From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: A question for the Wheelers - Diagnose instruction Newsgroups: alt.folklore.computers Date: Sat, 06 Oct 2007 15:48:14 -0400Peter Flass <Peter_Flass@Yahoo.com> writes:
they also did some microcode performance enhancements for cps on the 360/50. later as the main cp67 group was expanding, splitting off from the science center and turning into vm370 ... it moved to the 3rd flr and absorbed the boston programming center; moving the cps developers to cms. later as the group continued to expand, it outgrow the space on the 3rd flr and moved out to the old SBC bldg. in burlington mall.
one of the (previous) cps developers even did a port of conversational cps basic pli running under cms.
misc. past posts mentioning CPS
https://www.garlic.com/~lynn/2000d.html#37 S/360 development burnout?
https://www.garlic.com/~lynn/2000f.html#66 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
https://www.garlic.com/~lynn/2001b.html#42 John Mashey's greatest hits
https://www.garlic.com/~lynn/2001l.html#24 mainframe question
https://www.garlic.com/~lynn/2001m.html#47 TSS/360
https://www.garlic.com/~lynn/2002.html#48 Microcode?
https://www.garlic.com/~lynn/2002d.html#31 2 questions: diag 68 and calling convention
https://www.garlic.com/~lynn/2002h.html#59 history of CMS
https://www.garlic.com/~lynn/2002j.html#17 CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2002j.html#19 ITF on IBM 360
https://www.garlic.com/~lynn/2002o.html#78 Newsgroup cliques?
https://www.garlic.com/~lynn/2002p.html#58 AMP vs SMP
https://www.garlic.com/~lynn/2003c.html#0 Wanted: Weird Programming Language
https://www.garlic.com/~lynn/2003h.html#34 chad... the unknown story
https://www.garlic.com/~lynn/2003k.html#0 VSPC
https://www.garlic.com/~lynn/2003k.html#55 S/360 IPL from 7 track tape
https://www.garlic.com/~lynn/2004.html#20 BASIC Language History?
https://www.garlic.com/~lynn/2004.html#32 BASIC Language History?
https://www.garlic.com/~lynn/2004d.html#42 REXX still going strong after 25 years
https://www.garlic.com/~lynn/2004e.html#37 command line switches [Re: [REALLY OT!] Overuse of symbolic
https://www.garlic.com/~lynn/2004g.html#4 Infiniband - practicalities for small clusters
https://www.garlic.com/~lynn/2004g.html#47 PL/? History
https://www.garlic.com/~lynn/2004m.html#54 Shipwrecks
https://www.garlic.com/~lynn/2004n.html#0 RISCs too close to hardware?
https://www.garlic.com/~lynn/2004p.html#37 IBM 3614 and 3624 ATM's
https://www.garlic.com/~lynn/2004q.html#18 PR/SM Dynamic Time Slice calculation
https://www.garlic.com/~lynn/2004q.html#72 IUCV in VM/CMS
https://www.garlic.com/~lynn/2005.html#8 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005b.html#28 Relocating application architecture and compiler support
https://www.garlic.com/~lynn/2005d.html#74 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005f.html#58 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005h.html#37 Software for IBM 360/30
https://www.garlic.com/~lynn/2005i.html#32 Improving Authentication on the Internet
https://www.garlic.com/~lynn/2005j.html#25 IBM Plugs Big Iron to the College Crowd
https://www.garlic.com/~lynn/2005q.html#12 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005s.html#35 Filemode 7-9?
https://www.garlic.com/~lynn/2006j.html#44 virtual memory
https://www.garlic.com/~lynn/2006m.html#28 Mainframe Limericks
https://www.garlic.com/~lynn/2006o.html#51 The Fate of VM - was: Re: Baby MVS???
https://www.garlic.com/~lynn/2006r.html#41 Very slow booting and running and brain-dead OS's?
https://www.garlic.com/~lynn/2006s.html#1 Info on Compiler System 1 (Univac, Navy)?
https://www.garlic.com/~lynn/2007g.html#39 Wylbur and Paging
https://www.garlic.com/~lynn/2007g.html#43 Wylbur and CRBE
https://www.garlic.com/~lynn/2007l.html#58 Scholars needed to build a computer history bibliography
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sat, 06 Oct 2007 16:31:36 -0400"Jukka Aho" <jukka.aho@iki.fi> writes:
i've commented before that barrier to uptake was somewhat behind the rise of both SSL and VPN ... while ipsec would provide end-to-end encryption but (essentially) required replacing your installed system and kernel ... SSL and VPN required neither of these things.
SSL could be deployed just by installing an application ... and it provided "end-to-end" encryption between a new browser application (and some webserver) w/o requiring all the parties involved to install new systems.
the original VPN was introduced at the fall '94 ietf meeting in san jose
in the gateway committee by a friend that we had worked on and off with
since 1980. he had originally developed it for him and his wife to work
at home ... with software update for his home router and the routers at
his and his wife's places of work. the state of the art at the time was
somewhat link encryptors ... i've commented before about some comment
in the mid-80s about the internal network having over half of all
the link encryptors in the world
https://www.garlic.com/~lynn/subnetwork.html#internalnet
the couple worked for different companies in a distant city. rather than having two separate 56kbit links from their house to their respective companies in the remote city ... they had a single link from their house to the husband's corporate location with a "tail-circuit" from the husband's company location to the wife's company location. The husband's operated with vpn encrypted link from the house to his corporate location. The wife operated with a vpn encrypted link ... first tunneled thru the husband's vpn encrypted link (to his corporate location) and then via the "tail-circuit" to her corporate location.
my view was all of this caused some amount of heart burn among the ipsec aficionados ... somewhat mitigated when they started calling it "lightweight ipsec" (then others could start calling ipsec, "heavyweight ipsec").
there was also somewhat of a split among the router vendors when vpn was introduced ... because some of the vendors had boxes with powerful enuf processors to perform the required vpn encryption ... but some of the router vendors had very much slower processors that had extreme difficulty performing the required cryptographic operations. As a result, the router vendors with the slower processors appeared to put up all sort of delaying actions and roadblocks.
much later there were vpn implementations that could be deployed in end-user computers (rather than intermediate routers) ... with encrypted sessions tunneled through standard internet connections. however, many of these deployments created serious corporate risks ... in much the same way that having internal, secured corporate personal computers (connected on internal, secured corporate networks) ... when a user might activate a dial-up modem to the standard internet ... and attackers would attack corporate networks thru these unauthorized backdoor dial-up connections. many of the early personal computer vpn implementations had similar difficiencies ... that attackers would compromise the home pc thru the standard internet connection and then gain access to the corporate network via the tunneled vpn connection.
misc. past posts mentioning VPNs
https://www.garlic.com/~lynn/aadsm11.htm#24 Proxy PKI. Was: IBM alternative to PKI?
https://www.garlic.com/~lynn/aadsm12.htm#66 Subpoena Sidelines PKI Project
https://www.garlic.com/~lynn/aadsm15.htm#2 Is cryptography where security took the wrong branch?
https://www.garlic.com/~lynn/aadsm15.htm#17 New authentication protocol, was Re: Tinc's response to "Linux's answer to MS-PPTP"
https://www.garlic.com/~lynn/aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
https://www.garlic.com/~lynn/aadsm23.htm#18 Security Soap Opera - (Central) banks don't (want to) know, MS prefers Brand X, airlines selling your identity, first transaction trojan
https://www.garlic.com/~lynn/aadsm25.htm#19 Hamiltonian path as protection against DOS
https://www.garlic.com/~lynn/aadsm27.htm#20 307 digit number factored
https://www.garlic.com/~lynn/2001g.html#18 VPN solution for school district
https://www.garlic.com/~lynn/2002j.html#40 Beginner question on Security
https://www.garlic.com/~lynn/2002l.html#60 Handling variable page sizes?
https://www.garlic.com/~lynn/2003b.html#53 Microsoft worm affecting Automatic Teller Machines
https://www.garlic.com/~lynn/2003e.html#34 Use of SSL as a VPN
https://www.garlic.com/~lynn/2003e.html#40 IETF meeting (Re: editors/termcap)
https://www.garlic.com/~lynn/2003l.html#23 Why more than 1 hole in FW for IPSec
https://www.garlic.com/~lynn/2003m.html#16 OSI not quite dead yet
https://www.garlic.com/~lynn/2004k.html#29 CDC STAR-100
https://www.garlic.com/~lynn/2004p.html#32 Carrying IP over ATM networks
https://www.garlic.com/~lynn/2005h.html#39 Attacks on IPsec
https://www.garlic.com/~lynn/2005q.html#29 IPSEC wireless router ?
https://www.garlic.com/~lynn/2005u.html#46 Channel Distances
https://www.garlic.com/~lynn/2007d.html#37 MAC and SSL
https://www.garlic.com/~lynn/2007g.html#63 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#67 SSL vs. SSL over tcp/ip
https://www.garlic.com/~lynn/2007l.html#32 Virtual private networks
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Windows Live vs Kerberos Newsgroups: comp.protocols.kerberos Date: Sun, 07 Oct 2007 09:00:02 -0400royend <royend@gmail.com> writes:
for a little drift ... original kerberos was done with shared-secret/password for user authentication. once that is done, then kerberos tickets can be passed around between a lot of applications as a sso mechanism.
m'soft contracted with an outside corporation to do a kerberos impelementation for windows ... making it the basis for windows authentication. about the same time that was going on there was a ietf/internet draft written called pk-init for kerberos.
in the original pk-init, the registration of password was replaced with the registration of public keys ... and in place of entering a password, the user generated a digital signature (with their corresponding private key). this was not a PKI implementation which requires something called digital certificates ... which were nominally invented to provide some trusted information about total strangers during first time communication ... aka in the original PKI design point, a total stranger, that is otherwise not known to the organization and/or for which there has never been any prior contact ... can present a digital certificate and be granted access to systems (purely based on the information contained in the digital certificate). in that sense, digital certificates can be considered sort of a very long lived "tickets" ... where all the authorization information is visible/public and targeted at being used by strangers in first time communication (the letters of credit/introducation scenario from sailing ship days, where relying parties had no other recourse to information for first time interaction with total strangers)
There was then some amount of lobbying that the pk-init drift should support both digital signature based authentication involving known individuals (i.e. the original public key registration scenario) as well as the PKI-scenario with digital certificates (supposedly to allow total strangers with no prior contact and/or authorization, access to systems).
misc. past posts mentioning kerberos and/or pk-init
https://www.garlic.com/~lynn/subpubkey.html#kerberos
in the early 80s, we were periodically involved dropping by project athena and reviewing various projects, including kerberos. we happened to be there a week when the original cross-domain kerberos process was being worked out. more recently, we sat thru a vendors description of their SAML implementation for cross-domain authentication. While the format of SAML messages and kerberos tickets are different, the description of the flows were identical.
corresponding kerberos wiki page
https://en.wikipedia.org/wiki/Kerberos_(protocol)
from my rfc index
https://www.garlic.com/~lynn/rfcietff.htm
and click on Term (term->RFC#) in the RFCs listed by section
and then scroll down to kerberos, i.e.
kerberos
see also authentication , generic security service , security
5021 4757 4752 4559 4557 4556 4537 4430 4402 4121 4120 3962 3961 3244
3129 2942 2712 2623 1964 1510 1411
clicking on the RFC numbers, brings up the corresponding summary
in the lower frame, for instance:
4757 I
The RC4-HMAC Kerberos Encryption Types Used by Microsoft Windows,
Brezak J., Jaganathan K., Zhu L., 2006/12/11 (18pp) (.txt=36562) (Refs
1320, 1321, 1964, 2104, 3961, 3962, 4120, 4537)
clicking on the ".txt=nnnn" field, fetches the actual RFC
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Virtualization: Don't Ask, Don't Tell Newsgroups: alt.folklore.computers Date: Sun, 07 Oct 2007 09:31:07 -0400recent on 40+yr old technology ... from the science center ... first as cp40 on custom modified 360/40
article theme somewhat that IT departments meet SLA-agreements and their corporate customers don't need to be concerned if virtualization is involved.
Virtualization: Don't Ask, Don't Tell
http://www.linuxinsider.com/story/59692.html
from above:
Such a rush to virtual servers is certainly under way at The Hartford
Life and Accident Insurance, where "the standard is that everything new
comes in on virtual servers," said Bruno Janssens, senior architect in
the company's infrastructure services group.
A dozen of the Simsbury, Conn.-based insurer's 5,000 servers are
currently virtualized, as are some 500 Windows XP client machines, he
said.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Horrid thought about Politics, President Bush, and Democrats ... Newsgroups: alt.folklore.computers Date: Sun, 07 Oct 2007 10:51:39 -0400Frank McCoy <mccoyf@millcomm.com> writes:
misc. past posts mentioning automobile industry, import quotas,
C4 project and other related tidbits
https://www.garlic.com/~lynn/2000f.html#43 Reason Japanese cars are assembled in the US (was Re: American bigotry)
https://www.garlic.com/~lynn/2003i.html#61 TGV in the USA?
https://www.garlic.com/~lynn/2003l.html#29 Offshore IT
https://www.garlic.com/~lynn/2003o.html#34 Will Prescott work on Win64?
https://www.garlic.com/~lynn/2004b.html#52 The SOB that helped IT jobs move to India is dead!
https://www.garlic.com/~lynn/2004c.html#51 [OT] Lockheed puts F-16 manuals online
https://www.garlic.com/~lynn/2004h.html#22 Vintage computers are better than modern crap !
https://www.garlic.com/~lynn/2005s.html#2 Internet today -- what's left for hobbiests
https://www.garlic.com/~lynn/2006.html#23 auto industry
https://www.garlic.com/~lynn/2006.html#44 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006g.html#14 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#20 The Pankian Metaphor
https://www.garlic.com/~lynn/2006m.html#49 The Pankian Metaphor (redux)
https://www.garlic.com/~lynn/2006v.html#14 In Search of Stupidity
https://www.garlic.com/~lynn/2006x.html#32 Toyota set to lift crown from GM
https://www.garlic.com/~lynn/2007f.html#50 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007g.html#29 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007g.html#34 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#52 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007i.html#13 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007j.html#31 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#33 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#11 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#24 IBM Unionization
https://www.garlic.com/~lynn/2007n.html#31 IBM obsoleting mainframe hardware
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Windows Live vs Kerberos Newsgroups: comp.protocols.kerberos Date: Sun, 07 Oct 2007 22:08:00 -0400Frank Siebenlist <franks@mcs.anl.gov> writes:
one of the issues with x.509 identity (public) digital certificates from the early 90s was "what might the necessary and sufficient information be required in the digital certificates" (for possibly accepting relying parties). as a result there was some direction to include more and more personal information ... to cover the possible requirements of any relying parties which might be depending on the (public) digital certificates (PKI somewhat assumed that public digital certificates were being sprayed all over the world).
however, by the mid-90s, several organizations were starting to realize
that x.509 identity (public) digital certificate, increasing overloaded
with personal information, represented significant liability and privacy
issues. some of these organizations, attempting to salvage something of
the digital certificate infrastructure, regressed to something called
relying-party-only digital certificates
https://www.garlic.com/~lynn/subpubkey.html#rpo
where the individual information (in the digital certificate) was restricted to some sort of account number (user identifier and/or record locator) and a public key. The account/record allowed the personal information to be removed from public distribution. The issue then was that it could be trivially shown that the actual digital certificates were redundant and superfluous ... since the account/record would (or trivially could) typically also include the public key (effectively regressing to the original pkinit scenario).
The trade-off (from the digital certificate design point adapted from the letters of credit/introduction from sailing ship days) ... was that it was necessary to include all the required information needed by relying party in the document. Once the pertinent information moved some place else ... then the original purpose for such documents (credentials and/or digital certificate) became redundant and superfluous.
There were some additional issues with various of the relying-party-only
certificates ... besides becoming redundant and superfluous. Even with
relying-party-only digital certificates eliminating all
personal specific information (except record-locator/account-record
and public key) ... they could still be quite enormous and require
significant processing overhead. This was especially apparent in
payment transactions ... where the overhead of a relying-party-only
digital certificates could represent an 100-fold payload size increase
https://www.garlic.com/~lynn/subpubkey.html#bloat
that issue was so significant (in payment infrastructure) that the x9 financial standards body started a work item for "compressed" digital certificates ... with objective of attempting to reduce the payload bloat increase to possibly only 5-fold (again for something effectively redundant and superfluous).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Mon, 08 Oct 2007 07:31:29 -0400"Jukka Aho" <jukka.aho@iki.fi> writes:
the simple was to make sure that the client ip-stack had ip-routing turned off ... but then there are various kinds of trojan horses ... somewhat similar to the botnet compromises that effectively can operate somewhat like application level proxy to use the client as platform for corporate attacks.
for other drift, misc. past posts mentioning interop '88.
https://www.garlic.com/~lynn/subnetwork.html#interop88
the four floor nets was one of the first, large scale multiple net installations. on sunday before the show ... the whole infrastructure started crashing and burning ... which continued into the wee hours of monday morning. subsequently there was a default configuration recommendation regarding ip-forwarding appeared in rfc1122 (i.e. std-3), "Requirements for Internet Hosts - commuincations layers"
and recent post including mention of some ipsec related technology
(digital certificates, pkix) from the early/mid 90s
https://www.garlic.com/~lynn/2007q.html#5 Windows Live vs Kerberos
kicked off with this post
https://www.garlic.com/~lynn/2007q.html#2 Windows Live vs Kerberos
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Mon, 08 Oct 2007 10:16:15 -0400jmfbahciv writes:
there was one bit on an initial GAO report estimating annual costs (which was supposedly used to decide whether to vote in favor or against the bill) ... then GAO came out with more accurate estimate that was something like twice the earlier estimate ... supposedly the committee chairman was able to block dissemination of the updated estimate until after the bill had passed.
finally there were something like 12-18 people ... either elected officials, aids, and/or staffers responsible for shepherding the legislation thru ... and supposedly over short period after the bill passing, all had left their positions and working in one way or another for the drug industry.
some of this was behind the comptroller general's comments about nobody in congress for the past 50 yrs, has been capable of doing simple middle school arithmetic
yesterday, cspan carried small portion of talk claiming that federal legislation unfunded mandates now amounts to $400k for every man, woman, and child (this isn't current federal debt, this is cost of existing legislation mandated programs for which there hasn't been funding ... presumably requiring future borrowing/debt and/or additional tax burden).
old long-winded post reference to the 80s gov. savings&loan bail-out
claiming that the obligation was carried off fed. books since it
represented $100k for every man, woman, and child.
https://www.garlic.com/~lynn/aepay3.htm#riskm
a few other posts mentioning unfunded obligations of various kinds:
https://www.garlic.com/~lynn/2004b.html#9 A hundred subjects: 64-bit OS2/eCs, Innotek Products,
https://www.garlic.com/~lynn/2004e.html#19 Message To America's Students: The War, The Draft, Your Future
https://www.garlic.com/~lynn/2007j.html#91 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#93 IBM Unionization
and various other posts mentioning comptroller general's comments
https://www.garlic.com/~lynn/2006f.html#41 The Pankian Metaphor
https://www.garlic.com/~lynn/2006f.html#44 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#9 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#14 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#27 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#2 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#3 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#4 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#17 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#19 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#33 The Pankian Metaphor
https://www.garlic.com/~lynn/2006o.html#61 Health Care
https://www.garlic.com/~lynn/2006p.html#17 Health Care
https://www.garlic.com/~lynn/2006r.html#0 Cray-1 Anniversary Event - September 21st
https://www.garlic.com/~lynn/2006t.html#26 Universal constants
https://www.garlic.com/~lynn/2007j.html#20 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#91 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#19 Another "migration" from the mainframe
https://www.garlic.com/~lynn/2007o.html#74 Horrid thought about Politics, President Bush, and Democrats
https://www.garlic.com/~lynn/2007p.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: GETMAIN/FREEMAIN and virtual storage backing up Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Mon, 08 Oct 2007 10:53:12 -0400peter.hunkeler@ibm-main.lst (Hunkeler Peter , KIUK 3) writes:
one of the uses for "fixed" storage was allowing applications to build channel programs with the (previously) "fixed", real storage addresses ... then the application channel program could be directly executed ... w/o requiring the supervisor having to scan ... building a shadow/duplicate channel program with the "real" addresses
for instance, lookup various discussions about EXCPVR compared to EXCP
... this redbook has some discussion of the differences between EXCPVR
and EXCP (although most of the discussion is about support for using
storage about 2GB line)
http://www.redbooks.ibm.com/abstracts/SG245976.html
from 2.10.3 Using EXCP and EXCPVR
Programs using EXCPVR have the responsibility to page fix all I/O area
and build real channel programs.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Computing Change: Researcher Traces History Of The Personal Computer Newsgroups: alt.folklore.computers Date: Mon, 08 Oct 2007 11:36:38 -0400Computing Change: Researcher Traces History Of The Personal Computer
from above:
Thomas Haigh, assistant professor of information studies at the
University of Wisconsin-Milwaukee (UWM), is among a very small number of
computer experts in the world who are also historians, studying the role
of technology in broader social change. These new experts are tracing
how computers have changed business and society.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Horrid thought about Politics, President Bush, and Democrats ... Newsgroups: alt.folklore.computers Date: Tue, 09 Oct 2007 10:25:35 -0400Walter Bushell <proto@oanix.com> writes:
within the past couple yrs we had a side-trip to Edinburgh and had chance to visit some number of military museums that extolled the bravery of all the scots that joined the military.
about the same time, we saw a (wwi) blackadder segment that had a line
(from english officer, mr bean's character) about if they saw a man in a
skirt, they run him thru and nic all his lands. we had also got a BBC DVD
multi-part series, a history of britain ... in it there was a
comment about after the english had slaughtered so many scotts and took
their lands, the only opportunity for young male scotts was to join the
military.
https://www.garlic.com/~lynn/2006u.html#57 Pedantry (was RE: Shane's antipodes)
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Tue, 09 Oct 2007 16:55:44 -0400Greg Menke <gusenet@comcast.net> writes:
well designed crypto isn't suppose to yield/leak information ... so that attacks aren't any better than brute force attack on the key (i.e. attempting all possible keys).
good encryption should result in bit patterns indistinguishable from noise (or close to it). well designed layered encryption, theoretically requires brute force "key" attack to peal away each layer. however, if the result of the outer layer only yields an inner layer that looks like noise ... it may require an aggregate brute force attack on combination of all possible layered keys ... before it is possible to recognize something other than noise.
