3624 ATM's
https://www.garlic.com/~lynn/2006q.html#5 Materiel and graft
https://www.garlic.com/~lynn/2006r.html#9 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006x.html#9 Plurals and language confusion
https://www.garlic.com/~lynn/2006x.html#14 IBM ATM machines
https://www.garlic.com/~lynn/2007l.html#47 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007s.html#7 ATMs
recent financial (transaction) dataprocessing post
https://www.garlic.com/~lynn/2008p.html#27 Father Of Financial Dataprocessing
for other topic drift ... references to (AADS) NACHA (debit) trials
https://www.garlic.com/~lynn/x959.html#aadsnacha
AADS NACHA RFI for above:
https://www.garlic.com/~lynn/nacharfi.htm
also mentioned in this recent post
https://www.garlic.com/~lynn/2008p.html#7 Dealing with the neew MA ID protection law
I had part of a wing (half dozen offices and labs) in the Los Gatos
lab bldg in the 80s and early 90s ... first for the (internal) HSDT
project ... misc. past posts
https://www.garlic.com/~lynn/subnetwork.html#hsdt
and then for the HA/CMP product ... misc. past posts
https://www.garlic.com/~lynn/subtopic.html#hacmp
recent post with picture of piece of HSDT equipment in a Los Gatos lab
basement equipment room:
https://www.garlic.com/~lynn/2008m.html#44 IBM-MAIN longevity
recent post references to mid-to-late 70s customer installation
regarding an ATM network implementation:
https://www.garlic.com/~lynn/2008j.html#13 What is "timesharing"
and post with several references to recent risk & fraud in ATM infrastructure
https://www.garlic.com/~lynn/2008j.html#55 What is "timesharing"
separate reference to PIN-block vulnerability (from 3624):
https://www.garlic.com/~lynn/2006u.html#40 New attacks on the financial PIN processing
also mentioned in wiki PIN page
https://en.wikipedia.org/wiki/Personal_identification_number
recent post mentioning some x-over between internal HSDT project and
T1s for NSFNET backbone:
https://www.garlic.com/~lynn/2008s.html#19 Nerdy networking kid crashes the party
for some x-over between HA/CMP product and electronic commerce
... this post discusses a meeting on distributed database scale-up (as
part of ha/cmp scale-up) in Jan92
https://www.garlic.com/~lynn/95.html#13
sometime after the above meeting, two of the people (that were in the
referenced meeing) left and joined a small client/server startup where
they were responsible for something called a commerce server. We were
then called in to consult with the small startup because they wanted
to do payment transactions on their server (the startup also had some
technology they had invented they wanted to use, called SSL). part of
that effort included deploying something called a payment gateway
... misc. past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Combining EMV and eID on a payment card? Date: December 18, 2008 Blog: Payments & Cards NetworkWe looked at this in AADS person-centric (authentication) model ... various AADS references
basically a hardware token that is something you have authentication that has sufficient (provable) integrity that it would be accepted by large number of institutions (in contrast to the institution-centric model ... requiring institution to issue and possibly personalize the token).
one issue from nearly a decade ago were some (other) kinds of token deployments ... which had some serious consumer usage problems ... resulting in rapidly spreading opinion that (ALL) hardware tokens weren't feasible in the consumer environment. the result was that numerous hardware token projects in process and/or planned effectively evaporated.
another issue that frequently crops up involves confusing authentication and identification. for nearly all the hardware token related operations ... authentication is sufficient ... however there are frequently extraneous efforts to also try and add identification. identification also frequently requires institutional specific personalization ... which complicates a person-centric something you have authentication (usable with a large variety of different institutions)).
Basically, an AADS hardware token ... provided registering of a hardware token unique public key ... analogous to the way a unique fingerprint might be recorded. Then, when that public key is used to validate a "digital signature", ... there was assurance of something you have authentication ... in much the same way verifying a fingerprint provides assurance of something you are authentication. No PKI is required, no personalization is required ... just recording a "public key" (in manner analogous to the way a fingerprint might be recorded in a biometric authentication infrastructure).
The X9.59 financial transaction standard allowed for such an AADS
authentication. misc. X9.59 references
https://www.garlic.com/~lynn/x959.html#x959
As part of person-centric paradigm, the AADS chip strawman was defined in such a way that the same chip could operate in multiple different modes, one-factor authentication, two-factor authentication, three-factor authentication, or even larger number of factors ... even dynamically changing in response to different institutional requirements.
parts of old threads from 2004 with similar discussion:
https://www.garlic.com/~lynn/aadsm17.htm#12 A combined EMV and ID card
https://www.garlic.com/~lynn/aadsm17.htm#13 A combined EMV and ID card
https://www.garlic.com/~lynn/aadsm18.htm#27 EMV cards as identity cards
https://www.garlic.com/~lynn/aadsm18.htm#29 EMV cards as identity cards
https://www.garlic.com/~lynn/aadsm18.htm#31 EMV cards as identity cards
https://www.garlic.com/~lynn/aadsm18.htm#32 EMV cards as identity cards
and parts of recent long winded related linkedin thread:
https://www.garlic.com/~lynn/2008p.html#15 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#18 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#19 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#22 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#28 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#32 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#44 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#49 Can Smart Cards Reduce Payments Fruad and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#55 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#59 Can Smart Cards Reduce Payments Fraud and Identity Theft?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch,comp.sys.intel,comp.sys.ibm.pc.hardware.chips Date: Thu, 18 Dec 2008 20:56:49re:
and for more of the view requiring regulation:
Corporate Fraud and Misconduct Risks Driven by Pressure to do
'Whatever It Takes'; Fewer episodes reported by companies with ethics
and compliance programs
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487
from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said
they had personally observed misconduct within their organizations
during the prior 12 months, unchanged from the level reported by KPMG
survey respondents in 2005. Roughly half (46 percent) of respondents
reported that what they observed "could cause a significant loss of
public trust if discovered," a figure that rises to 60 percent among
employees working in the banking and finance industry.
... snip ...
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch,comp.sys.intel,comp.sys.ibm.pc.hardware.chips Date: Fri, 19 Dec 2008 06:54:25Robert Myers <rbmyersusa@gmail.com> writes:
there is the old line about asking crooks why they rob banks ... and the answer is: that is where the money is. if overall number is 46% ("could cause a significant loss of public trust if discovered") and number for financial is 60%, then the non-financial industry number should be someplace under 40% ... making financial industry at least 50% worse than other industries (possibly twice).
recent/similar thread in some linkedin discussions ... where i
commented that SOX (sarbanes-oxley passed in the wake of enron &
worldcom) was more like "window dressing" & some amount of the
input fiddling was a case of "garbage in, garbage out":
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again, Why?
as implied in the reference to the (silicon valley, computer related) industrial espionage litigation from early 80s, the assumption is that everybody is a crook (given sufficient temptation) and countermeasures are required that are proportional to risk (and/or proportional to temptation).
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Let IT run the company! Date: December 18, 2008 Blog: International Association of Software ArchitectsThere have been references in the earlier part of the decade that justification for less regulation in the financial industry was partly based on use of sophisticated computer risk management applications. However, it seems that fiddling the inputs to the risk management applications, to get the desired result, isn't a lot different than fiddling books. recent article in the vein:
How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
and a more recent article along similar lines:
Corporate Fraud and Misconduct Risks Driven by Pressure to do
'Whatever It Takes'; Fewer episodes reported by companies with ethics
and compliance programs
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487
from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said
they had personally observed misconduct within their organizations
during the prior 12 months, unchanged from the level reported by KPMG
survey respondents in 2005. Roughly half (46 percent) of respondents
reported that what they observed "could cause a significant loss of
public trust if discovered," a figure that rises to 60 percent among
employees working in the banking and finance industry.
... snip ...
In various financial regulatory scenarios, there seemed to be the belief that sophisticated computer applications would avoid disastrous outcomes ... which given human ingenuity was sadly misplaced. A couple months ago, a commentator on one of the TV business news shows stated that American bankers are the most innovative in the world, being able to totally mess up the infrastructure about once a decade.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: How reliable are the credit rating companies? Who is over seeing them? Date: December 19, 2008 Blog: Financial Regulationre:
in the congressional hearings looking at toxic CDO issuers paying the rating agencies for triple-A ratings (when both knew that they weren't worth triple-A), the word "fraud" was used several times.
Supposedly SOX (sarbanes-oxley passed in wake of enron and worldcom) required SEC to do something ... but there doesn't seem to be anything but this report:
Report on the Role and Function of Credit Rating Agencies in the
Operation of the Securities Markets; As Required by Section 702(b) of
the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf
Part of the congressional hearings made a point that the switch in the early 70s from the buyers paying for the ratings ... to the sellers of the instruments ... paying for the ratings ... marked the start of the change.
Last week one of the TV business news shows had on a couple CEOs from smaller rating agencies that are paid by the buyers of the instruments ... and repeatedly made the point that they aren't being influenced by the instrument sellers to give the highest possible rating.
in the case of consumer credit rating, having the "relying party" paying for the rating ... rather than the consumer, is more consistent. In the congressional hearings, there was also the point that having the issuers of the toxic CDOs paying for the (triple-A) ratings ... mis-aligned the business interests (i.e. the rating agencies were no longer performing in the interests of the parties relying on the ratings).
similar discussion from two months ago ... shortly after congressional
hearings ... discussing that regulation is significantly easier when
there are properly aligned business processes
https://www.garlic.com/~lynn/2008p.html#9 Do you believe a global financial is possible?
and things can really get bollixed up when business processes are mis-aligned.
A semi-related recent article (although the topic was also touched on in the rating agency hearings):
Corporate Fraud and Misconduct Risks Driven by Pressure to do
'Whatever It Takes'; Fewer episodes reported by companies with ethics
and compliance programs
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487
from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said
they had personally observed misconduct within their organizations
during the prior 12 months, unchanged from the level reported by KPMG
survey respondents in 2005. Roughly half (46 percent) of respondents
reported that what they observed "could cause a significant loss of
public trust if discovered," a figure that rises to 60 percent among
employees working in the banking and finance industry.
... snip ...
With overall industry avg. of 46% ("could cause a significant loss of public trust if discovered") and the financial industry specific avg. of 60%, which should place the non-financial industry avg. below 40%. That would make the financial industry avg. somewhere between 50% and 100% worse than other industries.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Dec. 19, 1974: Build Your Own Computer at Home! Newsgroups: alt.folklore.computers Date: Sat, 20 Dec 2008 07:31:20Dec. 19, 1974: Build Your Own Computer at Home!
from above:
The Altair 8800 kit sold for just under $400 (about $1,700 in today's
money). If you wanted to forgo the case, you could get the kit for under
$300. Or you could order the whole deal fully assembled:
Old-Computers.com quotes a $595 price.
... snip ...
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: How Should The Government Spend The $700 Billion? Date: December 20, 2008 Blog: Government PolicyThe Fed's Too Easy on Wall Street
from above:
Here's a staggering figure to contemplate: New York City securities
industry firms paid out a total of $137 billion in employee bonuses
from 2002 to 2007, according to figures compiled by the New York State
Office of the Comptroller. Let's break that down: Wall Street honchos
earned a bonus of $9.8 billion in 2002, $15.8 billion in 2003, $18.6
billion in 2004, $25.7 billion in 2005, $33.9 billion in 2006, and
$33.2 billion in 2007.
... snip ...
some part of the $700B wallstreet bailout possibly goes to replenish the $137B sucked out of the infrastructure (as reward for their part in creating the current situation).
... recent update
Bailed-Out Banks Dole Out Bonuses; Goldman Sachs, CitiGroup, Others
Mum on How They Are Using TARP Cash
http://abcnews.go.com/WN/Business/story?id=6498680&page=1
from above:
Goldman Sachs, which accepted $10 billion in government money, and
lost $2.1 billion last quarter, announced Tuesday that it handed out
$10.93 billion in benefits, bonuses, and compensation for the year.
... snip ...
so in this case ... all of the bailout money.
past references to The Fed's Too Easy on Wall Street article:
https://www.garlic.com/~lynn/2008f.html#76 Bush - place in history
https://www.garlic.com/~lynn/2008g.html#52 IBM CEO's remuneration last year ?
https://www.garlic.com/~lynn/2008g.html#66 independent appraisers
https://www.garlic.com/~lynn/2008h.html#42 The Return of Ada
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#82 Fraud in financial institution
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#32 How much is 700 Billion Dollars??
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch Date: Sat, 20 Dec 2008 11:22:45jgd writes:
when the FED Reserve had to bail out the hedge funds a decade ago ... my wife kept telling people that they were only doing short horizon, stable, linear periods ... and would never be able to deal with discontinuities ... however, all this is purely from the technical side ... which is starting to look more & more like pure window dressing.
and from last spring:
The Fed's Too Easy on Wall Street
http://www.businessweek.com/stories/2008-03-19/the-feds-too-easy-on-wall-streetbusinessweek-business-news-stock-market-and-financial-advice
from above:
Here's a staggering figure to contemplate: New York City securities
industry firms paid out a total of $137 billion in employee bonuses from
2002 to 2007, according to figures compiled by the New York State Office
of the Comptroller. Let's break that down: Wall Street honchos earned a
bonus of $9.8 billion in 2002, $15.8 billion in 2003, $18.6 billion in
2004, $25.7 billion in 2005, $33.9 billion in 2006, and $33.2 billion in
2007.
... snip ...
some part of the $700B wallstreet bailout possibly goes to replenish the $137B sucked out of the infrastructure (as reward for their part in creating the current situation).
... and recent update
Bailed-Out Banks Dole Out Bonuses; Goldman Sachs, CitiGroup, Others Mum
on How They Are Using TARP Cash
http://abcnews.go.com/WN/Business/story?id=6498680&page=1
from above:
Goldman Sachs, which accepted $10 billion in government money, and lost
$2.1 billion last quarter, announced Tuesday that it handed out $10.93
billion in benefits, bonuses, and compensation for the year.
... snip ...
so in this case ... all of the bailout money.
misc. past posts mentioning Fed's Too Easy on Wall Street:
https://www.garlic.com/~lynn/2008f.html#76 Bush - place in history
https://www.garlic.com/~lynn/2008g.html#52 IBM CEO's remuneration last year ?
https://www.garlic.com/~lynn/2008g.html#66 independent appraisers
https://www.garlic.com/~lynn/2008h.html#42 The Return of Ada
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#82 Fraud in financial institution
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#32 How much is 700 Billion Dollars??
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008s.html#32 How Should The Government Spend The $700 Billion?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: How do group members think the US payments business will evolve over the next 3 years? Date: December 20, 2008 Blog: Payments Leadership Networkre:
In the mid-to-late 90s, there was some leaning towards telcos were going to take over the payments industry ... in large part because their transaction processing platforms were significantly more efficient ... and were presumed to be capable of moving into the "micro-payment" market segment. Telcos would then use the volumes from micro-payments to move upstream into more traditional payment market segments. The telco forays into the payment market appeared to flounder ... the usual explanation was that they didn't understand (and weren't prepared to handle) the financial risk issues. Telcos had been accustomed to handling large write-offs related to service usage ... but it is a totally different matter when there are actually out-of-pocket funds being transferred in nightly settlement to merchants.
for slight additional drift ... on some lack of progress ... which is
frequently associated with financial transactions:
https://www.garlic.com/~lynn/2008s.html#25 Web Security hasn't moved since 1995
the above makes reference to this discussion about foundation for
financial transaction processing (not just payments):
https://www.garlic.com/~lynn/2008p.html#27 Father Of Financial Dataprocessing
now one of the technologies for telco transaction (for things like call records) efficiencies, were the appearance of "in memory" databases ... which continued to support transaction ACID properties. In the past couple yrs there have been some press releases about some of the more traditional payment market players installing some of these more efficient technologies.
another recent thread/discussion on the subject of telco transaction
efficiencies being viewed as enabler to enter the payment transaction
market:
https://www.garlic.com/~lynn/2008q.html#71 What do you think is holding up the use of cellphone-initiated micro payments in the U.S.?
in the past we had also been asked to design & cost out
infrastructures for some potential entries into the US ... as well do
some of the business case investigation. Particularly in some of the
"stored value" smartcard scenarios (that had been emerging in Europe)
... it turned out that the basic business proposition was based on the
infrastructure retaining the float. Then at one point, EU central
banks made a statement that these infrastructures would be allowed to
retain the float during the startup phase (as mechanism for financing
initial deployment) ... but after 2-3 yrs would be required to start
paying interests on the unspent balances (in the "stored value"
cards). After that there was marked decline in business interests in
such infrastructures. Recent related post/thread
https://www.garlic.com/~lynn/2008i.html#53 Digital cash is the future?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Is American capitalism and greed to blame for our financial troubles in the US? Date: December 20, 2008 Blog: Economicsthere have been several recent references to this:
The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php
from above:
Markets need regulation to stay stable. We have had thirty years of
financial deregulation. Now we are seeing chickens coming home to
roost. This is the key argument of Professor Nick Bingham, a
mathematician at Imperial College London, in an article published
today in Significance, the magazine of the Royal Statistical Society.
