From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Thu, 25 Oct 2007 20:49:56 -0400ArarghMail710NOSPAM writes:
for this student class registration app ... it run w/o hasp.
green card reader/punch command codes:
https://www.garlic.com/~lynn/gcard.html#23
from above:
Command Binary Hex Sense 0000 0100 04 Feed, Select Stacker SS10 F011 Read Only 11D0 F010 Diagnostic Read 1101 0010 D2 Read, Feed, Select Stacker SSD0 F010there was read, feed, and select stacker in single command this had the minimum overhead, if you already knew what stacker the card was going into ... i.e.
or you could do read separately from feed, select stacker.
for student class registration app ... just do read, feed, select stacker 3 ... process the information ... and if there was a problem, do a write, feed, select stacker three ... writing a totally blank card (idea was just to put a blank colored card behind registration cards that needed more work).
i had mentioned that i had done port of 1401 mpio application (unit record frontend for 709) to 360/30. I would do separate read from feed/select stacker ... not to dynamically select stacker ... but i wouldn't know before hand whether it was bcd or binary. I would do bcd read ... and if it got an error, i would reread with binary read ... before doing feed, select stacker.
past posts mentioning hasp
https://www.garlic.com/~lynn/submain.html#hasp
i had done highly optimized os/360 system that included hasp. i got nearly three times thruput compared to vanilla os/360 plus hasp (for standard university student job stream).
this is part of presentation i gave at fall '68 share meeting in Atlantic City
... mentioning the just os/360 system thruput and performance work
(running on real hardware) ... a lot of cp67 system thruput and
performance work ... and os/360 system thruput in virtual machine.
https://www.garlic.com/~lynn/94.html#18 CP/67 & OS MFT14
recent posts mentioning doing 1401 mpio port
https://www.garlic.com/~lynn/2007d.html#51 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007h.html#52 ANN: Microsoft goes Open Source
https://www.garlic.com/~lynn/2007m.html#73 Operating systems are old and busted
https://www.garlic.com/~lynn/2007n.html#59 IBM System/360 DOS still going strong as Z/VSE
https://www.garlic.com/~lynn/2007p.html#2 what does xp do when system is copying
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Thu, 25 Oct 2007 21:22:26 -0400hancock4 writes:
recent post that discusses part of 2540/3505 ccw op-code format
https://www.garlic.com/~lynn/2007r.html#0 IBM System/3 & 3277-1
the discussion that covered the 2540/3505 ccw op-code (command-code)
format ...
https://www.garlic.com/~lynn/gcard.html#23
was just the "command code" field of the ccw (first byte). here is format of channel command word (8 bytes, double world)
https://www.garlic.com/~lynn/gcard.html#12
the full 8-byte CCW (from above) is
Format-0 Channel Command Word
0---------------1---------------2---------------3---------------+
| Command code | Data address |
0---------------1---------------2---------------3---------------+
4---------------5---------------6---------------7---------------+
| Flags |///////////////| Byte count |
4---------------5---------------6---------------7---------------+
Standard Command codes Flags
xxxx 0000 Invalid Bit 32 (80) - Chain data
++++ ++01 Write 33 (40) - Chain command
++++ 0100 Sense 34 (20) - Suppress incorrect length
++++ ++10 Read 35 (10) - Suppress data transfer
xxxx 1000 Transfer in Channel 36 (08) - Program controlled interrupt
++++ ++11 Control 37 (04) - Use Indirect Data Address Word
++++ 1100 Read Backward 38 (02) - Suspend
0000 0011 Control No-op 39 (01) - Must be 0
1110 0100 Sense ID
x - Bit Ignored + - Modifier Bit for Specific Type of Device
....
so operating system "access methods" ... effectively i/o libraries were the same for both cobol and assembler. these "access methods" generated channel programs (sequences of channel command words) and invoked kernel/system call for it to be executed. access methods would have some number of options that could allow various kinds of control ... including things like stacker (however, most systems ran with hasp or other "spooling" function that handled all the unit record ... and stored the records as intermediary disk files. by the time an application got around to executing, the physical cards normally had long since been processed.
misc. past posts mentioning hasp
https://www.garlic.com/~lynn/submain.html#hasp
"access methods" were library routines typically written in assembler. it would be possible for application programmers to implement their own equivalent "access method" code that generated their own channel programs and directly invoked the kernel/system call to do the actual i/o operation.
i believe most of the student registration app was in cobol ... but i wrote some assembler for doing the card reader/punch scenario and some glue code that it allowed to be called from cobol.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Thu, 25 Oct 2007 21:38:50 -0400hancock4 writes:
misc. other responses
https://www.garlic.com/~lynn/2007r.html#0 IBM System/3 & 3277-1
https://www.garlic.com/~lynn/2007r.html#1 IBM System/3 & 3277-1
i remember the 2540 having brushes ... and my recollection was that the 2540 had option to directly read sense marks ... but this was over 40yrs ago ... so i could be wrong (but i have no recollection of the sense mark cards being preprocessed and generating a "real" hole-punched equivalent ... for processing by the student class registration application).
when i was doing the 1401 mpio port ... they would let me have the machine room for the weekend ... i would pull a 48hr shift from 8am sat until 8am mon ... and then drag myself off to some monday classes.
after a couple weekends, i learned that the first thing needed doing was standard operator shift maintenance ... before doing anything else clean all the tape heads ... and take the 2540 reader/punch apart and clean all the components (especially the reader read brushes) and put it back together.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: instruction sets, was Direction of Stack Growth Newsgroups: comp.arch.embedded,comp.arch,comp.realtime,comp.dsp Date: Fri, 26 Oct 2007 07:15:03 -0400"robertwessel2@yahoo.com" <robertwessel2@yahoo.com> writes:
From: Anne & Lynn Wheeler <spamtrap@crayne.org> Subject: Re: The history of Structure capabilities Newsgroups: comp.lang.asm.x86,alt.folklore.computers Date: Fri, 26 Oct 2007 07:41:30 -0400Frank McCoy <spamtrap@crayne.org> writes:
There wouldn't have been a problem if
the stop had happened when the processor was executing any other code .... than the couple thousand instructions that happened every 5-10 seconds on a processors with execution rates of at least several MIPS .... probability something on the order of 5x10**3/5x10**7 (or less) .... maybe .0001,
or if they had restarted the processor before 30 minutes was up,
or if the kernel had been prepared to handle a divide overflow. ....
From: Anne & Lynn Wheeler <spamtrap@crayne.org> Subject: Re: The history of Structure capabilities Newsgroups: comp.lang.asm.x86,alt.folklore.computers Date: Fri, 26 Oct 2007 08:58:54 -0400Frank McCoy <spamtrap@crayne.org> writes:
there was a different problem in the port of apl\360 to cms for cms\apl.
apl\360 was subsystem that supported 16kbyte workspaces in real memory environment ... with apl\360 providing its own infrastructure for timesharing, terminal support, and swapping workspaces.
in port to cms\apl ... all the timesharing and terminal support was being provided by the underlying cp67 (virtual machine) infrastructure.
the problem then was the garbage collection (storage management) strategy in apl\360. apl was interpreted with all (interpreted) code and data in the 16kbyte workspace. part of apl was to always allocate new storage location on every assignment (even if it involved a variable that already existed). storage allocation started low (in the workspace) and proceeded upwards until it hit the top of the workspace ... and which time it would garbage collect ... collecting all allocated variables/data into contiguous area of low storage and repeat. Storage allocation rate was proportional to frequency of assignments (somewhat independent of the aggregate size of the allocated variables). This strategy would frequently & repeatedly touch all available storage in the workspace ... which wasn't too bad with workspace being swapped as single 16kbyte area.
in the transition to cms\apl ... it moved from single 16kbyte real storage swapped area ... to potentially 16mbyte virtual address space that was paged in 4k pages. an application that ran comfortably in apl\360 16k workspace ... moved to cms\apl running in 16mbyte virtual address space could cause severe page thrashing (attempting to frequently and repeatedly touching every virtual page in the address space). so as part of port to cms\apl and (relatively large) virtual address spaces ... the whole apl storage and garbage collection mechanism had to be reworked.
lots of past posts mentioning apl ... and/or HONE ... a large
(cp67-based and later vm370) timesharing service that delivered a lot of
applications, most of which had been implemented in apl
https://www.garlic.com/~lynn/subtopic.html#hone
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The history of Structure capabilities Newsgroups: alt.folklore.computers Date: Sat, 27 Oct 2007 17:42:46 -0400paul c <toledobythesea@ooyah.ac> writes:
past post with decade (78-87) of vax sales sliced/diced
https://www.garlic.com/~lynn/2002f.html#0 Computers in Science Fiction
https://www.garlic.com/~lynn/2005f.html#37 Where should the type information be: in tags and descriptors
in the above, the mid-80s numbers for mid-range were starting to really drop off ... they were incrased vax sales, but they were microvax
the issue was that this mid-range market started to move to workstations and larger pcs starting in the mid-80s. at one point there was some assumption that the 4341 follow-on ... the 4381, was going to continue the remarkable sales volumes of 4341 ... but by that time ... the mid-range market was starting to shift ... similarly for the 4331 following, the 4361. There has been some semi-humorous reference that the reason that a pair of 4361s (for redundancy) were used as service processor for 3090s was that there were so many 4361s sitting around in warehouses
4341 announced 30jan79, withdrawn 11feb86
https://web.archive.org/web/20190105032753/https://www.ibm.com/ibm/history/exhibits/mainframe/mainframe_PP4341.html
3090 announced 12feb85, withdrawn 5may89
https://web.archive.org/web/20230719145910/https://www.ibm.com/ibm/history/exhibits/mainframe/mainframe_PP3090.html
somewhat based on enormous growth in the early 80s ... in the mid-80s there was projection that world-wide sales were going to continue to grow, doubling to $120billion (which spawned massive build-out to double manufacturing capacity). I made prediction instead that the company was going to go into the red (unless some significant restructure happened) ... which wasn't exactly a career enhancing thing to say at the time.
When we left in '92 in an "early out" program, i had an exit interview
with an executive who commented that they could have forgiven me for
being wrong, but they were never going to be able to forgive me for
being right. '92 was also the year that the company went into the red.
past posts commenting on the situation:
https://www.garlic.com/~lynn/2005j.html#32 IBM Plugs Big Iron to the College Crowd
https://www.garlic.com/~lynn/2005s.html#16 Is a Hurricane about to hit IBM ?
https://www.garlic.com/~lynn/2006.html#21 IBM up for grabs?
https://www.garlic.com/~lynn/2006.html#22 IBM up for grabs?
https://www.garlic.com/~lynn/2006l.html#17 virtual memory
https://www.garlic.com/~lynn/2006r.html#20 50th Anniversary of invention of disk drives
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Sat, 27 Oct 2007 18:05:00 -0400bbreynolds <bbreynolds@aol.com> writes:
several of us complained about it ... but were told that 327x terminals
were targeted at data entry market and didn't have the requirements for
interactive response and human factors that would be needed for
something like interactive computing. as seen in some of the referenced
performance comparisons ... say
https://www.garlic.com/~lynn/2001m.html#19 3270 protocol
... it was much more difficult to achieve subsecond response with 3274/3278 vis-a-vis 3272/3277. However, for mvs/tso with system response already on the order of a second (or much worse) ... it was pretty negligible consideration. however, heavily loaded vm/cms systems tended to be more on the order of a quarter second (or less, one system i had care&feeding of ... was on the order of .11 seconds 90th percentile for trivial interactive under heavy load).
past posts mentioning some (hardware) fixes to 3277 ... and not being
able to doing anything with later 3278/3279 because even that bit of
electronics had been moved back into the controller (and/or some other
3272/3277 issues vis-a-vis 3274/3278).
https://www.garlic.com/~lynn/94.html#23 CP spooling & programming technology
https://www.garlic.com/~lynn/98.html#49 Edsger Dijkstra: the blackest week of his professional life
https://www.garlic.com/~lynn/99.html#28 IBM S/360
https://www.garlic.com/~lynn/99.html#69 System/1 ?
https://www.garlic.com/~lynn/99.html#193 Back to the original mainframe model?
https://www.garlic.com/~lynn/99.html#239 IBM UC info
https://www.garlic.com/~lynn/2000c.html#63 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2000c.html#65 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2000c.html#66 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2000c.html#67 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2000d.html#12 4341 was "Is a VAX a mainframe?"
https://www.garlic.com/~lynn/2000g.html#23 IBM's mess
https://www.garlic.com/~lynn/2001b.html#12 Now early Arpanet security
https://www.garlic.com/~lynn/2001f.html#49 any 70's era supercomputers that ran as slow as today's supercompu
https://www.garlic.com/~lynn/2001i.html#51 DARPA was: Short Watson Biography
https://www.garlic.com/~lynn/2001k.html#30 3270 protocol
https://www.garlic.com/~lynn/2001k.html#33 3270 protocol
https://www.garlic.com/~lynn/2001k.html#44 3270 protocol
https://www.garlic.com/~lynn/2001k.html#46 3270 protocol
https://www.garlic.com/~lynn/2001l.html#32 mainframe question
https://www.garlic.com/~lynn/2001m.html#17 3270 protocol
https://www.garlic.com/~lynn/2001m.html#19 3270 protocol
https://www.garlic.com/~lynn/2002f.html#14 Mail system scalability (Was: Re: Itanium troubles)
https://www.garlic.com/~lynn/2002i.html#43 CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2002i.html#48 CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2002i.html#50 CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2002j.html#67 Total Computing Power
https://www.garlic.com/~lynn/2002j.html#74 Itanium2 power limited?
https://www.garlic.com/~lynn/2002j.html#77 IBM 327x terminals and controllers (was Re: Itanium2 power
https://www.garlic.com/~lynn/2002k.html#2 IBM 327x terminals and controllers (was Re: Itanium2 power
https://www.garlic.com/~lynn/2002k.html#6 IBM 327x terminals and controllers (was Re: Itanium2 power
https://www.garlic.com/~lynn/2002m.html#24 Original K & R C Compilers
https://www.garlic.com/~lynn/2002p.html#29 Vector display systems
https://www.garlic.com/~lynn/2002q.html#51 windows office xp
https://www.garlic.com/~lynn/2003b.html#29 360/370 disk drives
https://www.garlic.com/~lynn/2003c.html#18 Early attempts at console humor?
https://www.garlic.com/~lynn/2003c.html#69 OT: One for the historians - 360/91
https://www.garlic.com/~lynn/2003c.html#72 OT: One for the historians - 360/91
https://www.garlic.com/~lynn/2003d.html#23 CPU Impact of degraded I/O
https://www.garlic.com/~lynn/2003d.html#24 CPU Impact of degraded I/O
https://www.garlic.com/~lynn/2003e.html#43 IBM 3174
https://www.garlic.com/~lynn/2003h.html#15 Mainframe Tape Drive Usage Metrics
https://www.garlic.com/~lynn/2003i.html#30 A Dark Day
https://www.garlic.com/~lynn/2003j.html#24 Red Phosphor Terminal?
https://www.garlic.com/~lynn/2003k.html#20 What is timesharing, anyway?
https://www.garlic.com/~lynn/2003k.html#22 What is timesharing, anyway?
https://www.garlic.com/~lynn/2003o.html#14 When nerds were nerds
https://www.garlic.com/~lynn/2003o.html#36 When nerds were nerds
https://www.garlic.com/~lynn/2003p.html#44 Mainframe Emulation Solutions
https://www.garlic.com/~lynn/2004c.html#7 IBM operating systems
https://www.garlic.com/~lynn/2004c.html#30 Moribund TSO/E
https://www.garlic.com/~lynn/2004e.html#0 were dumb terminals actually so dumb???
https://www.garlic.com/~lynn/2004f.html#54 [HTTP/1.0] Content-Type Header
https://www.garlic.com/~lynn/2004g.html#11 Infiniband - practicalities for small clusters
https://www.garlic.com/~lynn/2004g.html#24 |d|i|g|i|t|a|l| questions
https://www.garlic.com/~lynn/2004g.html#27 Infiniband - practicalities for small clusters
https://www.garlic.com/~lynn/2004l.html#27 Shipwrecks
https://www.garlic.com/~lynn/2004l.html#32 Shipwrecks
https://www.garlic.com/~lynn/2004m.html#8 Whatever happened to IBM's VM PC software?
https://www.garlic.com/~lynn/2004q.html#35 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005e.html#13 Device and channel
https://www.garlic.com/~lynn/2005e.html#32 Stop Me If You've Heard This One Before
https://www.garlic.com/~lynn/2005e.html#33 Stop Me If You've Heard This One Before
https://www.garlic.com/~lynn/2005h.html#38 Systems Programming for 8 Year-olds
https://www.garlic.com/~lynn/2005h.html#40 Software for IBM 360/30
https://www.garlic.com/~lynn/2005r.html#12 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005r.html#14 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005r.html#15 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005r.html#17 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005r.html#20 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005r.html#28 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005s.html#17 winscape?