"3-des" with 2 56-bit (des) keys achieves this ... there is a DES "encrypt" with the first key ... followed by a DES "decrypt" with the 2nd key (i.e. decrypting something with the wrong key can also look like noise), followed by encryption with the first key again. This is considered to be equivalent of 2*56=112 bit key (requiring a brute force attack of 2**112 rather than brute force of 2**56). 3-des "decryption" then reverses the process; DES "decrypt" with the 1st key, followed by DES "encrypt" with the 2nd key, and finally DES "decrypt" with the 1st key.
one of the other security scenarios is that increasing complexity tends to weaken security ... because complexity increases the chance that things won't be done correctly every time ... which attackers can take advantage of.
since no specific (well-designed) encryption is suppose to leak information .... multiple application of independent encryption shouldn't ever "increase" the amount of information leaked (ideally, the amount of useful information leaked should decrease with additional, independent encryption).
one of the principles of diminishing returns ... frequently has to do with total end-to-end security ... as opposed to just specific encryption process. nominally end-point attacks have been demonstrated to be easier than much of the communication encryption measures. Doubling the amount of communication encryption just encourages attackers to ignore transmissions and even further increase end-point attack efforts (and has little or no effect on protecting the weakest points ... i.e. the principle that security is only as strong as the weakest link).
An possible exception to communication encryption tending to be one of the strongest part of security, has been the wifi encryption that has been implicated in the tjx breach .. i.e.
WLAN Security Blamed for TJX Payment Card Breach
http://itmanagement.earthweb.com/secu/article.php/3704061
however, the weakness in the wifi encryption has been known for quite some time. there were even early apoligies by the individuals responsible for the design, also claiming that trade-offs were made because of the target wifi devices didn't have capability to perform more complex encryption. although there is some evidence that by the time the encryption was actually deployed, all of the wifi devices being shipped were capable of much more powerful encryption.
we had been brought in to consult with a small client/server startup
that wanted to do payment transactions on their server ... some
past posts mentioning something called a payment gateway
https://www.garlic.com/~lynn/subnetwork.html#gateway
they had this technology called SSL ... and the effort is now frequently
referred to as "electronic commerce". a few recent posts
https://www.garlic.com/~lynn/aadsm27.htm#0 H6.2 Most Standardised Security Protocols are Too Heavy
https://www.garlic.com/~lynn/aadsm27.htm#1 H6.2 Most Standardised Security Protocols are Too Heavy
https://www.garlic.com/~lynn/aadsm27.htm#15 307 digit number factored
https://www.garlic.com/~lynn/aadsm27.htm#19 307 digit number factored
https://www.garlic.com/~lynn/aadsm27.htm#20 307 digit number factored
https://www.garlic.com/~lynn/aadsm27.htm#21 307 digit number factored
https://www.garlic.com/~lynn/aadsm27.htm#33 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#35 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#47 If your CSO lacks an MBA, fire one of you
https://www.garlic.com/~lynn/aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
https://www.garlic.com/~lynn/aadsm27.htm#54 Security can only be message-based?
https://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks
https://www.garlic.com/~lynn/2007o.html#23 Outsourcing loosing steam?
https://www.garlic.com/~lynn/2007o.html#25 LAX IT failure: leaps of faith don't work
https://www.garlic.com/~lynn/2007o.html#27 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007o.html#28 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007o.html#52 Virtual Storage implementation
https://www.garlic.com/~lynn/2007p.html#54 Industry Standard Time To Analyze A Line Of Code
https://www.garlic.com/~lynn/2007p.html#67 what does xp do when system is copying
lots of past posts about ssl and ssl domain name digital certificates
https://www.garlic.com/~lynn/subpubkey.html#sslcerts
we then got involved in the x9a10 financial standard working group that
had been given the requirement to preserve the integrity of the
financial infrastructure for all retail payments. this required
some detailed vulnerability studies and threat models in support
of x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959
part of this was that by far the greatest leakage of account numbers resulting in fraudulent transactions was the transaction repositories which were needed for a large number of business processes. there was the eventual observation that the account numbers were needed in so many processes ... that there was no amount of security that would prevent account number leakage (in part studies showing that up to seventy percentage of such leakage involve insiders). from a policy standpoint, the circumstance could claim that account number was overloaded ... effectively being used for (something you know) authentication as well as being instrumental for large number of business processess.
the eventual tjx 40million account number breach, may have started with information obtained via the wifi encryption breach but was then leveraged in being able to access the transaction/business repositories (it wasn't using the encryption break to obtain the large number of account numbers thru evesdropping actual transactions).
so the x9.59 financial standard approach was to create a totally
separate operation for transaction authentication, independent of the
account number. this eliminated the ability of attackers to perform
fraudulent transactions having either evesdropped transactions (during
transmission) or from copying large business process repositories. this
is discussed in more detail in a series of posts about "naked
transaction metaphor" (i.e. transactions where the account number is
overloaded serving both as means of something you know authentication
and for numerous other business processes)
https://www.garlic.com/~lynn/subintegrity.html#payment
x9.59 preventing crooks from performing fraudulent transactions with
information gatthered by evesdropping on electronic commerce
transmissions ... also effectively eliminates one of the main purposes
of SSL.
https://www.garlic.com/~lynn/2007.html#0 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007.html#5 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007.html#6 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007.html#28 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#61 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#62 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#64 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#15 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#17 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#22 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#27 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#28 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#30 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#31 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#32 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#33 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#35 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#36 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#37 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#39 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#43 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#44 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#46 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#51 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#52 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#53 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#0 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#5 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#11 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#68 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#70 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#2 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#12 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#23 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#24 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#28 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#29 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#58 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#61 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#62 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#65 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#58 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#68 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#72 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#48 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#51 Securing financial transactions a high priority for 2007
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: ANT Censuses of the Internet Address Space Newsgroups: alt.folklore.computers Date: Tue, 09 Oct 2007 17:30:24 -0400ANT Censuses of the Internet Address Space
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Does software life begin at 40? IBM updates IMS database Newsgroups: alt.folklore.computers Date: Tue, 09 Oct 2007 20:20:35 -0400Does software life begin at 40? IBM updates IMS database
from above:
IMS, which stores data in a tree structure rather than in the tables
used in relational databases, was first used in 1968 for the NASA's
Apollo space program.
...
Bernie Spang, director of data servers at IBM, added that the database
remains vigorous despite its age. It still runs in the back rooms of
over 95% of Fortune 1,000 companies, and, Spang claimed, 80% of large
retail banks in the United States, Germany and Japan.
... snip ...
a couple postings with old email mentioning IMS
https://www.garlic.com/~lynn/2007.html#email801016
https://www.garlic.com/~lynn/2007c.html#email830125
some recent posts mentioning IMS:
https://www.garlic.com/~lynn/2007.html#39 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007b.html#9 Mainframe vs. "Server" (Was Just another example of mainframe
https://www.garlic.com/~lynn/2007b.html#48 6400 impact printer
https://www.garlic.com/~lynn/2007c.html#42 Keep VM 24X7 365 days
https://www.garlic.com/~lynn/2007d.html#24 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007e.html#1 Designing database tables for performance?
https://www.garlic.com/~lynn/2007e.html#14 Cycles per ASM instruction
https://www.garlic.com/~lynn/2007e.html#16 Attractive Alternatives to Mainframes
https://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
https://www.garlic.com/~lynn/2007e.html#36 Quote from comp.object
https://www.garlic.com/~lynn/2007e.html#37 Quote from comp.object
https://www.garlic.com/~lynn/2007e.html#41 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007f.html#56 Is computer history taught now?
https://www.garlic.com/~lynn/2007f.html#64 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007f.html#66 IBM System z9
https://www.garlic.com/~lynn/2007g.html#25 Bidirectional Binary Self-Joins
https://www.garlic.com/~lynn/2007g.html#26 Bidirectional Binary Self-Joins
https://www.garlic.com/~lynn/2007h.html#35 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#76 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#71 The top 10 dead (or dying) computer skills
https://www.garlic.com/~lynn/2007l.html#62 Friday musings on the future of 3270 applications
https://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
https://www.garlic.com/~lynn/2007m.html#47 Capacity and Relational Database
https://www.garlic.com/~lynn/2007m.html#55 Capacity and Relational Database
https://www.garlic.com/~lynn/2007n.html#49 VLIW pre-history
https://www.garlic.com/~lynn/2007o.html#53 Virtual Storage implementation
https://www.garlic.com/~lynn/2007o.html#57 ACP/TPF
https://www.garlic.com/~lynn/2007o.html#59 ACP/TPF
https://www.garlic.com/~lynn/2007p.html#13 IBM Releases Office Desktop Software at No Charge to Foster Collaboration
https://www.garlic.com/~lynn/2007p.html#20 64 gig memory
https://www.garlic.com/~lynn/2007p.html#58 what does xp do when system is copying
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Does software life begin at 40? IBM updates IMS database Newsgroups: alt.folklore.computers Date: Wed, 10 Oct 2007 16:54:50 -0400hancock4 writes:
CICS is approx. same vintage as IMS. The folklore is that it was developed at a mid-west utility company ... and then picked up to offer as general product. The univ. library had a ONR grant to do some library automation and got selected to be beta-test for the original CICS product. I got tasked to do some of the support/debugging for the installation.
misc. past posts mentioning CICS &/or BDAM
https://www.garlic.com/~lynn/submain.html#bdam
CICS history site
https://web.archive.org/web/20080123061613/http://www.yelavich.com/history/toc.htm
wiki CICS page
https://en.wikipedia.org/wiki/CICS
and the wiki IMS page
https://en.wikipedia.org/wiki/IBM_Information_Management_System
the above wiki page mentions Vern Watts
http://www.vcwatts.org/ibm_story.html
as well as IMS availability options.
my wife had been con'ed into going to pok to be in charge of (mainframe)
loosely-coupled architecture. while there she came up with peer-coupled
shared data architecture
https://www.garlic.com/~lynn/submain.html#shareddata
which didn't see a lot of takeup until sysplex (one of the reasons she didn't stay there long) ... except for IMS hot-standby.
this CICS history page mentions the transition of CICS from
"Type II Application Program" to program product
https://web.archive.org/web/20060325095234/http://www.yelavich.com/history/ev196901.htm
and also mentions transition to program product in 1969 in relationship
to the 23jun69 unbundling announcement
https://www.garlic.com/~lynn/submain.html#unbundle
and starting to charge for (application) software.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The SLT Search LisT instruction - Maybe another one for the Wheelers Newsgroups: alt.folklore.computers Date: Wed, 10 Oct 2007 18:38:14 -0400Paul Hinman <paul.hinman@shaw.ca> writes:
was defined by lincoln labs and found on many 360/67
extract from cp67 describing SLTSIM implementation/operation:
https://www.garlic.com/~lynn/2001h.html#71 IBM 9020 FAA/ATC Systems from 1960's
it was used in cp67 kernel to search kernel dynamic storage for allocating block. cp67 frequently searched several hundred blocks that had used half-dozen instruction loop ... which the SLT instruction was more efficient. However SLT still required a couple storage fetches per block searched. For 360/67 w/o SLT instruction, there would be a invalid op-code program interrupt ... which would be checked and sent off to SLTSIM for simulation.
With the change to supporting "subpools" for cp67 dynamic kernel storage allocation ... the use of SLT was eliminated. subpool logic created LIFO push/pop list for most frequently used kernel storage sizes. The LIFO implementation took 14-20 instructions (total, depending on whether tracing was turned on or off). The subpool change handled nearly all storage requests and drastically reduced the kernel storage management overhead.
The kernel storage management subpool logic carried over in the morph to
vm370. Even with subpool logic ... the LIFO process still showed up
fairly high on the ECPS analysis (percent of total kernel overhead):
https://www.garlic.com/~lynn/94.html#21 370 ECPS VM microcode assist
not because the pathlength was large ... but it so frequently invoked ("FRET" is deallocate/push, "FREE" is allocate/pop):
path count time percent (mics) cp fre+5a8 73628 132 3.77 'FRET' fre+8 73699 122 3.47 FREEmisc. past posts mentioning SLT instruction:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: History dictates future of virtualization Newsgroups: alt.folklore.computers Date: Wed, 10 Oct 2007 19:19:25 -0400History dictates future of virtualization
from above:
Even in the 1970s anyone with any sense could see the advantages
virtualization offered. It separates applications and operating systems
from the hardware. With VM/370 you could even run MVS on top - along
with other operating systems such as Unix. The irony was it took a long
time for VM/370 - now called z/VM - to overtake MVS and take its place
in IBM's product range. By the time it did, it was largely hidden from
view - as such "deep" technology ought to be.
... snip ...
... even if some of the stuff was slightly garbled
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The SLT Search LisT instruction - Maybe another one for the Wheelers Newsgroups: alt.folklore.computers Date: Thu, 11 Oct 2007 11:33:19 -0400"Sarr J. Blumson" <sarr@rygar.gpcc.itd.umich.edu> writes:
sltsim description
https://www.garlic.com/~lynn/2001h.html#71 IBM 9020 FAA/ATC Systems from 1960's
mentions that the elements in the list had to be double word aligned ... aka
from cp/67 reference (pg. 252):
Module name: SLTSIM Entry point: SLTSIM Purpose: Simulation of the SLT (search list) instruction on those 360/67s which do not have the RPQ. Entry conditions: gpr 0, bits 16-23, contains the key mask. bits 24-31, contains the count of the number of elements to be searched gpr2: contains the address of the first element (which must be on a doubleword boundary) gpr3: contains the number of bytes to be compared for the data match (1 through 4) gpr4: contains the value of the offset for the data check gpr5: contains the value of the offset for the key check gpr14: contains a pointer to the instruction being simulated exit conditions 0 - unsuccessful comparion and key test with completion due to count 1 - successful comparison and unsuccessful key test 2 - unsuccessful comparison and successful key test 3 - successful comparison and key test gpr0: contains the number of elements unchecked gpr1: contains the predecessor element gpr2: contains the matched element...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Fixing our fraying Internet infrastructure Newsgroups: alt.folklore.computers Date: Thu, 11 Oct 2007 12:21:30 -0400past couple months seems like there has been barrage of articles on all sorts of fraying infrastructure ... lots of milking the infrastructure for whatever can be extracted ... frequently with little or no attention given to care and maintenance; transportation, roads, bridges, power, water, etc. There was even a news item the past couple days that a major overhaul of the nations traffic light system could save 10-12 percent in energy use ... but the money hasn't been spent for that either.
Fixing our fraying Internet infrastructure
http://news.zdnet.com/2010-1035_22-6212819.html
from above:
The broadband infrastructure in the United States is largely invisible
to all but a few engineers. Were it as visible as a road system it would
appear to be excellent in some places, but riddled with potholes in
others; heavily congested at many times and locations; and in need of
massive redesign.
... snip ...
lots of posts mentioning arpanet/internet
https://www.garlic.com/~lynn/subnetwork.html#internet
and misc. posts specifically about original nsfnet backbone effort
https://www.garlic.com/~lynn/subnetwork.html#nsfnet
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fixing our fraying Internet infrastructure Newsgroups: alt.folklore.computers Date: Fri, 12 Oct 2007 06:09:59 -0400Morten Reistad <first@last.name> writes:
some of it is addressing ... ala ipv6 ... but there are other things like physical infrastructure ... ala internet2
Blazingly fast Internet2 gets 10x boost
http://news.yahoo.com/s/ap/faster_internet
Blazingly Fast Internet2 Gets 10x Boost
http://www.redorbit.com/news/technology/1097295/blazingly_fast_internet2_gets_10x_boost/index.html
Blazingly Fast Internet2 Gets 10x Boost
http://www.physorg.com/news112452609.html
Internet2 finishes its nationwide network infrastructure
http://www.networkworld.com/news/2007/101207-bea-oracle.html?t51hb
100 Gb/s Internet2 completed
http://www.tgdaily.com/content/view/38553/108/
for some archeological drift ... back to nsfnet backbone ... some old email
https://www.garlic.com/~lynn/lhwemail.html#nsfnet
and other posts
https://www.garlic.com/~lynn/subnetwork.html#nsfnet
when we were prevented from bidding on nsfnet backbone ... director of nsf wrote a letter ... part of which referenced what we already had deployed (internally) was at least five yrs ahead of all (nsfnet backbone) bid submissions (to build something new). some of the stuff, like rate-based pacing didn't really show up until after internet2 started.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Hackers Attack Apps While Still in Development Newsgroups: alt.folklore.computers Date: Fri, 12 Oct 2007 06:50:57 -0400Hackers Attack Apps While Still in Development
from above:
Chess and his fellow researchers at Fortify recently dubbed this class
of vulnerabilities as "cross-build injection." Attackers insert
vulnerabilities and malware into code during the software development
process, rather than the more common approach of finding holes after
the software is operational.
... snip ...
Fortify finds Trojan devs in open source
http://www.cbronline.com/article_news.asp?guid=35137085-5D15-4D62-89A3-BE1F9A486FF5
from above:
Fortify has written a paper documenting the exploit and release a new
rule pack to its tooling to help developers identify and eliminate the
threat. The update to the rule pack also includes support for CWE, an
emerging standard that specifies a common language for identifying
software vulnerabilities.
... snip ...
for other drift
Common Weakness Enumeration
http://cwe.mitre.org/about/index.html
from above:
MITRE began working on the issue of categorizing software weaknesses
as early 1999 when it launched the CVE List. As part of the
development of CVE during the last 5+ years MITRE's CVE Team developed
a preliminary classification and categorization of vulnerabilities,
attacks, faults, and other concepts to help define common software
weaknesses. However, while sufficient for CVE those groupings are too
rough to be used to identify and categorize the functionality offered
within the offerings of the code security assessment industry.
... snip ...
I had complained to MITRE and others about classification difficulty
(using CVE and other similar repositories) ... past posts mentioning
attempts at classification using CVE
https://www.garlic.com/~lynn/2004e.html#43 security taxonomy and CVE
https://www.garlic.com/~lynn/2004f.html#20 Why does Windows allow Worms?
https://www.garlic.com/~lynn/2005b.html#20 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005c.html#28 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005c.html#32 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005d.html#0 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005d.html#67 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005k.html#3 Public disclosure of discovered vulnerabilities
https://www.garlic.com/~lynn/2006x.html#29 "The Elements of Programming Style"
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Horrid thought about Politics, President Bush, and Democrats ... Newsgroups: alt.folklore.computers Date: Fri, 12 Oct 2007 07:21:02 -0400jmfbahciv writes:
as been discussed in past posts, it is the commercial heavyweight traffic that causes nearly all the wear&tear on the transportation infrastructure ... to the point that highways are designed for axle ton-mile heavy truck traffic (use by lighter weight vehicles has nearly no infrastructure wear&tear impact).
recent topic drift:
https://www.garlic.com/~lynn/2007q.html#18 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007q.html#19 Fixing our fraying Internet infrastructure
post posts mentioning axle ton-mile wear&tear
https://www.garlic.com/~lynn/2002j.html#41 Transportation
https://www.garlic.com/~lynn/2002j.html#42 Transportation
https://www.garlic.com/~lynn/2004c.html#20 Parallel programming again (Re: Intel announces "CT" aka
https://www.garlic.com/~lynn/2006g.html#5 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#6 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#10 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#12 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#15 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#19 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#24 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#26 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#32 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#35 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#46 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#48 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#49 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#50 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#51 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#52 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#53 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#54 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#56 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#57 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#59 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#60 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#61 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#62 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#0 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#5 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#6 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#11 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#23 The Pankian Metaphor
https://www.garlic.com/~lynn/2006p.html#2 Overweight truckers stopped by tech checks
https://www.garlic.com/~lynn/2006r.html#25 Computer Artifacts
https://www.garlic.com/~lynn/2007n.html#97 Loads Weighing Heavily on Roads
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Enterprise: Accelerating the Progress of Linux Newsgroups: alt.folklore.computers Date: Fri, 12 Oct 2007 07:37:54 -0400another item on the new, 40+ yr old technology
Enterprise: Accelerating the Progress of Linux
http://www.linuxinsider.com/story/59781.html
from above ...