... snip ...
and then there is the corollary; effectively, given sufficient temptation, nearly everybody may be a crook ... which then requires fraud countermeasures proportional to the temptation (analogy to security proportional to risk):
Corporate Fraud and Misconduct Risks Driven by Pressure to do
'Whatever It Takes'
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487
from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said
they had personally observed misconduct within their organizations
during the prior 12 months, unchanged from the level reported by KPMG
survey respondents in 2005. Roughly half (46 percent) of respondents
reported that what they observed "could cause a significant loss of
public trust if discovered," a figure that rises to 60 percent among
employees working in the banking and finance industry.
... snip ...
With overall industry avg. of 46% ("could cause a significant loss of public trust if discovered") and the financial industry specific avg. of 60%, which should place the non-financial industries' avg. below 40%. That would make the financial industry avg. somewhere between 50% and 100% worse than other industries.
from last spring:
The Fed's Too Easy on Wall Street
http://www.businessweek.com/stories/2008-03-19/the-feds-too-easy-on-wall-streetbusinessweek-business-news-stock-market-and-financial-advice
from above:
Here's a staggering figure to contemplate: New York City securities
industry firms paid out a total of $137 billion in employee bonuses
from 2002 to 2007, according to figures compiled by the New York State
Office of the Comptroller. Let's break that down: Wall Street honchos
earned a bonus of $9.8 billion in 2002, $15.8 billion in 2003, $18.6
billion in 2004, $25.7 billion in 2005, $33.9 billion in 2006, and
$33.2 billion in 2007.
... snip ...
some part of the $700B wallstreet bailout possibly goes to replenish the $137B sucked out of the infrastructure (as reward for their part in creating the current situation).
... and more recently
Bailed-Out Banks Dole Out Bonuses; Goldman Sachs, CitiGroup, Others
Mum on How They Are Using TARP Cash
http://abcnews.go.com/WN/Business/story?id=6498680&page=1
from above:
Goldman Sachs, which accepted $10 billion in government money, and
lost $2.1 billion last quarter, announced Tuesday that it handed out
$10.93 billion in benefits, bonuses, and compensation for the year.
... snip ...
Reports have indicated that computer risk model inputs were fiddled until the desired output was achieved (GIGO, garbage-in, garbage-out) ... from earlier this fall:
How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
and
Subprime = Triple-A ratings? or 'How to Lie with Statistics' (gone 404 but lives on at the wayback machine)
https://web.archive.org/web/20071111031315/http://www.bloggingstocks.com/2007/07/25/subprime-triple-a-ratings-or-how-to-lie-with-statistics/
CDOs had been used two decades ago in the S&L crisis to obfuscate underlying values and sell-off for more than they were otherwise worth. Maybe more computer power just met that there were new ways to obfuscate what they were really doing.
long winded, decade old post discussing some of the current issues,
including needing better visibility into the underlying values of
securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm
earlier this fall, the congressional hearings into CDOs looked at rating agencies giving toxic CDOs, triple-A ratings ... even though the toxic CDO issuers and the rating agencies both knew they weren't worth triple-A rating (the word "fraud" was periodically used in the hearings). The toxic CDO triple-A ratings significantly increased the number of institutions that would deal in these toxic CDO instruments (as well as significantly increasing the amount of money that unregulated institutions had to lend).
related side-effect of (often) unregulated institutions being able to immediately offload loans:
The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html
from above:
Watsa's only sin was in being a little too early with his prediction
that the era of credit expansion would end badly. This is what he said
in Fairfax's 2003 annual report: "It seems to us that securitization
eliminates the incentive for the originator of [a] loan to be credit
sensitive. Prior to securitization, the dealer would be very concerned
about who was given credit to buy an automobile. With securitization,
the dealer (almost) does not care."
... snip ...
Last Sunday, CSPAN had panel with several people from industry. One of the comments was that the subprime was supposedly targeted at low-income, first time home owners ... but only something like 10% of subprime loans went to that market.
With huge influx of funds from securitization and no regard who got loans ... they were cycling loans through the mill as fast as possible to all comers (speculator looking at 20%/annum inflation ... a no-down, no-documentation, 1% introductory, interest-only ... flipping after a year ... represents significant ROI). CBS 60mins had segment on some of these speculators in the overheated Florida and California real-estate markets.
The CSPAN panel also seemed to be torn between the industry claiming being ignorant and totally incompetent vis-a-vis admitting they just ignored (and/or manipulated) all the indications.
On CSPAN, a couple months ago there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250m in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.
PBS programs/webpages discussing some of the wall street influence on
congress, wall street fix (including repeal of Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet
On the institution side buying these (triple-A rated toxic CDO, packaged) mortgages .... the institutions were 1) playing long/short mismatch and 2) heavily leveraging. Playing long/short mismatch (alone) has been known to take down institutions for centuries (in this case, even if the toxic CDOs had been worth their triple-A ratings). Comments were that Bear-Stearn and Lehman had marginal chance of surviving playing long/short mismatch. This was further aggravated with heavy leverage ... in some cases leveraging capital 40-80 times in buying triple-A rated toxic CDOs.
article from year ago about playing long/short mismatch (including
transactions being carried offbalance ... some possibly are still
lurking more than a yr later)
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html
decade old article from SanFran FED on problems with long/short
mismatch
http://www.frbsf.org/economic-research/publications/economic-letter/2000/september/short-term-international-borrowing-and-financial-fragility/
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: What is the top security threat prediction of 2009? Date: December 20, 2008 Blog: Information Securityre:
Insider threats have nearly always been number one ... although there seems to frequently be various reasons why the information doesn't show up in the public press.
Corporate Fraud and Misconduct Risks Driven by Pressure to do 'Whatever It Takes'
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487
from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said
they had personally observed misconduct within their organizations
during the prior 12 months, unchanged from the level reported by KPMG
survey respondents in 2005. Roughly half (46 percent) of respondents
reported that what they observed "could cause a significant loss of
public trust if discovered," a figure that rises to 60 percent among
employees working in the banking and finance industry.
... snip ...
With overall industry avg. of 46% ("could cause a significant loss of public trust if discovered") and the financial industry specific avg. of 60%, which should place the non-financial industries' avg. below 40%. That would make the financial industry avg. somewhere between 50% and 100% worse than other industries.
then there is this ...
Cybercrime: The 2009 megathreat
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9123731&taxonomyId=17
and breaches don't seem to have abated (although breaches & identity theft frequently also involve insiders)
Top 10 Security Breaches of 2008
http://www.bankinfosecurity.com/articles.php?art_id=1120
A Chronology of Data Breaches
http://www.privacyrights.org/ar/ChronDataBreaches.htm
... oh and recent posts/threads "Web Security hasn't moved since
1995":
https://www.garlic.com/~lynn/2008p.html#67
https://www.garlic.com/~lynn/2008p.html#78
https://www.garlic.com/~lynn/2008q.html#13
https://www.garlic.com/~lynn/2008s.html#25
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Is SUN going to become x86'ed ?? Newsgroups: comp.sys.sun.hardware,alt.folklore.computers Date: Sat, 20 Dec 2008 15:44:02Eric Sosman <esosman@ieee-dot-org.invalid> writes:
some past refs:
https://www.garlic.com/~lynn/2001.html#20 Disk caching and file systems. Disk history...people forget
https://www.garlic.com/~lynn/2002m.html#61 The next big things that weren't
https://www.garlic.com/~lynn/2003j.html#38 Virtual Cleaning Cartridge
https://www.garlic.com/~lynn/2003o.html#23 Tools -vs- Utility
https://www.garlic.com/~lynn/2007b.html#7 information utility
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Welcome to Rain Matrix: The Cloud Computing Network Date: December 21, 2008 Blog: Greater IBM Connectionnews item from today:
Cloud computing looms larger on corporate horizon
http://tech.yahoo.com/news/ap/20081221/ap_on_hi_te/tec_cloud_computing
from above:
The Internet search and advertising leader will run Genentech's
e-mail, as well as some word processing, spreadsheet and calendar
applications, and it will do it over an online connectiion -- an
unconventional approach called "cloud computing."
... snip ...
Sounds very much like "information utility" ... first time I heard it was from advanced tech VP at network systems corporation (one of the CDC engineers that left with Thornton to found NSC) .... referring to "extending information operation/access to the WAN environment".
As mentioned in this recent post:
https://www.garlic.com/~lynn/2008s.html#37 Is SUN going to become x86'ed?
it predated "The network is the computer".
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: The Internet's 100 Oldest Dot-Com Domains Newsgroups: alt.folklore.computers Date: Mon, 22 Dec 2008 09:34:16The Internet's 100 Oldest Dot-Com Domains:
from above:
The Internet's been around in some form for decades. It wasn't until the mid-80s, though, that the Web as we know it started coming together -- and those precious dot-com domains started getting snatched up.
... snip ...
the full list:
http://www.pcworld.com/article/155743/oldest_domains.html?page=2
old post looking at RFCs mentioning domain name system:
https://www.garlic.com/~lynn/2004n.html#42
mentioned in the above:
from my rfc index
https://www.garlic.com/~lynn/rfcidx2.htm#881
881
Domain names plan and schedule, Postel J., 1983/11/01 (10pp)
(.txt=23490) (Updated by 897, 921) (Ref'ed By 897, 920, 921, 1032)
... above says that initially all the domain names will be ".ARPA" but as soon as practical a second domain name of ".DDN" will be added.
old post with list of domain names from Oct. 1990:
https://www.garlic.com/~lynn/2000e.html#20
and the definitive domain name RFC:
https://www.garlic.com/~lynn/rfcidx3.htm#1032
1035 S
Domain names - implementation and specification, Mockapetris P.,
1987/11/01 (55pp) (.txt=122549) (STD-13) (Updated by 1101, 1183,
1876, 1982, 1995, 1996, 2136, 2181, 2308, 2845, 3425, 4033, 4034,
4035, 4343) (See Also 1032, 1033) (Refs 742, 768, 793, 799, 805, 810,
811, 812, 819, 821, 830, 882, 883, 920, 952, 953, 973, 974, 1001,
1002, 1010, 1031) (Ref'ed By 1101, 1123, 1183, 1274, 1279, 1291,
1296, 1348, 1386, 1464, 1480, 1486, 1528, 1530, 1531, 1533, 1535,
1536, 1537, 1541, 1569, 1591, 1609, 1611, 1612, 1637, 1664, 1683,
1700, 1703, 1706, 1712, 1788, 1794, 1798, 1876, 1877, 1886, 1889,
1911, 1912, 1982, 1995, 1996, 2010, 2016, 2052, 2053, 2065, 2074,
2101, 2131, 2132, 2136, 2137, 2142, 2163, 2165, 2181, 2182, 2219,
2230, 2240, 2308, 2352, 2421, 2486, 2505, 2535, 2536, 2537, 2538,
2539, 2540, 2541, 2543, 2548, 2566, 2606, 2671, 2672, 2673, 2694,
2782, 2801, 2806, 2821, 2822, 2826, 2845, 2848, 2870, 2874, 2896,
2911, 2915, 2916, 2929, 2930, 2977, 3002, 3007, 3008, 3027, 3090,
3110, 3111, 3123, 3164, 3172, 3225, 3226, 3315, 3316, 3319, 3361,
3363, 3375, 3397, 3403, 3406, 3425, 3460, 3467, 3490, 3491, 3495,
3550, 3568, 3596, 3597, 3645, 3646, 3650, 3651, 3655, 3658, 3675,
3696, 3707, 3720, 3732, 3743, 3801, 3832, 3833, 3845, 3901, 3920,
3974, 3982, 4025, 4027, 4033, 4034, 4035, 4120, 4151, 4183, 4185,
4192, 4214, 4255, 4279, 4280, 4282, 4290, 4294, 4310, 4322, 4343,
4347, 4398, 4408, 4414, 4471, 4501, 4566, 4592, 4620, 4635, 4641,
4701, 4702, 4703, 4704, 4710, 4725, 4795, 4882, 4892, 4932, 4955,
4956, 4961, 4966, 4969, 4979, 5006, 5113, 5144, 5155, 5178, 5201,
5205, 5214, 5218, 5223, 5321, 5322, 5346, 5395) (DOMAIN)
recent post mentioning the person creating domain name system
... which provides the infrastructure support for domain names ...
also worked at the science center in the early 70s
https://www.garlic.com/~lynn/2008r.html#13
and old email with csnet & arpanet address reference in the "signature" line (predates domain name system):
Date: 12/04/82 07:47:17
From: wheeler
re: UNIX; I think that the inclusion of the current CP PAM support
would significantly enhance the file access capability of the project.
I'm sending a couple documents which cover existing CP/CMS PAM
implementation. There are several additional enhancements which are
possible to further improve its capability ... and there are several
very nice fallouts ... like we are working on a project to place PAM
minidisks out on IRONWOOD (and IRONWOOD follow on) ... no additional
changes are required to either CP or CMS to place PAM minidisks on
IRONWOOD ... a desireable change within the CP support is to guarantee
that any DISK writes actually are written to disk (in case of power
loss the contents of the cache is lost).
PAM also trivially supports asynchronous I/O access, completely
transparent to the virtual machine.
Will also be sending a list of update file size. We are currently
going thru a cycle in San Jose to convert all local changes to a
area-joint system based on 8209+HPO2+IRONWOOD+>32MEG+CSL24. We will
have between 12-30 VM system programmers supporting the system to some
degree, & projected to run on more than 50-100 machines in the San
Jose area. We also have somebody working on a local newsletter & I
will send a copy when the first issue is ready.
.... Lynn Wheeler, K03/282, San Jose Res., 408-256-1783 (8-276)
CSNET: Wheeler@IBM-SJ ARPANET: Wheeler.IBM-SJ@UDel-Relay
... snip ... top of post, old email index
shortly after above, I managed to get new business cards with my various the (internal & external) email addresses on the card.
reference to getting csnet connect earlier in the fall of '82,
https://www.garlic.com/~lynn/98.html#email821022
in this old a.f.c. post
https://www.garlic.com/~lynn/98.html#59 Ok Computer
email also references paged mapped support in vm370 ... some
old posts
https://www.garlic.com/~lynn/submain.html#mmap
IRONWOOD refers to the 4k record, 8mbyte of electronic cache in 3880-11 controller (was used for page and/or spool operations). At the same time there was 3880-13, which was 8mbyte of electronic cache ... but was full-track.
also, mentioned is the internal, collabrative sjr/vm ... old post
with several old emails (some mentioning sjr/vm)
https://www.garlic.com/~lynn/2006u.html#26 Assembler question
including:
https://www.garlic.com/~lynn/2006u.html#email800429
another old post with several old emails
https://www.garlic.com/~lynn/2007c.html#12 Special characters in passwords was Re: RACF - Password rules
including
https://www.garlic.com/~lynn/2007c.html#email830709
and
https://www.garlic.com/~lynn/2007c.html#email830711
somewhat related to domain name system, old post
https://www.garlic.com/~lynn/2006j.html#53 Arpa address
with old email about getting corporation's class A network
number:
https://www.garlic.com/~lynn/2006j.html#email881216
for other topic drift ... recent post mentioning doing my own vm370
system (internal) product distribution:
https://www.garlic.com/~lynn/2008n.html#22
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The Internet's 100 Oldest Dot-Com Domains Newsgroups: alt.folklore.computers Date: Mon, 22 Dec 2008 10:10:06Anne & Lynn Wheeler <lynn@garlic.com> writes:
first 15 on above (100 oldest) list:
1. symbolics.com: March 15, 1985
2. bbn.com: April 24, 1985
3. think.com: May 24, 1985
4. mcc.com: July 11, 1985
5. dec.com: September 30, 1985
6. northrop.com: November 7, 1985
7. xerox.com: January 9, 1986
8. sri.com: January 17, 1986
9. hp.com: March 3, 1986
10. bellcore.com: March 5, 1986
11. ibm.com: March 19, 1986
12. sun.com: March 19, 1986
13. intel.com: March 25, 1986
14. ti.com: March 25, 1986
15. att.com: April 25, 1986
... snip ...
similar article from 2007
https://www.garlic.com/~lynn/2007t.html#59 The First 100 Dot Coms Ever Registerd
above has distinction between ".edu" and ".com".
symbolics.com was the lisp machine, it appears to be somebody else now.
old email mentioning lisp machine group trying to get 801 chips
https://www.garlic.com/~lynn/2006t.html#email790607
also reference in this recent post
https://www.garlic.com/~lynn/2008k.html#22
mcc.com was the consortium in austin (located across mopac from corporate plant site).