https://www.garlic.com/~lynn/2005s.html#45 winscape?
https://www.garlic.com/~lynn/2005u.html#22 Channel Distances
https://www.garlic.com/~lynn/2006.html#42 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006b.html#21 IBM 3090/VM Humor
https://www.garlic.com/~lynn/2006e.html#9 terminals was: Caller ID "spoofing"
https://www.garlic.com/~lynn/2006e.html#28 MCTS
https://www.garlic.com/~lynn/2006i.html#34 TOD clock discussion
https://www.garlic.com/~lynn/2006n.html#24 sorting was: The System/360 Model 20 Wasn't As Bad As All That
https://www.garlic.com/~lynn/2006n.html#51 stacks: sorting
https://www.garlic.com/~lynn/2006n.html#56 AT&T Labs vs. Google Labs - R&D History
https://www.garlic.com/~lynn/2006q.html#10 what's the difference between LF(Line Fee) and NL (New line) ?
https://www.garlic.com/~lynn/2006q.html#16 what's the difference between LF(Line Fee) and NL (New line) ?
https://www.garlic.com/~lynn/2006q.html#58 Intel abandons USEnet news
https://www.garlic.com/~lynn/2006s.html#42 Ranking of non-IBM mainframe builders?
https://www.garlic.com/~lynn/2006t.html#34 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2006t.html#42 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2006u.html#55 What's a mainframe?
https://www.garlic.com/~lynn/2006v.html#19 Ranking of non-IBM mainframe builders?
https://www.garlic.com/~lynn/2006v.html#20 Ranking of non-IBM mainframe builders?
https://www.garlic.com/~lynn/2007.html#14 vm/sp1
https://www.garlic.com/~lynn/2007c.html#5 old productivity response time studies
https://www.garlic.com/~lynn/2007e.html#5 Is computer history taugh now?
https://www.garlic.com/~lynn/2007f.html#70 Is computer history taught now?
https://www.garlic.com/~lynn/2007h.html#39 sizeof() was: The Perfect Computer - 36 bits?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Sat, 27 Oct 2007 18:13:21 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
another example of the electronics in 3277 was the 3277ga ... which was a large tektronics tube that had special adapter to plug into the side of 3277 terminal. system would write standard 3270 datastream, escape characters in the datastream would divert output to the 3277ga. 3277ga was capable of fairly high-performance graphic displays ... at much lower price than 2250/3250.
misc. past posts mentioning 3277ga
https://www.garlic.com/~lynn/2001i.html#51 DARPA was: Short Watson Biography
https://www.garlic.com/~lynn/2002p.html#29 Vector display systems
https://www.garlic.com/~lynn/2004m.html#8 Whatever happened to IBM's VM PC software?
https://www.garlic.com/~lynn/2006e.html#9 terminals was: Caller ID "spoofing"
https://www.garlic.com/~lynn/2006e.html#28 MCTS
https://www.garlic.com/~lynn/2006q.html#16 what's the difference between LF(Line Fee) and NL (New line) ?
https://www.garlic.com/~lynn/2006v.html#19 Ranking of non-IBM mainframe builders?
https://www.garlic.com/~lynn/2007.html#14 vm/sp1
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Sun, 28 Oct 2007 08:29:41 -0400"Rostyslaw J. Lewyckyj" <urjlew@bellsouth.net> writes:
wiki mark sense page
https://en.wikipedia.org/wiki/Mark_sense
mentions that 513, 514, 557, and 519 could handle mark sense. also has pointer to 805 test scoring machine.
513 & 514 reproducing punches could handle mark sense ... so it is possible that a 513/514 had preprocessed the mark sense student registration cards ... and the 2540 was only processing the reproduced punch cards (and i just not paying that much attention).
the wiki reference also has url for 513/514 (pdf) reference manual
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM System/3 & 3277-1 Newsgroups: comp.sys.ibm.sys3x.misc,alt.folklore.computers,bit.listserv.ibm-main Date: Sun, 28 Oct 2007 08:50:54 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
somebody picking around in some of the referenced old postings, sent private email asking about reference to ANR download being 2-3 times faster than DFT download ... and what was ANR ... other than APPN "Automatic Networking Routing".
ANR was 3272/3277 ... vis-a-vis DFT 3274/3278-9. In addition to DFT having slower human (real terminal) response ... because so much of the electronics had been moved back into controller, it also affected later terminal emulation download thruput.
quicky search engine for 3277 & anr turns up
http://www.classiccmp.org/pipermail/cctech/2007-September/084640.html
misc. past posts mentioning terminal emulation
https://www.garlic.com/~lynn/subnetwork.html#emulation
as client/server started to proliferate ... the communication
group made various attempts (like SAA) to protect their
terminal emulation install base. when we came up with
3tier/multi-tier architecture ... we took lots of heat from
the sna and saa forces. misc. posts mentioning coming up with
multitier networking architecture
https://www.garlic.com/~lynn/subnetwork.html#3tier
for other drift ... APPN started out as AWP164. For a time, the person responsible and I used to report to the same executive. I would periodically chide him that the communication group didn't appreciate what he was doing and that he should instead work on real networking (like tcp/ip). In fact, the communication group non-concurred with announcing APPN. After some delay and escalation, the announcement letter was carefully rewritten to not state any connection between APPN and SNA.
of course we were also running hsdt project ... misc. posts
https://www.garlic.com/~lynn/subnetwork.html#hsdt
and recent post illustrating gap between what we
were doing and what the communication group was doing
https://www.garlic.com/~lynn/2007p.html#64
part of the issue was that in early days of SNA ... my wife had
co-authored AWP39 ... peer-to-peer networking architecture
... which the communication group possibly viewed as competitive with
their communication activity. she was then con'ed into going to pok to
be in charge of loosely-coupled architecture and was frequently
battling with SNA forces that it wasn't appropriate for
loosely-coupled operation. She came up with peer-coupled shared
data architecture ... which didn't see a lot of uptake until
sysplex ... except for IMS hot-standby ... misc. past references
https://www.garlic.com/~lynn/submain.html#shareddata
recent posts mentioning AWP39
https://www.garlic.com/~lynn/2007b.html#9 Mainframe vs. "Server" (Was Just another example of mainframe
https://www.garlic.com/~lynn/2007b.html#48 6400 impact printer
https://www.garlic.com/~lynn/2007d.html#55 Is computer history taugh now?
https://www.garlic.com/~lynn/2007h.html#35 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#39 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007l.html#62 Friday musings on the future of 3270 applications
https://www.garlic.com/~lynn/2007o.html#72 FICON tape drive?
https://www.garlic.com/~lynn/2007p.html#12 JES2 or JES3, Which one is older?
https://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#46 Are there tasks that don't play by WLM's rules
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The history of Structure capabilities Newsgroups: alt.folklore.computers Date: Sun, 28 Oct 2007 09:21:28 -0400jmfbahciv writes:
somewhat motivated by the gov. litigation ... which also contributed to
23jun69 unbundling announcement
https://www.garlic.com/~lynn/submain.html#unbundle
business moved to sales ... and leases were converted to sales.
i've also commented that leases was behind the cpu "meter" that measured how much the processor was used per month (leases could be one, two, three, or four shift leases ... i.e. 7x24 was four shift).
leasing and cpu "meter" also had impact on offering 7x24 timesharing ... since offshift use frequently wouldn't cover the increased lease cost related to running the cpu "meter". somewhat breakthru was various strategies to leave the system up&running, but idle ... and not run the cpu "meter" ... aka the "meter" would run when the processor was executing and/or when i/o channel programs were executing. the trick was to get a terminal i/o channel program suspended ... to allow response to incoming characters ... but not run the "meter" when everything was otherwise idle.
misc. past posts mentioning timesharing
https://www.garlic.com/~lynn/submain.html#timeshare
misc. past posts mentioning cpu "meter"
https://www.garlic.com/~lynn/99.html#86 1401 Wordmark?
https://www.garlic.com/~lynn/2000b.html#77 write rings
https://www.garlic.com/~lynn/2000d.html#40 360 CPU meters (was Re: Early IBM-PC sales proj..
https://www.garlic.com/~lynn/2000d.html#42 360 CPU meters (was Re: Early IBM-PC sales proj..
https://www.garlic.com/~lynn/2002k.html#64 History of AOL
https://www.garlic.com/~lynn/2002l.html#62 Itanium2 performance data from SGI
https://www.garlic.com/~lynn/2002n.html#27 why does wait state exist?
https://www.garlic.com/~lynn/2002n.html#49 Tweaking old computers?
https://www.garlic.com/~lynn/2002n.html#52 Computing on Demand ... was cpu metering
https://www.garlic.com/~lynn/2005d.html#4 Self restarting property of RTOS-How it works?
https://www.garlic.com/~lynn/2005e.html#60 Mozilla v Firefox
https://www.garlic.com/~lynn/2005f.html#4 System/360; Hardwired vs. Microcoded
https://www.garlic.com/~lynn/2005k.html#40 IBM/Watson autobiography--thoughts on?
https://www.garlic.com/~lynn/2005o.html#30 auto reIPL
https://www.garlic.com/~lynn/2006c.html#22 Military Time?
https://www.garlic.com/~lynn/2007d.html#23 How many 36-bit Unix ports in the old days?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: How to tell a fake SSL certificate from a real one Newsgroups: alt.comp.freeware,comp.security.misc,alt.privacy.anon-server Date: Sun, 28 Oct 2007 09:51:34 -0400Anonymous Sender <anonymous@remailer.metacolo.com> writes:
they also had invented this technology called SSL that they wanted to
use for the payments. As part of the payment transaction stuff ... we
had to do this detailed audit of the SSL protocol as well as walk thru
of this new organizations calling themselves certification authorities
... and these things that they were issuing called digital certificates.
somewhat related past postings
https://www.garlic.com/~lynn/subpubkey.html#sslcert
part of the browser/webserver interaction assumptions for SSL ... was not only did the users understand the whole PKI gorp ... but were also required to understand the relationship between the webserver they thot they were talking to and the corresponding URL. SSL then would provide for verifying the correspondence between the URL and the webserver they were actually talking to (both are a requirement in order to result in the webserver a user actually talks to, is the webserver that the user thinks they are talking to).
this criteria was almost immediately compromised in actual deployments. merchants fairly quickly found that use of SSL cut their thruput by 80-90 precent so they regressed to just using SSL for checkout/pay phase with a CLICK button provided to enduser.
The CLICK button paradigm contributed sigificantly to obfuscating what the user thot of as a website and the corresponding URL (they were no longer paying attention to the actual URL used ... in part because they were no longer actually typing it).
Now there was no longer (any SSL) verification of the initial website contact ... and the (possibly fraudulent) website was then providing the CLICK button URL for the SSL portion. An attacker could possibly obtain a perfectly valid digital certificate that corresponds to the URL provided by the CLICK button ... and effectively nearly all users would never pay any attention.
misc. recent posts mentioning this issue:
https://www.garlic.com/~lynn/aadsm26.htm#28 man in the middle, SSL
https://www.garlic.com/~lynn/aadsm26.htm#31 man in the middle, SSL ... addenda 2
https://www.garlic.com/~lynn/aadsm27.htm#35 The bank fraud blame game
https://www.garlic.com/~lynn/2007k.html#79 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007q.html#72 Value of SSL client certificates?
https://www.garlic.com/~lynn/2007q.html#73 Value of SSL client certificates?
This obfuscation has also been leveraged by various phishing email
exploits ... either by taking a user to fraudulent impersonation website
(with perfectly valid SSL digital certificate) and/or using some flavor
of proxy technology for a man-in-the-middle attack (again possibly with
perfectly valid SSL digital certificate) ... recent posts discussing a
man-in-the-middle using some form of proxy technology
https://www.garlic.com/~lynn/2007q.html#6 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying
misc. posts mentioning man-in-the-middle attacks
https://www.garlic.com/~lynn/subintegrity.html#mitm
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do ATMS and card readers use? Newsgroups: comp.protocols.tcp-ip Date: Sun, 28 Oct 2007 10:27:38 -0400ediebur writes:
however large percentage of point-of-sale terminals ... have been psuedo pc/xt ... in very compact form-factor and some flash in place of real harddrive ... and doing real-time ascii modem dial-up (1200 baud) to some 1-800 number.
we were asked to come in and do some consulting with small client/server startup that wanted to do some payment transactions on their servers.
they had started out doing a "mall" type paradigm (that was largely underwritten by a large telco) ... with multiple "store fronts" all hosted on common platform ... and implemented one of the x.25 leased-line protocols out the backend of the "mall" to the financial institution processor.
they also had this technology they had invented called SSL which they wanted to use ... initially in the browser to webserver operations.
this was then converted to individual webservers ... using a SSL tunnel
from the webserver to a "payment gateway" ... which then had a
leased-line x.25 protocol to the financial institution processor.
various posts mentioning some of this
https://www.garlic.com/~lynn/subnetwork.html#gateway
what was carried within the webserver/gateway SSL ... was the message/packet format that was defined for the x.25 leased-line operation ... which the gateway could transparently passthru.
part of the issue/project back then was inventing new processes and procedures that were equivalent to active monitoring related to the (possibly replicated) leased-line x.25 operation ... and the associated service level agreements ... for use in the anarchy of the internet.
one of the issues in the early deployment of the gateway was that the internet backbone was toing thru transition to hierarchical routing ... and therefor you could no longer advertise your own alternative routes (as countermeasure to various kinds of outages and/or failures). as a result we had to fall-back to purely multiple A-record operation ... and the side initiated the request would roll thru the different listed ip-addresses ... until it got one that connected. we could mandate this on the webserver/gateway implementation.
however, we ran into some problems with the browser/webserver part. we claimed that a lot of large merchant websites had similar availability requirements as the payment gateways (wanting to be able to survive things like single-point-of-failures). the initial response from the people implementing the browser code was that such was too complicated and "advanced" (i.e. not taught in beginning classes) ... even after we provided them with sample client code from 4.3 tahoe. it took a year to get multiple a-record support into the browser client side code.
there then was some early transition ... with retail store PC operations (i.e. vendors that provided card processing software that ran on "normal" PCs) that would support the tcp/ip gateway operation in addition to direct dial-up modem operation.
you are now starting to see some number of the customer point-of-sale hardware terminals also offering tcp/ip communication option.
some of this was based on previously having done ha/cmp product
https://www.garlic.com/~lynn/subtopic.html#hacmp
and two of the people we had worked with at one of the dbms
vendors
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15
had left to join the small client/server startup and were in charge of developing this thing called a "commerce server".