To enable the next generation data center and make sure it's built on
Linux, we all need to focus on two key areas -- virtualization and
management. We believe the future of virtualization lies in
hardware-assisted paravirtualization. People will be using
virtualization for server consolidation, test and development
environments, rapid application deployment, business continuity and
application isolation.
... snip ...
effectively same old song dating back to the 60s (golden oldies).
other recent posts mentioning the new 40+ yr old technology
https://www.garlic.com/~lynn/2007.html#39 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
https://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#30 Health Care
https://www.garlic.com/~lynn/2007f.html#36 Silly beginner questions
https://www.garlic.com/~lynn/2007f.html#39 Silly beginner questions
https://www.garlic.com/~lynn/2007h.html#77 Linux: The Completely Fair Scheduler
https://www.garlic.com/~lynn/2007j.html#43 z/VM usability
https://www.garlic.com/~lynn/2007k.html#47 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#52 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#23 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#15 Patents, Copyrights, Profits, Flex and Hercules
https://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#64 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#66 Off Topic But Concept should be Known To All
https://www.garlic.com/~lynn/2007n.html#27 What if phone company had developed Internet?
https://www.garlic.com/~lynn/2007n.html#29 Programmable TLB management?
https://www.garlic.com/~lynn/2007n.html#30 How would a relational operating system look like?
https://www.garlic.com/~lynn/2007n.html#55 computerworld 40 yr articles
https://www.garlic.com/~lynn/2007n.html#93 How old are you?
https://www.garlic.com/~lynn/2007o.html#31 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007o.html#36 It's No Secret: VMware to Develop Secure Systems for NSA
https://www.garlic.com/~lynn/2007o.html#38 It's No Secret: VMware to Develop Secure Systems for NSA
https://www.garlic.com/~lynn/2007o.html#39 It's No Secret: VMware to Develop Secure Systems for NSA
https://www.garlic.com/~lynn/2007p.html#7 what does xp do when system is copying
https://www.garlic.com/~lynn/2007p.html#28 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#59 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: GETMAIN/FREEMAIN and virtual storage backing up Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Fri, 12 Oct 2007 08:30:18 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
for additional topic drift, another internal project that drew on some
of the cp67h activity was the inciption of the internal HONE
project. lots of past posts mentioning HONE (and/or APL)
https://www.garlic.com/~lynn/subtopic.html#hone
this is at least partially motivated by the 23jun69 unbundling
announcement ... a little topic drift here
https://www.garlic.com/~lynn/2007q.html#13 Does software life begin at 40? IBM updates IMS database
https://www.garlic.com/~lynn/2007q.html#14 Does software life begin at 40? IBM updates IMS database
misc. other posts mentioning unbundling and starting to charge
for application software
https://www.garlic.com/~lynn/submain.html#unbundle
the other aspect of unbundling was that it also started to charge for SE time/services. prior to that, (young/new) SEs picked up a lot of their experience via "on the job training" ... working with more experienced SEs on the customer machine. with unbundling and charging customers for SE services/time, this "hands-on" learning experience evaporated.
somewhat as a substitute, HONE (Hands-On Network Environment) was created
... with a number of 360/67 running a clone of the science centers
https://www.garlic.com/~lynn/subtopic.html#545tech
cp67 system were installed around the country. the idea was that SEs (at branch offices) could pickup ("hands-on") experience running/testing operating systems remotely in the HONE cp67 virtual machines.
for slightly other, topic drift ... this recent post
https://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
When initial 370 was announced, virtual memory still wasn't available ... but there were a few new instructions ... and the operating systems were updated to make use of the new instructions. that is somewhat where a subset of the "cp67h" enhancements came into play (at HONE) ... it was possible to run the latest (370) operating systems in cp67 virtual machines ... with cp67 kernel simulating the latest, new 370 instructions.
Another activity by the science center, effectively resulted in the direction of HONE completely changing. The science center had also did a port of apl\360 to cms as cms\apl. Among other things ... APL "work spaces" could now be 16mbytes ... instead of the 16kbyte-32kbytes typical of apl\360 ... and an API for operating system functions was added (things like being able to do file i/o). This allowed APL to start being used for real-world applications (instead of toy demos that were frequently the result of the 16k limitation). In this period, APL was frequently used for lots of things that spreadsheets are used for today.
Quite a few APL applications (like configurators) in support of sales and marketing were deployed on HONE ... and overtime these started to consume all available HONE processing ... and the original use for SE "hands-on" withered and disappeared. After vm370 became available, HONE upgraded from cp67 to vm370 (and HONE clones started to sprout up around the world). Also by the mid-70s, it was no longer possible for computing system orders to be submitted w/o first having been processed through some number of HONE APL applications (like configurators).
other posts in this thread:
https://www.garlic.com/~lynn/2007p.html#69 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#70 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#73 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007q.html#8 GETMAIN/FREEMAIN and virtual storage backing up
In the 70s, the various (US) HONE datacenters were consolidated in cal. with possibly largest "single system image" operation. This involved quite a few operational and functional enhancements to vm370 supporting load-balancing and fall-over ... that allowed a large number of loosely-coupled (tightly-coupled) multiprocessors to effectively operate as single large timesharing service (in part driven by the significant processing requirements because of using APL) ... somewhat reminiscent of some modern day advanced operations. Then because of business continuity considerations, the california datacenter was replicated first in Dallas, and then a 3rd in Boulder (supporting geographic load-balancing and fall-over).
for even more topic drift ... misc. posts mentioning cp67 and
vm370 based commercial timesharing services
https://www.garlic.com/~lynn/submain.html#timeshare
and for some unbundling topic drift ... the original unbundling and starting to charge for (application) software was motivated by various litigation activities ... however (at the time), is was justified that the kernel/supervisor software should still be free (or bundled, depending on your view).
with the rise of clone processors (and their customers being able to obtain "free" kernel software), the opinion about charging for kernel software started to change.
as an undergraduate, i had done a lot of work on dynamic adaptive
resource management for cp67 ... a lot of which shipped in various cp67
releases. however, as part of the morph from cp67 to vm370, a lot of the
dynamic adaptive resource management features disappeared. numerous
customers lobbied thatthe features should be re-introduced in vm370
and eventually i was allowed to put together a large product update
to the vm370 kernel
https://www.garlic.com/~lynn/subtopic.html#fairshare
https://www.garlic.com/~lynn/subtopic.html#wsclock
and i was chosen to be the guinea pig for charging for kernel software (which met spending a lot of time with lawyers and business people working out policies/principles for kernel software charging).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Fri, 12 Oct 2007 13:58:32 -0400Charlton Wilbur <cwilbur@chromatico.net> writes:
now, anybody can encrypt something for you, with your public key and they know it can only be decrypted with your private key. this addresses one of the problems with symmetric key cryptography involving getting the secret keys distributed (i.e. public keys can be widely distributed w/o impacting evesdroppers from being able to impersonate you).
in a lot of common implementations, like SSL, public key cryptography is viewed as very expensive ... so a layered approach is used. A random "secret" key is generated and used to encrypt the message; the secret key is then encrypted with the recipient's public key; the encrypted random secret key and the encrypted message is then transmitted. The sender still knows that only the designated recipient can decrypt the message (since only the designated recipient will be able to decrypt the random secret key which is then required to decrypt the rest of the message). Any responses (from the original recipient) would be encrypted with the original random secret key (you know that it could only come from them ... since only the original recipient would be able to discover the random secret key).
In the late 80s and early 90s, there was work on PKIs and x.509 identity digital certificates ... to address the opportunity involving first time communication between complete strangers ... basically an electronic analog to the letters of credit/introduction from sailing ship days. The issue was in this situation, relying parties had no other recourse to timely information about complete strangers in first time communication. The target scenario was left-over from offline email from the early 80s ... i.e. dial-up your local electronic post-office, download email, hang-up ... and potentially be faced with having to process first time email from complete strangers. "digital certificates" could be appended to these types of communications ... which originated from commonly trusted third parties and could be verified.
There were a couple issues going into the mid-90s.
First, numerous institutions were starting to realize that x.509
identity digital certificates, frequently overloaded with increasing
amounts of personal information, represented significant liability and
privacy issues. These organizations started retrenching to something
called relying-party-only certificates
https://www.garlic.com/~lynn/subpubkey.html#rpo
which limited the individual information to the individual's public key and some sort of account number, record locator, and/or userid that would be used for repository lookup ... where all the necessary personal information was actually stored. However, in all operations involving relying-party-only certificates, it was trivial to demonstrate that the digital certificates were redundant and superfluous ... since all the actual information would be retrieved from the repository.
Another issue, was that the digital certificate paradigm involved stale, static information (originally justified as better than nothing in a purely offline enviornment for first time interaction between total strangers). For many operations, access to timely, aggregated and/or locally-stored historical information represented significant more value. This started to relegate digital certificate paradigm to "no-value" operations (that couldn't justify online and/or local repositories) and/or offline environments.
As the cost of online access dropped and became more ubiquitous ... and the cost of dataprocessing (for repositories) continued to drop, the "no-value" market niche for digital certificates continued to shrink (i.e. those "no-value" operations that couldn't justify their own historical information and/or online access to timely information).
This unnecessary introduction of digital certificates was recently
replayed in this discussion about public keys for kerberos
https://www.garlic.com/~lynn/2007q.html#2 Windows Live vs Kerberos
https://www.garlic.com/~lynn/2007q.html#5 Windows Live vs Kerberos
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: VMware: New King Of The Data Center? Newsgroups: alt.folklore.computers Date: Sat, 13 Oct 2007 08:49:39 -0400more on the new 40+ yr old technology
VMware: New King Of The Data Center?
http://www.informationweek.com/news/showArticle.jhtml?articleID=202402093
from above:
Usually the bully kicks sand in the little guy's face, but VMware is
switching that story. In a speech at LinuxWorld in August, VMware chief
scientist Mendel Rosenblum talked up application-specific operating
systems provided by ISVs that would run on a hypervisor--no
general-purpose OS needed. You can bet Microsoft took notice.
... snip ...
this is somewhat the virtual appliance (or called service virtual machine from earlier virtual machine environments).
CMS was possibly the original ... started out as "cambridge monitor
system" from the mid-60s,
https://www.garlic.com/~lynn/subtopic.html#545tech
the name changed to "conversational monitor system" in the cp67 to vm370 morph
Another example was the implementation that was the basis for the
internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet
a couple past posts referencing the original author discovering a nearly
exact conversion of some vnet/rscs code from 360 assembler to C in one
of the major real-time operating systems.
https://www.garlic.com/~lynn/2004q.html#56 CAS and LL/SC (was Re: High Level Assembler for MVS & VM & VSE)
https://www.garlic.com/~lynn/2006y.html#32 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007p.html#51 Translation of IBM Basic Assembler to C?
other past posts mentioning virtual appliance and/or service
virtual machine:
https://www.garlic.com/~lynn/2002m.html#26 Original K & R C Compilers
https://www.garlic.com/~lynn/2003c.html#77 COMTEN- IBM networking boxes
https://www.garlic.com/~lynn/2004q.html#72 IUCV in VM/CMS
https://www.garlic.com/~lynn/2005.html#59 8086 memory space
https://www.garlic.com/~lynn/2005j.html#58 Q ALLOC PAGE vs. CP Q ALLOC vs ESAMAP
https://www.garlic.com/~lynn/2006p.html#10 What part of z/OS is the OS?
https://www.garlic.com/~lynn/2006t.html#45 To RISC or not to RISC
https://www.garlic.com/~lynn/2006t.html#46 To RISC or not to RISC
https://www.garlic.com/~lynn/2006v.html#22 vmshare
https://www.garlic.com/~lynn/2006w.html#16 intersection between autolog command and cmsback (more history)
https://www.garlic.com/~lynn/2006w.html#25 To RISC or not to RISC
https://www.garlic.com/~lynn/2006w.html#52 IBM sues maker of Intel-based Mainframe clones
https://www.garlic.com/~lynn/2006x.html#6 Multics on Vmware ?
https://www.garlic.com/~lynn/2006x.html#8 vmshare
https://www.garlic.com/~lynn/2007i.html#21 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#36 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Does software life begin at 40? IBM updates IMS database Newsgroups: alt.folklore.computers Date: Sat, 13 Oct 2007 21:21:49 -0400Paul Hinman <paul.hinman@shaw.ca> writes:
and misc. past posts mentioning cics &/or bdam (access method used
in original/early cics implementation)
https://www.garlic.com/~lynn/submain.html#bdam
i.e. CICS did its own multithreading under single operating system TCB ... limiting it to single processor operation.
The Evolution of CICS: CICS/VS 1.5 Continues CICS' Rapid Growth (1979)
https://web.archive.org/web/20060325095346/http://www.yelavich.com/history/ev197901.htm
i.e. 1.5 introduced multiple region operation ... each region had their own TCB ... so could be dispatched concurrently on multiple different processors. however, one of the reasons for multiple region operations was each region got its own address space ... which was (initially) still limited to 16mbytes; however, mvs kernel took 8mbytes in each address space, and the common segment started out taking 1mbyte out of each address space ... but eventually, for large operations common segment could be 5-6 mbytes ... leaving possibly only 2-3mbytes for actual application (i.e. total available for cics region operation).
The Evolution of CICS: CICS and Multi-region Operation (1980)
https://web.archive.org/web/20040705000349/http://www.yelavich.com/history/ev198001.htm
later some "large" installations might have in excess of 120 CICS regions.
The Evolution of CICS: CICS and Multiprocessor Exploitation (2004)
https://web.archive.org/web/20041023110006/http://www.yelavich.com/history/ev200402.htm
i.e. having more than one "operating system" TCB per region to enable multithreaded, multiprocessor operation.
other CICS history information
https://web.archive.org/web/20080123061613/http://www.yelavich.com/history/toc.htm
for instance
The Evolution of CICS: CICS - State of the Art (1992)
https://web.archive.org/web/20070322221728/http://www.yelavich.com/history/ev199203.htm
and for other drift, from above:
In the early 1990s, IBM acquired Transarc, a company which had its own
support offerings for transaction processing on UNIX-based
systems. Encina would now be offered on MVS-based systems, and some of
its components would satisfy prerequisites for the newly announced CICS
for AIX on RISC System/6000 (CICS/6000). Most notable were the Encina
components, Structure File Server (SFS), Peer-to-peer Executive and
Peer-to-peer Gateway. SFS provided a VSAM-like facility on UNIX and the
Executive and Gateway enabled intersystem communications with TCP and
SNA network.
... snip ...
i've mentioned before that ibm had equally split mit athena funding with DEC ($25m each) ... but had provided $50m funding for cmu andrew. andrew included things liked widgets, distributed file system, microkernel (MACH), and transaction processing (Camelot). it then provided some of the seed funding when Camelot was split off into independent company, transarc ... and then bought transarc outright (which might be considered paying for the same thing three different times).
mach showed up in number of places ... and still around as apple's kernel
misc. past posts mentioning transarc
https://www.garlic.com/~lynn/2000.html#64 distributed locking patents
https://www.garlic.com/~lynn/2000e.html#20 Is Al Gore The Father of the Internet?^
https://www.garlic.com/~lynn/2001.html#49 Options for Delivering Mainframe Reports to Outside Organizat ions
https://www.garlic.com/~lynn/2001f.html#59 JFSes: are they really needed?
https://www.garlic.com/~lynn/2001i.html#49 Withdrawal Announcement 901-218 - No More 'small machines'
https://www.garlic.com/~lynn/2002o.html#32 I found the Olsen Quote
https://www.garlic.com/~lynn/2003.html#50 Origin of Kerberos
https://www.garlic.com/~lynn/2004c.html#53 defination of terms: "Application Server" vs. "Transaction Server"
https://www.garlic.com/~lynn/2004h.html#42 Interesting read about upcoming K9 processors
https://www.garlic.com/~lynn/2004n.html#9 RISCs too close to hardware?
https://www.garlic.com/~lynn/2005b.html#1 Foreign key in Oracle Sql
https://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
https://www.garlic.com/~lynn/2007b.html#16 V2X2 vs. Shark (SnapShot v. FlashCopy)
misc. past posts mentioning mach
https://www.garlic.com/~lynn/2000e.html#27 OCF, PC/SC and GOP
https://www.garlic.com/~lynn/2001b.html#14 IBM's announcement on RVAs
https://www.garlic.com/~lynn/2001f.html#23 MERT Operating System & Microkernels
https://www.garlic.com/~lynn/2001n.html#35 cc SMP
https://www.garlic.com/~lynn/2002i.html#73 Unisys A11 worth keeping?
https://www.garlic.com/~lynn/2003.html#46 Horror stories: high system call overhead
https://www.garlic.com/~lynn/2003.html#50 Origin of Kerberos
https://www.garlic.com/~lynn/2003c.html#45 Early attempts at console humor?
https://www.garlic.com/~lynn/2003e.html#25 A Speculative question
https://www.garlic.com/~lynn/2003e.html#33 A Speculative question
https://www.garlic.com/~lynn/2003i.html#66 TGV in the USA?
https://www.garlic.com/~lynn/2003j.html#72 Microkernels are not "all or nothing". Re: Multics Concepts For
https://www.garlic.com/~lynn/2004c.html#53 defination of terms: "Application Server" vs. "Transaction Server"
https://www.garlic.com/~lynn/2004k.html#50 Xah Lee's Unixism
https://www.garlic.com/~lynn/2005b.html#22 The Mac is like a modern day Betamax
https://www.garlic.com/~lynn/2005c.html#44 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005j.html#13 Performance and Capacity Planning
https://www.garlic.com/~lynn/2005j.html#26 IBM Plugs Big Iron to the College Crowd
https://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005r.html#43 Numa-Q Information
https://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
https://www.garlic.com/~lynn/2006c.html#42 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006c.html#43 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006l.html#43 One or two CPUs - the pros & cons
https://www.garlic.com/~lynn/2006m.html#14 The AN/FSQ-31 Did Exist?!
https://www.garlic.com/~lynn/2007d.html#16 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007g.html#70 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007i.html#26 Latest Principles of Operation
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Does software life begin at 40? IBM updates IMS database Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 10:27:11 -0400Justa Lurker <JustaLurker@att.net> writes:
other posts in this thread:
https://www.garlic.com/~lynn/2007q.html#13 Does software life begin at 40? IBM updates IMS database
https://www.garlic.com/~lynn/2007q.html#14 Does software life begin at 40? IBM updates IMS database
https://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database
and for some wayback folklore
http://www.archive.org/index.php
wiki article
https://en.wikipedia.org/wiki/Internet_Archive
and more wiki articles
https://en.wikipedia.org/wiki/Brewster_Kahle
https://en.wikipedia.org/wiki/Wide_area_information_server
https://en.wikipedia.org/wiki/Thinking_Machines
misc. past posts mentioning brewster, wais, and/or thinking machines
https://www.garlic.com/~lynn/2000d.html#64 "all-out" vs less aggressive designs
https://www.garlic.com/~lynn/2001c.html#67 What ever happened to WAIS?
https://www.garlic.com/~lynn/2001n.html#17 CM-5 Thinking Machines, Supercomputers
https://www.garlic.com/~lynn/2001n.html#68 CM-5 Thinking Machines, Supercomputers
https://www.garlic.com/~lynn/2001n.html#70 CM-5 Thinking Machines, Supercomputers
https://www.garlic.com/~lynn/2001n.html#83 CM-5 Thinking Machines, Supercomputers
https://www.garlic.com/~lynn/2003.html#44 Will Apple ever offer a newsreader?
https://www.garlic.com/~lynn/2003c.html#29 Will Apple ever offer a newsreader?