Final bell ringing for MCC
http://www.bizjournals.com/austin/stories/2004/11/01/story3.html
think.com was supercomputer ... one day, I was walking (along charles)
from hotel to 101 main street ... and stopped to watch somebody prying
the letters off their bldg ... old post mentioning:
https://www.garlic.com/~lynn/2000d.html#65
and there has been lots of discussions regarding dec in this newsgroup
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Executive pay: time for a trim? Date: December 22, 2008 Blog: Greater IBMExecutive Pay: Time for a Trim; FedEx's Fred Smith isn't the only CEO taking a haircut. A survey finds at least 40 companies have filed plans to cut executive salaries
There was news item that the ratio of avg executive compensation to avg. worker compensation had recently exploded to 400:1 after having been 20:1 for a long time and 10:1 in most of the rest of the world.
Part of the issue is how the executive compensation programs have been structured that incent fiddling of financial reports. The GAO has been doing database of increasing number of financial restatements (in spite of SOX). Basically the financial statements are fiddled in order to boost executive compensation ... and later the financials may be restated but bonuses aren't forfeited. One of the worst examples was freddie was fined $400m in 2004 for $10b fiddled/inflated statement and the CEO replaced ... but allowed to keep tens (hundred?) of millions.
There was recent published study of 270(?) some public companies that redid their executive compensation plan after having problems with financial statement fiddling and executive bonuses. Supposedly executive compensation has been changed to be much more closely aligned with the health and well being of the corporation ... and as a result the companies are performing much better.
some wall street specific:
The Fed's Too Easy on Wall Street
http://www.businessweek.com/stories/2008-03-19/the-feds-too-easy-on-wall-streetbusinessweek-business-news-stock-market-and-financial-advice
from above:
Here's a staggering figure to contemplate: New York City securities
industry firms paid out a total of $137 billion in employee bonuses
from 2002 to 2007, according to figures compiled by the New York State
Office of the Comptroller. Let's break that down: Wall Street honchos
earned a bonus of $9.8 billion in 2002, $15.8 billion in 2003, $18.6
billion in 2004, $25.7 billion in 2005, $33.9 billion in 2006, and
$33.2 billion in 2007.
... snip ...
some part of the $700B wallstreet bailout possibly goes to replenish the $137B sucked out of the infrastructure (as reward for their part in creating the current situation).
... and more recently
Bailed-Out Banks Dole Out Bonuses; Goldman Sachs, CitiGroup, Others
Mum on How They Are Using TARP Cash
http://abcnews.go.com/WN/Business/story?id=6498680&page=1
from above:
Goldman Sachs, which accepted $10 billion in government money, and
lost $2.1 billion last quarter, announced Tuesday that it handed out
$10.93 billion in benefits, bonuses, and compensation for the year.
... snip ...
misc. recent posts mentioning the 400:1 ratio
https://www.garlic.com/~lynn/2008i.html#73 Should The CEO Have the Lowest Pay In Senior Management?
https://www.garlic.com/~lynn/2008j.html#24 To: Graymouse -- Ireland and the EU, What in the H... is all this about?
https://www.garlic.com/~lynn/2008j.html#76 lack of information accuracy
https://www.garlic.com/~lynn/2008k.html#71 Cormpany sponsored insurance
https://www.garlic.com/~lynn/2008m.html#25 Taxes
https://www.garlic.com/~lynn/2008m.html#33 Taxes
https://www.garlic.com/~lynn/2008m.html#53 Are family businesses unfair competition?
https://www.garlic.com/~lynn/2008m.html#93 What do you think are the top characteristics of a good/effective leader in an organization? Do you feel these characteristics are learned or innate to an individual?
https://www.garlic.com/~lynn/2008n.html#2 Blinkylights
https://www.garlic.com/~lynn/2008n.html#58 Traditional Approach Won't Take Businesses Far Places
https://www.garlic.com/~lynn/2008q.html#14 realtors (and GM, too!)
https://www.garlic.com/~lynn/2008q.html#17 realtors (and GM, too!)
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Welcome to Rain Matrix: The Cloud Computing Network Date: December 22, 2008 Blog: Greater IBM Connectionre:
The referenced article describes some google apps ... that have been traditionally considered "personal computer" implementations ... but now have a server-based deployment ... accessible via WAN (network "cloud") ... as "cloud computing".
That would make "thin clients" and "netbooks" ... synergistic with what "cloud computing" seems to be referring to.
This would harken back to "personal computing" on the mainframe
... originally accessible via dumb terminals ... from the days of
timesharing ... lots of past posts
https://www.garlic.com/~lynn/submain.html#timeshare
One of the major early "personal computing" uptakes was with virtual
machine computing based on CMS ... dating back to 1965 ... when "CMS"
still stood for "Cambridge Monitor System" ... from the science center
... lots of past posts mentioning Cambridge Science Center (also
responsible for virtual machines in 1965):
https://www.garlic.com/~lynn/subtopic.html#545tech
Part of the "personal computer" (as opposed to "personal computing")
uptake was combining "terminal emulation" and "personal computing" on
single platform ... lots of past posts mentioning "terminal emulation"
https://www.garlic.com/~lynn/subnetwork.html#emulation
Later the corporate "SAA" program appeared to try and stave off
emerging client/server, preserving the terminal emulation
environment. Part of it was funding porting of numerous popular
personal computer applications (spreadsheets, wysiwyg editors, etc)
back to the mainframe. It was in this period that we had come up with
3-tier networking architecture (middle-layer, middleware, etc) and out
pitching to customer executives. Misc. 3-tier past posts (including
some mention of taking arrows from SAA organization):
https://www.garlic.com/~lynn/subnetwork.html#3tier
this is in the period when we were also doing a lot of stuff with our
HSDT project as well as NSFNET (operational precursor to the modern
internet) and ran into the "information utility" reference (similar to
what "cloud computing" seems to be referring to, but two decades
earlier). a recent Greater IBM linkedin item on the subject:
https://www.garlic.com/~lynn/2008s.html#19 Nerdy networking kid crashes the party
a couple other recent posts that happen to mention "cloud computing":
https://www.garlic.com/~lynn/2008l.html#43 recent mentions of 40+ yr old technology
https://www.garlic.com/~lynn/2008m.html#94 How important, or not, is virtualization to cloud computing?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The Internet's 100 Oldest Dot-Com Domains: Newsgroups: alt.folklore.computers Date: Mon, 22 Dec 2008 15:18:46pltrgyst <pltrgyst@spamlessxhost.org> writes:
as per previous references ... i had included the ".com" Oct90 list in
this post (from old machine readable copy that I have of all domains
"List of domains generated by Internet Domain Survey progam, October
1990")
https://www.garlic.com/~lynn/2000e.html#20
the "full list" isn't limited to just ".com" &/or just top level domains and has 9343 entries.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Executive pay: time for a trim? Date: December 22, 2008 Blog: Greater IBMre:
I've raised before an observation from Boyd's briefings (that I sponsored at IBM in the 80s) about what was happening to corporate America (and might help explain the 400:1 explosion).
In Boyd's briefings, he would mention that at US's entry into WW2 ... there were requirements to rapidly deploy large numbers with little or no experience and training. The approach was to create a rigid, top-down, command&control infrastructure ... that was in large part dependent on managing and deploying overwhelming resources (& inexperienced people) ... as a means of leveraging the limiting experienced resources available. Roll forward to Boyd's briefings in the '80s and he observed that corporate America was starting to feel the coming of age of those young trainees from WW2 .... who were starting to apply their early indoctrination in enormous rigid, top-down, command&control bureaucracies.
A basic premise was that only a very few people at the top, actually know what they are doing and everybody else are low-level, low-skilled workers ... which would go a long ways towards accounting for the explosion of 400:1 in ratio of executive to worker compensation.
Lots of past posts mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html#boyd
as well as numerous URLs from around the WEB mentioning Boyd and/or
OODA-loops
https://www.garlic.com/~lynn/subboyd.html#boyd2
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Are blade servers becoming irrelevant with advances in virtualization and multi-core processor technology ? Date: December 22, 2008 Blog: Computers and SoftwareI've repeatedly claimed that blade servers are physical packaging ... putting more and more computing into a rack.
One of the places this started was medusa ... several old emails
https://www.garlic.com/~lynn/lhwemail.html#medusa
which was cluster in a rack project ... major medusa issues were cooling and power requirements with the increasing density. For awhile the rack density increased with components placed horizontal. At some point with further decreases in component size ... the individual rack components switched to vertical orientation (which gave rise to the "blade" terminology ... differentiating from the previous "horizontal" oriented components).
There have been blades with four processors ... however they have tended to be single-core chips. multi-core chips ... allows getting even more processors in the same space (say four four-core processor chips for possibly 16 processors in lieu of four single-core processor chips).
A major virtualization play in the blade/rack server market segment is consolidation. In the 90s, there was a big deal made of hardware being cheaper than people. As a result, it was deemed less expensive to dedicate individual systems to each function as opposed to the scarce & expensive people resource to get multiple different applications to play well on a single system. Roll foward a 10-15 years, and there are huge corporate server farms that have 5-10% utlization.
For these environments, virtualization frequently enables 10:1 server consolidation ... with only a very modest cost in people time/skills (significantly less people time/skills compared to trying to get all the different applications to cooperate on the same server).
Medusa was "cluster in rack" as aspect of cluster scale-up for ha/cmp
(no single point of failure) product. This post references ha/cmp
cluster scale-up jan92 meeting
https://www.garlic.com/~lynn/95.html#13
that was looking at (no-signle-point-of-failure) DBMS (and distributed
lock manager) scale-up ... although we were also doing cluster-scale-up
(and no-single-point-of-failure) work in other market segments.
although shortly after the above mentioned meeting ... the effort was
transferred (announced as supercomputer) and we were told we couldn't
work on anything with more than four processors.
https://www.garlic.com/~lynn/subtopic.html#hacmp
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Globa Warning. was Re: : Is SUN going to become x86'ed ?? Newsgroups: alt.folklore.computers Date: Mon, 22 Dec 2008 19:52:58Peter Flass <Peter_Flass@Yahoo.com> writes:
basically global warming puts more energy into the system that creates stronger winds. some areas then see the stronger winds blowing more air from colder regions (than normally happened in the past). the issues from the reports isn't specific areas and specific periods having warmer/colder ... but overall avg. temp. also global warming can result in more evaporation so there can be increased moisture (as well as energy) in the air ... leading to overall greater precipitation (both rain &/or snow) ... even when some areas may see decreased precipitation because changes in wind patterns.
midwest then sees stronger winter winds/storms blowing from the arctic
(because global warming pumping more energy into the environment).
a couple references to the "arctic express"
http://www.wsaz.com/blogs/chrisbaileysblog/36530954.html
http://www.heraldnet.com/article/20081218/SPORTS/712189942/1008/SPORTS02
it isn't that the planet has gotten colder ... it is that the midwest is getting higher transfer of temperatures from the arctic (which on the avg have increased from what they use to be ... but are still colder than what the midwest is use to).
also some parts of west coast may see stronger winds from the pacific (resulting in lower avg. land temperatures) ... where avg pacific water temperature is lower than avg. west coast land temperature. while avg. pacific temperature may be increasing ... it can be still lower than avg. west coast land temperature.
this is analogous but different to air conditioning effect that keeps san francisco cool. hot midday summer temperatures in south santa clara valley (south of san jose) results in air rising. This sucks in air from adjacent areas ... but with ranges on both sides of the valley ... it creates a funnel effect pulling air from the bay ... which in turn creates wind pattern sucking cooler air from the Pacific Ocean thru the gap at the golden gate bridge. the hotter the temperature in south valley ... the stronger the wind pattern sucking cooler air from the pacific ocean (keeping san francisco cooler).
past posts referencing the san francisco air conditioning effect (the
hotter the temperature in south valley, the stronger the cooling effect
on san francisco):
https://www.garlic.com/~lynn/2001b.html#68 weather biasing where engineers live (was Re: Disk power numbers)
https://www.garlic.com/~lynn/2001i.html#0 YKYGOW...
and recent articles on the overall avg:
Arctic Ice Melting at Alarming Pace as Temperatures Rise; New studies
show that the region is warming even faster than many scientists had
feared
http://www.usnews.com/articles/news/world/2008/12/16/arctic-ice-melting-at-alarming-pace-as-temperatures-rise
2 trillion tons of ice have melted
http://www.tulsaworld.com/news/article.aspx?subjectid=13&articleid=20081221_11_A16_Aniceb356841
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Executive pay: time for a trim? Date: December 22, 2008 Blog: Greater IBMre:
... and not specifically limited to top executives ... but much of the current crisis is because of such activity at the executive levels ... especially in the financial industry (fiddling financial statements to boost executive bonuses just being one example)
Corporate Fraud and Misconduct Risks Driven by Pressure to do
'Whatever It Takes'
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487
from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said
they had personally observed misconduct within their organizations
during the prior 12 months, unchanged from the level reported by KPMG
survey respondents in 2005. Roughly half (46 percent) of respondents
reported that what they observed "could cause a significant loss of
public trust if discovered," a figure that rises to 60 percent among
employees working in the banking and finance industry.
... snip ...
With overall industry avg. of 46% ("could cause a significant loss of public trust if discovered") and the financial industry specific avg. of 60%, which should place the non-financial industries' avg. below 40%. That would make the financial industry avg. somewhere between 50% and 100% worse than other industries.
A few other recent threads where the above has come up:
https://www.garlic.com/~lynn/2008s.html#27 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#29 Let IT run the company!
https://www.garlic.com/~lynn/2008s.html#30 How reliable are the credit rating companies? Who is over seeing them?
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#36 What is the top security threat prediction of 2009?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: New machine code Newsgroups: alt.folklore.computers Date: Tue, 23 Dec 2008 00:18:55toby <toby@telegraphics.com.au> writes:
could be just the way that I chose to phrase it.
could claim that your example is more akin to what happened on the 4th
flr (starting really small)
https://www.garlic.com/~lynn/subtopic.html#545tech
csc/vm (&/or sjr/vm) posts
https://www.garlic.com/~lynn/submisc.html#cscvm
some of the CTSS people went to the multics project on the 5th flr and some went to the science center on the 4th flr ... where virtual machine cp40 was done (on a specially modified 360/40 with virtual address relocate hardware) ... which then morphed into cp67 when 360/67 (that had virtual address relocate hardware standard) became available. that subsequently morphed into vm370 and eventually the current z/VM.
there was other x-over between cp67 and multics ... example mentioned
here:
http://www.multicians.org/thvv/360-67.html
the example story in the above about cp67 crashing 27 times in one day is because of a local mod they/USL had made to the CP67 kernel (this was sometime 1970).
cp67 was delivered to the university where I was undergraduate, the last week in jan68. I got to make lots of kernel modifications which were picked up and shipped in the product. One of these was adding TTY/ASCII terminal support to cp67 (which had 1052 & 2741 standard). I played some game with (tty/ascii) lengths not being more than 255 bytes (aka use one byte length field).
In the "27 crash" story, I think it was somebody at harvard that got some sort of tty terminal compatible device (that was actually a plotter or something) that dialed into the USL machine ... and they changed the max. TTY terminal length field from 80 bytes to 1200 bytes ... which messed up the one byte length field calculations I had implemented.
In any case, the example of cp67 being able to crash and automagically restart 27 times in a single day is then attributed to prompting Multics to do a new filesystem project (since their crash/recovery was taking an hour at the time).
As mentioned in the multics reference ... and some of the others (cited
on the above multics page):
http://cap-lore.com/Software/CP.html
http://www.leeandmelindavarian.com/Melinda#VMHist
the "official" corporate system for 360/67 was tss/360.