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: what does xp do when system is copying Newsgroups: alt.folklore.computers Date: Sun, 28 Oct 2007 10:42:54 -0400krw <krw@att.bizzzz> writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The history of Structure capabilities Newsgroups: alt.folklore.computers Date: Sun, 28 Oct 2007 12:01:02 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
somewhat related to recent post mentioning timesharing
https://www.garlic.com/~lynn/2007r.html#11 The history of Structure capabilities
other posts mentioning timesharing (60s, 70s, and much of 80s, vm/cms
provided "personal computing" timesharing services)
https://www.garlic.com/~lynn/submain.html#timeshare
at one point the consolidated US hone datacenter (providing online
interactive vm/cms-based service to field, sales and marketing
had upwards of 40k defined users)
https://www.garlic.com/~lynn/subtopic.html#hone
with various HONE clones in datacenters around the world providing additional service.
in the time-frame the (worldwide) internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet
was growing from 2000 to 2500 nodes (and the internet going thru growth spurt and finally passing the internal network in number of nodes), it had coverage of just about all employees in the world (say on the order of 400k).
circa 1980 the external explosion in 43xx boxes ... also saw a similar
explosion in internal boxes (lots of internal network nodes were
43xx boxes mostly providing vm/cms timesharing service). misc.
old email with 43xx references
https://www.garlic.com/~lynn/lhwemail.html#4341
internally, a lot of the 43xx boxes were going in as "departmental" boxes ... some locations co-opting departmental conference rooms as "machine" rooms (contributing to the scarcity of conference rooms, this was also seen at some number of customers). later, workstations and larger PC started performing similar capability and as technology shrank ... could even move into smaller "wiring closets"
misc. past posts mentioning departmental machine/servers
https://www.garlic.com/~lynn/2001m.html#15 departmental servers
https://www.garlic.com/~lynn/2001n.html#23 Alpha vs. Itanic: facts vs. FUD
https://www.garlic.com/~lynn/2002.html#2 The demise of compaq
https://www.garlic.com/~lynn/2002.html#7 The demise of compaq
https://www.garlic.com/~lynn/2002d.html#4 IBM Mainframe at home
https://www.garlic.com/~lynn/2002h.html#52 Bettman Archive in Trouble
https://www.garlic.com/~lynn/2002i.html#30 CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2002j.html#66 vm marketing (cross post)
https://www.garlic.com/~lynn/2003d.html#64 IBM was: VAX again: unix
https://www.garlic.com/~lynn/2003n.html#46 What makes a mainframe a mainframe?
https://www.garlic.com/~lynn/2003o.html#24 Tools -vs- Utility
https://www.garlic.com/~lynn/2004.html#46 DE-skilling was Re: ServerPak Install via QuickLoad Product
https://www.garlic.com/~lynn/2004j.html#57 Monster(ous) sig (was Re: Vintage computers are better
https://www.garlic.com/~lynn/2004k.html#23 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of
https://www.garlic.com/~lynn/2004q.html#71 will there every be another commerically signficant new ISA?
https://www.garlic.com/~lynn/2005f.html#30 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005m.html#12 IBM's mini computers--lack thereof
https://www.garlic.com/~lynn/2006p.html#31 "25th Anniversary of the Personal Computer"
https://www.garlic.com/~lynn/2006t.html#37 Are there more stupid people in IT than there used to be?
https://www.garlic.com/~lynn/2007j.html#7 Newbie question on table design
https://www.garlic.com/~lynn/2007m.html#72 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007n.html#20 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007n.html#21 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: VM TSM server support Date: Mon, 29 Oct 2007 07:34:00 -0400 Newsgroups: bit.listserv.vmesa-lespecially since TSM was originally renamed/rebanded ADSM .... and the runup to ADSM was workstation datasave (built on cms) and the precursor to workstation datasave was CMSBACK.
i had originally done CMSBACK at SJR ... for SJR and the HONE systems
(which i was also provided a lot of support for) ... misc. past
posts mentioning HONE (internal vm/based timesharing service
providing online services for field, sales, and marketing worldwide)
and/or APL (large part of HONE services were implemented in APL)
https://www.garlic.com/~lynn/subtopic.html#hone
some number of past posts mentioning backup/archive systems
https://www.garlic.com/~lynn/submain.html#backup
and couple old email mentioning early CMSBACK activities
... which spread to some number of other internal installations
besides SJR and HONE
https://www.garlic.com/~lynn/lhwemail.html#cmsback
From: lynn@garlic.com Subject: Re: How to tell a fake SSL certificate from a real one Newsgroups: alt.comp.freeware,comp.security.misc,alt.privacy.anon-server Date: Mon, 29 Oct 2007 05:16:16 -0700On Oct 28, 1:22 pm, Krazee Brenda <i...@sanibleone.com> wrote:
at one time ... way back when.
slightly related archeological post
https://www.garlic.com/~lynn/2007r.html#13 What do ATMS and card readers use?
a couple of people from a large dbms vendor, that we had worked with
when we were doing ha/cmp product
https://www.garlic.com/~lynn/subtopic.html#hacmp
and scale-up for large distributed databases ... had joined the small startup and were in charge of developing something called a commerce server.
random post about long ago and far away meeting at the dbms vendor
where some names were mentioned
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: How to tell a fake SSL certificate from a real one Newsgroups: alt.comp.freeware,comp.security.misc,alt.privacy.anon-server Date: Mon, 29 Oct 2007 18:31:07 -0400Nomen Nescio <nobody@dizum.com> writes:
the comment wasn't about an attacker spoofing a certificate ... the comment was about spoofing a website (at a totally different URL) ... for which they might have a perfectly valid certificate.
the phishing attackers have been successful with "click" paradigm ... claiming to be one thing and actually having duplicated the site at a totally different website/URL (for which they have a valid certificate).
the issue was that the original SSL deployment about the end-users knowing the binding between the site they thought they were talking to and the URL for that site. Almost immediately there was widely deployment based on using "click" buttons ... and possibly for most users, they never acquired a knowledgeable awareness of the URL for the website they believed they were talking to.
other phishing attacks have used variation on proxy technologies ... having valid certificate for the URL (they had convinced victims to) click on. they would create a (SSL) session with the end-user ... and then also create another (SSL) session with the "real" site ... and transparently pass communication between the two sessions.
SSL was originally suppose to 1) guarantee that the website that the user thot they were talking to, was the actual website they were talking to and 2) encrypt/hide that communication. However, there was somewhat implicit assumption that the end-user had to explicitly know/provide the URL for the website they were talking to ... and the only SSL actually did was guarantee that the website being talked to corresponded with the provided URL. SSL was widely advertised as "1" ... which allowed attackers to take advantage of the fact that majority of the users in the world were interacting with websites ... not by explicity entering a known URL ... but by clicking on buttons (w/o acquiring necessary awareness of the corresponding URL).
This divergent between what SSL was frequently being claimed to solve and how it was actually being used, started to happen very early.
Part of this was almost immediately the majority of the merchant ecommerce sites found that use of SSL cut their thruput by 80-90percent. As a result they switched to not using SSL for the initial connection (which may have been actually entered by a user instead of clicking), and restricting its use for the pay/checkout portion of the shopping experience ... which was a click operation ... for a URL provided by (potentially fraudulent) merchant website.
Almost immediately, possibly 99.999 percent of the SSL use in the world was open to attackers being able to redirect users to a different URL (which users become conditioned to not pay attention to) and for which the attackers could have a perfectly valid digital certificate.
this contributed to some my comments about "comfort" certificate,
mentioned in some of these past posts
https://www.garlic.com/~lynn/subpubkey.html#sslcert
there was a large disconnect between what most users in the world were conditioned to believe was provided by SSL ... and what SSL was actually providing.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: How to tell a fake SSL certificate from a real one Newsgroups: alt.comp.freeware,comp.security.misc,alt.privacy.anon-server Date: Mon, 29 Oct 2007 21:02:48 -0400"Sebastian G." <seppi@seppig.de> writes:
no, it was realized very early ... it was built into the original assumptions for using SSL to meet electronic commerce requirement. The security issue was how can the user be sure that the website they thought they were talking to, was the website they were talking to.
SSL was proposed as addressing the problem ... so long as the user had adequate knowledge and provided the URL for the website they thought they were talking to ... then SSL would complete the other part of establishing that the website being talked to corresponded to the provided URL.
This was part of end-to-end evaluation of using SSL for electronic commerce application. The problem was that as soon as the end-user starting clicking on buttons (that provided the URL) ... it invalidated the original requirements needed for meeting the end-to-end security requirements for electronic commerce applications and the role that SSL played in addressing it.
We saw it as soon as merchants didn't require SSL as part of the full session (which was another requirement that we had for SSL addressing the electronic commerce application) ... so the user no longer had assurance that the merchant website they thought they were talking to, was the website they were talking to. It then was further aggravated when the merchant websites started providing the CLICK buttons for pay/checkout. Since the initial merchant website contact wasn't being validated ... there was no trust that the website being talked to was the website the enduser believed they were talking to ... and therefor could be a fraudulent website. Then the potentially fraudulent website is providing a URL for pay/checkout ... this could be a perfectly valid website with a perfectly valid SSL digital certificate ... but operated by fraudulent organization.
It was the small client/server startup that suggested their SSL invention as electronic commerce solution ... assuring users that the website that they thought they were talking to was, in fact, the website they were talking to. This became the widest deployed and supported purpose for SSL on the web (as well as the main source of revenue for the entities calling themselves certification authorities). However, we showed that SSL could only meet those objectives if certain other criteria were met. When those criteria were not met ... then it was no longer possible to claim that SSL was satisfying the security requirements for electronic commerce.
The user had to provide the URL (and understand the relationship between the website they thought they were talking to and the provided URL) to satisfy the end-to-end security paradigm needed for SSL. Anything that interfered with that was going to create security exposures and vulnerabilities. It was obvious that the whole button click paradigm would obfuscate the relationship between URL and website. It was further obvious that security risks were especially part of any environment where non-validated and non-trusted sources might provide click buttons (and the corresponding URL). This was part of the analysis that if the initial merchant website contact/URL wasn't validated ... then it could be a potentially fraudulent website, and therefor any click button providing a URL (originating from a potentially fraudulent website) couldn't also be trusted (even if it involved a valid SSL digital certificate).
It became really broken when "click" buttons started to show up in untrusted/unvalidated "spamming" email ... taking the enduser to fraudulent websites (potentially with valid SSL digital certificates). However, simple end-to-end security analysis shows that clicking on buttons (providing URLs) from sources that aren't trusted/validated, then there isn't a lot of reason to believe the resulting session (even with SSL) is to be trusted.
Endusers were encouraged to believe that SSL provided end-to-end security for electronic commerce. this helped convince merchants that they should pay for the digital certificates in support of SSL operation. click buttons broke critical part of the end-to-end paradigm that SSL (for electronic commerce) was dependent on.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Abend S0C0 Newsgroups: alt.folklore.computers Date: Mon, 29 Oct 2007 21:47:13 -0400paul c <toledobythesea@ooyah.ac> writes:
interrupts:
https://www.garlic.com/~lynn/gcard.html#7
i.e. from above:
Program-interruption-codes (high byte is always zero) 01 - Operation 0C - Exponent overflow 1A - Page state 02 - Privelaged operation 0D - Exponent underflow 1B - Page transition 03 - Execute 0E - Significance 1C - Space-switch eve 04 - Protection 0F - Floating-point divide 1F - PC-transl spec 05 - Addressing 10 - Segment translation 20 - AFX translation 06 - Specification 11 - Page translation 21 - ASX translation 07 - Data 12 - Translation specification 22 - LX translation 08 - Fixed-point overflow 13 - Special operation 23 - EX translation 09 - Fixed-point divide 14 - VM pseudo page fault 24 - Primary auth 0A - Decimal overflow 17 - ASN-translation spec 25 - Secondary auth 0B - Decimal divide 18 - Page access 40 - Monitor eventthe original question was whether mvt documented/supported 0C0 abend code for imprecise program interrupts. I don't recollect running across a reference.
80 - PER event bit (ORed together with any other program interruption code)
I do remember when dealing with the 370/195 people looking at doing a dual i-stream version (basically simulating a multiprocessor machine), they commented that a lot of the difference between 360/195 and 370/195 (besides some of the pre-virtual memory 370 instructions), was that a lot of instruction retry logic went into 370/195.
I did run across a cms pliopt reference on the web that mentions specifying "IMP" to generate extra code to correctly handle imprecise interrupts on 360/91, 360/195, and 370/195).
following is on bitsavers, 1967, os (i.e. mvt) support for 360/91:
http://www.bitsavers.org/pdf/ibm/360/C28-6666-0_360-91_OSsupport.pdf
it has table on pg. 39 on what is precise and what is imprecise. for standard/precise interrupts, the ILC field in the program old psw, has the "length" of the instruction causing the interrupt. for imprecise interrupts, the ILC field is zero.
on page 10, discussing program first-level interrupt handler, there is
and added note (bar-code from TNL update, aka Page revised by TNL
N28-2308, 1/31/68):
| Note: When an imprecise or a multiple-imprecise program interruption
| causes a task to be terminated, the completion code is "0C0" since the
| last digit reflects the decimal content of bits 26-31 in the program old
| PSW.
which is then translated to S0C0.
misc. past posts mentioning 370/195 dual i-stream investigation:
https://www.garlic.com/~lynn/95.html#3 What is an IBM 137/148 ???
https://www.garlic.com/~lynn/2001j.html#27 Pentium 4 SMT "Hyperthreading"
https://www.garlic.com/~lynn/2001n.html#63 Hyper-Threading Technology - Intel information.
https://www.garlic.com/~lynn/2002g.html#70 Pipelining in the past
https://www.garlic.com/~lynn/2003f.html#33 PDP10 and RISC
https://www.garlic.com/~lynn/2003l.html#48 IBM Manuals from the 1940's and 1950's
https://www.garlic.com/~lynn/2003m.html#60 S/360 undocumented instructions?
https://www.garlic.com/~lynn/2003p.html#3 Hyperthreading vs. SMP
https://www.garlic.com/~lynn/2004.html#27 dual processors: not just for breakfast anymore?
https://www.garlic.com/~lynn/2004e.html#1 A POX on you, Dennis Ritchie!!!
https://www.garlic.com/~lynn/2005.html#5 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005.html#19 The Soul of Barb's New Machine (was Re: creat)
https://www.garlic.com/~lynn/2005f.html#22 System/360; Hardwired vs. Microcoded
https://www.garlic.com/~lynn/2005p.html#14 Multicores
https://www.garlic.com/~lynn/2006c.html#6 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006c.html#29 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006d.html#10 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006r.html#2 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2007.html#36 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007f.html#10 Beyond multicore
https://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Is the media letting banks off the hook on payment card security Newsgroups: alt.folklore.computers Date: Tue, 30 Oct 2007 07:01:40 -0400Is the media letting banks off the hook on payment card security
from above ...
The real problem isn't that some retailers are failing to adequately
secure credit card data. Sure that's an issue. But a much bigger problem
is the fact the entire payment system is decades old, archaic and in
desperate need of a complete security overhaul, she said.
... snip ...
say x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959
where the x9a10 financial standard working group had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments ("ALL", as in credit, debit, stored-value/gift, ach/check, point-of-sale, face-to-face, card-present, internet, card-not-present, non-face-to-face, aka ALL)
some of the issues have been discussed in more detail in the postings
dicussing the "naked transaction" metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments
part of the x9a10 working group activity in the mid-90s, was looking at the exploits involving various kinds of breaches ... effectively in relationship to the vulnerability of the information (aka "naked transaction") and numerous thread models. part of the x9.59 standard wasn't directed at preventing access to the data ... but eliminating the usefulness of the data to attackers (a kind of armouring every transaction).
some of this came out of the experience having worked on what is now
commingly referred to as electronic commerce ... for some topic drift
(and archeological applicability) ... recent postings related to that
subject:
https://www.garlic.com/~lynn/2007r.html#12 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#13 What do ATMs and card readers use?
https://www.garlic.com/~lynn/2007r.html#17 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#18 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#19 How to tell a fake SSL certificate from a real one
the "naked transaction" metaphor was somewhat the comment behind that even if the planet was buried miles deep in encryption, it wouldn't still eliminate information leakage i..e the information was required in numerous business processes (frequently backroom operations that might involve several different people ... and probably not apparent to the consumer public as directly part of the original transaction) ... and had to be kept readily available. At the same time, the "naked transaction" metaphor met that the information had to be kept totally unavailable and confidential and never accessed by anybody.
various posts making the comment about burying the planet
miles deep in encryption:
https://www.garlic.com/~lynn/aadsm19.htm#45 payment system fraud, etc
https://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
https://www.garlic.com/~lynn/aadsm23.htm#54 Status of SRP
https://www.garlic.com/~lynn/aadsm24.htm#38 Interesting bit of a quote
https://www.garlic.com/~lynn/aadsm24.htm#48 more on FBI plans new Net-tapping push
https://www.garlic.com/~lynn/aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
https://www.garlic.com/~lynn/aadsm26.htm#8 What is the point of encrypting information that is publicly visible?
https://www.garlic.com/~lynn/aadsm26.htm#27 man in the middle, SSL ... addenda
https://www.garlic.com/~lynn/aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
https://www.garlic.com/~lynn/2005v.html#2 ABN Tape - Found
https://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
https://www.garlic.com/~lynn/2006h.html#15 Security
https://www.garlic.com/~lynn/2006o.html#37 the personal data theft pandemic continues
https://www.garlic.com/~lynn/2006p.html#8 SSL, Apache 2 and RSA key sizes
https://www.garlic.com/~lynn/2006u.html#43 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006v.html#2 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that increases password security
https://www.garlic.com/~lynn/2006y.html#25 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007b.html#8 Special characters in passwords was Re: RACF - Password rules
https://www.garlic.com/~lynn/2007b.html#20 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#33 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#43 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
https://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007k.html#76 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007n.html#85 PCI Compliance - Encryption of all non-console administrative access
https://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
https://www.garlic.com/~lynn/2007o.html#28 EZPass: Yes, Big Brother IS Watching You!