https://www.garlic.com/~lynn/2007.html#29 Just another example of mainframe costs
one morning, i happened to be walking (along the charles) from hotel on the way to a meeting and stopped to watch a worker prying the corporate letters off the face of the building.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 11:19:42 -0400jmfbahciv writes:
fully loaded costs also can show up in contracts where the employer pays employee benefits ... as opposed to it coming out of individuals "paycheck" (aka it still shows up as part of fully loaded total cost of having employees ... whether it appears as part of paycheck or not).
cspan had program this morning with congressman talking about (hidden) total costs of programs (passed by congress ... making the programs sound like the subprime teaser rates in the mortgage industry) ... and if things continue as-is, ... that US will have significantly higher tax rate than all other industrial countries.
other recent posts related to figuring out fully loaded costs
https://www.garlic.com/~lynn/2007i.html#18 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying
one of the scenarios from the 90s is projections about combination of dropping competitiveness of the US workers ... and drastically increasing taxes (because of projected runaway gov. program costs) ... would result in nearly all high-value jobs/industries moving to other countries (the very jobs/industries that are required to generate revenue on which the taxes would need to come from)
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 14:21:00 -0400Charlton Wilbur <cwilbur@chromatico.net> writes:
which can be successful ... even with various kinds of shared-secrets.
one of the issues is very careful examination of sequence that various
kinds of operations occurs ... this is also somewhat related to
comment that too much complexity can contribute to insecurity ...
recent comments
https://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
there have been some phishing attacks ... where attackers have created a static copy of valid websites ... then convinced victims to click on urls taking them to the counterfeit websites ... and then extracted necessary personal information allowing them to mount various kinds of account and/or identity fraud.
there have been some countermeasures to such exploits by creating a shared-secret that the clients use to recognize a valid website. however, long before such countermeasures were created ... there was a another kind of much more sophisticated ... but actually much simpler to deploy ... man-in-the-middle attack ... which subsequently sometimes been called an "active" mitm-attack (possibly trying to imply that it is new ... even tho it has been around for a long time).
this involves a bogus website ... that purely acts in much the same way as widely deployed application proxies ... the actual bogus website is transparent to the end-user ... other than for the initial URL ... aka the bogus website has a session with the actual client/user and creates a separate session with the real website ... pairs the two sessions and forwards transmissions back&forth transparently between the two sessions. other than some code borrowed from widely available proxy technology ... the bogus websites don't actually require any local files/data in attempt to emulate the valid website (but can still harvest the personal information necessary for account and/or identity fraud).
some number of the more recently deployed shared-secret countermeasures against the static-kind of bogus (phishing) websites ... are still quite vulnerable to the (active) bogus websites that can relatively trivially borrow from application proxy technology.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 15:34:06 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
SSL was supposedly created to address fake websites and all kinds of mitm-vulnerabilities.
we had been asked to consult with small client/server startup that
wanted to do payment transactions ... and the result is frequently
now called "electronic commerce" ... some number of posts
https://www.garlic.com/~lynn/subnetwork.html#gateway
they also had this security technology called SSL ... which we had to do an end-to-end business process investigation. It was designed to both be a countermeasure to various kinds of bogus and/or mitm-attacks ... as well hide/encrypt information transmitted through the internet.
part of the SSL end-to-end investigation was look in detail at the threat models and how SSL actually addressed those threat models.
a basic threat model was some integrity issues in the domain name infrastructure ... with things like cache poisoning (i.e. the official ip-address associated with a specific domain name is replaced with an ip-address of the attackers ... taking clients to the wrong webistes).
ssl would have these "trusted" domain name ssl "digital certificates" ... and a processor that a webserver can proove to the client that they are the only valid website for the domain name contained in the URL used by the client browser. however, the end-to-end process was predicated on the client/user having intimate knowledge of the binding between the website they believed they were talking to and the URL for that webiste. The SSL browser process then did the 2nd step that made sure that the website being talked to was the webiste that matched that URL.
The end-to-end process (for electronic commerce, as well as all other uses) required that the user actively/always paid attention to the URL. That process (for electronic commerce) was almost immediately broken. The SSL process required that the user provided the URL that was checked by the browser SSL process. Then all further communcation was encrypted with an exchanged random shared-secret ... providing the assurance that the client was still communicating with the same webserver.
Merchants fairly quickly found that SSL cut their webserver thruput by 80-90 percent. As a result, the merchants dropped back from basic requirement of SSL ... that the initial user URL contact is validated ... to the initial user URL contact is non-SSL. Then at some later time in the electronic commerce process ... a check-out/pay butten is supplied by the webserver ... which generates an SSL URL resulting in the payment portion of electronic commerce being encrypted.
However, the "click" metaphor ... breaks the SSL security process ... no longer is the URL provided by the user being checked ... but only the URL provided by the (potentially bogus) website is being checked. All the attacker needs is any valid SSL domain name digital certificate for any URL that the attacker provides in the check-out/pay button.
lots of past posts related to the almost immediate undermining of the
SSL paradigm by the "click" metaphor (which creates a disconnect between
the website that the user believes they are talking to and the URL for
that website).
https://www.garlic.com/~lynn/subpubkey.html#sslcert
Once the "click" metaphor ... used by nearly all the valid websites ... broke the SSL paradigm ... the crooks could make use of the failure with both website bogus "click" URL fields and eventually bogus "click" URL fields distributed by email. A fundamental requirement for SSL to provide end-to-end security ... required that the user always knew/managed the URLs for the websites that they believed they talked to.
Another implicit characteristic of the original countermeasures justifying SSL was that the domain name infrastructure had integrity issues ... including, but not limited to things like cache poisoning.
However, there is a very peculiar catch-22 ... basis of SSL being able to validate a website is the integrity of the process issuing SSL domain name digital certificates. What happened was that the certification authorities (that issued SSL domain name digital certificates) would require significant amount of identification information by applicants for SSL domain name digital certificates.
The certification authorities would then contact the domain name infrastructure and request the identification information for the owner of the specified domain name. Then there was a time-consuming, error prone, and expensive identification process matching the identification information for the domain name owner (from the domain name infrastructure) and the identification information for the applicant for the SSL domain name digital certificate (to guarantee that digital certificates were only being issued to the correct entities).
However, the authoritative agency for domain name ownership is the exact same domain name infrastructure that has integrity problems justifying the existance of SSL domain name digital certificates. One of the other kinds of attacks on domain name infrastructure is domain name hijacking ... where an attacker changes the domain name owner of record at the domain name infrastructure. Once the attacker has created fraudulent information at the domain name infrastructure ... they then can obtain a perfectly valid SSL domain name digital certificate from a certification authority.
So the catch-22 ... the whole SSL infrastucture is suppose to address
integrity problems with the domain name infrastructure ... but in
turn the SSL infrastructure is dependent on the integrity of that
same infrastructure
https://www.garlic.com/~lynn/subpubkey.html#catch22
So, some domain name infrastructure improvements ... backed by the
certification authority industry, includes having a domain name owner
register a public key when they register a domain name. then the domain
name owner uses the corresponding private key to digital sign all
communication. The domain name infrastructure then can check all
communication from domain name owners by validating the digital
signatures with the on-file public keys ... as countermeasure to
numerous kinds of domain name hijacking and other attacks. Note
this is a certificate-less, non-PKI public key operation
https://www.garlic.com/~lynn/subpubkey.html#certless
The other suggestion for the certification authority industry is that they require all domain name ssl digital certificate applications be digitally signed. They then can retrieve the public key from the domain name infrastructure to validate the digital signature ... replacing a time-consuming, error prone, and expensive identification process with a much simpler, more reliable and less expensive authentication process.
There is a number of catch-22s for this also. Improving the general integrity of the domain name infrastructure lessens the original justification for ssl domain name digital certifictes. furthermore, if certification authorities can dynamically retrieve, on-file (certificate-less) public keys for authentication operates ... the rest of the world might also start doing the same thing (eliminating any requirement for certification authority process and the domain name digital certificates).
there is also the suggestion that such a process could significant reduce the existing SSL overhead and protocol chatter. Instead of all the back&forth and overhead in SSL with digital certificates, the response to the browser request to the domain name infrastructure for the ip-address for a given hostname ... could piggy-back a trusted public key. The browser/client then immediately generates random symmetric key, encrypts the message, and encryptes the random symmetric key with the public key ... and potentially can do a single round-trip message exchange with the webserver.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 15:51:00 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
a big upswing in the popularity of application proxies happened in the
early to mid-90s because of the enormous number of coding
vulnerabilities in popular demon/server implementations ... especially
related to the huge number of c-language length related vulnerabilities
... that frequently represented the majority of all exploits in the
period
https://www.garlic.com/~lynn/subintegrity.html#overflow
some of these proxies just amounted to a simulated server that simply did an incoming line length check before forwarding the transmission to the real server (and then the real server would respond to the proxy which would then forward it back to the real client).
some of the mitm-attacks simply involve taking an application proxy
... and simply recording all traffic that happens to pass through.
https://www.garlic.com/~lynn/subintegrity.html#mitm
other posts in this (sub)thread:
https://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#30 what does xp do when system is copying
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 16:17:47 -0400Frank McCoy <mccoyf@millcomm.com> writes:
there has been recent discussion in crypto mailing list about RSA vis-a-vis elliptical curve technologies. one of the comments is that the integer-based asymmetric key cryptography appears to becoming more and more vulnerable ... faster than some have projected because of advances in descrete log algorithms involved with factoring integers. so far, similar improvements for attacks on elliptical curves haven't shown up during the same period.
somewhat as a result ... the recommended key sizes (and associated overhead) for integer-based infrastructure are significantly growing. by comparison, there hasn't been similar requirements for rapid growth in EC-based keysizes.
Even before the more recent requirements for increased integer-based infrastructure key sizes ... EC-based operations were significantly faster and/or required significant less power. For many chip implementations, the significantly higher power and elapsed time requirements for integer-based asymmetric key cryptography operations made them much more vulnerable to things like differential power attacks.
recent other posts in this sub-thread:
https://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#30 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying
misc. past posts mentioning things like elliptical curve technology,
fips-186, ec/dsa, differential power attacks, etc
https://www.garlic.com/~lynn/aadsm2.htm#straw AADS Strawman
https://www.garlic.com/~lynn/aadsm5.htm#x959 X9.59 Electronic Payment Standard
https://www.garlic.com/~lynn/aadsm9.htm#3dvulner5 3D Secure Vulnerabilities?
https://www.garlic.com/~lynn/aadsm11.htm#7 Meaning of Non-repudiation
https://www.garlic.com/~lynn/aadsm11.htm#17 Alternative to Microsoft Passport: Sunshine vs Hai
https://www.garlic.com/~lynn/aadsm11.htm#38 ALARMED ... Only Mostly Dead ... RIP PKI ... part II
https://www.garlic.com/~lynn/aadsm11.htm#39 ALARMED ... Only Mostly Dead ... RIP PKI .. addenda
https://www.garlic.com/~lynn/aadsm12.htm#13 anybody seen (EAL5) semi-formal specification for FIPS186-2/x9.62 ecdsa?
https://www.garlic.com/~lynn/aadsm14.htm#23 Maybe It's Snake Oil All the Way Down
https://www.garlic.com/~lynn/aadsm14.htm#26 Maybe It's Snake Oil All the Way Down
https://www.garlic.com/~lynn/aadsm14.htm#27 Maybe It's Snake Oil All the Way Down
https://www.garlic.com/~lynn/aadsm14.htm#31 Maybe It's Snake Oil All the Way Down
https://www.garlic.com/~lynn/aadsm17.htm#34 The future of security
https://www.garlic.com/~lynn/aadsm18.htm#6 dual-use digital signature vulnerability
https://www.garlic.com/~lynn/aadsm19.htm#45 payment system fraud, etc
https://www.garlic.com/~lynn/aadsm20.htm#1 Keeping an eye on ATM fraud
https://www.garlic.com/~lynn/aadsm24.htm#19 Use of TPM chip for RNG?
https://www.garlic.com/~lynn/aadsm25.htm#24 DDA cards may address the UK Chip&Pin woes
https://www.garlic.com/~lynn/99.html#224 X9.59/AADS announcement at BAI this week
https://www.garlic.com/~lynn/2000b.html#93 Question regarding authentication implementation
https://www.garlic.com/~lynn/2001g.html#14 Public key newbie question
https://www.garlic.com/~lynn/2002e.html#53 Mainframers: Take back the light (spotlight, that is)
https://www.garlic.com/~lynn/2002e.html#65 Digital Signatures (unique for same data?)
https://www.garlic.com/~lynn/2002g.html#38 Why is DSA so complicated?
https://www.garlic.com/~lynn/2002g.html#41 Why is DSA so complicated?
https://www.garlic.com/~lynn/2002g.html#42 Why is DSA so complicated?
https://www.garlic.com/~lynn/2002h.html#83 Signing with smart card
https://www.garlic.com/~lynn/2002i.html#10 Signing email using a smartcard
https://www.garlic.com/~lynn/2002i.html#78 Does Diffie-Hellman schema belong to Public Key schema family?
https://www.garlic.com/~lynn/2002j.html#21 basic smart card PKI development questions
https://www.garlic.com/~lynn/2002j.html#55 AADS, ECDSA, and even some TCPA
https://www.garlic.com/~lynn/2002j.html#73 How to map a user account to a digital cert?
https://www.garlic.com/~lynn/2002j.html#82 formal fips186-2/x9.62 definition for eal 5/6 evaluation
https://www.garlic.com/~lynn/2002j.html#84 formal fips186-2/x9.62 definition for eal 5/6 evaluation
https://www.garlic.com/~lynn/2002j.html#86 formal fips186-2/x9.62 definition for eal 5/6 evaluation
https://www.garlic.com/~lynn/2002k.html#11 Serious vulnerablity in several common SSL implementations?
https://www.garlic.com/~lynn/2002l.html#38 Backdoor in AES ?
https://www.garlic.com/~lynn/2002m.html#44 Beware, Intel to embed digital certificates in Banias
https://www.garlic.com/~lynn/2002n.html#14 So how does it work... (public/private key)
https://www.garlic.com/~lynn/2002n.html#20 Help! Good protocol for national ID card?
https://www.garlic.com/~lynn/2003c.html#26 Crypto Standards Organizations
https://www.garlic.com/~lynn/2003d.html#18 Efficent Digital Signature Schemes
https://www.garlic.com/~lynn/2003g.html#70 Simple resource protection with public keys
https://www.garlic.com/~lynn/2003h.html#29 application of unique signature
https://www.garlic.com/~lynn/2003i.html#29 electronic-ID and key-generation
https://www.garlic.com/~lynn/2003j.html#30 How is a smartcard created?
https://www.garlic.com/~lynn/2003k.html#38 Code Sizing for Digital Signature Verification - DSS/DSA
https://www.garlic.com/~lynn/2003l.html#5 Multiple ECDSA signatures with the same random nonce
https://www.garlic.com/~lynn/2003l.html#61 Can you use ECC to produce digital signatures? It doesn't see
https://www.garlic.com/~lynn/2003l.html#64 Can you use ECC to produce digital signatures? It doesn't see
https://www.garlic.com/~lynn/2003n.html#23 Are there any authentication algorithms with runtime changeable key length?
https://www.garlic.com/~lynn/2003n.html#25 Are there any authentication algorithms with runtime changeable
https://www.garlic.com/~lynn/2003n.html#32 NSA chooses ECC
https://www.garlic.com/~lynn/2004.html#37 When rsa vs dsa
https://www.garlic.com/~lynn/2004b.html#4 Comments wanted on an authentication protocol
https://www.garlic.com/~lynn/2004b.html#22 Hardware issues [Re: Floating point required exponent range?]
https://www.garlic.com/~lynn/2004d.html#7 Digital Signature Standards
https://www.garlic.com/~lynn/2004d.html#8 Digital Signature Standards
https://www.garlic.com/~lynn/2004f.html#10 racf
https://www.garlic.com/~lynn/2004h.html#11 Mainframes (etc.)
https://www.garlic.com/~lynn/2004h.html#12 ECC book reference, please
https://www.garlic.com/~lynn/2004h.html#21 Basics of key authentication
https://www.garlic.com/~lynn/2004h.html#30 ECC Encryption
https://www.garlic.com/~lynn/2004j.html#2 Authenticated Public Key Exchange without Digital Certificates?
https://www.garlic.com/~lynn/2004j.html#9 Smart card Authentification
https://www.garlic.com/~lynn/2005d.html#43 Secure design
https://www.garlic.com/~lynn/2005d.html#46 Secure design
https://www.garlic.com/~lynn/2005e.html#22 PKI: the end
https://www.garlic.com/~lynn/2005e.html#31 Public/Private key pair protection on Windows
https://www.garlic.com/~lynn/2005f.html#62 single-signon with X.509 certificates
https://www.garlic.com/~lynn/2005j.html#0 private key encryption - doubts
https://www.garlic.com/~lynn/2005j.html#4 private key encryption - doubts
https://www.garlic.com/~lynn/2005j.html#9 Determinstic OpenSSL signature
https://www.garlic.com/~lynn/2005u.html#26 RSA SecurID product
https://www.garlic.com/~lynn/2005u.html#27 RSA SecurID product
https://www.garlic.com/~lynn/2006r.html#1 Greatest Software Ever Written?
https://www.garlic.com/~lynn/2006r.html#19 Greatest Software Ever Written?
https://www.garlic.com/~lynn/2007b.html#30 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#47 newbie need help (ECC and wireless)
https://www.garlic.com/~lynn/2007b.html#65 newbie need help (ECC and wireless)
https://www.garlic.com/~lynn/2007j.html#67 open source voting
https://www.garlic.com/~lynn/2007l.html#12 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007l.html#39 My Dream PC -- Chip-Based
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Google And IBM Take Aim At Shortage Of Distributed Computing Skills Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 18:06:48 -0400Google And IBM Take Aim At Shortage Of Distributed Computing Skills
from above:
IBM and Google, working with six universities, last week launched a
program to develop distributed computing skills, which are expected to
be in much greater demand as software as a service and massive data
warehouses become more pervasive.