I've estimated that at one point in 60s when the science center had 10-12 people working on cp67&cms ... the tss/360 project peaked at something like 1000-1200 people (two orders of magnitude greater).
the tss/360 product was eventually decommuted ... but the effort continued to have limited support because of customers like GM research ... and there was small group that then did the tss/360 to tss/370 conversion. Later in the 80s, tss/370 group found some resurgance in special product for AT&T that had a stripped down tss/370 kernel with Unix layered on top.
I've periodically joked about comparing what I was doing on the 4th flr with what the multics group was doing on the 5th flr ... like the number of installed systems.
It wasn't fair to compare number of vm370 customer systems against total multics systems ... it wasn't even fair to compare just (the much smaller number of) internal corporate vm370 systems against total multics systems; however i did claim that at one point I was personally shipping (& supporting) highly modified vm370 systems to a number of internal corporate accounts (small fraction of total internal vm370 accounts) that was about the same as the total number of multics systems (that had ever existed).
minor past references to highly modified csc/vm systems for internal
corporate use:
https://www.garlic.com/~lynn/2008.html#29 Need Help filtering out sporge in comp.arch
https://www.garlic.com/~lynn/2008c.html#67 What happened to resumable instructions?
https://www.garlic.com/~lynn/2008c.html#72 No Glory for the PDP-15
https://www.garlic.com/~lynn/2008g.html#33 authoritative IEFBR14 reference
https://www.garlic.com/~lynn/2008g.html#48 How did third-party software companies deal with unbundling being sprung on them?
https://www.garlic.com/~lynn/2008g.html#54 performance of hardware dynamic scheduling
https://www.garlic.com/~lynn/2008g.html#63 Machine-Level Assembly Language
https://www.garlic.com/~lynn/2008h.html#7 Xephon, are they still in business?
https://www.garlic.com/~lynn/2008h.html#76 Microsoft versus Digital Equipment Corporation
https://www.garlic.com/~lynn/2008i.html#14 DASD or TAPE attached via TCP/IP
https://www.garlic.com/~lynn/2008l.html#62 Intel: an expensive many-core future is ahead of us
https://www.garlic.com/~lynn/2008n.html#22 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008o.html#41 The human plague
https://www.garlic.com/~lynn/2008o.html#50 Old XDS Sigma stuff
https://www.garlic.com/~lynn/2008o.html#55 Virtual
https://www.garlic.com/~lynn/2008o.html#56 Virtual
https://www.garlic.com/~lynn/2008o.html#66 Open Source, Unbundling, and Future System
https://www.garlic.com/~lynn/2008p.html#1 My Funniest or Most Memorable Moment at IBM
https://www.garlic.com/~lynn/2008p.html#4 Strings story
https://www.garlic.com/~lynn/2008r.html#21 What if the computers went back to the '70s too?
https://www.garlic.com/~lynn/2008s.html#17 IBM PC competitors
--
40+yrs virtualization experience (since Jan68), online at home since Mar70,
at 545 tech sq. 70-77
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Executive pay: time for a trim? Date: December 23, 2008 Blog: Greater IBMre:
A couple items from folklore regarding (other) kinds of fiddling that boosts executive bonuses (related to study that 270-some companies redoing their executive bonus plans after having "problems")
1) in the 90s, corporations lobbied to have accounting rules changed so employee retirement funds would be treated as corporate assets ... significantly boosting the corporate financial statements (and therefor executive bonuses). The downside is that such funds, treated as assets, then may be vulnerable in any bankruptcy scenario.
2) a large multinational corporation, somewhat unanticipated, found itself in the red one year. supposedly several hundred executives (in the executive bonus plan) spent the rest of the year moving expenses from the following year into the year with all the losses. business in the following year wasn't any better, but because of shifting of expenses; the following year moved from the red into the black. the claim was that the executive bonuses that year were more than twice as large as any previous executive bonus. the explanation was that the executive bonus plan calculated bonuses based on improvement over the previous year ... in the case of going from "red" to "black" (even only trivially in the black) resulted in large calculated value. As a result, the vagaries of the plan calculations resulted in paying executives more for "taking" the company into the red
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Perfect MITM Attacks With No-Check SSL Date: December 24, 2008 Blog: Financial Crime Risk, Fraud, and SecurityPerfect MITM Attacks With No-Check SSL Certs
lots of past posts regarding SSL digital certificates
https://www.garlic.com/~lynn/subpubkey.html#sslcert
as well as lots of past posts mentioning MITM-attacks
https://www.garlic.com/~lynn/subintegrity.html#mitmattack
part of original motivation for SSL was perceived weaknesses in the
domain name infrastructure. recent reference regarding fixing DNS
weaknesses
https://www.garlic.com/~lynn/2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware
as in the "catch22" references ... part of "fixing" DNS ... the fixes
could also result in eliminating part of the major motivation for SSL.
https://www.garlic.com/~lynn/subpubkey.html#catch22
we had been working with various groups on high-availability cluster
dbms scale-up ... this post mentions a meeting in jan92
https://www.garlic.com/~lynn/95.html#13
a couple of people (mentioned in the referenced meeting) later left and
joined a small client/server startup responsible for something called
the commerce server. we were brought in to consult because they wanted
to do payment transactions on the servers; the startup had also
invented something called SSL that they wanted to use with the payment
transactions. Part of the effort also included deploying something
called a "payment gateway" ... lots of past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway
it is now frequently referred to as "electronic commerce" and is the major use of SSL in the world today.
then in the mid-90s, we were invited to participate in the x9a10
financial standard working group, which had been given the requirement
to preserve the integrity of the financial infrastructure for all
retail payments. the result was the x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959
part of x9.59 standard was that it slightly tweaked the paradigm and no longer made it necessary to hide account numbers (&/or transactions information) as a countermeasure to crooks using the information (to perform fraudulent transactions). X9.59 standard didn't do anything about evesdropping, harvesting, skimming, data breaches, and other kinds of exploits ... but it eliminated the threat of fraudulent transactions that typically are the consequence of such exploits (eliminating the need to hide the account number and financial transaction information also eliminates the major use of SSL).
parts of related thread:
https://www.garlic.com/~lynn/2008p.html#67 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008p.html#78 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008q.html#13 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008s.html#25 Web Security hasn't moved since 1995
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Computer History Museum Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Wed, 24 Dec 2008 10:04:47Thomas.Kelman@COMMERCEBANK.COM (Kelman, Tom) writes:
there were lots of problems with tss/360 ... so when the univ. got 360/67 (and discontinued the 709), it mostly ran os/360 starting with pcp. my undergrad responsibilities expanded to supporting os/360 .. including system generations starting with release 9.5.
along the way, the univ played with (virtual machine) cp67 ... and I got opportunity to rewrite large portions of the code.
this is post from yesterday referencing adding tty/ascii terminal
support to cp67:
https://www.garlic.com/~lynn/2008s.html#48 New machine code
part of that exercise was trying to get the 2702 terminal controller to
do something ... it turned out it couldn't do. this was at least part of
the motivation for the univ. to build a clone replacement ... using an
interdata/3, reverse engineering the channel interface ... and building
a channel interface board for the interdata/3, programming the
interdata/3 to emulate 2702. this was picked up and sold by interdata as
standard product ... and later when perkin/elmer bought interdata ...
sold under the perkin/elmer logo. the implementation went thru a number
of evoluations ... an early upgrade was a "cluster" ... with interdata/4
handling the channel interface, and multiple interdata/3 processors
dedicated to linescanner interfaces. this got written up blaming us for
(at least parts) clone controller business ... misc. past posts
referencing 360 plug-compatible controller market:
https://www.garlic.com/~lynn/submain.html#360pcm
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Computer History Museum Newsgroups: bit.listserv.ibm-main Date: Wed, 24 Dec 2008 13:12:51rfochtman@YNC.NET (Rick Fochtman) writes:
there use to be some technology laying out data records on 3330 cylinders with "dummy" spacer records that would allow for channel program processing latency to do a head switch operation (on the same cylincer) between the end of a data record (on one track) and the start of the (next) data record (on another track) ... without a rotational miss. Several 370s; 145, 148, & 168, the channel processing was fast enough to execute the head-switch in the time it took a 3330 disk to rotate the dummy spacer record amount.
The problem was that 158 channels had higher latency and would only make the head-switch (w/o a miss & additional revolution) 20-30% of the time (the rest of the time, the head-switch would miss picking the next record and have to may a complete revolution before trying again). The 3330 track size wasn't large enuf to make the dummy record sizes larger (using 4k data records). It turned out that the same rotational miss rates was true for the 303x channel directors (regardless of the machine they were attached to; since they all used the same 158 integrated channel processing).
misc. past posts discussing dummy records & channel program head-switch
latency:
https://www.garlic.com/~lynn/2000d.html#7 4341 was "Is a VAX a mainframe?"
https://www.garlic.com/~lynn/2001j.html#3 YKYGOW...
https://www.garlic.com/~lynn/2002b.html#17 index searching
https://www.garlic.com/~lynn/2003g.html#22 303x, idals, dat, disk head settle, and other rambling folklore
https://www.garlic.com/~lynn/2004d.html#64 System/360 40 years old today
https://www.garlic.com/~lynn/2004d.html#65 System/360 40 years old today
https://www.garlic.com/~lynn/2004d.html#66 System/360 40 years old today
https://www.garlic.com/~lynn/2005p.html#38 storage key question
https://www.garlic.com/~lynn/2005s.html#22 MVCIN instruction
https://www.garlic.com/~lynn/2006w.html#8 Why these original FORTRAN quirks?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: : Is SUN going to become x86'ed ?? Newsgroups: comp.sys.sun.hardware,alt.folklore.computers Date: Wed, 24 Dec 2008 23:34:28"COM" ... computer output microfiche ... stromberg datagrphix
there was one (i think in bldg. 26) on san jose plant site ... printer
name (from somewhere long ago and far away):
SNJFICHE San Jose, Ca. 8-276-5050 GPD SPOOL MAS
I could print from vm (in bldg. 28) and specify the routing to get it to
the microfiche printer (courier would have output back in bldg. usually
within a day). I had quite a few microfiche at at home in the 70s ... i
had a box someplace in storage that still had maybe 50-60 such
microfiche. some old email references that it appeared to take 2-3
minutes per module listing (based on time-stamps on the fiche when a
whole batch came back).
recent post with jpg image of home desk in the 70s that included compact
microfiche viewer:
https://www.garlic.com/~lynn/2008m.html#38
https://www.garlic.com/~lynn/2008m.html#51
i would do complete vm370 kernel listings (among other things) ... one module per fiche ... it left some fiche mostly empty ... but it made it easy to find ... since large letter readable image could be "printed" across top of fiche (easier than compacting multiple modules per fiche).
wiki page has reference for various standards, including fiche
https://en.wikipedia.org/wiki/Microfilm
this wiki discussion about 8080 mentions it was used in DataGraphiX COM
https://en.wikipedia.org/wiki/Intel_8080
quicky use of search engine didn't turn up a whole lot more about stromberg datagrphix com devices.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Computer History Museum Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Thu, 25 Dec 2008 00:20:50rfochtman@YNC.NET (Rick Fochtman) writes:
there were 3 people that came out from the science center to the univ. to install cp67 the last week in jan68. One of these people left the science center june68 to be part of ncss. He was suppose to teach a cp67 class the following week (after he gave notice) for customers ... and the science center had to really scamble to find people to fill in for him.
the initial cp67 code had fifo single operation processing for 2311, 2314s, and 2301 (drums). It would get about 80page transfers/sec on 2301. I redid the 2301 to do chained processing which increased peak 2301 page transfers to 300/sec. 2301 didn't have multiple request exposure. i also redid the 2311 & 2314 code to implement ordered seek operation (for all queued requests) ... both cp requests and cms requests ... as well as chained request for page operations. On heavily loaded CMS systems, the ordered seek queueing made big difference ... both graceful degradation as load increased ... as well as peak throughput.
i also redid a whole bunch of the kernel pathlengths. This old
post:
https://www.garlic.com/~lynn/94.html#18 CP/67 & OS MFT14
contains part of presentation that I made at the '68 SHARE meeting in Boston.
I had been doing heavy optimization of OS MFT system generations ... carefully reordering all the STAGE2 output (from STAGE1) so that the result would optimally place os/360 system files and PDS members on disk (in order to minimize avg. arm seek distance). For the univ. student work load, I would get a factor of about three times thruput improvement. This would degrade over time as PTF maintenance was applied ... affecting high use system components. I would then have to periodically rebuild the system in order to restore the carefully order placement of files and PDS members.
I also got to do some work rewriting cp67 kernel ... besides redoing the i/o stuff ... i also reworked a lot of the pathlengths ... in some cases getting factor of 100 times improvement for some of the stuff.
As mentioned in the presentation, the original unmodified cp67 kernel had 534 cpu seconds overhead for running MFT14 workload that took 322 seconds elapsed time. In the period between Jan68 and fall68, I was able to get that cp67 kernel virtual machine overhead down from 534 cpu seconds to 113 cpu seconds (by rewriting several parts of the cp67 kernel).
I normally had classes during the week ... so much of my maintenance and support work for OS/360 MFT and work on cp67 occurred on weekends. The univ. typically shutdown the datacenter from 8am Sat. until 8am Monday ... during which time I could have the whole place for my personal use. Monday classes were sometimes a problem after having been up for 48hrs straight.
I had also done a dynamic adaptive resource manager and my own page replacement algorithm and thrashing controls for cp67 ... lots of the stuff IBM picked up and shipped in product while I was still undergraduate at the univ (including the TTY/ASCII terminal support mentioned in earlier post in this thread).
This recent post:
https://www.garlic.com/~lynn/2008s.html#17 IBM PC competitors
mentioned that I continued to do various cp67 things ... but much of it was dropped in the product morph from cp67 to vm370. The above has references/pointers to some old email regarding migrating various of the pieces from cp67 to vm370 (after the science center finally replaced their 360/67 with a 370/155-II).
some of the old email
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
https://www.garlic.com/~lynn/2006w.html#email750430
... included these posts from a couple years ago:
https://www.garlic.com/~lynn/2006v.html#36
https://www.garlic.com/~lynn/2006w.html#7
https://www.garlic.com/~lynn/2006w.html#8
Before the decision was made to release some of it in the standard vm370
product ... they let me build, distribute, and support highly modified
vm370 (aka csc/vm) systems for large number of internal systems. at one
point I would joke with the people on the 5th flr that the number peaked
about the same as the total number that they were supporting ... recent
reference here:
https://www.garlic.com/~lynn/2008s.html#48 New machines code
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Is this the story behind the crunchy credit stuff? Date: December 25, 2008 Blog: Equity MarketsCDOs had been used two decades ago in the S&L crisis to obfuscate underlying values and sell-off for more than they were otherwise worth
long winded, decade old post discussing some of the current issues,
including needing better visibility into the underlying values of
securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm
earlier this fall, the congressional hearings into CDOs looked at rating agencies giving toxic CDOs triple-A ratings ... even though the toxic CDO issuers and the rating agencies both knew they weren't worth triple-A rating (the word "fraud" was periodically used in the hearings). The toxic CDO triple-A ratings significantly increased the number of institutions that would deal in these toxic CDO instruments (as well as significantly increasing the amount of money that unregulated institutions had to lend).
related side-effect of (often) unregulated institutions being able to immediately offload loans:
The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html
from above:
Watsa's only sin was in being a little too early with his prediction
that the era of credit expansion would end badly. This is what he said
in Fairfax's 2003 annual report: "It seems to us that securitization
eliminates the incentive for the originator of [a] loan to be credit
sensitive. Prior to securitization, the dealer would be very concerned
about who was given credit to buy an automobile. With securitization,
the dealer (almost) does not care."
... snip ...
Week ago Sunday, CSPAN had panel with several people from industry. One of the comments was that the subprime was supposedly targeted at low-income, first time home owners ... but only something like 10% of subprime loans went to that market.
With huge influx of funds from securitization and no regard who got loans ... they were cycling loans through the mill as fast as possible to all comers (speculator looking at 20%/annum inflation ... a no-down, no-documentation, 1% introductory, interest-only ... flipping after a year ... represents significant ROI). CBS 60mins had segment on some of these speculators in the overheated Florida and California real-estate markets.
The CSPAN panel also seemed to be torn between the industry claiming being ignorant and totally incompetent vis-a-vis admitting they just ignored (and/or manipulated) all the indications.