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Abend S0C0 Newsgroups: alt.folklore.computers,comp.lang.asm370 Date: Tue, 30 Oct 2007 07:25:43 -0400oops, didn't include comp.lang.asm370 in original post
I wrote:
following is on bitsavers, 1967, os (i.e. mvt) support for 360/91:
http://www.bitsavers.org/pdf/ibm/360/C28-6666-0_360-91_OSsupport.pdf
it has table on pg. 39 on what is precise and what is imprecise. for
standard/precise interrupts, the ILC field in the program old psw, has
the "length" of the instruction causing the interrupt. for imprecise
interrupts, the ILC field is zero.
on page 10, discussing program first-level interrupt handler, there is
and added note (bar-code from TNL update, aka Page revised by TNL
N28-2308, 1/31/68):
| Note: When an imprecise or a multiple-imprecise program interruption | causes a task to be terminated, the completion code is "0C0" since the | last digit reflects the decimal content of bits 26-31 in the program old | PSW.which is then translated to S0C0.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Abend S0C0 Newsgroups: alt.folklore.computers,comp.lang.asm370 Date: Tue, 30 Oct 2007 09:09:34 -0400re:
cms script document formating command was developed at the science
center in the mid-60s (along with lots of other online & interactive
features).
https://www.garlic.com/~lynn/subtopic.html#545tech
this was originally done with "dot" commands ... somewhat descendent of similar application on CTSS
besides the cms & cp67 publications (from the science center), one of the early corporate publications using script was principle of operations. this is fairly apparent from what appears to doing some sort of photo offset printing from original image produced on 1403 printer using TN train.
Part of the issue of using script for principles of operation was that on the command line could specify an option that selectively printed or not printed various material. The base document for principle of operations was referred to as the architecture "red book" ... since it was distributed internally in a red colored three ring binder ... and was on the order of twice as large as the principles of operation document. The architecture "red book" had lots of engineering notes, much more detailed explanation of what was going on, and also included justifications for why something was done or not done. Using script, it was possible to have a single document ... where the whole document was printed (architecture "red book") or just the principles of operation subset was printed.
the referenced 369/91 document
http://www.bitsavers.org/pdf/ibm/360/C28-6666-0_360-91_OSsupport.pdf
appears to have been originally printed on 1403 printer with TN train. One of the issues is whether or not this was done with cms/script or some other application. the 360/91 document is left justified with ragged right.
The principles of operation
http://www.bitsavers.org/pdf/ibm/360/poo/A22-6821-0_360PrincOps.pdf
also appears to be 1403 printer output with TN train ... but is both left and right justified (with diagrams placed on the page with some graphics). other principles of operation had even the diagrams from 1403 printer output.
in '69, GML (or generalized markup language) was invented at the science center (the letters G, M, and L chosen because of they are initials of three people at the science center). And GML tag processing was added to the cms/script command (it wasn't uncommon to find files with mix of both "dot" and "tag" formatting commands)
GML then morphed into SGML ...
https://www.garlic.com/~lynn/submain.html#sgml
and spawned things like HTML, XML, etc ... originally by way of a
cms/script clone from univ. of waterllo in use at cern ... a reference
describing the morphing of SGML into HTML
http://infomesh.net/html/history/early/
old posts mentioning architecture red-book
https://www.garlic.com/~lynn/2000f.html#35 Why IBM use 31 bit addressing not 32 bit?
https://www.garlic.com/~lynn/2001m.html#39 serialization from the 370 architecture "red-book"
https://www.garlic.com/~lynn/2001n.html#43 IBM 1800
https://www.garlic.com/~lynn/2002g.html#52 Spotting BAH Claims to Fame
https://www.garlic.com/~lynn/2002h.html#69 history of CMS
https://www.garlic.com/~lynn/2002m.html#2 Handling variable page sizes?
https://www.garlic.com/~lynn/2003d.html#76 reviving Multics
https://www.garlic.com/~lynn/2003f.html#52 ECPS:VM DISPx instructions
https://www.garlic.com/~lynn/2003k.html#45 text character based diagrams in technical documentation
https://www.garlic.com/~lynn/2004b.html#57 PLO instruction
https://www.garlic.com/~lynn/2004c.html#1 Oldest running code
https://www.garlic.com/~lynn/2004c.html#6 If the x86 ISA could be redone
https://www.garlic.com/~lynn/2004c.html#51 [OT] Lockheed puts F-16 manuals online
https://www.garlic.com/~lynn/2004h.html#27 Vintage computers are better than modern crap !
https://www.garlic.com/~lynn/2004k.html#45 August 23, 1957
https://www.garlic.com/~lynn/2004p.html#50 IBM 3614 and 3624 ATM's
https://www.garlic.com/~lynn/2005.html#5 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005b.html#25 360POO
https://www.garlic.com/~lynn/2005e.html#53 System/360; Hardwired vs. Microcoded
https://www.garlic.com/~lynn/2005f.html#45 Moving assembler programs above the line
https://www.garlic.com/~lynn/2005i.html#40 Friday question: How far back is PLO instruction supported?
https://www.garlic.com/~lynn/2005j.html#39 A second look at memory access alignment
https://www.garlic.com/~lynn/2005j.html#43 A second look at memory access alignment
https://www.garlic.com/~lynn/2005k.html#1 More on garbage
https://www.garlic.com/~lynn/2005k.html#58 Book on computer architecture for beginners
https://www.garlic.com/~lynn/2005n.html#48 Good System Architecture Sites?
https://www.garlic.com/~lynn/2005p.html#45 HASP/ASP JES/JES2/JES3
https://www.garlic.com/~lynn/2006c.html#45 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006h.html#55 History of first use of all-computerized typesetting?
https://www.garlic.com/~lynn/2006o.html#59 Why no double wide compare and swap on Sparc?
https://www.garlic.com/~lynn/2006s.html#53 Is the teaching of non-reentrant HLASM coding practices ever defensible?
https://www.garlic.com/~lynn/2007d.html#32 Running OS/390 on z9 BC
https://www.garlic.com/~lynn/2007f.html#7 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007i.html#31 Latest Principles of Operation
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: How to tell a fake SSL certificate from a real one Newsgroups: alt.comp.freeware,comp.security.misc,alt.privacy.anon-server Date: Tue, 30 Oct 2007 11:36:30 -0400Nomen Nescio <nobody@dizum.com> writes:
the counter example is the subsequent vast proliferation of spamming email with "click" URL and the problem with phishing websites ... as per previous post.
the theory behind and design point of digital certificates and PKIs were the letters of intent/introduction from sailing ship days for first time interaction between strangers where the relying party had no other recourse to any information about the party they were dealing with.
this recent post discusses some of the limitations on the actual value
of digital certificates and PKIs in SSL and other protocols for
electronic commerce
https://www.garlic.com/~lynn/aadsm27.htm#33 The bank fraud blame game
where, in fact, the vast majority of electronic commerce transactions involved repeated and/or well-known websites (i.e. transactions rates quite skewed, negating the underlying justification for using PKI and digital certificates in these applications).
original justification for using SSL for electronic commerce (by far the most widely deployed use of SSL in the world) was
• is the website that the user think they are talking to, actually the website they are talking to (SSL use for this was dependent on user knowing the relationship between the website they believed they were talking to and the corresponding URL)
• hiding information (typically transaction account numbers) for information in transit
going to "known" websites with URLs from trusted repository easily
eliminates the justification and requirement for digital certificates
and PKI operation ... i.e. if there is a trusted respository of URLs
then it is possible to store the associated public keys in the same
repository. this is the certificate-less mode of operation
https://www.garlic.com/~lynn/subpubkey.html#certless
recent discussion about (redundant and superfluous) certificate/PKI
operation being added to the original simple public key specification
for kerberos
https://www.garlic.com/~lynn/2007q.html#2 Windows Live vs Kerberos
https://www.garlic.com/~lynn/2007q.html#5 Windows Live vs Kerberos
or old email from 1981 discussing (pgp-like) public key proposal
https://www.garlic.com/~lynn/2006w.html#email810515
even before we had finished the SSL related activity for
doing payment transactions on the internet ... something
that is frequently now referred to as electronic commerce
https://www.garlic.com/~lynn/subnetwork.html#gateway
... we had started to realize that PKIs and digital certificates were redundant and superfluous for most applications. As part of deploying the backend portion (between webservers and something called a payment gateway) we had specified requirement and implementation for (first) SSL mutual authentcation. However, both the websites and payment gateway was registered with the other, respective party ... making the digital certificates redundant and superfluous (other than re-using existing SSL library with requirement to have something called a digital certificate).
Eliminating the requirement for digital certificates ... and having the client starting out with the server's public key (along with the servers URL), it is possible to do a drastically simplified and lower overhead SSL-like protocol.
The case for trusted respository of URLs ... along with the
elimination for any digital certificates ... can be extended to not
only local repositories ... but also online repositories like a
secure, trusted DNS ... where public keys are stored along with the
mapping of domain name to ip-address. Starting out with the
client-side of the protocol already having the server-side public key
... can simplify the protocol ... misc. past posts discussing how
improving the security of DNS (with registered public keys) is
important to SSL domain name certification authorities ... but also
can represent a catch-22 ... resulting in the elimination of any
requirement for PKI, certification authorities, and digital
certificates
https://www.garlic.com/~lynn/subpubkey.html#catch22
in the mid-90s, after having worked on what is now commonly referred
to as electronic commerce (and associated SSL deployments), for
some topic drift ... recent post discussing another aspect of
those deployments
https://www.garlic.com/~lynn/2007r.html#13 What do ATMs and card readers use?
... we got involved with the x9a10 financial standard working group that
had been given the requirement to preserve the integrity of the
financial infrastructure for all retail payments (internet,
non-internet, point-of-sale, debit, credit, stored-value/gift,
check/ach, card-present, card-not-present, etc ... i.e. ALL). the
result was x9.59 financial standard protocol
https://www.garlic.com/~lynn/x959.html#x959
part of the effort was doing some detailed threat and vulnerability
analysis ... for all kinds of retail transanctions (not just the
internet ones ... represented by electronic commerce, and the largest
deployed use for SSL). A big problem was the ease that account numbers
could be used for performing fraudulent transactions. Account numbers
showed up in a wide variety of places ... things like internet
transmission (i.e. "data-in-flight") where SSL was being used to "hide"
the information ... but also things like transaction repositories
(i.e. "data-at-rest") which were required by a large number of backroom
processes (not normally apparent to customers and the general public).
This is somewhat the general "harvesting" vulnerability (skimming,
evesdropping, data breaches, security breaches, phishing, etc) ... lots
of past posts
https://www.garlic.com/~lynn/subintegrity.html#harvest
the vast number of places that account numbers existed and were required, led to the comment that even if the planet were buried under miles of information hiding encryption ... it still couldn't prevent leakage. so the x9.59 financial standards approach was to eliminate account number leakage as a vulnerability (i.e. skimming, evesdropping, data breaches, security breaches, phishing, etc, could still happen, but the information wouldn't be useful to the attackers).
the side-effect is not only does it eliminate fraud from data breaches and security breaches ... but also any evesdropping exploits on the internet ... the type of thing that SSL is targeted at preventing (and the major deployment purpose of SSL in the world today).
First off, there are numerous reasons that PKI and digital certificates for SSL have become redundant and superfluous. Then it can be shown that a single, common protocol (x9.59) ... can eliminate the major deployed use of SSL (for hiding accounts numbers) at the same time eliminating much of the fraud that can arise from data and security breaches.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fixing our fraying Internet infrastructure Newsgroups: alt.folklore.computers Date: Tue, 30 Oct 2007 22:46:50 -0400re:
Is U.S. Stuck in Internet's Slow Lane?
http://www.redorbit.com/news/technology/1123786/is_us_stuck_in_internets_slow_lane/index.html
from above ...
The United States is starting to look like a slowpoke on the
Internet. Examples abound of countries that have faster and cheaper
broadband connections, and more of their population connected to them.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: The new urgency to fix online privacy Newsgroups: alt.folklore.computers Date: Wed, 31 Oct 2007 09:43:43 -0400The new urgency to fix online privacy
from above ...
A decade ago, I started writing about online privacy issues. At the
time, legal colleagues told me that while they found the topic
interesting from an academic standpoint, it had no real world
applications. They encouraged me instead to focus on "real" upcoming
problems, like Y2K.
... snip ...
and ...
Y2K came and went without much lasting effect. But privacy protection
has become a real world industry of its own. Unfortunately, privacy and
security breaches regularly occur these days.
... snip ...
recent post about work on x9.59 financial standard protocol in
the mid-90s to take much of the sting out of data breaches
and security breaches
https://www.garlic.com/~lynn/2007r.html#24 How to tell a fake SSL certificate from a real one
other x9.59 financial standard references
https://www.garlic.com/~lynn/x959.html#x959
one of the issues related to digital certificates was that in the early 90s, there was push for x.509 identity digital certificates. part of the issue was, what exact personal information might arbitrary relying parties require ... so there was some direction to increasingly overload x.509 identity digital certificates with more and more personal information.
in the mid-90s, several institutions were starting to realize that x.509
identity digital certificates, overloaded with increasing amounts of
personal information, represented significant privacy and liability
problems. somewhat as a result, there was retrenching to digital
certificates that contain little more than a public key and an account
number or other form of record locator (possibly even a "userid")
... where the necessary information was actually located. these were
sometimes referred to as relying-party-only certificates
https://www.garlic.com/~lynn/subpubkey.html#rpo
however, we were able to trivially show that such truncated certificates
were redundant and superfluous ... it was earily possible to run the
public key operations w/o the digital certificates at all
https://www.garlic.com/~lynn/subpubkey.html#certless
part of the issue was the problem faced by some of the public key
payment transaction protocol specification efforts. that even the
truncated relying-party-only digital certificates, appended
to a standard payment transaction, could represent a factor
of 100-times payload and processing bloat (for something that
was purely redundant and superfluous) ... recent post
https://www.garlic.com/~lynn/2007q.html#72 Value of SSL client certificates?
misc. posts mentioning the enormous bloat for payment operations
https://www.garlic.com/~lynn/subpubkey.html#bloat
very similar issues (as with the personal information in the x.509 identity digital certificates) have recently been cropping up (more than a decade later) in the form of identification cards (again with potential for being grossly overloaded with increasing amounts of personal information).
misc. past posts mentioning co-authoring x9.99, financial industry privacy
standard.
https://www.garlic.com/~lynn/aadsm17.htm#45 x9.99 financial PIA standard now available from ANSI e-store
https://www.garlic.com/~lynn/aadsm17.htm#47 authentication and authorization ... addenda
https://www.garlic.com/~lynn/aadsm18.htm#28 x9.99 privacy note
https://www.garlic.com/~lynn/aadsm18.htm#32 EMV cards as identity cards
https://www.garlic.com/~lynn/aadsm19.htm#35 de-identification
https://www.garlic.com/~lynn/aadsm20.htm#2 US consumers want companies fined for security breaches
https://www.garlic.com/~lynn/aadsm25.htm#21 Identity v. anonymity -- that is not the question
https://www.garlic.com/~lynn/aadsm25.htm#26 Fraudwatch - how much a Brit costs, how to be a 419-er, Sarbanes-Oxley rises as fraud rises, the real Piracy
https://www.garlic.com/~lynn/aadsm25.htm#33 Mozilla moves on security
https://www.garlic.com/~lynn/aadsm26.htm#57 Our security sucks. Why can't we change? What's wrong with us?
https://www.garlic.com/~lynn/aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater
https://www.garlic.com/~lynn/2004l.html#8 x9.99 privacy impact assessemnt (PIA) standard
https://www.garlic.com/~lynn/2005l.html#36 More Phishing scams, still no SSL being used
https://www.garlic.com/~lynn/2005t.html#9 phishing web sites using self-signed certs
https://www.garlic.com/~lynn/2005u.html#18 XBOX 360
https://www.garlic.com/~lynn/2005v.html#3 ABN Tape - Found
https://www.garlic.com/~lynn/2006e.html#44 Does the Data Protection Act of 2005 Make Sense
https://www.garlic.com/~lynn/2006o.html#37 the personal data theft pandemic continues
https://www.garlic.com/~lynn/2006q.html#25 garlic.com
https://www.garlic.com/~lynn/2006v.html#39 On sci.crypt: New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2007b.html#61 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#72 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#15 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007o.html#13 EZPass: Yes, Big Brother IS Watching You!
for other drift ... past posts mentioning y2k remediation
https://www.garlic.com/~lynn/99.html#21 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese Solve Y2K)
https://www.garlic.com/~lynn/99.html#22 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese Solve Y2K)
https://www.garlic.com/~lynn/99.html#23 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese Solve Y2K)
https://www.garlic.com/~lynn/99.html#24 BA Solves Y2K (Was: Re: Chinese Solve Y2K)
https://www.garlic.com/~lynn/99.html#27 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese
https://www.garlic.com/~lynn/99.html#44 Internet and/or ARPANET?
https://www.garlic.com/~lynn/99.html#78 Mainframes Relevant?
https://www.garlic.com/~lynn/99.html#214 Ask about Certification-less Public Key
https://www.garlic.com/~lynn/2000.html#0 2000 = millennium?