... snip ...
some postings of old email related to distributed computing
infrastructures
https://www.garlic.com/~lynn/lhwemail.html#medusa
and posts about distributed lock manager activity ... somewhat
in same effort that also involved medusa
https://www.garlic.com/~lynn/2000.html#64 distributed locking patents
https://www.garlic.com/~lynn/2001.html#40 Disk drive behavior
https://www.garlic.com/~lynn/2001c.html#66 KI-10 vs. IBM at Rutgers
https://www.garlic.com/~lynn/2001e.html#2 Block oriented I/O over IP
https://www.garlic.com/~lynn/2001f.html#22 Early AIX including AIX/370
https://www.garlic.com/~lynn/2001i.html#21 3745 and SNI
https://www.garlic.com/~lynn/2001i.html#30 IBM OS Timeline?
https://www.garlic.com/~lynn/2001j.html#17 I hate Compaq
https://www.garlic.com/~lynn/2001j.html#47 OT - Internet Explorer V6.0
https://www.garlic.com/~lynn/2001k.html#5 OT - Internet Explorer V6.0
https://www.garlic.com/~lynn/2001k.html#18 HP-UX will not be ported to Alpha (no surprise)exit
https://www.garlic.com/~lynn/2001l.html#5 mainframe question
https://www.garlic.com/~lynn/2001l.html#8 mainframe question
https://www.garlic.com/~lynn/2001l.html#17 mainframe question
https://www.garlic.com/~lynn/2001n.html#23 Alpha vs. Itanic: facts vs. FUD
https://www.garlic.com/~lynn/2002b.html#36 windows XP and HAL: The CP/M way still works in 2002
https://www.garlic.com/~lynn/2002b.html#37 Poor Man's clustering idea
https://www.garlic.com/~lynn/2002d.html#31 2 questions: diag 68 and calling convention
https://www.garlic.com/~lynn/2002e.html#67 Blade architectures
https://www.garlic.com/~lynn/2002f.html#1 Blade architectures
https://www.garlic.com/~lynn/2002f.html#17 Blade architectures
https://www.garlic.com/~lynn/2002k.html#8 Avoiding JCL Space Abends
https://www.garlic.com/~lynn/2002m.html#21 Original K & R C Compilers
https://www.garlic.com/~lynn/2002n.html#27 why does wait state exist?
https://www.garlic.com/~lynn/2002o.html#14 Home mainframes
https://www.garlic.com/~lynn/2003c.html#53 HASP assembly: What the heck is an MVT ABEND 422?
https://www.garlic.com/~lynn/2003d.html#2 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
https://www.garlic.com/~lynn/2003d.html#8 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
https://www.garlic.com/~lynn/2003d.html#54 Filesystems
https://www.garlic.com/~lynn/2003h.html#35 UNIX on LINUX on VM/ESA or z/VM
https://www.garlic.com/~lynn/2003i.html#70 A few Z990 Gee-Wiz stats
https://www.garlic.com/~lynn/2003k.html#10 What is timesharing, anyway?
https://www.garlic.com/~lynn/2003k.html#17 Dealing with complexity
https://www.garlic.com/~lynn/2004c.html#53 defination of terms: "Application Server" vs. "Transaction Server"
https://www.garlic.com/~lynn/2004d.html#72 ibm mainframe or unix
https://www.garlic.com/~lynn/2004i.html#1 Hard disk architecture: are outer cylinders still faster than inner cylinders?
https://www.garlic.com/~lynn/2004i.html#2 New Method for Authenticated Public Key Exchange without Digital Certificates
https://www.garlic.com/~lynn/2004m.html#0 Specifying all biz rules in relational data
https://www.garlic.com/~lynn/2004m.html#5 Tera
https://www.garlic.com/~lynn/2004q.html#10 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2004q.html#37 A Glimpse into PC Development Philosophy
https://www.garlic.com/~lynn/2004q.html#70 CAS and LL/SC
https://www.garlic.com/~lynn/2005.html#40 clusters vs shared-memory (was: Re: CAS and LL/SC (was Re: High Level Assembler for MVS & VM & VSE))
https://www.garlic.com/~lynn/2005.html#55 Foreign key in Oracle Sql
https://www.garlic.com/~lynn/2005f.html#18 Is Supercomputing Possible?
https://www.garlic.com/~lynn/2005h.html#26 Crash detection by OS
https://www.garlic.com/~lynn/2005i.html#42 Development as Configuration
https://www.garlic.com/~lynn/2005m.html#8 IBM's mini computers--lack thereof
https://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
https://www.garlic.com/~lynn/2006c.html#8 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006c.html#41 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006j.html#20 virtual memory
https://www.garlic.com/~lynn/2006o.html#32 When Does Folklore Begin???
https://www.garlic.com/~lynn/2006o.html#62 Greatest Software, System R
https://www.garlic.com/~lynn/2006x.html#3 Why so little parallelism?
https://www.garlic.com/~lynn/2007.html#32 V2X2 vs. Shark (SnapShot v. FlashCopy)
https://www.garlic.com/~lynn/2007b.html#3 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007c.html#42 Keep VM 24X7 365 days
https://www.garlic.com/~lynn/2007d.html#16 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007i.html#50 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#61 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#19 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#24 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#55 Capacity and Relational Database
https://www.garlic.com/~lynn/2007n.html#49 VLIW pre-history
https://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database
and lack of distributed computing skills has some overlap with previous
thread on lack of parallel computing skills/technology
https://www.garlic.com/~lynn/2007d.html#13 Why so little parallelism?
https://www.garlic.com/~lynn/2007l.html#24 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#26 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#38 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#60 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#63 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#5 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#13 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#14 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#19 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#22 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#26 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#29 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#37 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#39 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#49 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#51 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#52 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#54 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#58 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#59 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#61 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#1 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#3 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#6 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#25 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#28 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#38 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#39 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007p.html#55 Is Parallel Programming Just Too Hard?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 18:57:09 -0400Frank McCoy <mccoyf@millcomm.com> writes:
somewhat in support of work on x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959
i had made some semi-facetious comments that we would take a $500 mil-spec part and aggresively cost reduce it by 2-3 orders of magnitude while making it more secure.
Another requirement was that it would be capable of supporting transit gate requirement ... iso 14443 contactless and iso 1443 contactless power profile, with transit gate timing ... 100millisecond or so elapsed time (i.e. one method that some of the RSA approaches attempted to try and get elapsed time down to a few seconds ..... was to put in massively parallel circuit operation which resulting in massive increase in power draw ... far outside anything that could be provided in reasonable period of time within iso 14443 contactless specification).
Another requirement was that it needed to perform "dynamic" operations ... so that every transaction was different/unique ... as a countermeasure to static data vulnerabilities and exploits like replay attacks (also vulnerability of static data shared-secrets).
One of the interesting characteristics in nearly all of the current generation of contactless chipcard deployments are using static data paradigm (vulnerable to various kinds of evesdropping/havesting and replay attacks) and are at least as expensive as what we were doing a decade ago.
Turns out that fips-186, ecdsa with some tweaks could be done within the stated requirements. part of the aggresive cost reduction was to build it all into the silicon manufacturing and do the dynamic asymmetric keygen and public key export integrated with initial poweron/test process (while still in wafer ... before slicing and dicing ... w/o even increasing the elapsed time to do the existing poweron/test cycle) ... aka the aggresive cost reduction looked at every aspect of creating a chipcard from chip design thru final delivery to enduser.
one of the problems we later ran into was ability to get an eal5-high evaluation. the issue was that since ecdsa was built into the silicon ... and not loaded onto the chip at some later time ... ecdsa evaluation had to be part of the protection profile evaluation. in part because of a reference evaluation for ecdsa ... this resulting in only be able to get an eal4-high evaluation.
this is contrasted with others being able to get an eal5-high evaluation for a very similar chip .... which allowed loading of the crypto code onto the chip after evaluation. We claimed that our final delivered chip with only a eal4-high evaluation with no provision for post manufacturing application loading ... actually had a much higher integrity than a similar chip with an eal5-high evaluation ... but all the application and software needed for end-user delivery ... was loaded afterwards and wasn't evaluatted.
one of the breakthroughs a decade ago was coming up with an acceptable random number source. ec/dsa (as well was dsa) is dependent on having a very high quality random number generation for every digital signature.
one of the possible reasons for prevalence of RSA deployments at the time was that RSA didn't require a random number as part of digital signature generation (and the perception that it was very difficult to have high quality random number source). Lack of high quality random number source also propagates into key generation (where it is also required) ... not only most of the chips from the period ... very slow digital signature (using RSA) but also had external keygen (because it needed higher quality random number source ... and RSA keygen is even significantly slower than RSA operations) with (external) key "injection" as part of numerous post manufacturing steps
really high quality random number source could be considered a tipping point for both move to ec/dsa (with much higher thruput) and fast, efficient on-chip keygen.
past posts in this subthread:
https://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#30 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#32 what does xp do when system is copying
some recent posts about particular kind of attack on some deployed
chipcards (involving "static data") sometimes referred to as yes card
https://www.garlic.com/~lynn/subintegrity.html#yescard
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 19:28:43 -0400Frank McCoy <mccoyf@millcomm.com> writes:
one of the problems with the aggressive cost reduction was that work was done on both the whole end-to-end process of actually deliverying something to the end-user ... as well as the number of chips per wafer ... aka in large volume, manufacturing costs effectively are fixed per wafer ... so ten-fold increase in chips/wafer will represent nearly ten-fold reduction in (manufacturing) cost/chip (in more traditional deployments ... the post manufacturing processing costs begin to dominate total, fully loaded delivery costs).
drastically reducing the circuits per chip ... while still maintaining security and feature/function was a challenge ... but eventually put the implementation on nearly same track as the product "barcode/UPC" RFID chips; i.e. with comparable number of circuits.
as the number of circuits/chips was reduced and the size of circuits shrank ... the wafer area taken up by the slicing and dicing ... cutting chips from the wafers ... became larger than the total area for chips. the next big jump in number of chips/wafer (and related big reduction in cost/chip) required developement of new wafer slice&dice technology ... significantly reducing area of the cut size (in large part motivated by efforts to significantly reduce cost of product "barcode/UPC" RFID chips) ... allowing big increase in number of (very small) chips/wafer.
other posts in this subthread
https://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#30 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sun, 14 Oct 2007 21:43:50 -0400Morten Reistad <first@last.name> writes:
silicon not even possible to load software.
i gave talk on some of the issues in assurance panel in the trusted computing track at intel developers conference a few years ago ... quiping that over the previous couple yrs that TPM chip was starting to look more and more like the aads strawman. the guy running the TPM chip effort was in the front row and quipped back that i didn't have a committee of 200 people helping with the chip design.
misc. past posts mentioning talk at intel developers conference
https://www.garlic.com/~lynn/aadsm27.htm#36 TPM, part 2
https://www.garlic.com/~lynn/2002j.html#78 Future interconnects
https://www.garlic.com/~lynn/2006h.html#31 Intel vPro Technology
https://www.garlic.com/~lynn/2007g.html#61 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007g.html#63 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007m.html#20 Patents, Copyrights, Profits, Flex and Hercules
i wasn't at the rump session when the md5 attack was described ... but
i did get email in real-time from somebody attending the talk
... asking if i could provide all the RFCs that have references to MD5
... somewhat as adjunct of my RFC index
https://www.garlic.com/~lynn/rfcietff.htm
so i started generating
https://www.garlic.com/~lynn/rfcmd5.htm
as part of the rfc index generation process.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Mon, 15 Oct 2007 09:37:54 -0400Frank McCoy <mccoyf@millcomm.com> writes:
one countermeasure ... is inserting random (again requiring some sort of random source) dummy cycles ... which throws off the differential power analysis ... along with more care given to the implementation.
wiki article
https://en.wikipedia.org/wiki/Power_analysis
and references here
http://www.cryptography.com/resources/whitepapers/DPA.html
http://www.cryptography.com/technology/dpa/licensing.html
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Tue, 16 Oct 2007 10:21:23 -0400jmfbahciv writes:
other states have claimed that it is all going to fund education systems.
wasn't something similar with the toll on mass turnpike ... which had been legislated to disappear once the original construction bonds had been paid off (and was disappearing into general fund?)
for a little computer related ... when we were doing ha/cmp product,
https://www.garlic.com/~lynn/subtopic.html#hacmp
an early adopter was one of the large gaming companies that ran some
number of casinos. it was getting ready to open the largest casino in
conn. (on indian reservation). ha/cmp was going to be some of the cash
management and other stuff ... accessed by pit bosses and
backroom. there was supposedly going to be a one week test period before
the actual opening of the casino. something like 24hrs into the test
period, they decided to open the doors (running 24hrs a day, 7 days
week). misc. past posts mentioning casino:
https://www.garlic.com/~lynn/2006g.html#3 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#11 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#16 The Pankian Metaphor
however, back to gov. taxing/revenue, i remember being in sweden and all the stories about alcoholism being such a problem in the country, that the gov. operate all the liquor stores and there are enormous taxes on alcohol (all part of programs to discourage use) ... and then seeing tv advertisements by the gov. stores to come in and buy alcohol.
recently some of the arguments against the current form of child health
bill mentioned similar issues about basing major revenue on taxes on
something that is supposedly being discouraged. other programs for major
"discouragement" taxes have said that the taxes would be specifically
used for health problems directly related to use. although even this
could run into significant actuary problems ... with health problems
possibly showing up in major part of the population decades after actual
use and also possibly after the programs to discourage use have started
to become successful (heavily front loaded revenues collected decades
before actually needed, have a habit of disappearing into general
fund). old post
https://www.garlic.com/~lynn/2006g.html#29 The Pankian Metaphor
Other similar actuary numbers have been about (enormous) life-long
health problem costs for babies born to drug addicted mothers (typically
expected to also be the responsibility of gov. programs) ... recent post
https://www.garlic.com/~lynn/2007p.html#66 what does xp do when system is copying
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Oracle Raises Stakes With BEA Offer Newsgroups: alt.folklore.computers Date: Tue, 16 Oct 2007 11:26:52 -0400one of the cable business news channels just had rumor that IBM was about to make an offer for BEA.
back when ... sun and at&t had a major unix alliance ... and hp, dec. ibm, etc got together in OSF as a counter to sun/at&t unix
at&t had some business transaction monitor called Tuxedo. The "counter"
in OSF was the cmu-camelot/transarc-encina ... recent camelot/encina
mention (and ibm buying transarc, using encina as basis for a "unix"
cics implementation)
https://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database
at&t spun off tuxedo ... and later, BEA was formed by taking over the
spun-off company ... wiki references:
https://en.wikipedia.org/wiki/Tuxedo_(software)
https://en.wikipedia.org/wiki/BEA_Systems
transarc/encina reference
https://en.wikipedia.org/wiki/Transarc
various oracle/bea news items last couple days:
Oracle Raises Stakes With BEA Offer
http://itmanagement.earthweb.com/article.php/3705001
Oracle gets hostile with BEA bid
http://www.cbronline.com/article_news.asp?guid=67FFC49D-A173-4227-B5CD-D0DD3D0D461F
All abuzz over Oracle's BEA bid
http://www.infoworld.com/article/07/10/15/42OPeditor_1.html
Oracle Clarifies Offer After BEA Snubs First Bid
http://www.informationweek.com/news/showArticle.jhtml?articleID=202402814
Oracle's BEA Bid Turns Unfriendly
http://www.pcworld.com/article/id,138426-c,mergersacquisitions/article.html
Oracle's BEA bid turns unfriendly
http://www.infoworld.com/article/07/10/12/Oracles-BEA-bid-turns-unfriendly_1.html
Oracle says BEA canceled meeting
http://news.zdnet.com/2100-3513_22-6213362.html
Oracle's $6.7 Billion Bid for BEA Turned Down
http://it.slashdot.org/it/07/10/12/2058208.shtml
Oracle Raises Stakes With BEA Offer
http://www.internetnews.com/bus-news/article.php/3704881
Five Reasons BEA Is Better Off Being Bought By Oracle
http://www.crn.com/software/202402100
BEA Partners Back Oracle Bid, See Technology Benefits
http://www.crn.com/software/202402054
Oracle Launches $6.6 Billion BEA Takeover Bid
http://www.crn.com/software/202401861
Would BEA disappear under Oracle?
http://www.networkworld.com/news/2007/110607-marines-look-for-a-few.html
BEA and Oracle - doing the math
http://www.theregister.com/2007/10/16/oracle_bea_arithmetic/
SAP Says It Won't Make A Counter Bid For BEA Systems
http://www.informationweek.com/news/showArticle.jhtml?articleID=202404710
other past posts mentioning camelot, encina, and/or tuxedo
https://www.garlic.com/~lynn/2000.html#64 distributed locking patents
https://www.garlic.com/~lynn/2001.html#44 Options for Delivering Mainframe Reports to Outside Organizat ions
https://www.garlic.com/~lynn/2001i.html#49 Withdrawal Announcement 901-218 - No More 'small machines'
https://www.garlic.com/~lynn/2002i.html#54 Unisys A11 worth keeping?
https://www.garlic.com/~lynn/2002o.html#32 I found the Olsen Quote
https://www.garlic.com/~lynn/2003.html#46 Horror stories: high system call overhead
https://www.garlic.com/~lynn/2003.html#50 Origin of Kerberos
https://www.garlic.com/~lynn/2003k.html#58 What is timesharing, anyway?
https://www.garlic.com/~lynn/2004c.html#53 defination of terms: "Application Server" vs. "Transaction Server"
https://www.garlic.com/~lynn/2004h.html#42 Interesting read about upcoming K9 processors
https://www.garlic.com/~lynn/2004k.html#50 Xah Lee's Unixism
https://www.garlic.com/~lynn/2004n.html#9 RISCs too close to hardware?
https://www.garlic.com/~lynn/2005b.html#1 Foreign key in Oracle Sql
https://www.garlic.com/~lynn/2005b.html#22 The Mac is like a modern day Betamax
https://www.garlic.com/~lynn/2005j.html#26 IBM Plugs Big Iron to the College Crowd
https://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
https://www.garlic.com/~lynn/2006l.html#43 One or two CPUs - the pros & cons
https://www.garlic.com/~lynn/2006m.html#10 An Out-of-the-Main Activity
https://www.garlic.com/~lynn/2007d.html#16 "The Elements of Programming Style"
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Astrophysicist Replaces Supercomputer with a Cluster of Eight PlayStation 3s Newsgroups: alt.folklore.computers Date: Thu, 18 Oct 2007 12:58:32 -0400Astrophysicist Replaces Supercomputer with Eight PlayStation 3s
from above ...
Suffering from its exorbitant price point and a dearth of titles, Sony's
PlayStation 3 isn't exactly the most popular gaming platform on the
block. But while the console flounders in the commercial space, the PS3
may be finding a new calling in the realm of science and research.
... snip ...
over the past couple yrs there have been periodic references about using cell for implementing various supercomputer applications ... as well as the ongoing theme about difficulty of (nearly all kinds of) parallel programming
a couple other recent articles
3 Playstation 3s Reproduce Human Brain Functions
http://www.acus.org/new_atlanticist/sp-downgrades-usa-time-downgrade-sp?utm_source=feedburner
http://www.actiontrip.com/rei/comments_news.phtml?id=101507_11
Supercharging Seismic Processing with GPUs
http://www.hpcwire.com/hpc/1803161.html
posts in early thread(s)
https://www.garlic.com/~lynn/2004c.html#20 Parallel programming again (Re: Intel announces "CT" aka
https://www.garlic.com/~lynn/2007l.html#19 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#24 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#26 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#38 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#42 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007l.html#60 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#63 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#5 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#13 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#14 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#19 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#22 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#26 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#29 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#37 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#39 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#49 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#51 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#52 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#54 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#58 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#59 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#61 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#1 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#3 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#6 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#25 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#28 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#38 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#39 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007p.html#55 Is Parallel Programming Just Too Hard?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Newsweek article--baby boomers and computers Newsgroups: alt.folklore.computers Date: Thu, 18 Oct 2007 13:50:57 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
business news today hitting on the rating companies ... saying that changes have led to lower values that rating companies are able to give to credit-backed bonds (as compared to corporate-based/backed bonds)... also speculation that hearings have some possibility that new rules for ratings could significantly change the business.
somewhat related from today:
S.& P. Cuts Rating for Mortgage Bonds
http://www.nytimes.com/2007/10/18/business/18rating.html?ref=business
from above:
Standard & Poor's, the credit ratings agency, yesterday downgraded more
than 1,700 bonds tied to mortgages that were issued this year, including
more than three dozen that received the agency's highest rating a few
months ago.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Newsweek article--baby boomers and computers Newsgroups: alt.folklore.computers Date: Thu, 18 Oct 2007 20:29:35 -0400somewhat unrelated ... but a business news channel had interview with oil investment specialist ... who made some statement that oil exploration/development investment was underfunded in 2005 by 1/3rd ... likely leading to 1m barrel/day production shortfall in 2010-2011 timeframe (although there are significant uncertainties that could affect that shortfall prediction), growing to possibly 4m barrel/day production shortfall by 2013-2014.
the interviewer asked what are the possible reasons for the shortfall in investments. the "specialist" explained that one reason is that 1/2 of the production project specialists will reach retirement age over the next three years and there wasn't enough talent to undertake additional projects that typically take 7-8yrs.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Thu, 18 Oct 2007 23:41:13 -0400re:
some old posts mentioning calculations related to "churn" in
gov. sponsored lotteries:
https://www.garlic.com/~lynn/2005b.html#10 Factoring problem, solved
https://www.garlic.com/~lynn/2006g.html#3 The Pankian Metaphor
https://www.garlic.com/~lynn/2006g.html#11 The Pankian Metaphor
i.e. each week they may have something like 80percent payout ... and they keep 20percent ... but the payout also gets taxed ... so direct retained plus taxes on payout may possibly total 40percent of each weeks bettings. in theory, gov. lottories could be structured to have 100percent weekly payout ... and just plan on making it from weekly tax churn.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Fri, 19 Oct 2007 09:11:38 -0400krw <krw@att.bizzzz> writes:
at 50percent payout along with taxes ... played every week ... the money that populace still has, quickly goes to zero ... unless it is constantly being refreshed. casinos with possibly 99percent payout on slots, eventually collects large percentage of money played, if it is repeatedly played
for gov. lottories, say 30percent retained (after taxes on payout) ... then after five weeks it is down to .3**5 = .002 (casinos are figuring possibly 100 cycles, or much more, of money repeately played ... at 100 cycles w/.99percent payout, .99**100 = .366) ... this is really the joke about the govs. where you are told to send them all your money and then they decide how much you should get back.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Are there tasks that don't play by WLM's rules Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Fri, 19 Oct 2007 09:47:03 -0400eamacneil@YAHOO.CA (Ted MacNEIL) writes:
and in some tuning tests at cray research ... got 1mbyte/sec (channel media) thruput between 4341 clone and cray machine ... using only very modest amount of the 4341 ... about 25 times the bytes moved for maybe 1/30th the pathlength ... say nearly three orders of magnitude improvement in bytes/mip thruput
the initial port to os ... kept the base vm tcp/ip code unchanged and implemented a cut-down vm emulation underneath (just enuf to run the tcp/ip code) ... which further aggravated the poor tcp/ip thruput
there was then a tcp/ip implementation done "in vtam" that had been outsourced to subcontractor. the folklore is that initial version delivered had tcp with higher thruput than lu6.2 and the subcontractor was told that everybody knows that lu6.2 has much higher thruput (than tcp/ip) and therefor the tcp/ip implementation must be incorrect ... and only a "correct" implementation was going to be accepted.
misc. past references to folklore about the vtam-based implementation
for tcp/ip
https://www.garlic.com/~lynn/2000b.html#79 "Database" term ok for plain files?
https://www.garlic.com/~lynn/2000c.html#58 Disincentives for MVS & future of MVS systems programmers
https://www.garlic.com/~lynn/2002k.html#19 Vnet : Unbelievable
https://www.garlic.com/~lynn/2002q.html#27 Beyond 8+3
https://www.garlic.com/~lynn/2003j.html#2 Fix the shuttle or fly it unmanned
https://www.garlic.com/~lynn/2004e.html#35 The attack of the killer mainframes
https://www.garlic.com/~lynn/2005h.html#43 Systems Programming for 8 Year-olds
https://www.garlic.com/~lynn/2005p.html#15 DUMP Datasets and SMS
https://www.garlic.com/~lynn/2005r.html#2 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2006f.html#13 Barbaras (mini-)rant
https://www.garlic.com/~lynn/2006l.html#53 Mainframe Linux Mythbusting (Was: Using Java in batch on z/OS?)
https://www.garlic.com/~lynn/2006w.html#29 Descriptive term for reentrant program that nonetheless is
https://www.garlic.com/~lynn/2007h.html#8 whiny question: Why won't z/OS support the HMC 3270 emulator
i had a project i called hsdt (high-speed data transport)
https://www.garlic.com/~lynn/subnetwork.html#hsdt
that would periodically run into contention with the communication
group. among other things, had deployed backbone connected to the
internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet
that had T1 (and higher speed) terrestrial and satellite links.
recent post
https://www.garlic.com/~lynn/2007p.html#64
mentioning business trip to the far east to visit a company that
we were buying some hardware from. the friday before we left,
somebody in raleigh had announced a new internal discussion
group that was to use the following terminology references:
low-speed <9.6kbits
medium-speed 19.2kbits
high-speed 56kbits
very high-speed 1.5mbits
on the wall of a conference room, the following monday on the
other side of the pacific
low-speed <20mbits
medium-speed 100mbits
high-speed 200-300mbits
very high-speed >600mbits
we had also been doing some work with NSF and various universities
leading up to what was to be NSFNET backbone ... aka tcp/ip is the
technology basis for the modern internet, nsfnet backbone was the
operational basis for the modern internet and CIX was the business basis
for the modern internet.
some old email references from that period
https://www.garlic.com/~lynn/lhwemail.html#nsfnet
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Are there tasks that don't play by WLM's rules Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Fri, 19 Oct 2007 10:45:12 -0400Patrick.Falcone writes:
as per previous post ... there was the vs/pascal implementation ported from vm ... with a "diagnose" instruction simulation done in os ... and then the vtam-based implementation (that started out only being "correct" if it had lower thruput than lu6.2).
some part of the base code poor thruput (and high processor consumption) was that (only) a channel-attached "bridge" box was being supported ... rather than a native channel-attached tcp/ip "router" box.