On CSPAN, a couple months ago there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250m in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.
PBS programs/webpages discussing some of the wall street influence on
congress, wall street fix (including repeal of Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet
On the institution side buying these (triple-A rated toxic CDO, packaged) mortgages .... the institutions were 1) playing long/short mismatch and 2) heavily leveraging. Playing long/short mismatch (alone) has been known to take down institutions for centuries (in this case, even if the toxic CDOs had been worth their triple-A ratings). Comments were that Bear-Stearn and Lehman had marginal chance of surviving playing long/short mismatch. This was further aggravated with heavy leverage ... in some cases leveraging capital 40-80 times in buying triple-A rated toxic CDOs.
article from year ago about playing long/short mismatch (including
transactions being carried offbalance ... some possibly are still
lurking more than a yr later)
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html
decade old article from SanFran FED on problems with long/short mismatch
http://www.frbsf.org/economic-research/publications/economic-letter/2000/september/short-term-international-borrowing-and-financial-fragility/
The value of CDOs were relatively straight-forwardly calculated ... besides the congressional hearings that claimed that both the toxic CDO issuers and the rating agencies (that were being paid to give triple-A ratings to toxic CDOs) knew they weren't worth triple-A ratings
there have been lots of discussions that risk managers "knew" toxic CDOs also weren't worth triple-A ratings (but they were "overruled" by others in the organizations) ... a couple past references:
How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
Subprime = Triple-A ratings? or 'How to Lie with Statistics' (gone 404 but lives on at the wayback machine)
https://web.archive.org/web/20071111031315/http://www.bloggingstocks.com/2007/07/25/subprime-triple-a-ratings-or-how-to-lie-with-statistics/
This on par with everybody knowing that playing long/short mismatch takes down institutions ... but they were doing it anyway. It almost seemed like they thought they were smarter than everybody else ... and would be able to get out before the whole thing collapsed (in some cases, that may turn out to be true with regard to individual compensation).
past references to (computer) GIGO (garbage in, garbage out)
https://www.garlic.com/~lynn/2008s.html#22 IBM PC competitors
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#24 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#26 Combining EMV and eID on a payment card?
https://www.garlic.com/~lynn/2008s.html#27 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#28 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#32 How Should The Government Spend The $700 Billion?
https://www.garlic.com/~lynn/2008s.html#33 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#47 Executive pay: time for a trim?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Computer History Museum Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Thu, 25 Dec 2008 16:16:01rfochtman@YNC.NET (Rick Fochtman) writes:
as an undergraduate ... before joining the science center ... I first looked at the standard SVC linkage routine (for all kernel calls) and cut the pathlength by about 75%. I then looked at the most frequently called subroutines ... and changed them to BALRs ... leaving the remaining as SVC ... since it no longer represented a significant portion of CP overhead .... i.e. while SVC/LPSW was expensive with regard to BALR ... the actual time spent in the original SVC linkage&return was much, much larger than the SVC/LPSW instruction ... most of the benefit came from reducing the logic. The next was the BALR ... not only replaced the SVC/LPSW instructions but were also "eliminated" the rest of the logic for the linkage/return for high-use routines. When that was done, the remaining SVC/LPSW (and associated linkage/return overhead) was a trivial percentage of overall time spent in the kernel.
Remaining big overhead wasn't so much the SIO instruction ... but the channel program simulation overhead done in "CCWTRANS". CMS turned out to do very stylized disk channel programs. I created a fastpath channel program emulation operation for CMS disk I/O (that was also synchronous ... avoiding all the virtual machine gorp for entering wait state, asynchronous interrupts, etc). This got severely criticized by the people at the science center (mostly bob adair) because it violated the 360 principles of operation. However, it did significantly reduce cp67 kernel overhead for operating CMS virtual machines. This was then redone using "DIAGNOSE" instruction ... since the 360 principles of operation defines the "DIAGNOSE" instruction operation as model-dependent. The facade was that there was a 360 virtual machine machine model which had its own definition for DIAGNOSE instruction operation.
Standard CP67 saved core image of the loaded kernel to disk (routine SAVECP) and a very fast loader sequence that brought back that image back into memory on IPL and then transferred to CP67 startup routine CPINIT. One of the people at the science center modified CP67 kernel failure processing to write a image dump to disk area and then simulate reloaded the disk kernel image from scratch ... basically automagically failure/restart ... this is mentioned in one of the referenced stories at MULTICS websites ... one of the people who supported CP67 system at MIT (and later worked on MULTICS) had modified TTY/ASCII terminal line processing that would cause the system to crash ... and one day CP67 crashed and automagically (fast) restarted 27 times in a single day (which help instigate some MULTICS rewrite because it was taking an hour elapsed time to restart).
The cp67 kernel was undergoing was amount of evolution with new functions being added. On 768k real storage machine ... every little bit hurt. So I did a little slight of hand and created a virtual address space that mapped the cp67 kernel image ... and then flagged the standard portion as fixed ... but created an infrastructure that allowed other portions to be paged in & out. This required enhancing the SVC linkage infrastructure to recognize portions of the kernel that could be pageable (and do page fetch operation before doing the linkage).
The standard CP67 kernel was built up of "card decks" which had the BPS loader slapped on the front and "IPL'ed" (either on the real machine or in a virtual machine). Once the BPS loader had all the routines resolved in real storage ... it would transfer to SAVECP ... which wrote the core image to disk (for later IPL). It turns out that the BPS loader also passed (in registers) the pointer to the resolved (RLD) symbol table. I then changed SAVECP to move the BPS (RLD) symbol table to the end of the (pageable) kernel image ... so that it was also saved to disk (as part of the pageable kernel area).
I ran into a major problem ... the BPS loader only supported up to 256 external symbols. As part of reorg'ing parts of the kernel to make it pageable ... i split modules into 4k-byte "chunks" ... creating a lot of new external symbols. This initially overflowed the BPS loader 256 external symbol limit ... and so I had to resort to all sorts of hacks to keep the number of external symbols within the 256 limit. Much later at the science center ... I found a source copy of the BPS loader in a old card cabinet that was in storage ... I could then modify the BPS loader to extend the external symbol table maximum.
for additional drift ... in the initial work to convert MVT into VS2 ...
some virtual address tables and page fault processing was hacked into
the side of MVT ... and a copy of CCWTRANS was borrowed from CP67
(i.e. VS2 has the same issue with translating application channel
programs passed by EXCP ... as CP67/VM370 has with translating virtual
machine channel programs). Past posts with references to CCWTRANS:
https://www.garlic.com/~lynn/2008g.html#45 authoritative IEFBR14 reference
https://www.garlic.com/~lynn/2008i.html#68 EXCP access methos
https://www.garlic.com/~lynn/2008i.html#69 EXCP access methos
https://www.garlic.com/~lynn/2008m.html#7 Future architectures
https://www.garlic.com/~lynn/2008o.html#50 Old XDS Sigma stuff
https://www.garlic.com/~lynn/2008q.html#31 TOPS-10
The thing missing from the automagic fast restart ... was the growing number of service virtual machines that had to be brought up manually ... i.e. performance monitor DUSETIMR machine, the VNET, networking machine, and growing number of others. These service virtual machines are analogous to the current genre of virtual appliances found in the latest incarnation of virtual machine technology.
As part of the performance work on cp67 and then moving to vm370 ... I
also did a lot of benchmarking work. One of the things that I wanted to
do was automate the benchmarking process ... lots of past posts with
references
https://www.garlic.com/~lynn/submain.html#benchmark
For this, I created the AUTOLOG command ... where a virtual machine could automagically logon other virtual machines ... including passing an initial startup command to that virtual machine. Then DMKCPI (the rename CPINIT for vm370) was modified to do a special case execution of the AUTOLOG command for a specific virtual machine (which would then handle all the other AUTOLOGs). As mentioned other places, part of the final sequence for the release of my (vm370) resource manager ... i ran a series of 2000 (automated) benchmarks that took 3months elapsed time (as part of final calibration and verification).
However, the AUTOLOG command was also got a lot of use as part of
automating the other parts of automatic bringup (in addition to just
getting the bare bones kernel operational). A few past posts mentioning
AUTOLOG command:
https://www.garlic.com/~lynn/2002q.html#28 Origin of XAUTOLOG (x-post)
https://www.garlic.com/~lynn/2005.html#59 8086 memory space
https://www.garlic.com/~lynn/2006g.html#34 The Pankian Metaphor
https://www.garlic.com/~lynn/2007d.html#23 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007n.html#10 The top 10 dead (or dying) computer skills
https://www.garlic.com/~lynn/2007r.html#68 High order bit in 31/24 bit address
https://www.garlic.com/~lynn/2007s.html#41 Age of IBM VM
https://www.garlic.com/~lynn/2008m.html#42 APL
As mentioning in previous references ... one of the things I did after
joining the science center ... was also doing a pagemapped filesystem
for CMS. The diagnose I/O API was specific oriented towards drastically
reducing the pathlength overhead associated with CMS I/O. However, there
are still some large number of performance issues related to simulating
a "real address I/O" paradigm in a virtual address environment. The page
map changes retained the high level CMS filesystem paradigm while
remapping the underlying implementation to page mapped infrastructure.
Misc. past post mentioning doing page mapped infrastructure
https://www.garlic.com/~lynn/submain.html#mmap
There were some benchmark comparisons with the same cms and mix-mode, moderately filesystem intensive operation ... one using underlying traditional CMS filesystem .... and same CMS, workload, and CMS filesystem ... but underlying paged mapped ... where the paged mapped flavor had three times the throughput of the traditional non-paged mapped flavor.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch Date: Fri, 26 Dec 2008 09:54:29kenney writes:
a couple decades ago the domestic auto makers got into trouble because of competition with foreign manufacturers. they eventually got gov. to impose import quotas. there supposedly was condition that the domestic auto makers would use the period of the import quotas and the drastically increased profits (reduced competition allowed significant price increase) to remake themselves. A couple yrs later, there was an article that it was still business as usual and the gov. should impose a 100% unearned profit tax (basically the american consumer was underwriting the whole thing with the significantly increased price/profits).
One of the issues (during that period) was that the prices increased significantly faster than avg. domestic wages ... and as a result, the auto loan periods had to be significantly extended. This had a secondary effect of loans having longer life than some of the autos. There was also pressure for the domestic auto makers to extend warranties to be at least as long as the loans (which was a very iffy proposition given the quality of the cars).
role forward to the current situation ... the large increase in funds available for loans & mortgages (that came from securitization) allowed for enormous amount of speculation. unregulated institutions were able to get into the business, using securitization as source of funds ... (mostly) outside traditional financial regulation. A no-down, no-documentation, 1% interest only loan ... would represent significant ROI for speculator anticipating 20%/annum inflation and flipping before the loan reset (basically speculators being able to treat the home owner market like the unregulated 1920s stock market).
plot the avg. home price back to the 70s ... as well as the ratio of the avg. home price to the avg. annual earnings ... and it shows an (unique) enormous ugly pimple/boil starting the early part of the decade ... which hasn't yet completely deflated. Lots of people and institutions got caught up in the inflation/deflation cycle ... and various secondary affects may result in the reset continuing down past the level of where the ugly pimple/boil started.
As previously mentioned ... risk management and models showed what was happening ... but lots of people chose to ignore the indications ... and/or were motivated to manipulate the situation for personal advantage. There had always been lots of isolated hotspots of greed and corruption ... but a combination of deregulation and lack of regulation enforcement allowed the hotspots to combine into a firestorm.
misc. recent posts mentioning the firestorm analogy
https://www.garlic.com/~lynn/2008o.html#78 Who murdered the financial system?
https://www.garlic.com/~lynn/2008o.html#80 Can we blame one person for the financial meltdown?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008q.html#20 How is Subprime crisis impacting other Industries?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: DNS flaw is 2008's biggest web blunder Date: December 26, 2008 Blog: Financial Crime Risk, Fraud, and SecurityDNS flaw is 2008's biggest web blunder
from above:
It centres round Dan Kaminsky, a security consultant who found a major
flaw in the internet's Domain Name System (DNS). The flaw essentially
meant that anybody could re-route a web address to a bogus site, and
phish information from users.
... snip ...
Some recent posts related to domain name infrastructure weaknesses
and/or issues with SSL (which was in part, motivated by perceived
weaknesses with domain name infrastructure)
https://www.garlic.com/~lynn/2008n.html#75 Should online transactions be allowed on credit cards without adequate safeguards?
https://www.garlic.com/~lynn/2008o.html#70 What happened in security over the last 10 years?
https://www.garlic.com/~lynn/2008p.html#7 Dealing with the neew MA ID protection law
https://www.garlic.com/~lynn/2008p.html#14 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#15 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#19 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#22 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
https://www.garlic.com/~lynn/2008p.html#29 How were you using the internet 10 years ago and how does that differ from how you use it today?
https://www.garlic.com/~lynn/2008p.html#32 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#35 Automation is still not accepted to streamline the business processes... why organizations are not accepting newer technolgies?
https://www.garlic.com/~lynn/2008p.html#38 How do group members think the US payments business will evolve over the next 3 years?
https://www.garlic.com/~lynn/2008p.html#64 Do you feel secure with your bank's online banking service?
https://www.garlic.com/~lynn/2008p.html#67 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008q.html#13 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008r.html#23 What is the level of security in payment systems (credit and bank cards) nowadays?
https://www.garlic.com/~lynn/2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware
https://www.garlic.com/~lynn/2008r.html#50 Security is a subset of Reliability
https://www.garlic.com/~lynn/2008r.html#52 Cheap Hack - Domain Name Market - Stolen Domains for Sale
https://www.garlic.com/~lynn/2008s.html#10 Data leakage - practical measures to improve Information Governance
https://www.garlic.com/~lynn/2008s.html#25 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008s.html#50 Perfect MITM Attacks With No-Check SSL
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch Date: Fri, 26 Dec 2008 11:03:34EricP <ThatWouldBeTelling@thevillage.com> writes:
a couple weeks ago, there was a business tv news show mentioning that the NY state attorney was serving subpoenas on a number of wall street institutions. they conjectured that it might be part of an attempt to recover the enormous bonuses paid out (as their reward for creating the current crisis). there was then discussion about what standard of fraud that would have to be show in order to recover those bonuses.
as mentioned regarding the congressional hearings into the issuers of toxic CDOs were paying rating agencies to give triple-A ratings to toxic CDOs (even when both knew that the toxic CDOs weren't worth the triple-A rating) ... there were several comments during the hearings mentioning the word "fraud". the triple-A ratings enormously increased the institutions that would deal in the toxic CDOs (and the amount of money available to, often unregulated, mortgage originators). Part of the hearings also mentioned that part of the change came in the 70s with the change from the buyers of instruments paying for ratings ... to issuers of instruments paying for ratings (and the issuers starting to have significantly more leverage regarding what rating was given).
on the mortgage originating side of things (packaging the toxic CDOs and paying for the triple-A ratings) ... being able to immediately unload loans as toxic CDOs ... eliminated motivation to pay any attention to loan quality. offering no-down, no-documentation, 1% interest-only payment ARMs ... was quite attractive to speculators looking at 20%/annum inflation and flipping before loan reset.
on the institution side buying the toxic CDOs ... many were (also) playing long/short mismatch ... this could greatly increase short term profits, commissions and bonuses ... but was known for centuries for taking down institutions (i.e. one of the vendors of a leading, extremely sophisticated financial risk management software, made the comment that neither Bear Stearns nor Lehman had more than a marginal chance of surviving playing long/short mismatch).
misc. past posts mentioning article about $137b in wall street bonuses
during the period:
https://www.garlic.com/~lynn/2008g.html#52 IBM CEO's remuneration last year ?
https://www.garlic.com/~lynn/2008g.html#66 independent appraisers
https://www.garlic.com/~lynn/2008h.html#42 The Return of Ada
https://www.garlic.com/~lynn/2008i.html#4 A Merit based system of reward -Does anybody (or any executive) really want to be judged on merit?
https://www.garlic.com/~lynn/2008k.html#11 dollar coins
https://www.garlic.com/~lynn/2008m.html#26 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#83 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#74 Why can't we analyze the risks involved in mortgage-backed securities?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#32 How much is 700 Billion Dollars??
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008q.html#66 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008s.html#32 How Should The Government Spend The $700 Billion?
https://www.garlic.com/~lynn/2008s.html#33 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#41 Executive pay: time for a trim?
misc. past posts mentioning the long/short mismatch quote:
https://www.garlic.com/~lynn/2008o.html#14 Blinkylights
https://www.garlic.com/~lynn/2008o.html#15 Financial Crisis - the result of uncontrolled Innovation?