https://www.garlic.com/~lynn/2001.html#68 California DMV
https://www.garlic.com/~lynn/2001n.html#74 The demise of compaq
https://www.garlic.com/~lynn/2002.html#30 Younger recruits versus experienced veterans ( was Re: The demise of compa
https://www.garlic.com/~lynn/2002.html#45 VM and/or Linux under OS/390?????
https://www.garlic.com/~lynn/2002j.html#20 MVS on Power (was Re: McKinley Cometh...)
https://www.garlic.com/~lynn/2002k.html#14 NASA MOC (mainframe mission operations computer) being powere d
https://www.garlic.com/~lynn/2002l.html#49 Do any architectures use instruction count instead of timer
https://www.garlic.com/~lynn/2002o.html#28 TPF
https://www.garlic.com/~lynn/2003p.html#21 Sun researchers: Computers do bad math ;)
https://www.garlic.com/~lynn/2003p.html#33 [IBM-MAIN] NY Times editorial on white collar jobs going
https://www.garlic.com/~lynn/2004b.html#2 The SOB that helped IT jobs move to India is dead!
https://www.garlic.com/~lynn/2004e.html#22 Pre-relational, post-relational, 1968 CODASYL "Survey of Data Base Systems"
https://www.garlic.com/~lynn/2004e.html#48 Data Display & Modeling
https://www.garlic.com/~lynn/2004f.html#39 Who said "The Mainframe is dead"?
https://www.garlic.com/~lynn/2004m.html#51 stop worrying about it offshoring - it's doing fine
https://www.garlic.com/~lynn/2004n.html#11 XML: The good, the bad, and the ugly
https://www.garlic.com/~lynn/2004o.html#66 Integer types for 128-bit addressing
https://www.garlic.com/~lynn/2004q.html#8 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2004q.html#13 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005.html#20 I told you ... everybody is going to Dalian,China
https://www.garlic.com/~lynn/2005c.html#6 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005s.html#16 Is a Hurricane about to hit IBM ?
https://www.garlic.com/~lynn/2006b.html#29 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006c.html#33 Military Time?
https://www.garlic.com/~lynn/2006g.html#21 Taxes
https://www.garlic.com/~lynn/2006h.html#49 Mainframe vs. xSeries
https://www.garlic.com/~lynn/2006k.html#50 TSO and more was: PDP-1
https://www.garlic.com/~lynn/2006o.html#9 Pa Tpk spends $30 million for "Duet" system; but benefits are unknown
https://www.garlic.com/~lynn/2006q.html#54 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006r.html#16 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006s.html#40 Ranking of non-IBM mainframe builders?
https://www.garlic.com/~lynn/2006u.html#13 Year-end computer bug could ground Shuttle
https://www.garlic.com/~lynn/2006u.html#35 Friday fun - Discovery on the pad and the software's not done
https://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#39 Wylbur and Paging
https://www.garlic.com/~lynn/2007h.html#10 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007l.html#18 Non-Standard Mainframe Language?
https://www.garlic.com/~lynn/2007n.html#38 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007p.html#31 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#39 India is outsourcing jobs as well
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Default Search Engines are dangerous, Especially Google <- Domain Name Stealers. Newsgroups: comp.protocols.tcp-ip Date: Wed, 31 Oct 2007 11:42:11 -0400try this instead:
Insider domain name snatching probed
http://news.yahoo.com/s/ap/20071024/ap_on_hi_te/techbit_domain_name_probe
Insider Domain Name Snatching Probed
http://www.physorg.com/news120994012.html
Insider Domain Name Snatching Probed
http://www.redorbit.com/news/technology/1115699/insider_domain_name_snatching_probed/index.html
ICANN probing "insider trading" allegations with domain name
registrations
http://arstechnica.com/news.ars/post/20071024-icann-probing-insider-trading-allegations-with-domain-name-registrations.html
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: complicated address generation unit? Newsgroups: comp.arch Date: Wed, 31 Oct 2007 18:34:19 -0400karthikbalaguru <karthikbalaguru79@gmail.com> writes:
efforts in 801/risc were motivated by the high complexity in the failing
future system project (canceled before even being announced)
https://www.garlic.com/~lynn/submain.html#futuresys
one of the things that help put the "nail" in "FS" coffin was evaluation that claimed if an FS machine was made out of the fastest then available hardware (370/195) it would have the thruput of about 370/145 (on the order of 30 times slowdown).
in various meetings in the 70s, there were periodic comments that the lack (and/or the simplicity) of some (801/risc) hardware feature was purposeful hardware/software design/complexity tradeoff and would be compensated for by either something in the cp.r operating system and/or something in the pl.8 programming language.
various past posts mentioning 801, risc, romp. rios, pc/rt, fort knox,
somerset, power, power/pc, etc.
https://www.garlic.com/~lynn/subtopic.html#801
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The new urgency to fix online privacy Newsgroups: alt.folklore.computers Date: Wed, 31 Oct 2007 21:14:34 -0400hancock4 writes:
one of the main reasons that there is name on credit or debit card ... is to allow people at point of sale to check the card name against matching name on some sort of gov. issued card that has picture (and check the picture against what the person doing the transaction looks like). this basically turns something that should have been simply authentication into effectively identification.
in the mid-90s, EU had made statement that all electronic payment cards
at point-of-sale ... should be as anonymous as cash ... with at least
the name coming off the cards. this implied that the transaction needed
better/stronger form of authentication. this is somewhat the theme of
this slightly earlier post yesterday
https://www.garlic.com/~lynn/2007r.html#21 Is the media letting banks off the hook on payment card security
one of the issues looked at in the mid-90s by the x9a10 financial
standards working group ... given the requirement to preserve the
integrity of the financial infrastructure for all retail payments
... was improving authentication of transaction as well as meeting
various EU privacy directives (for the x9.59 retail transaction
financial standard).
https://www.garlic.com/~lynn/x959.html#x959
some this was also considered in the work on x9.99 privacy financial standard (while both x9.59 and x9.99 were in the US x9 standards group, some amount of requirements from around the world were looked at ... looking ahead that both could be moved forward to international ISO standard).
the other issue looked at in the mid-90s for current spate of financial transactions was that the account number was basically serving dual purpose ... both as integral part of a large number of business processes (not just the immediate transaction authorization transaction apparent to consumers on the initial operation) as well as authentication mechanism (knowing the account number was sufficient to perform a fraudulent transaction). This created strongly diametrically opposing requirements ... that the account number needed to be readily and widely available and at the same time the account number had to be kept confidential and never divulged.
some amount of work went into the x9.59 financial standard to eliminate the dual purpose use of the account number ... creating a brand new mechanism for strong authentication ... leaving the account number having the sole purpose for use in the necessary business process. it was no longer possible to originate a financial transaction just knowing the account number ... a valid financial transaction required a totally different authentication mechanism. with that change, it was no longer necessary to protect, hide, encrypt, etc ... the account number. as a side effect, it means that it is no longer necessary to use SSL (on the internet) for payment transactions to preserve the integrity of the financial infrastructure. It also eliminates a lot of the repercussions from numerous data breaches and security breaches.
fundamentally, it comes down to eliminate the dual-use purpose for account numbers (i.e. one or the other, keep it confidential and never allow it to be divulged OR make it widely and readily available BUT don't create a situation where there are simultaneously both requirements for the same piece of information).
the other effort in x9a10 financial standard working group for the x9.59
was to make it as privacy agnostic as possible.
https://www.garlic.com/~lynn/subpubkey.html#privacy
as a financial standard for all retail payments ... that met it needed to be usable for credit, debit, stored-value/gift, ach/check, etc. (as well as point-of-sale, internet, face-to-face, cardholder-present, cardholder-not-present, etc).
In the credit and debit scenario there is account number, that (at least in the US) is tied to a bank account which is subject to gov. "know your customer" mandates (aka it is possible to eliminate a lot of public information associating a specific account number with a specific person ... but gov. mandates require that the financial institution have that association available somewhere). However, there is nothing in the x9.59 financial standard that prevents it also being used for "anonymous" accounts (aka privacy agnostic) ... like is possible (even in the US) with stored-value/gift cards.
so as part x9.59 ... it created a new transaction authentication mechanism ... which it is claimed 1) allows names to be removed from cards (in so far as that has been an implied authentication mechanism) and 2) eliminates dual-use purpose for account numbers ... so it is no longer necessary to hide account numbers in order to prevent fraud ... and by implication if account numbers are divulged in data breaches and/or security breaches ... it won't result in fraud (nothing is done to eliminate breaches, however breaches that result in fraudulent financial transactions is largely eliminated).
recent related post & thread drift
https://www.garlic.com/~lynn/2007r.html#24 How to tell a fake SSL certificate from a real one
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is the media letting banks off the hook on payment card security Newsgroups: alt.folklore.computers Date: Wed, 31 Oct 2007 21:40:27 -0400hancock4 writes:
old reply (to one of your posts) where it is mentioned that us financial
institutions were getting nearly 40percent of their bottom line from
payment transactions (by comparison it was less than 10percent for
european institutions). one might conjecture there is not a lot of
interest in "rocking" the boat
https://www.garlic.com/~lynn/2007k.html#12 IBM Unionization
other posts mentioning the subject
https://www.garlic.com/~lynn/aadsm27.htm#39 a fraud is a sale, Re: The bank fraud blame game
https://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007i.html#71 Free Checking
https://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007q.html#43 what does xp do when system is copying
for a little topic drift
https://www.garlic.com/~lynn/2007r.html#24 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#27 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#29 The new urgency to fix online privacy
for other topic drift, here are a few posts that mention that over a
period of couple weeks earlier this spring, there were articles
claiming that identity fraud was falling by 10-12 precent at the same
time identity frauds exploding:
https://www.garlic.com/~lynn/aadsm27.htm#43 a fraud is a sale, Re: The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#45 Threatwatch: how much to MITM, how quickly, how much lost
https://www.garlic.com/~lynn/2007e.html#58 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#62 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#58 Securing financial transactions a high priority for 2007
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is the media letting banks off the hook on payment card security Newsgroups: alt.folklore.computers Date: Wed, 31 Oct 2007 22:44:48 -0400re:
much of financial institution income from payment transactions comes
in the form of interchange fees payed by merchants ...
https://www.garlic.com/~lynn/aadsm23.htm#37 3 of the big 4 - all doing payment systems
https://www.garlic.com/~lynn/aadsm26.htm#1 Extended Validation - setting the minimum liability, the CA trap, the market in browser governance
https://www.garlic.com/~lynn/aadsm26.htm#25 EV - what was the reason, again?
https://www.garlic.com/~lynn/aadsm26.htm#34 Failure of PKI in messaging
https://www.garlic.com/~lynn/aadsm27.htm#32 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#33 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#39 a fraud is a sale, Re: The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#62 Fingerprint Firefox Plugin?
https://www.garlic.com/~lynn/2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
https://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007i.html#72 Free Checking
https://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
some of this has been involved in various litigation and antitrust actions
regarding interchange fees
https://www.garlic.com/~lynn/2005u.html#16 AMD to leave x86 behind?
https://www.garlic.com/~lynn/2007i.html#17 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#47 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#59 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is the media letting banks off the hook on payment card security Newsgroups: alt.folklore.computers Date: Thu, 01 Nov 2007 06:41:53 -0400re:
somewhat related recent news stories
Cut Card Costs, Not Cash Usage, Say UK Retailers
http://www.epaynews.com/index.cgi?survey=&ref=browse&f=view&id=1193910598837043222&block=
from above:
"Banks have long abused their position by imposing much higher charges on
retailers for processing card payments than cash," says BRC director
general Kevin Hawkins. "Clearly, the banks have spotted that replacing
cash with cards would mean a further boost to their profits."
... snip ...
Banks neglect responsibility for data breaches, some say
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1280423,00.html
from above:
Security experts say banks that are suing TJX Cos. Inc. over the data
breach that compromised more than 94 million credit card accounts should
accept more of the blame for what happened. By requiring that merchants
store credit card transaction records for up to 18 months, they say,
banks are putting companies like TJX at heightened risk of attack.
... snip ...
part of issue is the requirement of the account number in numerous business processes ... like refunds for returns or charge disputes ... that require the original transaction (typically located by transaction date and account number).
one of the x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959
objectives were to make these transaction records much less vulnerable
to fraud ... not by encryption and/or controlling access to the
transaction records ... but by eliminating the usefulness to crooks
for enabling fraudulent transactions ... aka eliminating the dual-use
purpose of the current infrastructure. this is also discussed in
postings in threads discussing the naked transaction metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments
and the fragile nature of not providing separate authentication mechanism (besides knowledge of the account number) in the existing transaction infrastructure.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Students mostly not ready for math, science college courses Newsgroups: alt.folklore.computers Date: Thu, 01 Nov 2007 07:06:57 -0400Students mostly not ready for math, science college courses
from above:
It's no longer news that the American science juggernaut is losing
ground to India, China and other countries busy churning out computer
scientists and engineers,
... snip ...
misc. recent posts
https://www.garlic.com/~lynn/2007i.html#24 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#43 Latest Principles of Operation
https://www.garlic.com/~lynn/2007i.html#79 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#4 Even worse than UNIX
https://www.garlic.com/~lynn/2007j.html#31 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#51 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#57 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#58 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#85 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#88 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#30 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#42 IBM Unionization
https://www.garlic.com/~lynn/2007l.html#5 IBM Unionization
https://www.garlic.com/~lynn/2007l.html#50 Scholars needed to build a computer history bibliography
https://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007o.html#21 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007o.html#33 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007o.html#76 Graduate Enrollment in 2005
https://www.garlic.com/~lynn/2007p.html#32 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007p.html#39 India is outsourcing jobs as well
https://www.garlic.com/~lynn/2007p.html#46 India is outsourcing jobs as well
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is the media letting banks off the hook on payment card security Newsgroups: alt.folklore.computers Date: Thu, 01 Nov 2007 07:54:35 -0400re:
eliminating the account number dual-use ... requirement for being readily available and widely deployed for numerous business processes at the same time required to be kept totally confidential and never divulged .... goes a long way to eliminating the fraud consequences of data breaches and security breaches (doesn't prevent the information from being obtained ... just eliminates much of its usefullness for fraudulent purposes).
the vulnerability and threat models of the current infrastructure
is discussed in posts related to the naked transaction metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments
having to do with skimming, evesdropping, data breaches, security
breatches, etc ... i.e. various forms of account number "harvesting"
for fraudulent purposes
https://www.garlic.com/~lynn/subintegrity.html#harvest
this also has big impact on much of the phishing activities directed at
obtaining account numbers in order to perform fraudulent transactions
... aka a lot of the motivation for man-in-the-middle attacks on the
internet
https://www.garlic.com/~lynn/subintegrity.html#mitm
it isn't the only scenario. for instance, much of the hype regarding
multi-factor authentication ... from 3-factor authentication model
https://www.garlic.com/~lynn/subintegrity.html#3factor
there are implicit assumptions that the different factors are subject to different vulnerabilities and exploits. another thing that started happening (at least by the 80s) were skimming attacks.
part of the assumption that pin-debit is more secure than signature debit and/or credit ... is that the "card", as something you have authentication and the "pin", as something you know authentication ... have different vulnerabilities. However skimming attacks would record all information associated with a transaction ... and be able to replay the recorded information. In this situation, both the "account number" (actually image of the magstripe, enabling production of a counterfeit card) and the "pin" were vulnerability to a common skimming attack (negating assumptions that the multi-factor authentication had independent vulnerabilities and exploits). This is also why you don't see pin-debit transactions being used on the internet (i.e. vulnerable to evesdropping/skimming attacks).
part of the work in x9a10 financial standards working group was
developing the x9.59 protocol
https://www.garlic.com/~lynn/subpubkey.html#x959
that also had countermeasures to various kinds of evesdropping, skimming, and/or harvesting that would enable any form of replay attacks
part of this is also illustrated in the various posts in the yes card
threads ... i.e. some technology that was being developed in the same
timeframe as the x9.59 financial standard protocol. There was some
amount of work in the yes card scenario for countermeasures against
the lost/stolen card threat ... but turns out that it was wide-open to
skimming attacks (enabling production of counterfeit chipcards that
could be used for fraudulent transaction). other characteristics of the
yes card operation, in some past meeting where it was described in
some detail, prompted somewhat spontaneous comment from somebody in the
audience about do you mean they managed to spend billions of dollars to
prove that chipcards are less secure than magstripe cards.
https://www.garlic.com/~lynn/subintegrity.html#yescard
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is the media letting banks off the hook on payment card security Newsgroups: alt.folklore.computers Date: Thu, 01 Nov 2007 08:16:08 -0400re:
the dual-use nature of the current infrastructure can also create ambiguity and confusion for users ... on one hand they are conditioned to divulge their account number (as necessary for performing financial transactions) ... but at the same time they are being told that their account number has to be kept strictly confidential and never divulged (this potentially may create tremendous anxiety for users every time they go to perform a transaction).
as before ... misc. posts mentioning the "naked transaction" metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Students mostly not ready for math, science college courses Newsgroups: alt.folklore.computers Date: Thu, 01 Nov 2007 09:45:39 -0400Quadibloc <jsavard@ecn.ab.ca> writes:
as per past posts ... some of the oursourcing started because
1) scarcity of resources for y2k remediation (for backroom, production, commercial system) that was going on at the same time as the internet "bubble"
2) more than half of the high-skilled resources that didn't directly showup as outsourcing were foreign nationals that were obligated and/or at least inclined to return home at some point (sometimes there is the "tipping point" buzzword used here ... which can result in accelerated negative feedback).
a lot of the business relationships that were spawned during the go-go years of the internet bubble ... tended to survive after the bubble burst.
another factor is a lot of internet and other connectivity technologies ... with regard to collapsing distances and enabling telecommuniting ... also removes barriers to outsourcing work (from tv commercials, if you can work while on vacation on any beach in the world ... then possibly your work can be performed by any qualified individual any place in the world)
recent posts mentioning outsourcing and/or y2k remediation
https://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007h.html#36 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007n.html#47 WindowsMonitor or CUSP?
https://www.garlic.com/~lynn/2007o.html#23 Outsourcing loosing steam?
https://www.garlic.com/~lynn/2007p.html#39 India is outsourcing jobs as well
https://www.garlic.com/~lynn/2007p.html#46 India is outsourcing jobs as well
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Thu, 01 Nov 2007 10:01:57 -0400Bernd Felsche <bernie@innovative.iinet.net.au> writes:
from above ...