In the LAN "bridge" scenario ... the mainframe host code not only had to do the ip-header gorp ... but also had to do the lan/mac header overhead before passing the packet to the channel for processing by the "bridge" box.
part of the rfc 1044 three orders of magnitude improvement
https://www.garlic.com/~lynn/subnetwork.html#1044
was having a real channel-attach tcp/ip router box ... eliminating the mainframe host code having to also provide the lan/mac header overhead processing (needed by a lan/mac "bridge" box ... rather than having a real channel-attach tcp/ip router box).
part of this possibly was the whole focus on the sna communication paradigm (the old joke that it wasn't a system, wasn't a network, and wasn't an architecture) ... where vtam provided the communication addressing (and didn't have the concept of networking).
in the early days of sna ... my wife had co-authored AWP39 for
peer-to-peer networking architecture ... which was possibly viewed as
somewhat in competition with sna. part of the issue is that in most of
the industry, networking is peer-to-peer ... it is only when sna had
co-opted the term "networking" to apply to communication ... that it was
necessary to qualify "networking" with "peer-to-peer". this was possibly
also why she got con'ed into going to pok to be in charge of
loosely-coupled architecture. while there she also created peer-coupled
shared data architecture ... which, except for ims hot-standby,
didn't see a lot of uptake until sysplex. misc past posts
https://www.garlic.com/~lynn/submain.html#shareddata
for other archeological trivia ... APPN was originally "AWP164".
misc. past posts mentioning AWP39
https://www.garlic.com/~lynn/2004n.html#38 RS/6000 in Sysplex Environment
https://www.garlic.com/~lynn/2004p.html#31 IBM 3705 and UC.5
https://www.garlic.com/~lynn/2005p.html#8 EBCDIC to 6-bit and back
https://www.garlic.com/~lynn/2005p.html#15 DUMP Datasets and SMS
https://www.garlic.com/~lynn/2005p.html#17 DUMP Datasets and SMS
https://www.garlic.com/~lynn/2005q.html#27 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005u.html#23 Channel Distances
https://www.garlic.com/~lynn/2006h.html#52 Need Help defining an AS400 with an IP address to the mainframe
https://www.garlic.com/~lynn/2006j.html#31 virtual memory
https://www.garlic.com/~lynn/2006k.html#9 Arpa address
https://www.garlic.com/~lynn/2006k.html#21 Sending CONSOLE/SYSLOG To Off-Mainframe Server
https://www.garlic.com/~lynn/2006l.html#4 Google Architecture
https://www.garlic.com/~lynn/2006l.html#45 Mainframe Linux Mythbusting (Was: Using Java in batch on z/OS?)
https://www.garlic.com/~lynn/2006o.html#62 Greatest Software, System R
https://www.garlic.com/~lynn/2006r.html#4 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006r.html#9 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006t.html#36 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2006u.html#28 Assembler question
https://www.garlic.com/~lynn/2006u.html#55 What's a mainframe?
https://www.garlic.com/~lynn/2007b.html#9 Mainframe vs. "Server" (Was Just another example of mainframe
https://www.garlic.com/~lynn/2007b.html#48 6400 impact printer
https://www.garlic.com/~lynn/2007d.html#55 Is computer history taugh now?
https://www.garlic.com/~lynn/2007h.html#35 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#39 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007l.html#62 Friday musings on the future of 3270 applications
https://www.garlic.com/~lynn/2007o.html#72 FICON tape drive?
https://www.garlic.com/~lynn/2007p.html#12 JES2 or JES3, Which one is older?
https://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Anniversaries Newsgroups: alt.folklore.computers Date: Fri, 19 Oct 2007 11:57:18 -0400"Micheal H. McCabe" <mhmccabe@alltel.net> writes:
by comparison, customers built cp67 (and vm370) systems directly from the source code.
there was a reputed $5m spent on investigating whether it was possible to acquire listings or m'fiche that exactly corresponded to any specific mvs system. they eventually gave up ... that it simply wasn't practical. it wasn't that m'fiche "source" couldn't be obtained for mvs ... it was that there was no process to guarantee that any specific listing/m'fiche source exactly respresented any specific executing mvs system.
a previous post mentioning the investigation:
https://www.garlic.com/~lynn/2002q.html#32 Collating on the S/360-2540 card reader?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Fri, 19 Oct 2007 12:16:21 -0400hancock4 writes:
the future system project was going to replace 360/370 in the
early-to-mid 70s ... when the project was eventually canceled there was
big effort to make up for lost time resulting from the future system
distraction
https://www.garlic.com/~lynn/submain.html#futuresys
attempting to get stuff back into the 370 (hardware & software) product pipelines ... crash program for 303x was part of that. part of the analysis "killing" the project was that if a "future system" machine was built from the fastest hardware then available (370/195) it would have the thruput of a 370/145.
the folklore is that some of the future system participants regrouped in rochester, coming out with the s/38 (which didn't have nearly the thruput requirements).
i've periodically commented that there is some characteristics of the 801 risc activities in the 70s .... to go to the exact opposite extreme of what went on in future system.
a early, big push for 801/risc was effort to replace the multitude of
corporate internal microprocessors with common risc architecture chips
(every low-to-mid range 370 implemented with microcode on their own
unique microprocessor, controllers, and other kinds of microprocessors).
one of these was going to be the s/38 follow-on, as/400. the common
801/risc microprocessor effort ran into all sorts of problems and
eventually died off ... at which time, as/400 had crash project to
design a new CISC processor. misc. past 801, romp, rios, fort knox,
power, power/pc, somerset, etc postings
https://www.garlic.com/~lynn/subtopic.html#801
as well as some old email from the period
https://www.garlic.com/~lynn/lhwemail.html#801
effectively the effort was revisited when rochester began move of as/400 from their CISC chip to its current use of 801/RISC chip.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions Newsgroups: alt.folklore.computers Date: Fri, 19 Oct 2007 19:13:55 -0400Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
from above:
In an Oct. 13 presentation at the University Of Illinois, Eric Traut,
a distinguished engineer at Microsoft, talked about virtualization and
also slipped in details about the project, code-named MinWin.
... snip ...
other articles:
Microsoft Wants Smaller Software Footprints Starting With Windows 7
http://www.informationweek.com/news/showArticle.jhtml?articleID=202805289
Microsoft Shows Shaved-Down Kernel For Next Windows OS
http://www.pcworld.com/article/id,138666/article.html
Microsoft to slim down 'bloated' Windows
http://www.techworld.com/opsys/news/index.cfm?newsid=10398&pagtype=all
misc. other posts mentioning new 40+ yr old technology
https://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007j.html#43 z/VM usability
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#93 How old are you?
https://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
https://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: US or China? Newsgroups: alt.folklore.computers Date: Sat, 20 Oct 2007 10:18:43 -0400jmfbahciv writes:
actually i wrote a bit about it nearly 25yrs ago in some internal forums ... in terms of consumer electronics taking over hitech industry.
one of the things in hsdt
https://www.garlic.com/~lynn/subnetwork.html#hsdt
was cost of things like encryption, forward error correcting hardware ... especially for higher speed links (or things like vlsi and surface mount technology). one comment (from the period) was that i could get at least as good optics and better forward error correcting in $300 cdrom than i could in a $20k "computer industry" box (also behind rise of cdrom, dvd, 8mm tape, 4mm tape, etc in computer industry)
this was one of the issues in the difference between mainframe (fiber) escon and rs6000 (fiber) sla. escon technology had been laying around pok since the 70s w/o making much headway. 6000 engineer from austin picked it up ... tweaked the technology so that it was about ten percent faster ... but it was also deployed with much less expensive "cdrom" optic driver technology.
this also motivated the work on large clusters of risc chips in ha/cmp
project
https://www.garlic.com/~lynn/subtopic.html#hacmp
misc. old email from the period
https://www.garlic.com/~lynn/lhwemail.html#medusa
i've also periodically commented that this was source of much of the churn in the hdtv meetings sponsored by the commerce dept. in the 1990 timeframe.
misc. past post mentioning $300 cdrom
https://www.garlic.com/~lynn/2001j.html#23 OT - Internet Explorer V6.0
https://www.garlic.com/~lynn/2001n.html#77 a.f.c history checkup... (was What specifications will the standard year 2001 PC have?)
https://www.garlic.com/~lynn/2002l.html#27 End of Moore's law and how it can influence job market
https://www.garlic.com/~lynn/2003h.html#3 Calculations involing very large decimals
https://www.garlic.com/~lynn/2003o.html#54 An entirely new proprietary hardware strategy
https://www.garlic.com/~lynn/2004o.html#43 360 longevity, was RISCs too close to hardware?
https://www.garlic.com/~lynn/2004o.html#44 360 longevity, was RISCs too close to hardware?
https://www.garlic.com/~lynn/2004p.html#57 IBM 3614 and 3624 ATM's
https://www.garlic.com/~lynn/2005n.html#27 Data communications over telegraph circuits
https://www.garlic.com/~lynn/2006.html#45 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006q.html#62 Cray-1 Anniversary Event - September 21st
https://www.garlic.com/~lynn/2007d.html#50 Is computer history taugh now?
misc. past posts mentioning hdtv activity
https://www.garlic.com/~lynn/2000e.html#11 Is Al Gore The Father of the Internet?^
https://www.garlic.com/~lynn/2001.html#73 how old are you guys
https://www.garlic.com/~lynn/2001b.html#2 FCC rulemakings on HDTV
https://www.garlic.com/~lynn/2001j.html#23 OT - Internet Explorer V6.0
https://www.garlic.com/~lynn/2005k.html#25 The 8008
https://www.garlic.com/~lynn/2006.html#45 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006q.html#62 Cray-1 Anniversary Event - September 21st
https://www.garlic.com/~lynn/2006s.html#63 Microsoft to design its own CPUs - Next Xbox In Development
https://www.garlic.com/~lynn/2007d.html#50 Is computer history taugh now?
misc. past posts mentioning escon
https://www.garlic.com/~lynn/96.html#5 360 "channels" and "multiplexers"?
https://www.garlic.com/~lynn/96.html#15 tcp/ip
https://www.garlic.com/~lynn/2000d.html#14 FW: RS6000 vs IBM Mainframe
https://www.garlic.com/~lynn/2000f.html#31 OT?
https://www.garlic.com/~lynn/2001.html#12 Small IBM shops
https://www.garlic.com/~lynn/2001.html#18 Disk caching and file systems. Disk history...people forget
https://www.garlic.com/~lynn/2001.html#46 Small IBM shops
https://www.garlic.com/~lynn/2001e.html#22 High Level Language Systems was Re: computer books/authors (Re: FA:
https://www.garlic.com/~lynn/2001j.html#23 OT - Internet Explorer V6.0
https://www.garlic.com/~lynn/2001k.html#22 ESCON Channel Limits
https://www.garlic.com/~lynn/2001m.html#25 ESCON Data Transfer Rate
https://www.garlic.com/~lynn/2002.html#10 index searching
https://www.garlic.com/~lynn/2002e.html#7 Bus & Tag, possible length/distance?
https://www.garlic.com/~lynn/2002e.html#32 What goes into a 3090?
https://www.garlic.com/~lynn/2002f.html#6 Blade architectures
https://www.garlic.com/~lynn/2002f.html#7 Blade architectures
https://www.garlic.com/~lynn/2002f.html#11 Blade architectures
https://www.garlic.com/~lynn/2002g.html#33 ESCON Distance Limitations - Why ?
https://www.garlic.com/~lynn/2002q.html#40 ibm time machine in new york times?
https://www.garlic.com/~lynn/2003h.html#0 Escon vs Ficon Cost
https://www.garlic.com/~lynn/2003o.html#54 An entirely new proprietary hardware strategy
https://www.garlic.com/~lynn/2003o.html#64 1teraflops cell processor possible?
https://www.garlic.com/~lynn/2004d.html#68 bits, bytes, half-duplex, dual-simplex, etc
https://www.garlic.com/~lynn/2004n.html#45 Shipwrecks
https://www.garlic.com/~lynn/2005e.html#12 Device and channel
https://www.garlic.com/~lynn/2005e.html#13 Device and channel
https://www.garlic.com/~lynn/2005h.html#7 IBM 360 channel assignments
https://www.garlic.com/~lynn/2005h.html#13 Today's mainframe--anything to new?
https://www.garlic.com/~lynn/2005l.html#26 ESCON to FICON conversion
https://www.garlic.com/~lynn/2005r.html#14 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005u.html#23 Channel Distances
https://www.garlic.com/~lynn/2005v.html#0 DMV systems?
https://www.garlic.com/~lynn/2006i.html#34 TOD clock discussion
https://www.garlic.com/~lynn/2006l.html#43 One or two CPUs - the pros & cons
https://www.garlic.com/~lynn/2006m.html#52 TCP/IP and connecting z to alternate platforms
https://www.garlic.com/~lynn/2006p.html#46 "25th Anniversary of the Personal Computer"
https://www.garlic.com/~lynn/2006x.html#3 Why so little parallelism?
https://www.garlic.com/~lynn/2006x.html#11 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2006x.html#13 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2006x.html#15 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2007.html#29 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007.html#35 V2X2 vs. Shark (SnapShot v. FlashCopy)
https://www.garlic.com/~lynn/2007h.html#9 21st Century ISA goals?
https://www.garlic.com/~lynn/2007o.html#54 mainframe performance, was Is a RISC chip more expensive?
https://www.garlic.com/~lynn/2007o.html#72 FICON tape drive?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The history of Structure capabilities Date: Sat, 20 Oct 2007 21:10:18 -0400 Newsgroups: comp.lang.asm.x86,alt.folklore.computersFrank McCoy wrote:
reason for creating RISC
https://www.garlic.com/~lynn/subtopic.html#801
was to go to the opposite extreme of the (failed/canceled) future
system project
https://www.garlic.com/~lynn/submain.html#futuresys
one of the nails in the FS coffin was a study that claimed if a FS machine was built out of the fastest technology then available (370/195), it would only have the thruput of a 370/145 (maybe 30:1 slowdown).
sporadic quote about future system project
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
from above:
IBM tried to react by launching a major project called the 'Future
System' (FS) in the early 1970's. The idea was to get so far ahead
that the competition would never be able to keep up, and to have such
a high level of integration that it would be impossible for
competitors to follow a compatible niche strategy. However, the
project failed because the objectives were too ambitious for the
available technology. Many of the ideas that were developed were
nevertheless adapted for later generations. Once IBM had acknowledged
this failure, it launched its 'box strategy', which called for
competitiveness with all the different types of compatible
sub-systems. But this proved to be difficult because of IBM's cost
structure and its R&D spending, and the strategy only resulted in a
partial narrowing of the price gap between IBM and its rivals
... snip ...
i.e. significant motivation for FS was the rise of the clone (compatible) controllers.
some number of past posts about being part of team (as an
undergraduate) creating clone controller (which got written up for
sparking clone controller business)
https://www.garlic.com/~lynn/submain.html#360pcm
there is also some speculation that some of the characteristics of SNA and the complex relationship between vtam and 3705 is also an outgrowth of both clone telecommunication controllers and failure of future system project
the distraction of the future system project also contributed to dearth of items in 370 product pipeline for a period ... which would have helped clone processors being able to get a foothold.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Ancient Apple Newsgroups: alt.folklore.computers Date: Sun, 21 Oct 2007 09:50:57 -0400Morten Reistad <first@last.name> writes:
was work on mainframe "channel extender" ... remoting local "channel attached" devices using T1/1.5mbit links.
The first deployment was for STL (now renamed silicon valley lab) that was bursting at the seams and needed to "remote" something like 300 people from the IMS group to offsite building. they had tested standard remote 3270s terminals which ran over 9.6kbit links and found the response horrible. The relocation of 300 "local" 3270s terminals to remote bldg via T1/1.5mbit channel extender ... appeared to provide "local" response ... and because of some additional factors, improved overall system thruput by 10-15percent.
The T1/1.5mbit link was actually provided by a subchannel on a T3 collins digital radio (microwave) plant site "campus" installation.
Then there was another IMS group near Boulder that was facing somewhat similar situation ... and were moving the IMS group to a nearby bldg on the other side of a busy highway. It was decided to deploy a similar solution but using T1 infrared (optical) modems mounted on the roofs of the two (multi-story) bldgs. One of the early problems was that there was lots of problems maintaining alignment of the T1 infrared modems ... problem was the change in height of the bldgs on different sides as the sun moved across the sky during the day.
misc. past posts mentioning channel extension with the T1 infrared
modems
https://www.garlic.com/~lynn/94.html#23 CP spooling & programming technology
https://www.garlic.com/~lynn/2000c.html#65 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2001e.html#72 Stoopidest Hardware Repair Call?
https://www.garlic.com/~lynn/2001e.html#76 Stoopidest Hardware Repair Call?
https://www.garlic.com/~lynn/2003b.html#29 360/370 disk drives
https://www.garlic.com/~lynn/2005e.html#21 He Who Thought He Knew Something About DASD
https://www.garlic.com/~lynn/2005u.html#22 Channel Distances
https://www.garlic.com/~lynn/2006y.html#3 The Future of CPUs: What's After Multi-Core?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Damn .... Newsgroups: alt.folklore.computers Date: Sun, 21 Oct 2007 10:41:42 -0400krw <krw@att.bizzzz> writes:
Boyd wasn't flying in vietnam ... but served tour in command.of.spook
base ... misc. past comments
https://www.garlic.com/~lynn/2005t.html#1 Dangerous Hardware
https://www.garlic.com/~lynn/2005t.html#2 Dangerous Hardware
https://www.garlic.com/~lynn/2005t.html#5 Dangerous Hardware
https://www.garlic.com/~lynn/2006u.html#51 Where can you get a Minor in Mainframe?
https://www.garlic.com/~lynn/2007g.html#13 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007i.html#4 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#69 Lean and Mean: 150,000 U.S. layoffs for IBM?
https://www.garlic.com/~lynn/2007m.html#60 Scholars needed to build a computer history bibliography
past posts mentioning John Boyd
https://www.garlic.com/~lynn/subboyd.html#boyd
misc. URLs from around the web mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html#boyd2
From: Anne & Lynn Wheeler <spamtrap@crayne.org> Subject: Re: The history of Structure capabilities Newsgroups: comp.lang.asm.x86,alt.folklore.computers Date: Sun, 21 Oct 2007 15:28:21 -0400Morten Reistad <spamtrap@crayne.org> writes:
side-note ... some posts to this particular thread from yesterday are just starting to trickle in ... i know i reposted the same thing a couple times because of the delay.
the meetings i attended on 801/risc in the 70s
https://www.garlic.com/~lynn/subtopic.html#801
.... was all about significantly reducing hardware complexity ... some of
it appeared to be reaction to do the exact opposite of future system
project
https://www.garlic.com/~lynn/submain.html#futuresys
and some amount of it explicitly stated that there was purposeful trade-off moving complexity out of hardware and into compiler/software.
part of original 801/risc design-point was that there was no hardware protection domains at all ... all protection/integrity would be provided by compilers generating correct code and kernel only loading correctly generated compiler code for execution.