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#27 Blinkylights
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#35 The human plague
https://www.garlic.com/~lynn/2008o.html#37 The human plague
https://www.garlic.com/~lynn/2008o.html#39 The human plague
https://www.garlic.com/~lynn/2008o.html#42 The human plague
https://www.garlic.com/~lynn/2008o.html#43 The human plague
https://www.garlic.com/~lynn/2008o.html#51 Why are some banks failing, and others aren't?
https://www.garlic.com/~lynn/2008o.html#52 Why is sub-prime crisis of America called the sub-prime crisis?
https://www.garlic.com/~lynn/2008o.html#62 Would anyone like to draw a diagram of effects or similar for the current "credit crisis"?
https://www.garlic.com/~lynn/2008o.html#65 Can the financial meltdown be used to motivate sustainable development in order to achieve sustainable growth and desired sustainability?
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#78 Who murdered the financial system?
https://www.garlic.com/~lynn/2008o.html#80 Can we blame one person for the financial meltdown?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#47 In Modeling Risk, the Human Factor Was Left Out
https://www.garlic.com/~lynn/2008p.html#55 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008p.html#77 Tell me why the taxpayer should be saving GM and Chrysler (and Ford) managers & shareholders at this stage of the game?
https://www.garlic.com/~lynn/2008q.html#19 Collateralized debt obligations (CDOs)
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch Date: Fri, 26 Dec 2008 11:17:56EricP <ThatWouldBeTelling@thevillage.com> writes:
the congressional hearings mentioned the toxic CDO issuers were paying
the rating agencies for the triple-A ratings (even when both knew that
they weren't worth the triple-A ratings). The triple-A ratings not
only significantly increased the perceived value of the toxic CDO
... but opened up the toxic CDO market to much larger number of
institutions (for one reason or another only deal in high-grade
investments ... like retirement funds that may have it written into
the contract). The implication was that the toxic CDO packaging was
purely a facade ... I've used the analogy with the emperor's new
clothes parable ... a few past posts:
https://www.garlic.com/~lynn/2008j.html#20 dollar coins
https://www.garlic.com/~lynn/2008j.html#40 dollar coins
https://www.garlic.com/~lynn/2008j.html#60 dollar coins
https://www.garlic.com/~lynn/2008j.html#69 lack of information accuracy
https://www.garlic.com/~lynn/2008k.html#10 Why do Banks lend poorly in the sub-prime market? Because they are not in Banking!
https://www.garlic.com/~lynn/2008k.html#16 dollar coins
https://www.garlic.com/~lynn/2008k.html#27 dollar coins
https://www.garlic.com/~lynn/2008l.html#42 dollar coins
https://www.garlic.com/~lynn/2008m.html#4 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#12 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#99 Blinkylights
https://www.garlic.com/~lynn/2008o.html#35 The human plague
https://www.garlic.com/~lynn/2008q.html#58 Obama, ACORN, subprimes (Re: Spiders)
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: : Is SUN going to become x86'ed ?? Newsgroups: comp.sys.sun.hardware,alt.folklore.computers Date: Fri, 26 Dec 2008 14:17:39Cydrome Leader <presence@MUNGEpanix.com> writes:
and talking to NSF about T1 (and higher speeds) for NSFNET backbone
https://www.garlic.com/~lynn/lhwemail.html#nsfnet
we were also having lots of discussions with Cyclotomics about reed-solomon (ecc) FEC ... when they got bought by Kodak (it seemed motivated because Cyclotomics played a big part in the encoding standard for cdrom).
misc. past posts mentioning cyclotomics:
https://www.garlic.com/~lynn/2001.html#1 4M pages are a bad idea (was Re: AMD 64bit Hammer CPU and VM)
https://www.garlic.com/~lynn/2002p.html#53 Free Desktop Cyber emulation on PC before Christmas
https://www.garlic.com/~lynn/2003e.html#27 shirts
https://www.garlic.com/~lynn/2004f.html#37 Why doesn't Infiniband supports RDMA multicast
https://www.garlic.com/~lynn/2004o.html#43 360 longevity, was RISCs too close to hardware?
https://www.garlic.com/~lynn/2005n.html#27 Data communications over telegraph circuits
https://www.garlic.com/~lynn/2007.html#29 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007j.html#4 Even worse than UNIX
https://www.garlic.com/~lynn/2007v.html#82 folklore indeed
https://www.garlic.com/~lynn/2008l.html#19 IBM-MAIN longevity
https://www.garlic.com/~lynn/2008m.html#23 Blinkylights
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch Date: Fri, 26 Dec 2008 14:49:31Robert Myers <rbmyersusa@gmail.com> writes:
however, the issue wasn't a lack of understanding that firestorm countermeasures were needed ... in fact, firestorm countermeasures were in place ... and that many of the firestorm countermeasures were eliminated &/or ignored (with evidence that motivations included personal greed and corruption).
this is also the reference to the industry being torn between claiming to being ignorant and totally incompetent vis-a-vis admitting they ignored/manipulated all the indicators.
there are analogies with executives that see short-term bonuses by eliminating "duplicate expense" ... and after they are gone ... it turns out that the "duplicate expense" were actually required to handle continuity related events (that just weren't happening every day). the individuals were betting that they would have theirs & not held accountable when it came time to face the consequences.
also related to past references to the input was fiddled in order to get the desired output (supporting objective of personal gain):
How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
past posts referencing the above article:
https://www.garlic.com/~lynn/2008n.html#49 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#65 Whether, in our financial crisis, the prize for being the biggest liar is
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#72 Why was Sarbanes-Oxley not good enough to sent alarms to the regulators about the situation arising today?
https://www.garlic.com/~lynn/2008n.html#78 Isn't it the Federal Reserve role to oversee the banking system??
https://www.garlic.com/~lynn/2008n.html#80 Why did Sox not prevent this financal crisis?
https://www.garlic.com/~lynn/2008n.html#82 Fraud in financial institution
https://www.garlic.com/~lynn/2008o.html#15 Financial Crisis - the result of uncontrolled Innovation?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#19 What's your view of current global financial / economical situation?
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#34 The human plague
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008q.html#49 Have not the following principles been practically disproven, once and for all, by the current global financial meltdown?
https://www.garlic.com/~lynn/2008q.html#50 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008r.html#58 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008s.html#8 Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#29 Let IT run the company!
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch Date: Fri, 26 Dec 2008 15:19:04"Del Cecchi" <delcecchiofthenorth@gmail.com> writes:
Cramer has also periodically been on rant about nothing being done
about illegal short sales ... misc. past references:
https://www.garlic.com/~lynn/2008k.html#1 dollar coins
https://www.garlic.com/~lynn/2008k.html#9 dollar coins
https://www.garlic.com/~lynn/2008k.html#25 IBM's 2Q2008 Earnings
https://www.garlic.com/~lynn/2008n.html#23 Michigan industry
https://www.garlic.com/~lynn/2008n.html#25 Blinkylights
https://www.garlic.com/~lynn/2008n.html#26 Blinkylights
https://www.garlic.com/~lynn/2008n.html#28 Blinkylights
https://www.garlic.com/~lynn/2008n.html#31 Blinkylights
https://www.garlic.com/~lynn/2008n.html#101 Blinkylights
https://www.garlic.com/~lynn/2008o.html#0 Blinkylights
https://www.garlic.com/~lynn/2008o.html#1 illegal naked short selling
https://www.garlic.com/~lynn/2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008q.html#50 Obama, ACORN, subprimes (Re: Spiders)
this wiki page for DTCC mentions them (also) being sued as part of
naked short selling:
https://en.wikipedia.org/wiki/Depository_Trust_&_Clearing_Corporation
previously mentioned long-winded, decade old post about some of the
current problems ... including needing better visibility into underlying
value of CDO-like instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm
even before above ... somewhat in the wake of having done work on
(secure) x9.59 financial transaction standard ... reference:
https://www.garlic.com/~lynn/x959.html#x959
we had several discussions with NSCC (which has since been combined with DTC to become DTCC ... but were all separate business organizations at the time) about doing secure operations for offers and acceptance (which when paired, become a securities trade). we ran afoul of a culture of lots of obscurity and non-transparency ... because a side effect of the proposed offer/acceptance/trade security ... would have also resulted in transparency.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Computer History Museum Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Fri, 26 Dec 2008 17:21:36rfochtman@YNC.NET (Rick Fochtman) writes:
the vm370 loader source (both dmkld00e and dmsldr) have genesis from similar origins.
here is reference to hercules vm370 release 6 (that has source):
http://osdir.com/ml/emulators.hercules390.vm/2004-06/msg00018.html
the mentioned cp67 pageable kernel modifications weren't picked up and shipped as part of cp67 product ... but something similar did appear with vm370 product.
the hercules reference (CMS) DMSLDR (in release 6) having "255 externals per TEXT file" ... while the original BPS loader had limitation of a total of 255 external symbols.
reference for vm/370 R6 (including base source):
http://www.cbttape.org/vm6.htm
the above has reference to aws file (which is over 4mbytes, compressed,
over 32mbytes uncompressed)
http://www.cbttape.org/ftp/vm6/base-source.aws.bz2
reference to awstape utility:
http://www.cbttape.org/awstape.htm
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Computer History Museum Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Fri, 26 Dec 2008 17:33:22rfochtman@YNC.NET (Rick Fochtman) writes:
double checking, the vm370 R6 "base-source.aws" file contains both (CMS) DMSLDR ASSEMBLE and (CP) DMKLD00E ASSEMBLE files. DMKLD00E ASSEMBLE would be the closest to the original BPS loader source.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Computer History Museum Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Fri, 26 Dec 2008 19:09:12re:
for additional topic drift, mention of NCSS (& nomad) in an old baybunch
announcement:
https://www.garlic.com/~lynn/2007c.html#email830711b
in this post
https://www.garlic.com/~lynn/2007c.html#12
the post includes a number of old email ... including discussion of
highly modified internal vm370 distribution
https://www.garlic.com/~lynn/2007c.html#email830705
and
https://www.garlic.com/~lynn/2007c.html#email830709
and
https://www.garlic.com/~lynn/2007c.html#email830711
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is SUN going to become x86'ed ?? Newsgroups: comp.sys.sun.hardware,alt.folklore.computers Date: Fri, 26 Dec 2008 19:20:41Barry OGrady <god_free_jones@yahoo.com> writes:
when we were out doing our ha/cmp product marketing
https://www.garlic.com/~lynn/subtopic.html#hacmp
we coined the terms geographic survivability and disaster survivability (to differentiate from disaster/recovery).
during that period ... we looked at some of the high-availability operations (besides telco central office and telco provisioning).
this post mentions jan92 ha/cmp meeting looking at dbms cluster
scale-up
https://www.garlic.com/~lynn/95.html#13
two of the people at the mentioned meeting, later left and joined a
small client/server startup responsible for something called a commerce
server. we were brought in to consult because they wanted to do payment
transactions on the servers (the startup had also invented something
called SSL they wanted to use for payments). Part of the deployment
included something called a "payment gateway" ... some past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway
... and the result is now frequently called "electronic commerce".
part of deploying "payment gateways" ... we looked at co-locating servers at different telco central office ... including needing 48V servers (this was in addition to having specific deployments as cluster "fall-over").
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Happy DEC-20 Day, Newsgroups: alt.folklore.computers Date: Sat, 27 Dec 2008 08:59:12jmfbahciv <jmfbahciv@aol> writes:
Software-Generated Paper Accepted At IEEE Conference
http://entertainment.slashdot.org/article.pl?sid=08/12/23/2321242
SCIgen - An Automatic CS Paper Generator
http://pdos.csail.mit.edu/scigen/
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is SUN going to become x86'ed ?? Newsgroups: comp.sys.sun.hardware,alt.folklore.computers Date: Sun, 28 Dec 2008 09:45:35Peter Flass <Peter_Flass@Yahoo.com> writes:
The Boston Programming Center had previously done CPS (conversational programming system) which ran on os/360 and had a conversational PLI and Basic. They had also done a (CPS) microcode enhancement for 360/50 which speeded up a lot of the CPS operations.
for a little topic drift ... this is a "A brief Hisotry of 'Classic'
Rexx" which uses example of copyfile command use to illustrate
difference between REX and earlier EXEC/EXEC2
http://www.rexxla.org/About_Rexx/mfc/rexxhist.html
misc. past posts mentioning cms copyfile command:
https://www.garlic.com/~lynn/2002i.html#11 CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2003b.html#44 filesystem structure, was tape format (long post)
https://www.garlic.com/~lynn/2004d.html#42 REXX still going strong after 25 years
https://www.garlic.com/~lynn/2004e.html#37 command line switches [Re: [REALLY OT!] Overuse of symbolic
https://www.garlic.com/~lynn/2004m.html#54 Shipwrecks
https://www.garlic.com/~lynn/2006r.html#12 Trying to design low level hard disk manipulation program
https://www.garlic.com/~lynn/2006t.html#17 old Gold/UTS reference
https://www.garlic.com/~lynn/2006w.html#25 To RISC or not to RISC
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Garbage in, garbage out trampled by Moore's law Newsgroups: comp.arch Date: Sun, 28 Dec 2008 10:08:05Anne & Lynn Wheeler <lynn@garlic.com> writes:
some recent articles along similar lines:
Biggest Bums Of 2008
http://www.forbes.com/2008/12/24/fannie-goldman-citigroup-pf-ii-in_rl_1224croesus_inl.html
Chief Dunces Of Wealth Destruction, Inc.
http://www.forbes.com/2008/11/22/wamu-dunces-citi--pf-ii-in_rl_1122croesus_inl.html
from above:
Another irritant was the even more flabbergasting take-home pay of the
Shadow Banking System--the hedge fund managers and private equity
bigwigs getting 2% for sitting on pension fund money and 20% of the
profits
... snip ...
some of this might have motivation for things like playing long/short mismatch ... where there could be periods of enormous paper profits ... and associated compensation ... which would be more than sufficient compensation when it fell apart and the whole thing came crashing down (since compensation for the earlier paper profits weren't being forfeited).
misc. posts mentioning industry being torn between claiming to being
totally incompetent vis-a-vis admitting they manipulated the
infrastructure:
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?
misc. other past posts mentioning that playing long/short mismatch has
been known for centuries to take down institutions
https://www.garlic.com/~lynn/2008o.html#37 The human plague
https://www.garlic.com/~lynn/2008o.html#39 The human plague
https://www.garlic.com/~lynn/2008o.html#42 The human plague
https://www.garlic.com/~lynn/2008o.html#43 The human plague
https://www.garlic.com/~lynn/2008o.html#52 Why is sub-prime crisis of America called the sub-prime crisis?
https://www.garlic.com/~lynn/2008o.html#62 Would anyone like to draw a diagram of effects or similar for the current "credit crisis"?
https://www.garlic.com/~lynn/2008o.html#65 Can the financial meltdown be used to motivate sustainable development in order to achieve sustainable growth and desired sustainability?
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#78 Who murdered the financial system?
https://www.garlic.com/~lynn/2008o.html#80 Can we blame one person for the financial meltdown?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#47 In Modeling Risk, the Human Factor Was Left Out
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008p.html#77 Tell me why the taxpayer should be saving GM and Chrysler (and Ford) managers & shareholders at this stage of the game?
https://www.garlic.com/~lynn/2008q.html#10 realtors (and GM, too!)
https://www.garlic.com/~lynn/2008q.html#19 Collateralized debt obligations (CDOs)
https://www.garlic.com/~lynn/2008q.html#20 How is Subprime crisis impacting other Industries?
https://www.garlic.com/~lynn/2008q.html#26 Blinkenlights
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?
https://www.garlic.com/~lynn/2008s.html#59 Garbage in, garbage out trampled by Moore's law
and past posts (also) mentioning the $137B in wallstreet bonuses
(effectively reward for their part in creating current situation):
https://www.garlic.com/~lynn/2008k.html#11 dollar coins
https://www.garlic.com/~lynn/2008m.html#26 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#83 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#74 Why can't we analyze the risks involved in mortgage-backed securities?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#32 How much is 700 Billion Dollars??