About 600 Wal-Mart stores will carry the US$199 Linux-powered
Green gPC made by Everex of Taiwan, Wal-Mart said. It was available
online on Wednesday.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Students mostly not ready for math, science college courses Newsgroups: alt.folklore.computers Date: Thu, 01 Nov 2007 10:44:54 -0400Walter Bushell <proto@oanix.com> writes:
aka abdicate any inclination to compete with the rest of the world and settle for (local) low-paying low-skill (frequently service industry) jobs ... oops, that isn't working either.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Thu, 01 Nov 2007 11:43:20 -0400Charlton Wilbur <cwilbur@chromatico.net> writes:
i.e. the counter argument has been that prices for some products have been significantly inflated by extensive advertising as part of creating demand ... the generics have been able to contract for identical products from the same exact manufacturer (sometimes a side effect of these businesses spinning off actual manufacturing and/or outsourcing; in attempt at improving the bottom line) and still make a profit when charging half as much. the generics also don't have any ongoing product development overhead ... they are just pricing for duplicate. this sometimes even shows up in various kinds of (illegal) knock-offs and counterfeits ... where they are identical and have been produced in the same plant.
further cost savings have come from having an extremely sophisticated supply-chain (computer based) infrastructure that will do just-in-time delivery ... minimizing various costs like unsold inventory overhead.
it would be interesting to see actual cost/quality trade-off numbers for broad range of retailers and their products.
similar issues played out in the 60s and 70s with clone controllers
... as undergraduate in 60s, i was involved in building a clone
controller that got written up as spawning a new industry
https://www.garlic.com/~lynn/submain.html#360pcm
the appearance of the plug-compatible controllers was large
part of the motivation for the (canceled w/o even being
announced) future system project
https://www.garlic.com/~lynn/submain.html#futuresys
and the distraction of the future system project contributed to providing customer opportunities for plug-compatible processors ... finally when the future system project was eventually killed there was mad rush to get both hardware and software items back into the 370 product pipeline (and efforts to fend off the clone manufacturers).
somewhat similar process was repeated in the 80s with PC clone products.
in the 60 & 70s ... there was much more focus on hardware clones, in part because the software technology was much more primitive. with the rise of more sophisticated and portable software technology in the 80s, there was much broader competition from similar hardware ... but no longer requiring exact hardware compatibility ... which contributed to turning hardware into much more of a commodity business.
For instance, the same RDBMS would be available across a broad range of
different hardware platforms and provide same exact operation.
misc. past post mentioning work on the original RDBMS/SQL implementation
https://www.garlic.com/~lynn/submain.html#systemr
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Is the media letting banks off the hook on payment card security Newsgroups: alt.folklore.computers Date: Thu, 01 Nov 2007 18:51:40 -0400hancock4 writes:
one of the reasons that you see so much advertisements for debit on tv ... is that debit volumes have been growing much faster than credit ... although signature debit interchange fees are comparable to credit ... (while pin debit fees are much lower ... as implied in the article referenced by the original post)
Debit Card Volume Passes Credit Card (or did it?)
http://www.netbanker.com/2005/11/debit_card_volume_passes_credi.html
Debit Volume Exceeds Credit, Visa Says
http://www.banktech.com/news/showArticle.jhtml?articleID=167100397
in debit, since there is no credit extended ... there is no consumer interest (there are also increasing credit customers not carrying balances) ... so the revenue is nearly all coming off the interchange fees ... some going to the merchant financial institution, some going to the associations, and some going to the consumer financial instituation.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Fri, 02 Nov 2007 07:16:58 -0400"Charlie Gibbs" <cgibbs@kltpzyxm.invalid> writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: New 'virtual IT job' could be very real Newsgroups: alt.folklore.computers Date: Fri, 02 Nov 2007 07:34:45 -0400more 40+ yr old technology ...
New 'virtual IT job' could be very real
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9045178
from above:
Virtualization may be becoming something so ubiquitous and essential to
operations that it has become a new form of operating system for the
data center.
... snip ...
courtesy of the cambridge science center circa 1965
https://www.garlic.com/~lynn/subtopic.html#545tech
other recent posts mentiong 40+ yr old technology
https://www.garlic.com/~lynn/2007.html#39 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007l.html#23 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007p.html#7 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell
https://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
https://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
https://www.garlic.com/~lynn/2007q.html#49 Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
https://www.garlic.com/~lynn/2007q.html#59 Virtualization: Everybody's Doing It, but Few Know How
https://www.garlic.com/~lynn/2007q.html#64 Virtual Browsers: Disposable Security
https://www.garlic.com/~lynn/2007q.html#66 Direction of Stack Growth
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: does memory still have parity? Newsgroups: alt.folklore.computers Date: Fri, 02 Nov 2007 10:22:52 -0400jeffj@panix.com (Jeff Jonas) writes:
which is what we pitched at bellcore when we were doing ha/cmp
product
https://www.garlic.com/~lynn/subtopic.html#hacmp
course, we also pitched ha/cmp scale-up for supercomputers ...
old posts with slight drift
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15
post from last year
https://www.garlic.com/~lynn/2006x.html#3 Why so little parallelism?
and other old email on the subject from the period
https://www.garlic.com/~lynn/lhwemail.html#medusa
other related
https://www.garlic.com/~lynn/2000c.html#21 Cache coherence
https://www.garlic.com/~lynn/2006w.html#40 Why so little parallelism?
https://www.garlic.com/~lynn/2006w.html#41 Why so little parallelism?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: complicated address generation unit? Newsgroups: comp.arch,alt.folklore.computers Date: Fri, 02 Nov 2007 12:49:16 -0400re:
other 801 posts
https://www.garlic.com/~lynn/subtopic.html#801
part of the 801 hardware/software tradeoff was that there was never going to be any hardware cache consistency support (part of this was likely lessons learned from the heavy penalty that 370s were paying for multiprocessor cache consistency). one of the side-effects (with separate instruction and data caches) and was that the (program) loader which would be dealing with instruction images as "data" ... and needed to execute an instruction to flush changed data cache lines back to storage (when dealing with "store-in" data cache).
the lack of cache consistency also complicated being able to provide multiprocessor support ... for the most part not even attempted. there was a 4-way "single-chip rios" multiprocessor ... but it had a gimmick that "shared data" would be accessed from virtual segments that were marked "non-cacheable" (aka all loads/stores bypassed cache).
this was also in large part behind our choosing to do loosely-coupled
(aka cluster) product support for scale-up. we started off with simple
fall-over in ha/cmp
https://www.garlic.com/~lynn/subtopic.html#hacmp
but continued with cluster scale-up with medusa in the '91 timeframe
... some old email
https://www.garlic.com/~lynn/lhwemail.html#medusa
recent post referencing some of the effort:
https://www.garlic.com/~lynn/2007r.html#43 does memory still have parity?
some of this grew out of my wife's experience having served a stint in
pok, in charge of mainframe loosely-coupled architecture (aka
mainframe for cluster)
https://www.garlic.com/~lynn/submain.html#shareddata
and my experience helping deploy a large "single-system image" mainframe
cluster for internal HONE operation
https://www.garlic.com/~lynn/subtopic.html#hone
the whole 801/risc simplicity philosiphy also impacted things like compare&swap instruction.
charlie had invented compare&swap at the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
when working on fine-grain locking for cp67 multiprocessor support; in
fact the mnemonic compare&swap was chosen because CAS are
charlie's initials
https://www.garlic.com/~lynn/subtopic.html#smp
attempting to promote compare&swap for the original 370
architecture ... there was lots of resistance claiming that
multiprocessor support requirements weren't sufficient to justify
additional instruction. the challenge to justify compare&swap
instruction for 370 was to come up with other uses (other than strict
multiprocessor operation). thus was born the scenarios for its use by
multi-threaded applications to coordinate multiple (user-level) threads
w/o requiring the overhead of kernel calls. current generation of that
description appears in the appendix of the principles of operation
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/A.6?DT=20040504121320
first off, as a purely single-processor operation ... compare&swap hadn't been justified for rios (since there was no multiprocessor) ... but the compare&swap use had started to show up in many multi-threaded applications, especially DBMS implementations (even if they weren't running on multiprocessor/multicore machines). so to ease the RIOS port for these types of applictions, a C macro was provided that invoked a system call that simulated the compare&swap semantics. There was a very short instruction fastpath in the system call interrupt handler that simulated compare&swap semantics (while disabled for interrupts) and immediately returned to the applications.
while RIOS continued as purely non-cache-coherent, non-multiprocessor, a group spun off, somerset (ibm, motorola, apple, etc) to do a PC 801/risc chip (power/pc). this was going to include support for cache-coherent and multiprocessor support. The issue here was how to come up with instruction(s) that met 801/risc simplicity philosiphy ... which led to design for instruction that would obtain exclusive control of storage location, allowing other instructions (on the same processor) to operate on location. An issue then was that compare&swap design (also) didn't allow interrupts to occur in the middle of the atomic instruction (especially when used in user-level applications enabled for interrupts).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Fri, 02 Nov 2007 13:48:19 -0400jmfbahciv writes:
there has been some of that in internet discussions.
some of the current internet issues is pieces of it have grown up cobbled together.
a lot of the PC heritage is stand-alone machine where applications, games, etc would take over control of all aspects of machine operation. there were never any thot given to defensive paradigm and/or countermeasures against various kinds of bad things happening.
there may be some analogy here with the early days of automobiles. there was horseless carriage metaphore adaptation but automobiles started to face problems because of the differences (as opposed to the similarities) ... like the speed of the devices and increasingly popularity resulted in proliferation of accidents, injuries, and deaths not seen with the original.
a somewhat similar analogy could be made about paradigm targeted at stand-alone kitchen table operation ... and what happens when it is attached to the wild anarchy of the internet (w/o safety glass, bumpers, impact barriers/zones, collapsable steering wheel, padded dashboards, seatbelts, airbags, etc).
the current scenario is that cellphone use, while driving, have accident rates on par with DUI.
some of this is while the metaphor somewhat could remain the same, it was necessary to do detailed vulnerability and threat analysis regarding what has changed and the related implications. then it would be necessary to devise specific countermeasures for the identified vulnerabilities and threats.
misc. past posts mentioning vulnerabilities, threats, risks, and/or fraud
https://www.garlic.com/~lynn/subintegrity.html#fraud
misc past posts about internet anarchy and/or wild west
https://www.garlic.com/~lynn/2001m.html#30 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2001m.html#27 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2001m.html#28 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2001m.html#29 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2001m.html#30 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2001m.html#31 Internet like city w/o traffic rules, traffic signs, traffic lights and traffic enforcement
https://www.garlic.com/~lynn/2002.html#26 Buffer overflow
https://www.garlic.com/~lynn/2002f.html#24 Computers in Science Fiction
https://www.garlic.com/~lynn/2003i.html#17 Spam Bomb
https://www.garlic.com/~lynn/2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceritificates
https://www.garlic.com/~lynn/2004k.html#32 Frontiernet insists on being my firewall
https://www.garlic.com/~lynn/2007c.html#30 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#7 nouns and adjectives
https://www.garlic.com/~lynn/2007n.html#15 What if phone company had developed Internet?
https://www.garlic.com/~lynn/2007n.html#16 What if phone company had developed Internet?
https://www.garlic.com/~lynn/2007r.html#13 What do ATMS and card readers use?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Students mostly not ready for math, science college courses Newsgroups: alt.folklore.computers Date: Fri, 02 Nov 2007 14:12:13 -0400Charlton Wilbur <cwilbur@chromatico.net> writes:
i had one task where 500 (94lb) bags of cement showed up on flatbed trailer, it had to be offloaded into the store's warehouse ... with no mechanical or wheeled assistance of any kind (simple carry) and there was no loading dock (so had to be lifted off the flatbed) ... oh, and it happened to be hundred degrees outside. it shorten the elapsed time by carrying four bags at a time into the warehouse.
one commercial building project ... somebody forgot to set the utility boxes in the foundation forms before concrete pour. i then got the task of hand chiseling the holes in the foundation for utilities. after that i took to walking projects (before things like pours), cross-checking what had been done against specification/drawings.
that possibly contributed to being made foreman on the next project ... not very large ... three 9-man crews. it paid fairly well, i was out of college a number of years before monthly take-home reached the same level.
past posts in thread:
https://www.garlic.com/~lynn/2007r.html#33 Students mostly not ready for math, science college courses
https://www.garlic.com/~lynn/2007r.html#36 Students mostly not ready for math, science college courses
https://www.garlic.com/~lynn/2007r.html#38 Students mostly not ready for math, science college courses
for other topic drift:
https://www.garlic.com/~lynn/2007e.html#48 time spent/day on a computer
https://www.garlic.com/~lynn/2007f.html#76 Working while young
https://www.garlic.com/~lynn/2007g.html#79 Working while young
https://www.garlic.com/~lynn/2007h.html#19 Working while young
https://www.garlic.com/~lynn/2007j.html#94 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#0 IBM Unionization
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Sat, 03 Nov 2007 09:43:40 -0400jmfbahciv writes:
the early (cp67 & vm370) virtual machine based time-sharing
services
https://www.garlic.com/~lynn/submain.html#timeshare
beefed up the cms virtual machine environment in various ways ... frequently referred to as "padded-cells" ... limiting the impact of virtual "stand-alone" operation in a large shared environment .. i.e. isolating users from each other ... for instance some of the finanacial oriented commercial timesharing services would have lots of users from competing wall street firms (and other related institutions).
i've posted numerous times about when the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
had a number of different projects on their service that involved some of the corporation's most sensitive information ... as well as numerous non-employees (including students) from around the cambridge area.
i've also made posts with referenced articles about applying the 40+ yr
old technology as a basis for providing similar kinds of
isolation/partitioning as countermeasure to various kinds of current
threats and vulnerabilities ... for instance
https://www.garlic.com/~lynn/2007o.html#7 Hypervisors May Replace Systems As King Of The Data Centers
another reference in this vein about the 40+ yr old technology
https://web.archive.org/web/20090117083033/http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml
a few other posts along this theme
https://www.garlic.com/~lynn/2007q.html#64 Virtual Browsers: Disposable Security
https://www.garlic.com/~lynn/2007q.html#66 Direction of Stack Growth
https://www.garlic.com/~lynn/2007r.html#42 New 'virtual IT job' could be very real
i.e. assuming that you won't be able to prevent various kinds of bad things from happening ... so use virtual machine technology to isolate the scope of the damage.
and for slightly different drift about threats and vulnerabilities in
this environment ... the thread about dangers of c language
string/storage metaphor
https://www.garlic.com/~lynn/subintegrity.html#overflow
misc. past posts about threats, vulnerabilities, exploits, risk, fraud,
etc
https://www.garlic.com/~lynn/subintegrity.html#fraud
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Half a Century of Crappy Computing Newsgroups: comp.arch,comp.arch.embedded,alt.folklore.computers Date: Sat, 03 Nov 2007 10:43:33 -0400nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
and these posts in another thread that recently strayed into subject of
threats, vulnerabilities, exploits, etc on the internet:
https://www.garlic.com/~lynn/2007r.html#45 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007r.html#47 Translation of IBM Basic Assembler to C?
including some application of 40+ yr old technology, courtesy of the
science center
https://www.garlic.com/~lynn/subtopic.html#545tech
as part of the solution.
for even greater topic drift ... cp67 & cms started at the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
in the mid-60s ... some amount of it fairly obviously adopted from ctss,
like the initial version of the cms document formater application.