.... there were then various efforts to do technology transfer from pl.8 (pli subset compiler for the 801/risc project) into other languages .... pli, fortran, pascal, c, etc (and for other hardware architectures)
here is recent post with various old email from 78-81 timeframe
mentioning 801/risc
https://www.garlic.com/~lynn/2006t.html#9 32 or even 64 registers for x86-64?
including '81 email discussing comparison of pl.8 technology (on
non-risc machines)
https://www.garlic.com/~lynn/2006t.html#email810808
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM Z6 processor Newsgroups: comp.arch Date: Mon, 22 Oct 2007 07:58:00 -0400nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Ancient Apple Newsgroups: alt.folklore.computers Date: Mon, 22 Oct 2007 08:51:29 -0400jmfbahciv writes:
instead of mounting on nearside bldg. sides ... mount near the center of both bldgs roofs.
there were also concerns about snow/rain fade of the signal. turns out there was some measurable bit-error-rate during one "white-out" snow storm (didn't make a lot of difference, especially since nobody was able to make it into the office)
for othe drift ... one of the reasons for infrared modems was that there was some issues with permits for microwave.
one of the places we were putting in 4.5meter satellite dishes had big uproar with some local citizens at planning/bldg commission meeting ... citizens extremely concerned about radiation. they were told that one of the reasons for the large dish was very weak signal from satellite in space ... and the transmission from ground used a 25watt transmitter ... that had uplink power control that nominally operated at 7watts during clear-sky conditions (which was focused straight up). still didn't seem to mean anything. so it was explained that if somebody was suspended directly above the (ground) transmitter ... they would receive much less radiation than people were receiving in their homes from the nearby 50,000 watt radio transmission tower.
recent post in another thread mentioning hsdt satellite
https://www.garlic.com/~lynn/2007q.html#45 Are there tasks that don't play by WLM's rules
https://www.garlic.com/~lynn/2007q.html#46 Are there tasks that don't play by WLM's rules
other hsdt posts
https://www.garlic.com/~lynn/subnetwork.html#hsdt
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM Z6 processor Newsgroups: comp.arch Date: Mon, 22 Oct 2007 10:17:58 -0400nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
nah, some of the 3090 engineers possibly thot it was a bit unfair that VF detracted from the significant work that had gone into sustained scalar FP thruput
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Direction of Stack Growth Newsgroups: comp.arch.embedded,comp.arch,comp.realtime,comp.dsp Date: Mon, 22 Oct 2007 10:38:02 -0400nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
minicomputer prices could fit into individual dept. budgets as opposed to institutional-wide large processor. there was some resurgence with introduction of 43xx (but a lot of those boxes went into commercial accounts ... some number with orders of multiple hundreds at a time)
gov. legal action also resulted in the 23jun69 unbundling announcement
https://www.garlic.com/~lynn/submain.html#unbundle
which also marked starting to charge for (application) software.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Virtualization: Everybody's Doing It, but Few Know How Newsgroups: alt.folklore.computers Date: Mon, 22 Oct 2007 13:31:42 -0400more, new, 40+ yr old technology ... dating back to mid-60s at science center
Virtualization: Everybody's Doing It, but Few Know How
http://www.linuxinsider.com/story/59931.html
from above:
As more organizations adopt server virtualization software, they're also
looking to hire people who have worked with the technology in live
applications.
But such workers can be hard to find,
... snip ...
and ..
Virtualization Services Market, 2007-2011 Forecast
http://itmanagement.earthweb.com/erp/article.php/3694386
from above:
As large enterprises embrace virtualization, the market for
virtualization services is growing robustly -- and is expected to grow
still faster in the next few years.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fixing our fraying Internet infrastructure Newsgroups: alt.folklore.computers Date: Mon, 22 Oct 2007 14:52:12 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
one of the business channels was just interviewing somebody about sectors for investment ... he commented that there is currently a one trillion dollar deficit in infrastructure spending (i.e. money that should have been spent but wasn't for transportation, water, power, etc) ... and as more and more of these infrastructures have various failures (some catastrophic), at some point they will have to get around spending the money on refurbishing/renewing/maintenance/etc
a couple recent posts (some of it deferred maintenance that nobody
ever gets around to actually doing)
https://www.garlic.com/~lynn/2007n.html#97 Loads Weighing Heavily on Roads
https://www.garlic.com/~lynn/2007o.html#6 Loads Weighing Heavily on Roads
when we were doing our ha/cmp product
https://www.garlic.com/~lynn/subtopic.html#hacmp
we got involved in some continuous availability issues ... coining
the terms disaster survivability and geographic survivability
(to differentiate from disaster recovery)
https://www.garlic.com/~lynn/submain.html#available
some of these were considered "natural" disasters ... but there seems to be a growing number of failures that are result of just not carrying through with various well understood processes.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Horrid thought about Politics, President Bush, and Democrats ... Newsgroups: alt.folklore.computers Date: Tue, 23 Oct 2007 09:12:51 -0400Morten Reistad <first@last.name> writes:
wiki page
https://en.wikipedia.org/wiki/Immigration_Reform_and_Control_Act_of_1986
misc. other references
http://www.mbbp.com/resources/employment/reform_act.html
http://louisville.edu/hr/policies/PER109.html
http://www.lib.niu.edu/ipo/1987/im870511.html
reference to 1995 gao report (on national net costs of illegal aliens)
on the subject (in an older thread)
https://www.garlic.com/~lynn/2007i.html#18 John W. Backus, 82, Fortran developer, dies
and ....
http://www.cis.org/articles/1997/IR28/5million.html
from above ...
The INS estimates that as of October 1996 there were five million
illegal aliens living in the United States,
...
The number of illegal aliens who remained after the completion of the
Immigration Reform and Control Act (IRCA) legalization in October of
1988 was 2,775,000, well above the 2.18 million previously estimated.
... snip ...
http://www.fairus.org/site/PageServer?pagename=iic_immigrationissuecenterse4a5
from above:
In 1986, Congress passed the Immigration Reform and Control Act (IRCA)
giving amnesty legal forgiveness to all illegal aliens who had
successfully evaded justice for four years or more or were illegally
working in agriculture.
Various Amnesties of Illegal Aliens IRCA (including dependents) 2,831,351 NACARA 405,000 Haitian Act 50,000 INA Section 249 (from 1987-1997) 69,670 TOTAL 3,356,021... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fixing our fraying Internet infrastructure Newsgroups: alt.folklore.computers Date: Tue, 23 Oct 2007 10:11:38 -0400jmfbahciv writes:
or just not do it correctly, i remember some joke during the 70s about
using water soluable asphalt for road repairs ... past reference:
https://www.garlic.com/~lynn/2003j.html#11 Idiot drivers
when i 1st moved to mass. somebody seriously commented about entrenched road repair institution dependent on annual contracts for repeatedly repairing the same stuff (can't exactly say that they weren't spending money on infrastructure).
this is somewhat related to recent article on nothing succeeds like failure
https://www.garlic.com/~lynn/2007h.html#29 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#33 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/aadsm26.htm#59 On cleaning up the security mess: escaping the self-perpetuating trap of Fraud?
a couple yrs ago there was some charges brought against public utility company in cal. ... where part of PUC approved customer fees were to go to trimming foilage away from transmission lines. after some number of fires ... they found that the company was "deferring maintenance" on the foilage trimming and the money diverted to bonuses for executives.
From: Anne & Lynn Wheeler <spamtrap@crayne.org> Subject: Re: The history of Structure capabilities Newsgroups: comp.lang.asm.x86,alt.folklore.computers Date: Tue, 23 Oct 2007 08:37:23 -0400krw <spamtrap@crayne.org> writes:
from above:
In total, I.B.M. invested $642.7 million in Intel in 1983 and 1984, in
return for about 20 percent of the company's outstanding stock. Its
average purchase price per share was $28.44. Under yesterday's
agreement, Intel purchased back those shares for $40.625 each. Intel's
Excess of Cash
.... snip ...
I have some vague recollection that IBM had option to buy even more ... instead it eventually sold it off. The above article mentions a deal for IBM to manufacture 386 ... and there was some work on a customized 386 chip design.
a couple old posts with old '89 article about motorola and intel
still being somewhat neck & neck
https://www.garlic.com/~lynn/2005q.html#44 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005q.html#45 Intel strikes back with a parallel x86 design
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Virtual Browsers: Disposable Security Newsgroups: alt.folklore.computers Date: Tue, 23 Oct 2007 16:01:10 -0400latest new 40+ yr old technology
Virtual Browsers: Disposable Security
http://www.linuxinsider.com/story/59949.html
from above:
If users are working on a virtualized PC, or at least a virtualized
Web browser, then throwing it out is trivial. So is replacing it with
a fresh, uncluttered, uninfected version. Virtual IT is built to be
disposable. OK, you've heard about this virtualization magic
before. However, it seems too good to be true, and it sounds
complicated and expensive.
... snip ...
some recent references to using virtualization for volitile
environment ... not only is the environment constrained/partitioned
... but everything is discarded (including any infections) at the end
of session (sort of the equivalent of vaporizing medical waste)
https://www.garlic.com/~lynn/2007i.html#26 Latest Principles of Operation
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007o.html#7 Hypervisors May Replace Operating Systems As King Of The Data Center
related article
It's time to install virtual throw-away PCs
http://computerworld.co.nz/news.nsf/mgmt/BD8BDF1543B9281ACC257372000354FE
from above:
I give up. You should too. It's time to stop trying to secure users'
web browsers, and instead just throw them away. We can't stop users
from clicking on the wrong links or going to compromised websites. We
can't eliminate drive-by worm infections or block zero-day rootkits.
But thanks to virtualisation, we can flush them all away.
... snip ...
other recent references to the new 40+ yr old technology
https://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007l.html#23 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007p.html#7 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell
https://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
https://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
https://www.garlic.com/~lynn/2007q.html#49 Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
https://www.garlic.com/~lynn/2007q.html#59 Virtualization: Everybody's Doing It, but Few Know How
oh and an advertisement that was displayed on the 1st article's page:
What's Linux with a Lineage? Verio Linux VPS delivers root access,
advanced FairShare technology for better performance, and support
that's actually supportive. It's all from Verio, the Virtual Private
Server technology pioneer, with over 500,000 customers.
... snip ...
misc. past posts mentioning doing fair share, original as
undergraduate some 39 yrs ago ... modifications to cp67 virtual
machine kernel.
https://www.garlic.com/~lynn/subtopic.html#fairshare
modifications were dropped in the morph from cp67 to vm370 ... but later re-introduced as part of resource manager. implementation was actually dynamic adaptive resource management policies ... with the default policy being fair share.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Direction of Stack Growth Newsgroups: comp.arch.embedded,comp.arch,comp.realtime,comp.dsp,comp.os.linux.embedded Date: Tue, 23 Oct 2007 18:47:36 -0400glen herrmannsfeldt <gah@ugcs.caltech.edu> writes:
call/save/return conventions
https://www.garlic.com/~lynn/gcard.html#50
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Direction of Stack Growth Newsgroups: comp.arch.embedded,comp.arch,comp.realtime,comp.dsp,comp.os.linux.embedded Date: Tue, 23 Oct 2007 22:19:16 -0400glen herrmannsfeldt <gah@ugcs.caltech.edu> writes:
in the os/360 convention called routine only needs its own savearea if it is planning on calling other routine(s). a routine that doesn't make any calls ... won't need its own savearea. a routine is only allocating/chaining savearea (on entry), when it is calling other routine(s) (for their use).
original/early cp67 kernel allocated 100 (contiguous) "saveareas" at boot initialized/managed as push/pop list. all internal kernel call/returns were done via svc (supervisor call) interrupt which would allocate/deallocate a savearea (from push/pop list). the called routine was still responsible for "saving" registers in the (recently) allocated savearea. when the 100 "savearea" were exhausted ... system failed. on entry, the pointer to the "active" savearea was in register 13 ... as per os/360 convention.
early on (as undergraduate) in the 60s, i made a number of cp67 kernel modifications:
several "called" kernel routines were "closed" ... i.e. they didn't call to any other routines. for these i changed the calling sequence from a supervisor call interrupt to (more familiar) BALR ... and these called routines, saved (calling routines) registers (on entry) in a single, kernel-wide savearea (actually in "page zero" ... so it was a per processor, kernel-wide savearea ... one for every processor in a multiprocessor configuration).
if the initial 100 saveareas were exhausted (actually any time available saveareas were exhausted) ... it would savange some storage and replenish the list with another block of saveareas.
....
the change to dynamicly extend kernel saveareas then complicated standard cp67 kernel failure analysis ... since it had been possible to examine all extent active and pending process indications by examining the fixed (location) preallocated, contiguous 100 saveareas.
these eventually shipped in standard cp67 product.
also as undergraduate i did an enhancement that moved some number of kernel routines out of fixed kernel storage and made them pageable. this required a little slight of hand ... while cp67 supported virtual memory and ran all of its virtual machines in virtual address spaces ... the cp67 kernel ran in "real addressing" (non virtual addressing mode). while the "pageable" kernel routines were fetched into memory and removed from memory via standard paging facilities ... the routines ran in "real addressing" mode w/o address translation turned on and couldn't depend on virtual address translation and/or hardware page faults. this didn't ship in standard cp67 product ... but was incorporated into the product as part of the morph from cp67 to vm370.
for a little topic drift ... some recent posts about the "new", 40+ yr
old virtual machine technology
https://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007l.html#23 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007p.html#7 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell
https://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
https://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
https://www.garlic.com/~lynn/2007q.html#49 Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
https://www.garlic.com/~lynn/2007q.html#59 Virtualization: Everybody's Doing It, but Few Know How
https://www.garlic.com/~lynn/2007q.html#64 Virtual Browsers: Disposable Security
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: does memory still have parity? Newsgroups: alt.folklore.computers Date: Wed, 24 Oct 2007 09:20:37 -0400Eric Sosman <esosman@ieee-dot-org.invalid> writes:
when we were doing our ha/cmp product
https://www.garlic.com/~lynn/subtopic.html#hacmp
... one of the things we marketing against was stratus (or its corporate rebranded system/88). one place we came up against was in 1-800 lookup/call-routing ... which had requirement for something like 5mins of downtime per year. at the time, stratus required taking the system down to perform kernel/system maintenance ... which could easily run an hr or two a year (exceeeding the down-time budget).
their counter was a pair of fail-over systems (to handle system maintenance and other scheduled outages) ... however a single system was already significantly more expensive than a ha/cmp configuration (and the statistical downtime/outage probabilities were all within the 5min/yr requirement).
misc. past posts mentioning stratus, s/88, and/or tandem
https://www.garlic.com/~lynn/2000e.html#49 How did Oracle get started?
https://www.garlic.com/~lynn/2000f.html#69 TSS ancient history, was X86 ultimate CISC? designs)
https://www.garlic.com/~lynn/2001.html#62 California DMV
https://www.garlic.com/~lynn/2001i.html#48 Withdrawal Announcement 901-218 - No More 'small machines'
https://www.garlic.com/~lynn/2001i.html#49 Withdrawal Announcement 901-218 - No More 'small machines'
https://www.garlic.com/~lynn/2001j.html#31 Title Inflation
https://www.garlic.com/~lynn/2001k.html#9 HP-UX will not be ported to Alpha (no surprise)exit
https://www.garlic.com/~lynn/2001k.html#10 HP-UX will not be ported to Alpha (no surprise)exit
https://www.garlic.com/~lynn/2001k.html#11 HP-UX will not be ported to Alpha (no surprise)exit
https://www.garlic.com/~lynn/2001k.html#13 HP-UX will not be ported to Alpha (no surprise)exit
https://www.garlic.com/~lynn/2001k.html#15 HP-UX will not be ported to Alpha (no surprise)exit
https://www.garlic.com/~lynn/2002.html#1 The demise of compaq
https://www.garlic.com/~lynn/2002.html#8 The demise of compaq
https://www.garlic.com/~lynn/2002f.html#14 Mail system scalability (Was: Re: Itanium troubles)
https://www.garlic.com/~lynn/2002f.html#15 Mail system scalability (Was: Re: Itanium troubles)
https://www.garlic.com/~lynn/2002f.html#18 Mail system scalability (Was: Re: Itanium troubles)
https://www.garlic.com/~lynn/2002f.html#25 When will IBM buy Sun?
https://www.garlic.com/~lynn/2002g.html#59 Amiga Rexx
https://www.garlic.com/~lynn/2002j.html#45 M$ SMP and old time IBM's LCMP
https://www.garlic.com/~lynn/2002j.html#46 M$ SMP and old time IBM's LCMP
https://www.garlic.com/~lynn/2002j.html#62 Server and Mainframes
https://www.garlic.com/~lynn/2002k.html#22 Vnet : Unbelievable
https://www.garlic.com/~lynn/2002p.html#13 Multics on emulated systems?
https://www.garlic.com/~lynn/2002p.html#14 Multics on emulated systems?
https://www.garlic.com/~lynn/2003.html#48 InfiniBand Group Sharply, Evenly Divided
https://www.garlic.com/~lynn/2003d.html#10 Low-end processors (again)
https://www.garlic.com/~lynn/2004q.html#75 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005.html#46 8086 memory space
https://www.garlic.com/~lynn/2005c.html#50 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005d.html#37 Thou shalt have no other gods before the ANSI C standard
https://www.garlic.com/~lynn/2005j.html#5 The 8008
https://www.garlic.com/~lynn/2005u.html#61 DMV systems?
https://www.garlic.com/~lynn/2006d.html#14 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006h.html#9 It's official: "nuke" infected Windows PCs instead of fixing them
https://www.garlic.com/~lynn/2006l.html#24 Google Architecture
https://www.garlic.com/~lynn/2007f.html#56 Is computer history taught now?
https://www.garlic.com/~lynn/2007h.html#76 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#34 Internal DASD Pathing
https://www.garlic.com/~lynn/2007j.html#46 John W. Backus, 82, Fortran developer, dies
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Direction of Stack Growth Newsgroups: comp.arch.embedded,comp.arch,comp.realtime,comp.dsp,comp.os.linux.embedded Date: Wed, 24 Oct 2007 15:54:14 -0400mojaveg@mojaveg.lsan.mdsg-pacwest.com (Everett M. Greene) writes:
a separate issue showed up in os/360 days in the transition from real storage to virtual memory. part of the problem was there was a very ingrained pointer-passing convention that permeated the infrastructure. in the transition to virtual memory on 370s ... the idea was to give each process possibly a full, maximum 16mbyte virtual address space. the downside was that because of the ingrained pointer-passing convention ... contributed to the kernel image being included in every (process) virtual address space ... which took up 8mbytes (of the 16mbytes).
then there were a lot of operating system "subsystems" that lived outside the kernel ... but provided services to applications and where the pointer-passing paradigm was also ingrained. these got moved into their own virtual address space. now the pointer-passing paradigm got a little more difficult. to address this ... there was something called a "common segment" that started out as one megabyte ... appearing in ever virtual address space. an application would find some space in the common segment, stuff in arguments, and make a kernel call with a pointer to the stuff in the common segment ... which would passthru the kernel and switch to the subsystem address space. the subsystem then could pass back information ... also in the common segment. the problem here was that for larger installations, with numerous "subsystems", the common segment would grow to five or possibly even six megabytes.
so you know have kernel image taking 8mbytes of every 16mbyte application virtual address space ... and the common segment taking another 5-6 mbytes of every application 16mbyte virtual address space ... leaving possibly as little as 2mbytes for the application.
something called "dual-address" space mode was introduced with 3033 ... it allowed for semi-privileged applications to execute with two virtual address space pointers ... one was the private virtual address space ... and one typically belonged to the calling application virtual address space. in this scenario ... each instance of the subsystem execution actually required register with both the address of the passed parameter pointer ... and a (control) register with the corresponding calling application virtual address space. however, this still required passing thru the kernel ... executing software instructions to do the necessary permission checking and switching around address pointers (along with instructions that accessed storage in other virtual address spaces).