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008q.html#66 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008s.html#32 How Should The Government Spend The $700 Billion?
https://www.garlic.com/~lynn/2008s.html#33 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#41 Executive pay: time for a trim?
https://www.garlic.com/~lynn/2008s.html#59 Garbage in, garbage out trampled by Moore's law
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is SUN going to become x86'ed ?? Newsgroups: comp.sys.sun.hardware,alt.folklore.computers Date: Sun, 28 Dec 2008 13:28:34Peter Flass <Peter_Flass@Yahoo.com> writes:
Nat was at the boston programming center at the time it was absorbed by the vm370 development group. Somewhere in that process ... Nat and Jean Sammet (also at the boston programming center on the 3rd flr) eventually transferred to science center (on the 4th flr)
as per the referenced document ... much of the work (even likely the
360/50 microcode) was done as contract for IBM by allen-babcock.
http://www.bitsavers.org/pdf/allen-babcock/cps/CPS_Progress_Report_may66.pdf
note that for whatever reason ... the CPS project appeared to have more
leverage getting 360/50s ... than the science center was able to muster
... which had to settle for 360/40 to do the hardware changes to support
virtual memory (as part of the virtual machine cp/40 project). as
referenced in melinda's historical document ... science center initially
tried to get 360/50 for the virtual machine project ... but wasn't able
to get one ... because so many were going for the FAA air traffic
control effort.
http://www.leeandmelindavarian.com/Melinda#VMHist
past quotes about not being able to get 360/50s & having to settle for
360/40 for virtual machine project:
https://www.garlic.com/~lynn/2003m.html#4 IBM Manuals from the 1940's and 1950's
https://www.garlic.com/~lynn/2003m.html#36 S/360 undocumented instructions?
https://www.garlic.com/~lynn/2005s.html#21 MVCIN instruction
https://www.garlic.com/~lynn/2007b.html#21 history question
https://www.garlic.com/~lynn/2007d.html#52 CMS (PC Operating Systems)
https://www.garlic.com/~lynn/2007i.html#14 when was MMU virtualization first considered practical?
over the years, the company has outsourced quite a bit. about the time
of the cps work ... the university had field upgrade for 2702
telecommunication controller to add tty/ascii linescanner ... and the
boxes (containing all the hardware) arrived in Heathkit boxes. for other
topic drift ... recent posts mentioning doing cp67 tty/ascii support
https://www.garlic.com/~lynn/2008s.html#51 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#54 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#56 Computer History Museum
more than a decade later, STL (which had been assigned lots of the language missions) outsourced (mainframe) PLI. There was some amount of internal uproar and churn about giving away technology to outsourcers ... not so much the PLI activity per se ... but because various people were being asked to do tech transfer of their ("leading edge") R&D work to the outside company (even when it didn't directly involve PLI).
this was all way before the current uproar with regard to overseas outsourcing.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: CA issues no-questions asked Mozilla cert Date: December 29, 2008 Blog: Financial Crime Risk, Fraud, and SecurityCA issues no-questions asked Mozilla cert
There have been a couple recent articles about this subject ... either
DNS weaknesses and/or weaknesses in SSL as countermeasure for DNS
weaknesses. Recent related articles ... references also archived
here:
https://www.garlic.com/~lynn/2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware
https://www.garlic.com/~lynn/2008r.html#52 Cheap Hack - Domain Name Market - Stolen Domains for Sale
https://www.garlic.com/~lynn/2008s.html#50 Perfect MITM Attacks With No-Check SSL
https://www.garlic.com/~lynn/2008s.html#58 DNS flaw is 2008's biggest web blunder
Weaknesses in the validation processes have been discussed since the
appearance of the paradigm ... some of the discussions also archived
here
https://www.garlic.com/~lynn/subpubkey.html#catch22
Part of the discussion is sources of information for validation as part of the certification process (where a digital certificate is a representation of the certification process). For certification processes that actually reference the domain name infrastructure (the authoritative agency as to domain name ownership) ... there has been suggestions to improve the integrity of the domain name infrastructure (as part of improving the certification process for SSL certificates). The catch-22 is that improving the integrity of the domain name infrastructure (as part of improving certification process for SSL certificates) can also result in eliminating the requirement for SSL certificates.
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Do you believe Risk Management Practise is on-demand at present? Date: December 29, 2008 Blog: Project ManagementAccounting Standards Wilt Under Pressure
from above:
In October, largely hidden from public view, the International
Accounting Standards Board changed the rules so European banks could
make their balance sheets look better. The action let the banks
rewrite history, picking and choosing among their problem investments
to essentially claim that some had been on a different set of books
before the financial crisis started.
... snip ...
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is SUN going to become x86'ed ?? Newsgroups: comp.sys.sun.hardware,alt.folklore.computers Date: Mon, 29 Dec 2008 15:57:08Dave Garland <dave.garland@wizinfo.com> writes:
from long ago and far away
Date: 07/29/81 10:43:53
To: wheeler
Subject: SBS/HYPERCHannel
Lynn-
Rumors of your wheeling & dealing for SLAs have reached here through
xxxx and, most recently, yyyyy of SBS, who wants to get us together (&
perhaps someone from NSC?) on Monday, 9/28, for what would probably wind
up being 1/2 day meeting. Can you make it? AM or PM?
... snip ... top of post, old email index, HSDT email
"SLA" was a hyperchannel "satellite link adapter" (or A720) ... which
had been built specifically for SBS "skunk works" effort (i.e.
mainstream SBS was under heavy unfluence of the communcation group)
... for little topic drift, recent post:
https://www.garlic.com/~lynn/2008s.html#19 Nerdy networking kid crashes the party
I had previously done HYPERchannel support for mainframe channel
extension over (terrestrial) T1 link (being able to provide local 3270
support for IMS group that was being moved offsite because STL was
bursting at the seams ... and then used for IMS field support group in
Boulder that were being moved to remote bldg). misc. past posts
https://www.garlic.com/~lynn/subnetwork.html#hsdt
My (terrestrial) support was "dual-simplex" ... i.e. ignoring a lot of latency issues ... which became a natural for dealing with satellite propagation delay (sync orbit is 22,000 miles ... round trip is twice down/up ... or 88,000 miles ... at 187,000miles/sec).
In part because of significant bottlenecks with standard corporate communication products dealing with satellite transmission latency ... SBS migrated into voice phone service.
SBS efforts included a "private" satellite corporate voice network
... that included C-band 10meter dishes at major corporate locations in
the states. I've mentioned before comment in mid-80s about the internal
corporate network having over half of all link encryptors in the world
https://www.garlic.com/~lynn/subnetwork.html#internalnet
The C-band 10meter dishes ... ran a T3 channel ... and a satellite
channel bulk encryption was built for the private corporate satellite
(nearly all voice) network ... officially called the "data
aggregator" (but sometimes referred to as the "data aggravator")
... some past references:
https://www.garlic.com/~lynn/2000b.html#27 Tysons Corner, Virginia
https://www.garlic.com/~lynn/2006.html#26 IBM microwave application--early data communications
https://www.garlic.com/~lynn/2006.html#30 IBM microwave application--early data communications
https://www.garlic.com/~lynn/2006k.html#55 5963 (computer grade dual triode) production dates?
https://www.garlic.com/~lynn/2006m.html#16 Why I use a Mac, anno 2006
https://www.garlic.com/~lynn/2006n.html#36 The very first text editor
There was also some folklore about dealing with the MIB with regard to turning on the data aggregator.
There is a "disaster" story about SBS's first (consumer) "central office" in Westchester county. That didn't have the wiring and battery wiring adequatly debugged ... and when they threw the switch to connect into Westchester county area phone network ... it took down all phone service in the county.
I had gone on some joint customer calls with SBS for disaster recovery
(mostly this skunk works group working with NSC and A720/SLAs)
... including Boeing in Seattle (I've mentioned that as undergraduate, I
also did a stint as one of the first boeing computer services
employees). Boeing had business case that corporate business impact of
loosing the Renton datacenter for a week was greater than the total cost
of the Renton datacenter ... one of the Renton datacenter disaster
scenarios is a mud slide from Mt. Rainier (in the case of any increase in
activity ... doesn't even have to explosion like St Helens ... just
warming) ... misc. past posts mentioning Renton datacenter:
https://www.garlic.com/~lynn/2002j.html#43 Killer Hard Drives - Shrapnel?
https://www.garlic.com/~lynn/2003.html#51 Top Gun
https://www.garlic.com/~lynn/2003m.html#32 SR 15,15 was: IEFBR14 Problems
https://www.garlic.com/~lynn/2004.html#53 Mainframe not a good architecture for interactive workloads
https://www.garlic.com/~lynn/2005m.html#22 Old Computers and Moisture don't mix - fairly OT
https://www.garlic.com/~lynn/2005m.html#23 Old Computers and Moisture don't mix - fairly OT
https://www.garlic.com/~lynn/2005m.html#24 Old Computers and Moisture don't mix - fairly OT
https://www.garlic.com/~lynn/2006q.html#37 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006q.html#44 The not-so-little shop of 747s
https://www.garlic.com/~lynn/2006u.html#49 Where can you get a Minor in Mainframe?
https://www.garlic.com/~lynn/2006u.html#50 Where can you get a Minor in Mainframe?
https://www.garlic.com/~lynn/2008b.html#36 windows time service
https://www.garlic.com/~lynn/2008c.html#43 Current Officers
I had thought that Renton datacenter might via for the largest in the
world ... that was before encountering Boyd running "spook" base (and
$2.5B windfall for IBM) ... misc. past posts mentioning "spook" base:
https://www.garlic.com/~lynn/2005t.html#1 Dangerous Hardware
https://www.garlic.com/~lynn/2006q.html#37 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006q.html#38 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006x.html#18 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2007g.html#13 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007i.html#4 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#69 Lean and Mean: 150,000 U.S. layoffs for IBM?
https://www.garlic.com/~lynn/2007m.html#60 Scholars needed to build a computer history bibliography
https://www.garlic.com/~lynn/2008.html#52 Education ranking
https://www.garlic.com/~lynn/2008b.html#36 windows time service
https://www.garlic.com/~lynn/2008c.html#58 Current Officers
https://www.garlic.com/~lynn/2008h.html#38 Boyd again
https://www.garlic.com/~lynn/2008i.html#0 Has anyone got a rule of thumb for calculation data center sizing
https://www.garlic.com/~lynn/2008m.html#49 Taxes
https://www.garlic.com/~lynn/2008q.html#23 Newsgroups dying?
misc. past posts &/or URLs mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is SUN going to become x86'ed ?? Newsgroups: comp.sys.sun.hardware,alt.folklore.computers Date: Tue, 30 Dec 2008 14:26:32 -0500jimp writes:
we coined the terms disaster survivability and geographic
survivability to differentiate from disaster/recovery
https://www.garlic.com/~lynn/submain.html#available
i've mentioned before that in the middle of doing ha/cmp product, we were asked to write a section of the corporate continuous availability strategy document ... but the section got pulled because a couple of the other corporate organizations complained that (at the time) they couldn't meet the requirements.
a post in a different part of this thread that touches on
disaster/recovery subject from the early 80s.
https://www.garlic.com/~lynn/2008s.html#74 Is SUN going to become x86'ed ??
in that period, 40miles was considered sufficient for most disaster/recovery ... modulo other common single-point-of-failure ... like along the bank of the same river (which might flood), common power station, common telco infrastructures. For instance, while it was possible to get different telco central office ... there were portions of the country that might have single telco trunk connecting to the rest of the country (in one or two cases covered a multi-state area).
(after we had moved on) in the mid-90s ... we were brought into a financial outsourcer that had deployed a pilot stored-value card for a couple major national retailers (now you see them almost everywhere ... sometimes referred to as "gift cards"). they were using a major RDBMS for storing account balances ... on a high-availability platform (simple fall-over redundancy, after we had done ha/cmp ... some number of the other vendors appeared to try and emulate, in this particular case, a vendor that might be familar to participants in at least one of these newsgroups).
the account value database had become corrupted and we were brought in to find out what happened. turns out there had been a hardware component failure ... which was appropriately handled ... and vendor maintenance was called to replace the failed component. The problem was after the failed component (disk controller) was replaced ... maintenance failed to include updating the configuration to start using the replaced component. A couple months later there was another failure (disk drive) ... but the system hadn't (actually) been writing to the mirrored drive (because its disk controller hadn't been properly configured).
the first meeting with the vendor as part of reconstructing the sequence of events, started out with their senior vp of marketing given marketing overview of their high availability product. what made it interesting was that it sounded almost word-for-word something i had written a couple yrs earlier for ha/cmp.
in a different area, one of the major financial transaction infrastructures had (last time we check) 100% availability over extended multi-year period ... which they attributed to
1) ims hot-standby (geographic triple-redundant) 2) automated operator
... i.e. as hardware got more reliable ... remaining outages were environmental and human mistakes.
misc. past posts mentioning ims hot-standby:
https://www.garlic.com/~lynn/98.html#40 Comparison Cluster vs SMP?
https://www.garlic.com/~lynn/2000c.html#45 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2000c.html#47 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2000f.html#30 OT?
https://www.garlic.com/~lynn/2001c.html#69 Wheeler and Wheeler
https://www.garlic.com/~lynn/2001d.html#70 Pentium 4 Prefetch engine?
https://www.garlic.com/~lynn/2001e.html#2 Block oriented I/O over IP
https://www.garlic.com/~lynn/2001e.html#44 Where are IBM z390 SPECint2000 results?
https://www.garlic.com/~lynn/2001g.html#44 The Alpha/IA64 Hybrid
https://www.garlic.com/~lynn/2001j.html#23 OT - Internet Explorer V6.0
https://www.garlic.com/~lynn/2001l.html#47 five-nines
https://www.garlic.com/~lynn/2001n.html#3 News IBM loses supercomputer crown
https://www.garlic.com/~lynn/2001n.html#47 Sysplex Info
https://www.garlic.com/~lynn/2001n.html#85 The demise of compaq
https://www.garlic.com/~lynn/2002h.html#73 Where did text file line ending characters begin?
https://www.garlic.com/~lynn/2002j.html#45 M$ SMP and old time IBM's LCMP
https://www.garlic.com/~lynn/2002o.html#68 META: Newsgroup cliques?
https://www.garlic.com/~lynn/2003.html#37 Calculating expected reliability for designed system
https://www.garlic.com/~lynn/2003h.html#56 The figures of merit that make mainframes worth the price
https://www.garlic.com/~lynn/2003n.html#22 foundations of relational theory? - some references for the
https://www.garlic.com/~lynn/2003n.html#29 Architect Mainframe system - books/guidenance
https://www.garlic.com/~lynn/2004o.html#5 Integer types for 128-bit addressing
https://www.garlic.com/~lynn/2004p.html#49 History of C
https://www.garlic.com/~lynn/2005.html#11 CAS and LL/SC
https://www.garlic.com/~lynn/2005c.html#7 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005d.html#9 intel's Vanderpool and virtualization in general (was Re: Cell press release, redacted.)
https://www.garlic.com/~lynn/2005j.html#60 Ancient history
https://www.garlic.com/~lynn/2005m.html#52 Cluster computing drawbacks
https://www.garlic.com/~lynn/2005n.html#25 Data communications over telegraph circuits
https://www.garlic.com/~lynn/2005o.html#30 auto reIPL
https://www.garlic.com/~lynn/2005o.html#37 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005p.html#15 DUMP Datasets and SMS
https://www.garlic.com/~lynn/2005p.html#44 hasp, jes, rasp, aspen, gold
https://www.garlic.com/~lynn/2005u.html#23 Channel Distances
https://www.garlic.com/~lynn/2005u.html#37 Mainframe Applications and Records Keeping?
https://www.garlic.com/~lynn/2005v.html#0 DMV systems?
https://www.garlic.com/~lynn/2006.html#32 UMA vs SMP? Clarification of terminology
https://www.garlic.com/~lynn/2006f.html#19 Over my head in a JES exit
https://www.garlic.com/~lynn/2006h.html#52 Need Help defining an AS400 with an IP address to the mainframe
https://www.garlic.com/~lynn/2006i.html#2 The Pankian Metaphor
https://www.garlic.com/~lynn/2006j.html#31 virtual memory
https://www.garlic.com/~lynn/2006o.html#33 When Does Folklore Begin???
https://www.garlic.com/~lynn/2006r.html#4 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006u.html#55 What's a mainframe?
https://www.garlic.com/~lynn/2007.html#39 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007b.html#9 Mainframe vs. "Server" (Was Just another example of mainframe
https://www.garlic.com/~lynn/2007d.html#24 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007e.html#16 Attractive Alternatives to Mainframes
https://www.garlic.com/~lynn/2007e.html#41 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007f.html#56 Is computer history taught now?