Later, in 69, three people at the science center invented GML
(i.e. three letters chosen as first letter of their last name). This
eventually morphed into sgml
https://www.garlic.com/~lynn/submain.html#sgml
and become the basis for current genre of html, xml, etc
... i.e. reference to a cms script clone from waterloo in extensive
use at cern and the evolution of sgml into html
http://infomesh.net/html/history/early/
and to somewhat wander back to part of the topic ... reference to the
person responsible for DNS doing stint at science center in the early
70s
http://alum.mit.edu/ne/noteworthy/profiles/mockapetris.html
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: How to tell a fake SSL certificate from a real one Newsgroups: alt.comp.freeware,comp.security.misc,alt.privacy.anon-server,alt.folklore.computers Date: Sat, 03 Nov 2007 16:01:27 -0400Anne & Lynn Wheeler <lynn@garlic.com> writes:
from my RFC index
https://www.garlic.com/~lynn/rfcietff.htm
recent PGP RFCs
https://www.garlic.com/~lynn/rfcidx8.htm#5081
5081 E
Using OpenPGP Keys for Transport Layer Security (TLS) Authentication,
Mavrogiannopoulos N., 2007/11/02 (8pp) (.txt=15300) (Refs 3280, 4346,
4366, 4880) (was draft-ietf-tls-openpgp-keys-11.txt)
https://www.garlic.com/~lynn/rfcidx8.htm#4880
4880 PS
OpenPGP Message Format, Callas J., Donnerhacke L., Finney H., Shaw D.,
Thayer R., 2007/11/02 (90pp) (.txt=203706) (Obsoletes 1991, 2440) (Refs
1423, 1950, 1951, 1991, 2045, 2440, 2822, 3156, 3447, 3629, 4086)
(Ref'ed By 5081) (was draft-ietf-openpgp-rfc2440bis-22.txt)
and as always ... clicking on the ".txt=nnn" field, retrieves the actual
RFC
could we be getting closer to certificate-less SSL/TLS protocol?
misc. posts mentioning publickey certificate-less operation
https://www.garlic.com/~lynn/subpubkey.html#certless
for additional drift, posts mentioning possibility of general use of
"on-file" public keys (from the domain name system), including for a
SSL/TLS protocol like operation.
https://www.garlic.com/~lynn/subpubkey.html#catch22
and for even more drift ... a totally different DNS topic drift (from
a thread in comp.arch)
https://www.garlic.com/~lynn/2007r.html#48 Half a Century of Crappy Computing
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Sat, 03 Nov 2007 18:24:24 -0400Morten Reistad <first@last.name> writes:
some recent posts mentioning cics
https://www.garlic.com/~lynn/2007q.html#14 Does software life begin at 40? IBM updates IMS database
https://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database
https://www.garlic.com/~lynn/2007q.html#39 Oracle Raises Stakes With BEA Offer
misc. other posts mentioning CICS (&/or bdam):
https://www.garlic.com/~lynn/submain.html#bdam
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Sat, 03 Nov 2007 18:37:11 -0400Walter Bushell <proto@oanix.com> writes:
quote about (one of) justifications for virtual machine project (first
cp40 on custom modified 360/40 and then morphed to cp67 when standard
360/67 with virtual memory was available):
What was most significant was that the commitment to virtual memory was
backed with no successful experience. A system of that period that had
implemented virtual memory was the Ferranti Atlas computer, and that was
known not to be working well. What was frightening is that nobody who
was setting this virtual memory direction at IBM knew why Atlas didn't
work
... snip ...
quoted from L.W. Comeau, "CP-40, the Origin of VM/370", Proceedings of SEAS AM82, September, 1982
above from Melinda's "VM and the VM Community: Past, Present, and Future"
https://www.leeandmelindavarian.com/Melinda/
https://www.leeandmelindavarian.com/Melinda#VMHist
for slightly more drift, another footnote from Melinda's paper:
Creasy had decided to build CP-40 while riding on the MTA. "I launched
the effort between Xmas 1964 and year's end, after making the decision
while on an MTA bus from Arlington to Cambridge. It was a Tuesday, I
believe." (R.J. Creasy, private communication, 1989.)
... snip ...
and for other drift, lots of posts mentioning virtual memory and
page replacement algorithms
https://www.garlic.com/~lynn/subtopic.html#wsclock
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Sun, 04 Nov 2007 08:07:00 -0500Steve O'Hara-Smith <steveo@eircom.net> writes:
i.e. fairly widely deployed ... including things like atm machines. even periodic comments that ims may still have very large amount of data under management (especially in critical backroom business processes)
and there is even fairly direct connection between mysql RDBMS and
the original RDBMS/SQL, system/r
https://www.garlic.com/~lynn/submain.html#systemr
and html a morphing of sgml (outgrowth of gml) ... recent post (gml
invented at the science center 1969)
https://www.garlic.com/~lynn/2007r.html#48 Half a Century of Crappy Computing
with reference:
http://infomesh.net/html/history/early/
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fixing our fraying Internet infrastructure Newsgroups: alt.folklore.computers Date: Sun, 04 Nov 2007 08:44:11 -0500somewhat topic drift, recent news reference
Technology is root of all evil, says IMF
http://www.theregister.co.uk/2007/10/23/technology_inequality_imf_economist_donkey/
from above:
In essence, according to the IMF, technological innovation is what
causes economic inequality among the human race. Yes, you read that
right: technology - and not just the machinery, but people with tech
skills - are to blame for the fact that some people are dirt poor and
others disgustingly rich.
... snip ...
past posts in thread:
https://www.garlic.com/~lynn/2007q.html#18 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007q.html#19 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007q.html#60 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007q.html#62 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007r.html#25 Fixing our fraying Internet infrastructure
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The new urgency to fix online privacy Newsgroups: alt.folklore.computers Date: Sun, 04 Nov 2007 09:18:23 -0500hancock4 writes:
somewhat as part of the EU-DPD, in the mid-90s, there was the statement that all retail electronic transactions should be as anonymous as cash ... this was interpreted as meaning that names needed to be taken off payment cards (although account numbers would still be retained).
part of this is long standing thread about confusing authentication and identification ... and resulting in huge proliferation of identification related operations ... at enormous numbers of locations around the world.
the theory behind the names on the cards was that point-of-sale clerk could ask for gov. (picture) identification and cross-check the names on the payment card and the gov. id ... as means of authentication.
elimination of name from cards ... and reducing the potential vast number of places that identification operations can occur ... was providing improved authentication and/or other fraud countermeasures.
this was one of the things that we grappled with in x9a10 financial
standard working group (which had been given the requirement to
preserve the integrity of the financial infrastructure for all retail
payments) for the x9.59 standard
https://www.garlic.com/~lynn/x959.html#x959
as i've mentioned before, we claimed that the resulting x9.59 standard
was privacy agnostic
https://www.garlic.com/~lynn/subpubkey.html#privacy
that there was significantly strong authentication measures (as fraud countermeasure) to eliminate the potential of a lot of the identification operations (frequently because of confusing authentication and identification).
x9.59 still retained account numbers and as such, financial institutions could still satisfy gov. "know your customer" mandates ... but in theory, the number of places that identification operations occurred, could be radically reduced (to bare minimum that were actually required to meet gov. mandates). X9.59 wouldn't be totally anonymous ... recognizing the gov. "know your customer" mandates ... but it could drastically reduce the number of places where any personal information had to be unnecessarily exposed.
There was a similar previous cycle in the 90s involving x.509 identity
digital certificates ... increasingly overloaded with personal
information ... but by the mid-90s, many institutions realized that
the x.509 paradigm represented enormous privacy and liability issues
... and as such, there was retrenching to something called
relying-party-only certificates
https://www.garlic.com/~lynn/subpubkey.html#rpo
But as mentioned frequently before ... we were able to show such certificates were redundant and superfluous (essentially attempting to preserve the enormous, misguided investment in x.509 identity digital certificate infrastructure ... in large part having confused authentication and identification).
That confusion (about authentication and identification) still exist and the current round is seen in some of the direction to grossly overload identification smartcards (the new generation of x.509 identity digital certificate infrastructure) with enormous amounts of personal information.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Sun, 04 Nov 2007 10:00:05 -0500Morten Reistad <first@last.name> writes:
the connectivity to the settop boxes were the cable company connectity ... but the control information going to the cable headend was coming from one of the cics regions with LU0 addressing.
recent posts
https://www.garlic.com/~lynn/2007r.html#50 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007r.html#51 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007r.html#52 Translation of IBM Basic Assembler to C?
for a little x-over in another thread ... these kind of outsourcing
datacenters are typically subject to quarterly audits both by the more
well known audit firms (on behalf outsourcing institutions) ... but also
by a dozen or so different privacy organizations.
https://www.garlic.com/~lynn/2007r.html#26 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#29 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#54 The new urgency to fix online privacy
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: CSA 'above the bar' Newsgroups: bit.listserv.ibm-main Date: Sun, 04 Nov 2007 13:20:48 -0500Steve Samson <ssamson@dc.rr.com> writes:
principles of operation was one of the first major publications done with cms script ... in large part because it supported conditional so on the command line ... either the whole architecture "redbook" could be printed ... or just the principles of operation subset (w/o all the additional detail ... it was called "redbook" because it was distributed in a 3-ring red binder).
common segment area started out being the MVS solution to moving subsystems into the own address space ... and the pervasive use of pointer passing APIs. this was what initially led to MVS kernel image occupying 8mbytes of every 16mbyte virtual address space (so for applications making kernel calls ... the kernel could directly access the parameter list). however, this pointer-passing api paradigm created significant problems when subsystems were moved into their own address space (as part of morphing os/vs2 svs to os/vs2 mvs). common segment could start out as 1mbyte in every address space ... where applications could squirrel away parameter list ... and then make call to the subsystem (passing thru the kernel for the address space switch).
the problem was for the larger installations, common segment could grow to 5-6 mbytes that appeared in every application virtual address space (with the 8mbyte taken out for the kernel image) that might leave only 2-3mbytes for applications (out of the 16mbytes).
the stop-gap solution in the 3033 time-frame was dual-address space mode (pending access registers, program call, etc) ... there was still a pass thru the kernel to switch to a called subsystem ... but the called subsystem could reach back into the calling application's virtual address space (w/o being forced to resorting to the common segment hack).
3033 also introduced a different "above the line" concept. the mismatch between processor thruput and disk thruput was becoming more and more exacerbated. i once advocated a statement that over a period of a decade or so, that the disk relative system thruput had declined by an order of magnitude (or more) ... aka disk thruput increased by 3-4 times while processor thruput increased by 40-50 times. As a result, real storage was more and more being used for caching and/or other mechanisms to compensate for the lagging disk relative system thruput.
we were starting to see clusters of 4341 decked out w/max. storage and max channel and i/o capacity ... matching or beating 3033 thruput at a lower price. one of the 4341 cluster benefits was that there was more aggregate real storage than the 16mbyte limit for 3033. the hack was to redefine two (undefined/unused) bits in the page table entry. standard page table entry had 16 bits, including a 12bit (4k) page number field (allowed addressing up to 16mbytes real storage). With the two additional bits, it was possible to address up to 16384 4kbyte pages (up to 64mbyte of real storage) ... but only 16mbytes at a time.
in real addressing mode ... it was only possible to address the first 16mbytes and in virtual addressing mode ... it was only possible to address a specific 16mbytes (but it was possible to have more than 4096 4kbyte pages).
it was possible to use channel program IDAL to specify address greater than 16mbyte real address (allowing data to be read/written above the 16mbyte line). however, the actual channel programs were still limited to residing below the 16mbyte line. some of this was masked by the whole channel program translation mechanism that was necessary as part of mobing to 16mbyte virtual memoy environment. the original transition for mvt was hacking a little bit of support for a single virtual address space (i.e. os/vs2 svs) and cribbing in code from CP67 for doing all the gorp for copying the channel program (passed by svc0/excp), fixing the corresponding virtual pages (to real addresses) and replacing all the virtual addresses with corresponding real addresses (as well as potentially converting non-IDAL CCWs to IDAL CCWs).
recent posts mentioning the channel program copying hack
for virtual memory environment
https://www.garlic.com/~lynn/2007e.html#19 Cycles per ASM instruction
https://www.garlic.com/~lynn/2007e.html#27 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007e.html#46 FBA rant
https://www.garlic.com/~lynn/2007f.html#0 FBA rant
https://www.garlic.com/~lynn/2007f.html#6 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007f.html#33 Historical curiosity question
https://www.garlic.com/~lynn/2007f.html#34 Historical curiosity question
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007n.html#35 IBM obsoleting mainframe hardware
https://www.garlic.com/~lynn/2007o.html#41 Virtual Storage implementation
https://www.garlic.com/~lynn/2007p.html#69 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#70 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#73 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#74 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#72 A question for the Wheelers - Diagnose instruction
https://www.garlic.com/~lynn/2007q.html#8 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007q.html#24 GETMAIN/FREEMAIN and virtual storage backing up
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Sun, 04 Nov 2007 13:52:20 -0500Morten Reistad <first@last.name> writes:
there is an enormous integrity problem with the standard C language string/storage paradigm ... leading to all sorts of integrity and exploit problems. a hardware countermeasure was being able to mark specific storage location as "non-executable" ... i.e. storage regions where instruction couldn't be fetched. it wasn't impossible for these things to occur in other (non-C) environments ... it was just that there have been no recorded examples (in part because it was significantly much more difficult to make such mistakes as compared to C environments).
lots of past posts about buffer exploits
https://www.garlic.com/~lynn/subintegrity.html#overflow
there have been some number of environments where it was possible to mark things as "executable" ... but this particular hardware protection feature is to mark things as "non-executable" as countermeasure to the enormous number of mistakes attritable to C-language programming.
misc. past posts mentioning no-execute feature as countermeasure to
c-language length vulnerabilities.
https://www.garlic.com/~lynn/2004q.html#82 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005.html#0 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005.html#3 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005b.html#25 360POO
https://www.garlic.com/~lynn/2005b.html#39 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005b.html#66 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005c.html#44 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005o.html#10 Virtual memory and memory protection
https://www.garlic.com/~lynn/2006d.html#8 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006q.html#7 Linux More Secure on System z?
https://www.garlic.com/~lynn/2006s.html#64 Is the teaching of non-reentrant HLASM coding practices ever defensible?
old references from mid-2004 and later about linux support for no-execute
http://kerneltrap.org/node/3240
http://osdir.com/ml/linux.gentoo.amd64/2005-10/msg00050.html
the other scenario was from the original 801/risc design from 70s and
subject of possible associated hardware/software trade-offs.
https://www.garlic.com/~lynn/2007r.html#28 complicated address generation unit?
https://www.garlic.com/~lynn/2007r.html#44 complicated address generation unit?
where the hardware was providing no proection at all ... not even separation between kernel mode and application mode (privileged/non-privileged). the claim was that cp.r would only load validly compiled programs and the pl.8 compiler would only product correct applications (including not allowing security violations). of course, when was decided to adapt 801/risc for unix environment and the pc/rt ... it was necessary to at least introduce machine state for privileged instructions.
part of the original design point had to do with memory mapping paradigm and the number of different distinct objects that could be in the virtual address space at one time. 801/risc performance was enhanced and hardware simplified by having 16segment registers (i.e. the address space control information in control registers) and inverted page tables. the claim was applications can compensate for the minimal number of 16 segments by changing segment register values (effectively remapping portions of the virtual address space) as easily as they could change general purpose (and/or address pointer) registers. since there was no protection domains at all (in theory having all been correctly handled by software) ... inline application code could easily change virtual address space control information (w/o requiring kernel calls involving permission and access checking)
misc. 801, risc, romp, rios, power, somerset, fort knox, etc posts
https://www.garlic.com/~lynn/subtopic.html#801
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fixing our fraying Internet infrastructure Newsgroups: alt.folklore.computers Date: Sun, 04 Nov 2007 17:53:22 -0500John Ahlstrom <AhlstromJK@comcast.net> writes:
i.e.