later came "access registers" and program call/return. access registers generalized dual-address space mode to multiple virtual address spaces. there was kernel hardware table referenced by program call/return that supported applications being able to effectively make "BALR" type calls to subsystem services (in different virtual address spaces) and have all the various control registers be fiddled with (w/o having the overhead of executing instructions in the kernel) ... and then perform the return ... again w/o requiring kernel software exeuction. program call/return started out being a hierarchical infrastrucutre ... but later mesh-type operation was added.
current description of address types, virtual address types, access
register specified virtual address, etc
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/3.2.1?SHELF=&DT=20040504121320&CASE=
more address space discussion
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/3.8?DT=20040504121320
more discussion discussion able to handle up to 16 address spaces,
the primary address space and up to 15 AR-specified address spaces
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/3.8?DT=20040504121320
access-register introduction
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/5.7?DT=20040504121320
linkage-stack introduction
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/5.10?DT=20040504121320
linkage-stack operations
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/5.12?DT=20040504121320
program call instruction
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/10.34?DT=20040504121320
program return instruction
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/10.35?DT=20040504121320
program transfer and program transfer with instance instructions
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/10.37?DT=20040504121320
misc. past posts mentioning dual-address space, access registers,
program call/return, etc
https://www.garlic.com/~lynn/98.html#36 What is MVS/ESA?
https://www.garlic.com/~lynn/2000c.html#84 Is a VAX a mainframe?
https://www.garlic.com/~lynn/2000d.html#28 RS/6000 vs. System/390 architecture?
https://www.garlic.com/~lynn/2000e.html#58 Why not an IBM zSeries workstation?
https://www.garlic.com/~lynn/2001d.html#28 Very CISC Instuctions (Was: why the machine word size ...)
https://www.garlic.com/~lynn/2001h.html#73 Most complex instructions
https://www.garlic.com/~lynn/2001i.html#13 GETMAIN R/RU (was: An IEABRC Adventure)
https://www.garlic.com/~lynn/2001k.html#16 Minimalist design (was Re: Parity - why even or odd)
https://www.garlic.com/~lynn/2002d.html#51 Hardest Mistake in Comp Arch to Fix
https://www.garlic.com/~lynn/2002g.html#17 Black magic in POWER5
https://www.garlic.com/~lynn/2002g.html#18 Black magic in POWER5
https://www.garlic.com/~lynn/2002l.html#57 Handling variable page sizes?
https://www.garlic.com/~lynn/2002n.html#58 IBM S/370-168, 195, and 3033
https://www.garlic.com/~lynn/2002n.html#74 Everything you wanted to know about z900 from IBM
https://www.garlic.com/~lynn/2002q.html#1 Linux paging
https://www.garlic.com/~lynn/2003c.html#13 Unused address bits
https://www.garlic.com/~lynn/2003d.html#53 Reviving Multics
https://www.garlic.com/~lynn/2003d.html#69 unix
https://www.garlic.com/~lynn/2003e.html#0 Resolved: There Are No Programs With >32 Bits of Text
https://www.garlic.com/~lynn/2003e.html#12 Resolved: There Are No Programs With >32 Bits of Text
https://www.garlic.com/~lynn/2003g.html#13 Page Table - per OS/Process
https://www.garlic.com/~lynn/2003m.html#29 SR 15,15
https://www.garlic.com/~lynn/2004c.html#6 If the x86 ISA could be redone
https://www.garlic.com/~lynn/2004e.html#41 Infiniband - practicalities for small clusters
https://www.garlic.com/~lynn/2004f.html#27 [Meta] Marketplace argument
https://www.garlic.com/~lynn/2004f.html#53 Infiniband - practicalities for small clusters
https://www.garlic.com/~lynn/2004n.html#26 PCIe as a chip-to-chip interconnect
https://www.garlic.com/~lynn/2004n.html#54 CKD Disks?
https://www.garlic.com/~lynn/2004o.html#18 Integer types for 128-bit addressing
https://www.garlic.com/~lynn/2004o.html#57 Integer types for 128-bit addressing
https://www.garlic.com/~lynn/2005.html#3 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005b.html#53 The mid-seventies SHARE survey
https://www.garlic.com/~lynn/2005c.html#63 intel's Vanderpool and virtualization in general
https://www.garlic.com/~lynn/2005d.html#62 Misuse of word "microcode"
https://www.garlic.com/~lynn/2005f.html#7 new Enterprise Architecture online user group
https://www.garlic.com/~lynn/2005f.html#41 Moving assembler programs above the line
https://www.garlic.com/~lynn/2005f.html#57 Moving assembler programs above the line
https://www.garlic.com/~lynn/2005p.html#18 address space
https://www.garlic.com/~lynn/2005p.html#19 address space
https://www.garlic.com/~lynn/2005q.html#41 Instruction Set Enhancement Idea
https://www.garlic.com/~lynn/2005q.html#48 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2006.html#39 What happens if CR's are directly changed?
https://www.garlic.com/~lynn/2006b.html#25 Multiple address spaces
https://www.garlic.com/~lynn/2006b.html#28 Multiple address spaces
https://www.garlic.com/~lynn/2006i.html#33 virtual memory
https://www.garlic.com/~lynn/2006p.html#10 What part of z/OS is the OS?
https://www.garlic.com/~lynn/2006r.html#26 A Day For Surprises (Astounding Itanium Tricks)
https://www.garlic.com/~lynn/2006r.html#32 MIPS architecture question - Supervisor mode & who is using it?
https://www.garlic.com/~lynn/2006s.html#42 Ranking of non-IBM mainframe builders?
https://www.garlic.com/~lynn/2006t.html#23 threads versus task
https://www.garlic.com/~lynn/2006x.html#23 Multiple mappings
https://www.garlic.com/~lynn/2006y.html#39 Multiple mappings
https://www.garlic.com/~lynn/2007g.html#39 Wylbur and Paging
https://www.garlic.com/~lynn/2007g.html#59 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
https://www.garlic.com/~lynn/2007k.html#14 Some IBM 3033 information
https://www.garlic.com/~lynn/2007k.html#27 user level TCP implementation
https://www.garlic.com/~lynn/2007k.html#28 IBM 360 Model 20 Questions
https://www.garlic.com/~lynn/2007l.html#71 IBM 360 Model 20 Questions
https://www.garlic.com/~lynn/2007o.html#10 IBM 8000 series
https://www.garlic.com/~lynn/2007p.html#21 Newsweek article--baby boomers and computers
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Wed, 24 Oct 2007 19:04:01 -0400ArarghMail710NOSPAM writes:
i eventually learned to read 12-2-9 (i.e. card punch holes for hex "02") "txt" text deck cards ... as part of multi-punch/duplicate cards and punching patches ... i had a 2000 card assembler program and it was frequently faster to multi-punch fixes (into duplicate/new card) than to reassemble program (which could take 30-60 minutes elapsed time ... this was on 360/30 under os/360 release 6 ... i had dedicated university machine room on weekends for 48hrs stretch). basically had to not only be able to read storage dumps and equivalence between hexcode and things like instructions and/or addresses ... but the similar information on cards in "punch hole" representation.
field/col definition for 12-2-9 TXT card:
col
1 12-2-9 / x'02'
2-4 TXT
5 blank
6-8 relative address of first instruction on record
9-10 blank
11-12 byte count ... number of bytes in information field
15-16 ESDID
17-72 56-byte information field
73-80 deck id, sequence number, or both
cols. 2-4 and 73-80 were character ... the other fields were hex.
q&d converstion of gcard ios3270 to html
https://www.garlic.com/~lynn/gcard.html
but it lacks card punch hole equivalence for hex (on real green card)
here is actual scan of a 360 green card ... front & back (11mb)
http://weblog.ceicher.com/archives/IBM360greencard.pdf
from:
http://weblog.ceicher.com/archives/2006/12/ibm_system360_green_card.html
the following table is from
http://www.cs.uiowa.edu/~jones/cards/codes.html
giving equivalence between card punch codes, hexidemal value, and ebcdic
00 10 20 30 40 50 60 70 80 90 A0 B0 C0 D0 E0 F0 ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ ___ 0|NUL| |DS | |SP | & | - | | | | | | | | | 0 |0 |__1|___|__2|___|__3|__4|__5|___|___|___|___|___|___|___|___|___| 1| | |SOS| | | | / | | a | j | | | A | J | | 1 |1 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| 2| | |FS | | | | | | b | k | s | | B | K | S | 2 |2 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| 3| |TM | | | | | | | c | l | t | | C | L | T | 3 |3 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| 4|PF |RES|BYP|PN | | | | | d | m | u | | D | M | U | 4 |4 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| 5|HT |NL |LF |RS | | | | | e | n | v | | E | N | V | 5 |5 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| 6|LC |BS |EOB|UC | | | | | f | o | w | | F | O | W | 6 |6 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| 7|DEL|IL |PRE|EOT| | | | | g | p | x | | G | P | X | 7 |7 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| 8| | | | | | | | | h | q | y | | H | Q | Y | 8 |8 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| 9| | | | | | | | | i | r | z | | I | R | Z | 9 |9 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| A| | | | | ¢ | ! | | : | | | | | | | | |2-8 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| B| | | | | . | $ | , | # | | | | | | | | |3-8 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| C| | | | | < | * | % | @ | | | | | | | | |4-8 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| D| | | | | ( | ) | _ | ' | | | | | | | | |5-8 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| E| | | | | + | ; | > | = | | | | | | | | |6-8 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| F| | | | | | | ¬ | ? | " | | | | | | | | |7-8 |___|___|___|___|___|___|___|___|___|___|___|___|___|___|___|___| 12 11 10 12 11 10 12 11 10 12 11 10 9 9 9 10 12 11> i.e. hex values down the left and across the top, punch holes dorwn the right adn across the bottom.
and card punch format ... card rows are number 12, 11, 0-9 from the top.
/&-0123456789ABCDEFGHIJKLMNOPQR/STUVWXYZb#@'>V?.¤[<§!$*];^±,%v\¶ 12 / O OOOOOOOOO OOOOOO 11| O OOOOOOOOO OOOOOO 0| O OOOOOOOOO OOOOOO 1| O O O O 2| O O O O O O O O 3| O O O O O O O O 4| O O O O O O O O 5| O O O O O O O O 6| O O O O O O O O 7| O O O O O O O O 8| O O O O OOOOOOOOOOOOOOOOOOOOOOOO 9| O O O O |__________________________________________________________________
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Thu, 25 Oct 2007 05:22:24 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
"txt" card decks were nearly executable output from assemblers and
compilers. more information about format of other cards in txt card
deck
https://www.garlic.com/~lynn/2001.html#14 IBM Model Numbers (was: First video terminal?)
before i learned about "rep" cards, i would duplicate a "TXT", multipunching the patch/fix into the duplicated card.
keypunches just had keys for punching the character information, if you were dealing with hex ... for which there was no equivalent character ... it would be necessary to "multi-punch" to get the correct holes punched. for hex, it was necessary to read the holes ... since even if the card had been "interpreted" ... there were no corresponding character symbols for the majority of the hex codes.
my process was to fan the txt card deck ... reading the holes in cols 6-8 (displacement address in the program of data punched in the specific card) ... looking for the card corresponding to the data i needed to patch. I would then take that card and duplicate it out to the cols that needed to be "fixed" ... multi-punch the corrections (in the duplicate/new card) and then resume duplicating the remaining of the card.
misc past posts mentioning multi-punch
https://www.garlic.com/~lynn/93.html#17 unit record & other controllers
https://www.garlic.com/~lynn/2000f.html#75 Florida is in a 30 year flashback!
https://www.garlic.com/~lynn/2001b.html#26 HELP
https://www.garlic.com/~lynn/2001b.html#27 HELP
https://www.garlic.com/~lynn/2001k.html#27 Is anybody out there still writting BAL 370.
https://www.garlic.com/~lynn/2001k.html#28 Is anybody out there still writting BAL 370.
https://www.garlic.com/~lynn/2002k.html#63 OT (sort-of) - Does it take math skills to do data processing ?
https://www.garlic.com/~lynn/2004p.html#24 Systems software versus applications software definitions
https://www.garlic.com/~lynn/2005c.html#54 12-2-9 REP & 47F0
https://www.garlic.com/~lynn/2006c.html#17 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006g.html#43 Binder REP Cards (Was: What's the linkage editor really wants?)
https://www.garlic.com/~lynn/2006g.html#58 REP cards
https://www.garlic.com/~lynn/2006l.html#64 Large Computer Rescue
https://www.garlic.com/~lynn/2007d.html#51 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007f.html#78 What happened to the Teletype Corporation?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Thu, 25 Oct 2007 06:01:19 -0400hancock4 writes:
when i started, the univ. had 1401 that was used as unit-record front-end to 709. the card decks (potentially multiple student jobs) would be collected in card tray. when the tray approached full (our every couple hrs), the tray of cards would be read by the 1401 and transferred to tape. the tape would be carried to 709 tape drive and processed (sequentially, each job compiled and executed) with output going to another tape. When processing finished, the output tape would be moved to 1401 and results printed.
The operator would take the printed, fan-fold output, "burst it" ... i.e. tear it into individual jobs, match the bursted print output with corresponding original card deck, wrap the bursted print output around the input card deck (with rubber band) and place it in output bin for student pickup.
there were some administrative jobs that used sort ... but that frequently had trays and trays of cards ... written to tape .. and then multiple tape sort (with intermediate tape files) that ran for extended period of time.
i did write part of an application that was used for class registration. 2540 could not only read "holes" ... but also had the capability of reading "sense-marked" cards (i.e. no. 2 pencil marks in little boxes on cards). the 2540 had two feeds from the sides with five card stackers in the middle. one side read cards and could select two of the read-side stackers or the middle stacker, the other side punched cards and could select two of the punch-side stackers or the middle stacker.
class registration had all these sense-marked cards ... which would read and place in the middle stacker. if the processing found some problem with a card ... a blank card from the punch side would be punched behind the recently read sense-marked card (with some problem ... before the next card would be read/processed)
standard processing had an operator removing cards from the stacker and placing in card trays. all of the class registration sense-marked cards were plain manilla. the "punch" cards were loaded with cards that had yellow (or sometimes red) across the top band of the card.
once all class registration cards were processed ... there would be multiple trays ... sporadically sprinkled with yellow top-edge cards ... clearly identifying the registration cards with some kind of problem.
q&d conversion of gcard ios3270 to html
https://www.garlic.com/~lynn/gcard.html
reader/punch channel program command codes
https://www.garlic.com/~lynn/gcard.html#23
system/360 model 30 machine room, 2540 is seen in middle, in front
of the tape drives and partly obscured by 2311 disk drive. the "card
reader" (feed) is on the right and the punch is on the left, the five
output stackers are in the center
http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_PP2030.html
system 370 model 40 machine room, 2540 is in upper middle
http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_PP2040.html
better picture of 2540 on the right with somebody loading deck of
cards to be read
http://www.cs.ncl.ac.uk/events/anniversaries/40th/images/ibm360_672/slide19.jpg
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Value of SSL client certificates? Newsgroups: sci.crypt,comp.security.misc Date: Thu, 25 Oct 2007 06:40:23 -0400daw@taverner.cs.berkeley.edu (David Wagner) writes:
we had been called in to consult with this small client/server
startup that wanted to do payment transactions on their server
https://www.garlic.com/~lynn/subnetwork.html#gateway
they had this technology they called SSL they had invented and they wanted to use it in conjunction with the payment transactions. They had the SSL domain name certificates as part of webserver authentication ... but for payment transactions we had to enhance it with mutual authentication ... for interaction between the webserver and the payment gateway. we also had to do detailed end-to-end business process analysis of the while operation ... including this things that were starting to call themselves certification authorities.
recent postings on the subject in some other threads
https://www.garlic.com/~lynn/2007q.html#30
https://www.garlic.com/~lynn/aadsm27.htm#62
afterwards we got involved in the x9a10 financial standards working group that had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. As part of that effort we eventually did a much detailed vulnerability and threat model study (including analysing exactly what benefits did the digital certificates provide in the previous effort related to SSL ... which is now frequently referred to as electronic commerce).
x9a10 effort resulted in the x9.59 payment standard that required every
transaction to be authenticated.
https://www.garlic.com/~lynn/x959.html#x959
In the x9.59 standards document, it shows how this can be done with ec/dsa digital signature on every transaction and validated with a public key on file with the authorizing financial instituation (w/o requiring any digital certificate, the on-file public key making digital certificates redundant and superfluous).
part of the detailed vulnerability study found that there were actually much larger exploits of the transaction logs stored at various end points (and required for quite a few backroom business processes related to payment transactions) than were ever happening with evesdropping on transmitted transactions. so part of x9.59 financial standard (as part of the requirements given the x9a10 financial standard working group to preserve the integrity of the financial infrastructure for all retail payments) ... was to eliminate all the exploits ... not just the replay attacks from evesdropping attacks ... but also replay attacks resulting from harvesting things like transaction logs. the other issue was there have been studies that something upwards of 70percent of account fraud involves insiders (who have valid, required access to the information).
so part of the solution in x9.59 financial standard was to make evesdropping and/or havesting of previous transaction useless for performing fraudulent transactions ... i.e. even if attackers obtained the information (regardless of the means), it wouldn't be useful for doing things like various kinds of replay attacks or other fraudulent transactions. x9.59 didn't do anything about preventing unauthorized access to the information ... it just made it so that whatever kind of access there was ... the information couldn't be used by crooks to perform fraudulent transactions.
as part of the mutual authentication work for the original SSL, we came to realize that the digital certificates were redundent and superfluous (setting up long live encrypted sessions between the webservers and the payment gateway) ... because they both had to have registered information (including public key) of the entities that they were dealing with.
this was further highlighted when x9a10 working group looked as some of the other payment efforts going on at the same time that were oriented towards including digital certificates as part of a public key and digital signature operation.
one of the issues was that x.509 identity digital certificates from
the early 90s were starting to become overloaded with personal
information. by the mid-90s, numerous institutions had started to
realize this represented significant liability and privacy problems
... and had regressed to something they called relying-party-only
certificates
https://www.garlic.com/~lynn/subpubkey.html#rpo
these involved only including some sort of account number and/or other kind of database record locator (say userid) in the digital certificate ... and all the required information was onfile (and not being repeatedly sprayed all over the world in digital certificates). However, it is trivial to show that part of registration process that preceeds generating the digital certificate, the person's public key is also place on-file. As a result, it is then trivial to demonstrate that the digital certificate becomes redundant and superfluous.
The other part ... at least as far as payment transactions were
concerned ... for even the reduced relying-party-only digital
certificate processing (i.e. appending digital certificates to typical
payment transaction) ... increased the payload (and typical
processing) overhead by two orders of magnitude
https://www.garlic.com/~lynn/subpubkey.html#bloat
not only were the digital certificates redundant and superfluous ... but in the typical payment transaction operation, they represented a 100-fold increase in payload and processing overhead.
the x9 financial standards group did make some effort to look at the (redundant and superfluous) digital certificate enormous payload bloat in payment transactons with a standard project for compressed digital certificates (possible objective of reducing the enormous payload bloat from 100 times to possibly only 3-10 times).
one of the suggestions for compressed digital certificates was to
eliminate all fields that were the same across all the digital
certificates. my suggestions was doing information compression ...
i.e. eliminate all fields that were already on-file with issuing
relying-party. I was then able to show that all fields would be
already on-file and therefor all fields could be eliminated. Rather
than having a certificate-less infrastructure
https://www.garlic.com/~lynn/subpubkey.html#certless
there would be a transition to issuing zero-byte digital certificates ... and that all transactions would always have zero-byte digital certificates appended.
i.e. the redundant and superfluous nature of the digital certificates were futher reinforced (at least in payment transactions) by their enormous (two orders of magnitude) payload and processing bloat.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Value of SSL client certificates? Newsgroups: sci.crypt,comp.security.misc Date: Thu, 25 Oct 2007 07:00:34 -0400Paul Rubin <http://phr.cx@NOSPAM.invalid> writes:
... see the yes card scenario ... where they refer to "static data"
authentication ... basically the digital certificate w/o the individual
digital signature (which has been referred to as "active data")
https://www.garlic.com/~lynn/subintegrity.html#yescard
some of this (again) is related to the enormous processing and payload bloat associated with digital certificates (at least in the payment transaction scenario)
part of the issue is whether there is session level authentication
... but actual transactions still remain vulnerable (potentially
requiring enormous amounts of encryption and other security measures to
try and hide the vulnerable transactions)... discussed in these postings
on the "naked transaction" metaphor
https://www.garlic.com/~lynn/subintegrity.html#payment