https://www.garlic.com/~lynn/2007g.html#80 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
https://www.garlic.com/~lynn/2007h.html#35 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#76 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#44 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#62 Friday musings on the future of 3270 applications
https://www.garlic.com/~lynn/2007m.html#55 Capacity and Relational Database
https://www.garlic.com/~lynn/2007n.html#49 VLIW pre-history
https://www.garlic.com/~lynn/2007n.html#77 PSI MIPS
https://www.garlic.com/~lynn/2007o.html#59 ACP/TPF
https://www.garlic.com/~lynn/2007p.html#44 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#14 Does software life begin at 40? IBM updates IMS database
https://www.garlic.com/~lynn/2007q.html#46 Are there tasks that don't play by WLM's rules
https://www.garlic.com/~lynn/2007r.html#10 IBM System/3 & 3277-1
https://www.garlic.com/~lynn/2008b.html#40 windows time service
https://www.garlic.com/~lynn/2008b.html#69 How does ATTACH pass address of ECB to child?
https://www.garlic.com/~lynn/2008d.html#11 Toyota Sales for 2007 May Surpass GM
https://www.garlic.com/~lynn/2008d.html#71 Interesting ibm about the myths of the Mainframe
https://www.garlic.com/~lynn/2008h.html#88 Annoying Processor Pricing
https://www.garlic.com/~lynn/2008i.html#17 Does anyone have any IT data center disaster stories?
https://www.garlic.com/~lynn/2008i.html#94 Lynn - You keep using the term "we" - who is "we"?
https://www.garlic.com/~lynn/2008i.html#97 We're losing the battle
https://www.garlic.com/~lynn/2008i.html#99 We're losing the battle
https://www.garlic.com/~lynn/2008j.html#16 We're losing the battle
https://www.garlic.com/~lynn/2008o.html#56 Virtual
https://www.garlic.com/~lynn/2008o.html#76 Blinkenlights
https://www.garlic.com/~lynn/2008p.html#5 Privacy, Identity theft, account fraud
https://www.garlic.com/~lynn/2008p.html#61 Serial vs. Parallel
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Boffins bust web authentication with game consoles Date: December 30, 2008 Blog: Financial Crime Risk, Fraud, and SecurityBoffins bust web authentication with game consoles
from above:
The researchers began their proof-of-concept attack with more than 200
PlayStation 3 consoles running in a Linux cluster, which they used to
generate millions of possible certificates. Once they found a pair
that had a special collision in the MD5 hash, they requested a
legitimate website certificate from one of the authorities that relies
only on MD5 to generate signatures.
After copying the signature into a rogue certificate authority
credential, they had the ability to generate widely accepted website
certificates for any site of their choosing.
... snip ...
another news item on the subject:
Experts uncover weakness in Internet security
http://www.eurekalert.org/pub_releases/2008-12/epfd-euw123008.php
I wasn't at crypto 2004 ... but during the MD5 (crack) presentation mentioned in the article ... one of the people in the audience contacted me in real-time to ask about what were all the internet standards documents that referenced MD5.
I now maintain the list of RFCs that reference MD5 in my internet index
https://www.garlic.com/~lynn/rfcietff.htm
specifically
https://www.garlic.com/~lynn/rfcmd5.htm
Note that the article (also) mentions that rather than creating a counterfeit SSL certificate ... they created a counterfeit Certification Authority digital certificate. The whole PKI infrastructure is literally a case of where the chain is only as strong as the weakest link.
A fraudulent/counterfeit Certification Authority could generate fraudulent SSL certificates for all websites ... and if their Certification Authority digital certificate is accepted ... then all their SSL certificates will also be accepted ... regardless of the Certification Authority that a website may have obtained their original/valid SSL certificate from.
we had been asked to consult with a small client/server startup that
wanted to do payment transactions on their server and they had also
invented this technology they called SSL that they wanted to use. Part
of the deployment was something called the payment gateway ... some
past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway
we had authority over the webserver to gateway interface and even
though they wanted to use SSL ... we imposed additional operations,
including mutual registration (as countermeasure to various kinds of
exploits, including fraudulent &/or compromised Certification
Authorities) ... which effectively resulted in making (those) digital
certificates redundant and superfluous. lots of past posts mentioning
SSL digital certificates:
https://www.garlic.com/~lynn/subpubkey.html#sslcerts
other recent references to SSL and/or DNS issues
https://www.garlic.com/~lynn/2008p.html#67 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008p.html#78 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008q.html#13 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008r.html#42 Online Bill Payment Website Hijacked - Users were redirect to a page serving malware
https://www.garlic.com/~lynn/2008r.html#52 Cheap Hack - Domain Name Market - Stolen Domains for Sale
https://www.garlic.com/~lynn/2008s.html#25 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008s.html#50 Perfect MITM Attacks With No-Check SSL
https://www.garlic.com/~lynn/2008s.html#58 DNS flaw is 2008's biggest web blunder
https://www.garlic.com/~lynn/2008s.html#72 CA issues no-questions asked Mozilla cert
and a few more URLs (NOTE several have been added since this was first posted):
VeriSign remedies massive SSL blunder (kinda, sorta)
http://www.theregister.co.uk/2009/01/09/verisign_ssl_remedy/
Survey: One in seven SSL certificates are weak
http://www.securityfocus.com/brief/880
Weak sigs found on one in seven SSL sites
http://www.theregister.co.uk/2009/01/07/ssl_security_survey/
Rogue SSL certificate exploit puts VeriSign on the spot
http://www.networkworld.com/news/2009/010609-verisign-ssl-certificate-exploit.html
The Problem With HTTPS SSL Runs Deeper Than MD5
http://www.circleid.com/posts/20090105_problem_with_https_ssl_md5/
SSL: Really broken this time
http://blogs.techrepublic.com.com/networking/?p=776
The SSL/MD5 Exploit
http://cdslash.net/2008/12/the-ssl-md5-exploit/
MD5 considered harmful today
http://www.win.tue.nl/hashclash/rogue-ca/
Researchers' Web Certificate Hack Highlights Big Internet Flaw
http://www.crn.com/security/212700246
Certificate Flaw May Threaten Secure Web Sites
http://www.internetnews.com/security/article.php/3793816/Certificate+Flaw+May+Threaten+Secure+Web+Sites.htm
Exploits & Vulnerabilities: Security Wonks Find Gaping Hole in Trusted
Site System
http://www.ecommercetimes.com/story/65684.html
Researchers Show How to Forge Site Certificates
http://www.freedom-to-tinker.com/blog/felten/researchers-show-how-forge-site-certificates
25C3: MD5 considered harmful today
http://events.ccc.de/congress/2008/Fahrplan/events/3023.en.html
Researchers Use PlayStation Cluster to Forge a Web Skeleton Key
http://www.wired.com/threatlevel/2008/12/berlin/
SMBlog -- exploited the collision weakness in MD5
http://www.cs.columbia.edu/~smb/blog//2008-12/2008-12-30.html
Weakness In Internet Security Uncovered
http://www.sciencedaily.com/releases/2008/12/081231005357.htm
Rogue MD5 SSL Certificate Vulnerability
http://www.us-cert.gov/current/index.html#md5_hashing_algorithm_vulnerability
Verisign Discontinues Flawed MD5 Certificates
http://www.crn.com/security/212700354
200 Sony PS3s Harnessed To Crack Secure Site Certification
http://www.informationweek.com/security/risk-management/200-sony-ps3s-harnessed-to-crack-secure-site-certification/d/d-id/1075216
SSL certs busted
http://www.gcn.com/online/vol1_no1/47780-1.html
Theoretical attacks yield practical attacks on SSL, PKI
http://arstechnica.com/news/theoretical-attacks-yield-practical-attacks-on-ssl-pki.ars
Weakness In Internet Security Uncovered
http://www.sciencedaily.com/releases/2008/12/081231005357.htm
Researchers Demo Nearly Undetectable Phishing Scheme
http://www.itbusinessedge.com/cm/community/news/sec/blog/researchers-demo-nearly-undetectable-phishing-scheme/?cs=21120
New SSL Hack Imperils Secure Websites
http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212700234
Experts uncover weakness in Internet security
http://actualites.epfl.ch/presseinfo-com?id=695
Security Wonks Find Gaping Hole in Trusted Site System
http://www.technewsworld.com/story/65684.html
25C3: MD5 collisions crack CA certificate
http://www.heise-online.co.uk/security/25C3-MD5-collisions-crack-CA-certificate--/news/112327
SSL Security Broken - MD5 weakness exploited to create trusted CA
certificate
http://news.softpedia.com/news/SSL-Security-Broken-101075.shtml
Two Hundred PS3s Used To Hack SSL
http://www.hardocp.com/news.html?news=MzcwMDksLCwsLCwx
Researchers Hack Internet Security Infrastructure
http://www.washingtonpost.com/wp-dyn/content/article/2008/12/30/AR2008123001056.html?wprss=rss_technology
Do the SSL Watchmen Watch Themselves?
http://it.slashdot.org/article.pl?sid=09/01/02/2342249
SSL certificate crack threatens e-commerce sites
http://community.zdnet.co.uk/blog/0,1000000567,10011763o-2000331761b,00.htm
Perfect MITM Attacks With No-Check SSL Certs
http://it.slashdot.org/article.pl?sid=08/12/23/0046258&tid=172
200 PS3's Break VeriSign's SSL - Tom's Guide
http://www.tomsguide.com/us/Sony-PlayStation-PS3-VeriSign-SSL,news-3235.html
SSL Crack Shows You Must Advance Your Security
http://www.eweek.com/c/a/Security/SSL-Crack-Shows-You-Must-Advance-Your-Security/
VeriSign addresses MD5 flaw
http://searchsecurity.techtarget.com/news/1344076/VeriSign-addresses-MD5-flaw
SSL Crisis Averted -- For Now
http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=212700640
MD5 Algorithm Cracked Using Gaming Consoles
http://www.itproportal.com/2009/01/05/md5-algorithm-cracked-using-gaming-consoles/
Theoretical attacks yield practical attacks on SSL, PKI
http://arstechnica.com/news/theoretical-attacks-yield-practical-attacks-on-ssl-pki.ars?bub
Rogue SSL certificate exploit puts VeriSign on the spot
http://www.networkworld.com/news/2009/010609-verisign-ssl-certificate-exploit.html?t51hb
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is SUN going to become x86'ed ?? Newsgroups: comp.sys.sun.hardware,alt.folklore.computers Date: Tue, 30 Dec 2008 21:15:56 -0500Morten Reistad <first@last.name> writes:
IMS hot-standby has gone thru some number of evolution generations.
long ago and far away ... my wife had been con'ed into serving a stint
in POK in charge of loosely-coupled architecture (mainframe for cluster)
... she created Peer-Coupled Shared Data architecture ... some past
posts:
https://www.garlic.com/~lynn/submain.html#shareddata
... which, except for ims hot-standby, saw very little uptake until parallel sysplex ... which was reason why she didn't stay long in the position.
IMS/ESA Version 5.1 Guide (9mar95)
http://www.redbooks.ibm.com/abstracts/GG244302.html?Open
chapter five discusses availability and remote site recovery ... and states that the implementation is different/replaces implementation in Version 4.1 (quick search didn't turn up copy of 4.1 document).
IMS/ESA Version 6 Guide (30mar98)
http://www.redbooks.ibm.com/abstracts/SG242228.html?Open
which includes description of remote site recovery enhancements (chapter 18).
Part of the issue is that IMS hot-standby predated geographically dispersed parallel sysplex ... so there needed to be some additional evolution.
... current
Geographically Dispersed Parallel Sysplex
http://www-304.ibm.com/jct03004c/systems/z/advantages/gdps/index.html
and discussion of IMS Disaster Recovery with GDPS
http://www-03.ibm.com/support/techdocs/atsmastr.nsf/fe582a1e48331b5585256de50062ae1c/122881f37980249d86257366007a8e8d?OpenDocument
for other topic drift, decade ago:
IMS celebrates thirty years as an IBM product (v37n4 1998)
http://www.research.ibm.com/journal/sj/374/blackman.html
from above:
Today, over 90 percent of the top worldwide companies in the areas of
manufacturing, finance, banking, retailing, aerospace, communications,
government, insurance, high technology, and health care use IMS to run
their daily operations
... snip ...
IMS wiki page:
https://en.wikipedia.org/wiki/Information_Management_System
from above:
IMS provides a straightforward, easy-to-use, reliable, standard
environment for high performance transaction execution. In fact, much of
the world's banking industry relies on IMS, including the U.S. Federal
Reserve. For example, chances are that withdrawing money from an
automated teller machine (ATM) will trigger an IMS transaction. Several
Chinese banks have recently purchased IMS to support that country's
burgeoning financial industry. Reportedly, IMS alone is a US$1 billion
per year business for IBM
... snip ...
this recent post mentioning disaster/recovery
https://www.garlic.com/~lynn/2008s.html#74 Is SUN going to become x86'ed ??
mentions initially getting involved with NSC HYPERchannel as part of the relocation of IMS group to off-site bldg ... using HYPERchannel for channel extension supporting local 3270s.
other recent posts discussing hyperchannel use as channel extension for
local devices.
https://www.garlic.com/~lynn/2008q.html#33 Startio Question
https://www.garlic.com/~lynn/2008q.html#34 Startio Question
https://www.garlic.com/~lynn/2008q.html#36 Startio Question
https://www.garlic.com/~lynn/2008q.html#44 TOPS-10
https://www.garlic.com/~lynn/2008q.html#60 Mainframe files under AIX etc
for some other IMS related topic drift ... old email regarding
having lunch with Jim Gray and the IMS group
https://www.garlic.com/~lynn/2007.html#email801016
in this post
https://www.garlic.com/~lynn/2007.html#1 "The Elements of Programming Style"
--
40+yrs virtualization experience (since Jan68), online at home since Mar70
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Boffins bust web authentication with game consoles Date: December 31, 2008 Blog: Financial Crime Risk, Fraud, and Securityre:
from the early days of PKIs and Certification Authorities ... the financial industry labeled them as systemic risk ... i.e. a failure could spread throughout the infrastructure.
as part of working on this stuff that is now frequently referred to as "electronic commerce" ... we had to walk through the operational and business processes of many of these new entities calling themselves Certification Authorities. There was a lot of attention payed to integrity & security (recognizing their position as systemic risk)
In the SSL/Browser variation of PKI ... a browser is loaded with a
list of acceptable Certification Authorities ... which at various
times has run to fifty or more. Each individual Certification
Authority has been treated as equally valid ... a browser effectively
treats SSL certificates from all Certification Authority equally. This
sets up the analogy with chain links ... with each individual one
representing a systemic risk; if one of the links has integrity
issue ... it destroys the integrity of the chain ... regardless of the
integrity of all the other links in the chain. ... misc. past posts
mentioning ssl certificates:
https://www.garlic.com/~lynn/subpubkey.html#sslcert
It makes little difference the highest integrity that a website selects for its SSL certificate ... as long as an imposter can obtain any SSL certificate that is treated as equivalent (the analogy to the chain only being as strong as the weakest link).
there shouldn't be anything that stops a fraudulent Certification
Authority (that has an acceptable "md5" Certification Authority
digital certificate) from generating SHA1 Extended Validation SSL
certificates ... i.e.
http://hecker.org/mozilla/ssl-ui
from above:
First, we can't simply mark a given root CA as issuing extended
validation certificates or not. For example, it's perfectly
conceivable that a CA might have two different subordinate CAs, one of
which issues extended validation certificates and one of which does
not. It's also conceivable that a CA might directly issue extended
validation certificates and other certificates under the same root CA
(just as some CAs today directly issue "domain validated" and
"identity validated" certificates using the same root CA.)
... snip ...
a small anecdote from ACM SIGMOD (database) annual conference held in san jose in the early 90s ... during one of the sessions, somebody from the audience asked what all the X.5xx stuff was about ... and somebody on the panel replied that it was a bunch of networking engineers attempting to reinvent 1960s database technology.
couple recent posts with references to financial database technology
https://www.garlic.com/~lynn/2008p.html#27 Father Of Financial Dataprocessing
https://www.garlic.com/~lynn/2008s.html#77 Is SUN going to become x86'ed ??
--
40+yrs virtualization experience (since Jan68), online at home since Mar70