Technology is root of all evil, says IMF
http://www.theregister.co.uk/2007/10/23/technology_inequality_imf_economist_donkey/
also from above:
Most of the mainstream financial press have chosen to ignore this
dazzling suggestion from the world globalisation bureau that
globalisation is great and if something has gone wrong it must be
someone else's fault. But noted economics pundit Clive Crook, writing
for the Financial Times, has fallen on it with glee.
... snip ...
the "has fallen on it with glee" is click reference to
End global inequality: become a Luddite
http://www.ft.com/cms/s/e17c6aea-7fdf-11dc-b075-0000779fd2ac,Authorised=false.html?_i_location=http%3A%2F%2Fwww.ft.com%2Fcms%2Fs%2F0%2Fe17c6aea-7fdf-11dc-b075-0000779fd2ac.html%3Fnclick_check%3D1&_i_referer=http%3A%2F%2Fwww.theregister.co.uk%2F2007%2F10%2F23%2Ftechnology_inequality_imf_economist_donkey%2F&nclick_check=1
from above:
"IMF Fuels Critics of Globalisation," was the headline in the Wall
Street Journal. "Technology and foreign investment are making income
inequality worse around the world, the IMF said in a new report, handing
critics of globalisation a powerful argument to use in their political
battles," the article began.
... snip ...
search engine for "IMF Fuels Critics of Globalisation" turns up quite a
few references ... like this web page with text of the wall street
journal article
https://www-304.ibm.com/easyaccess1/fileserve?contentid=232077
another reference with quotes from the (WSJ) article
Oh no! Globalisation increases returns to human capital
http://www.economist.com/blogs/freeexchange/2007/10/oh_no_globalisation_increases.cfm
which also references:
Globalization and Inequality-Becker
http://www.becker-posner-blog.com/archives/2007/10/globalization_a_1.html
the above has quite a bit of discussion. part of the (base) post
... This effect of technological progress has been used to explain the
sharply rising gap in earnings between college graduates and others
during the past three decades in the United States (see my discussion of
inequality in the blog entries for April 23 and December 10, 2006).
... snip ...
the original IMF article is here:
World Economic Outlook; Globalization and Inequality
http://www.imf.org/external/pubs/ft/weo/2007/02/index.htm
"the WEO is usually prepared twice a year" ... and this one makes references to another recent IMF report "Global Financial Stability Report" and lists some of the issues raised, like the problems in collateralized securities market. One of the things somewhat behind the scenes, but implicit in all this, are very sophisticated financial risk computer models taking into account hundreds of thousand of factors that are constantly being updated. From an financial risk modeling standpoint, one might be tempted to conclude that recent issues in the collateralized securities market may have involved inaccurate and/or missing information.
recent posts mentioning subprime mortgages (related to the
collateralized securities market)
https://www.garlic.com/~lynn/2007j.html#81 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#82 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#10 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#12 IBM Unionization
https://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
https://www.garlic.com/~lynn/2007p.html#50 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#28 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#41 Newsweek article--baby boomers and computers
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fixing our fraying Internet infrastructure Newsgroups: alt.folklore.computers Date: Sun, 04 Nov 2007 18:29:18 -0500re:
for other topic drift ... one of the most successful breakouts for massively parallel "GRID" computing (from national labs), has been into financial market segment (a lot of it supporting financial modeling).
recent reference here ... looking at being able to improve financial
modeling performance, including enabling "real-time" trading
https://www.garlic.com/~lynn/2007k.html#23 Another "migration" from the mainframe
https://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#65 mainframe = superserver
and this reference ..
Grid Computing for Financial Services 2007 Future Grid: Dominate the
financial markets with outstanding processing capability, technology
management and infrastructure development (London, UK)
http://www.iqpc.com/cgi-bin/templates/genevent.html?topic=233&event=12603&
although bleeding edge is still in national labs and research institutions, recent article here
Argonne Labs plans half-petaflop BlueGene supercomputer
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9045418
IBM Blue Gene/P Supercomputer Comes to U.S.
http://www.cioinsight.com/article2/0,1540,2211361,00.asp
i.e.
Argonne National Laboratory will gain 445 teraflops of computing power
from the new supercomputer.
and ...
The Armonk, N.Y., company is currently building its first Blue Gene/P
system at the Julich Research Center in Germany.
...
for other drift ... long ago and far away
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15
much of our work on medusa was oriented towards the
commerical market ... misc. old email
https://www.garlic.com/~lynn/lhwemail.html#medusa
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fixing our fraying Internet infrastructure Newsgroups: alt.folklore.computers Date: Mon, 05 Nov 2007 08:17:44 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
this old, long winded post mentions a number of things, including some
of the home loan problems from the 80s, one was that variable rate home
loans nearly took citibank under and as a result they totally got out of
the mortgage market
https://www.garlic.com/~lynn/aepay3.htm#riskm The Thread Between Risk Management and Information Security
for past couple days citibank again has been having problems with variable rate loans
In Citi shake-up, broader troubles
http://www.theaustralian.news.com.au/story/0,25197,22705392-36375,00.html
Sub-prime fallout claims Citigroup chairman
http://www.nbr.co.nz/home/column_article.asp?id=19420&cid=8&cname=News
Yen Rises as Citigroup Writedowns Prompt Carry-Trade Reduction
http://www.bloomberg.com/apps/news?pid=20601085&sid=aFQz1RhA98mU&refer=europe
Subprime crisis last blow for Citi head
http://www.msnbc.msn.com/id/21625483/
Citi Is A Mess
http://www.forbes.com/business/2007/11/05/citigroup-prince-exits-business-cx_lm_1105prince.html
World shares fall as Citi reignites credit concerns
http://investing.reuters.co.uk/news/articleinvesting.aspx?type=tnBusinessNews&storyID=2007-11-05T090530Z_01_N02311433_RTRIDST_0_BUSINESS-MARKETS-GLOBAL-DC.XML
interview in real time on one of the business channels is claiming that the institutions currently having problems with collaterized securities, weren't doing risk management (not restricted just to citi).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The new urgency to fix online privacy Newsgroups: alt.folklore.computers Date: Mon, 05 Nov 2007 08:52:36 -0500re:
somewhat recent article
Uncle Sam's newest security challenge to businesses
http://news.zdnet.com/2100-1009_22-6216821.html
a few snipets from above:
These breaches come with a high price tag. Forrester Research says that
a security breach can cost anywhere between $90 and $305 per record,
Protecting financial information for a small retail chain will not be
the same as what's required for an international bank.
The business world has already experienced the impact of government
attempting to control the inner workings of an organization.
Sarbanes-Oxley is well-intentioned, but the cost of compliance has been
staggering for many businesses.
... snip ...
in much of the attention related to privacy ... repeated surveys have shown that general consumer concerns hasn't been so much preventing disclosing of general personal information ... but specifically with preventing disclosing of personal information that can result in fraud, id theft, and/or (institutional) denial of service
while i've mentioned that x9.59 financial standard protocol
https://www.garlic.com/~lynn/x959.html#x959
was designed to be privacy agnostic
https://www.garlic.com/~lynn/subpubkey.html#privacy
there was major effort in x9.59 to eliminate most of the existing fraud. in the mid-90s, the x9a10 financial standard working group had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. part of that was doing a detailed vulnerability and threat analysis.
part of x9.59 was eliminating much of the confusion between identification and authentication, and being able to leverage strong authentication in lieu of identification ... and thereby eliminating much of the general fallback to identification as part of financial transactions. at the same time, x9.59 was targeted at eliminating the fraud that rises from numerous kinds of evesdropping, skimming, harvesting, data breaches, security breaches, etc. The claim was that harvesting of previous transactions (enabling various kinds of replay attacks and other kinds of fraud) would be nearly impossible to prevent. The issue was the existing infrastructure places nearly diametrically opposing requirements on the information from those previous transactions ...
• required to be generally available for numerous business process • required to be kept confidential and never divulged
we had also been called in to help wordsmith the cal. state electronic
signature law ... and then the fed. electronic signature law
https://www.garlic.com/~lynn/subpubkey.html#signature
some of the other organizations that were participating in the electronic signature legislation were also involved in the data breach and security breach disclosure legislation effort and had done detailed consumer surveys and studies related to that effort. the primary concerns that were raised with regard to personal information disclosure was 1) enabling fraud and 2) could be used by organization and institutions for denial of service.
a lot of churn and swirl around privacy frequently fails to establish any priority or ranking as to different kinds of threats and vulnerabilities related to different kinds of personal information disclosure.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: CSA 'above the bar' Newsgroups: bit.listserv.ibm-main Date: Mon, 05 Nov 2007 09:20:30 -0500John.Mckown@HEALTHMARKETS.COM (McKown, John) writes:
i had done something similar, but different in the waning days of cp67 and then ported it to vm370. it was generalized memmap function that allowed different virtual address spaces to have the same shared memory object at different addresses.
vm370 started out with a drastic subset of this function that was cribbed off the virtual "IPL" command. however, it was dependent on providing r/o sharing of the same object by "segment protection" feature that was part of the original, base 370 virtual memory architecture.
this was one of the features that got dropped when the retrofit of virtual memory hardware to 370/165 ran into scheduling problems ... could regain six month in schedule if several features were dropped (and the favorite son operating system in pok claimed that they didn't find the features really useful).
as a result, this caused all the other processors that already had implemented full 370 virtual memory architecture to go back and pull the dropped features. it also forced the vm370 group to significantly redo their implementation on how to protect shared segments across multiple different virtual address spaces (effectively a real cludge that had been used in cp67)
in any case, a drastic subset of my (genealized) memory mapping and sharing implementation was eventually released as something called discontiguous shared segments.
lots of past posts mentioning the cms filesystem changes supporting
memory mapping (and page mapped operation)
https://www.garlic.com/~lynn/submain.html#mmap
and numerous posts discussing the difficulty that the os/360
relocatable adcon convention represented for allowing sharing
same object in different virtual address spaces at potentially
different virtual addresses
https://www.garlic.com/~lynn/submain.html#adcon
while tss/360 had numerous other problems, they at least adopted a different convention to address relocatable address constant issue for a shared, virtual memory environment
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Mon, 05 Nov 2007 10:09:04 -0500Bernd Felsche <bernie@innovative.iinet.net.au> writes:
SSL was suppose to address two issues
1) is the webserver you think you are talking to, actually the webserver you are talking to
2) encrypt/hide the data transmitted
almost immediately major deployment of SSL compromised the
first objective and could allow spoofing/impersonation attacks
and/or man-in-the-middle attacks
https://www.garlic.com/~lynn/subintegrity.html#mitmattack
recent long-winded thread in another n.g.
https://www.garlic.com/~lynn/2007q.html#72 Value of SSL client certificates?
https://www.garlic.com/~lynn/2007q.html#73 Value of SSL client certificates?
https://www.garlic.com/~lynn/2007r.html#12 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#17 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#18 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#19 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#24 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#49 How to tell a fake SSL certificate from a real one
the major use of SSL has been for "hiding" these financial transactions (during tansmission) ... keeping them hidden from prying eyes. however, later when we were working on x9.59 financial standard protocol ... it was realized that the major vulnerability for these operations weren't "data in transit" but "data at rest" (i.e. the data breaches and security breaches).
part of the issue was the diametrically opposing requirements for much of the data, being readily available and at the same time kept confidential and never divulged.
from the security acronym "PAIN"
• Privacy (sometimes CAIN and confidential)
• Authentication
• Integrity
• Non-repudiation
basically the SSL encryption was achieving security via Privacy (or
Confidential).
In effect, x9.59 financial standard protocol
https://www.garlic.com/~lynn/x959.html#x959
substituted Authentication and Integrity for Privacy to achieve security. In fact, the claim is that it is no longer actually required to hide such transactions for security purposes (i.e. requirement given the x9a10 financial standard working group to preserve the integrity of the financial institution for all retail payments). X9.59 doesn't eliminate evesdropping, skimming, data breaches, security breaches, etc ... but eliminates the threats, risks, vulnerabilities, fraud, etc that might result from such events.
other recent posts mentioning x9a10 financial standard working group
https://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
https://www.garlic.com/~lynn/2007o.html#28 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#72 Value of SSL client certificates?
https://www.garlic.com/~lynn/2007r.html#21 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#29 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#34 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#54 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#61 The new urgency to fix online privacy
From: Anne & Lynn Wheeler <lynn@garlic.com> Newsgroups: bit.listserv.ibm-main Subject: Re: CSA 'above the bar' Date: Mon, 05 Nov 2007 19:17:37 -0500bdissen@DISSENSOFTWARE.COM (Binyamin Dissen) writes:
some footnotes about the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
from Melinda's paper "VM and the VM Community: Past, Present, and Future"
https://www.leeandmelindavarian.com/Melinda/
https://www.leeandmelindavarian.com/Melinda#VMHist
...
What was most significant was that the commitment to virtual memory
was backed with no successful experience. A system of that period that
had implemented virtual memory was the Ferranti Atlas computer, and
that was known not to be working well. What was frightening is that
nobody who was setting this virtual memory direction at IBM knew why
Atlas didn't work
... snip ...
quoted from L.W. Comeau, "CP-40, the Origin of VM/370", Proceedings of SEAS AM82, September, 1982
and ...
Creasy had decided to build CP-40 while riding on the MTA. "I launched
the effort between Xmas 1964 and year's end, after making the decision
while on an MTA bus from Arlington to Cambridge. It was a Tuesday, I
believe." (R.J. Creasy, private communication, 1989.)
... snip ...
cp40 was built on specially modified 360/40 with virtual memory hardware ... implementing virtual machines. This morphed into cp67 when 360/67 with standard virtual memory became available.
and as per previous post in thread
https://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#62 CSA 'above the bar'
the initial hack to mvt for os/vs2, in support of 370 virtual memory, involved borrowing a lot of code from cp67.
lots of the vm370 microcode assists developed during the 70s and early 80s eventually morphed into pr/sm and current day LPARs ... which is basically stripped down version of full VM virtual machine function.
From: lynn@GARLIC.COM (Anne & Lynn Wheeler) Subject: Re: CSA 'above the bar' Newsgroups: bit.listserv.ibm-main Date: 5 Nov 2007 16:45:47 -0800eamacneil@YAHOO.CA (Ted MacNEIL) writes:
one was all the stuff about LRU replacement algorithms and what it
met. lots of posts on the subject
https://www.garlic.com/~lynn/subtopic.html#wsclock
early on, the pok performance modeling group had discovered on a page fault that if it selected "non-changed" pages (for replacement) before "changed" pages ... there wouldn't need the overhead of doing a write before the read. i tried to convince them it would be violated fundamental tenents of LRU replacement paradigm. It wasn't until well into MVS releases that somebody pointed out that they were selecting for replacement, high-use, non-changed, system/shared executable pages, before (lower use) private application data pages (which were changed/modified).
another issue isn't just the double paging overhead ... there is the possibility that a virtual guest is running a LRU-like replacement algorithm and selecting a real page with a low use virtual page for replacement (to be refreshed with the missing page). VM may also be doing LRU-like replacement algorithm and noticed (also) that the guest's real page (virtual machine virtual page) hadn't been recently used and selected it for replacement. The pathelogical problem is that the guest may always be deciding it needs one of its real pages (because the corresponding virtual pages weren't being used) moments after VM has decided to remove the corresponding guest virtual machine page from real storage .... aka running a virtual guest's LRU-like replacement algorithm can violate the premise behind LRU replacement ... since the guest's real page that corresponds to the guest's least recently used virtual page has some probability of being the next page that the guest might actually decide to use
misc. past posts in thread:
https://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#62 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#64 CSA 'above the bar'
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The new urgency to fix online privacy Newsgroups: alt.folklore.computers Date: Tue, 06 Nov 2007 08:53:26 -0500Bernd Felsche <bernie@innovative.iinet.net.au> writes:
we had been called in to consult with a small client/server
startup that wanted to do payments on their server and
had this technology they had invented called SSL. recent
post with some discussion of some implementation characteristics
of the early implementation
https://www.garlic.com/~lynn/2007r.html#13 What do ATMS and card readers use?
lots of other posts mentioning that effort
https://www.garlic.com/~lynn/subnetwork.html#gateway
the requirement for e-commerce
1) is the website the user thinks they are talking to, the website they are actually talking to (countermeasure to man-in-the-middle attacks, impersonation exploits, etc).
2) hide/encrypt transmission
this required that users realize/know the relationship between the website they are talking to and the corresponding URL. the assumption was that the user provided a "trusted" URL ... and then SSL protocol assured the correspondence between the supplied, trusted URL and the website actually contacted.
almost immediately, merchants found that use of SSL during the shopping phase, dropped their thruput by 80-90 percent and so dropped SSL from the initial connection (eliminating #1 part of SSL function)
the websites then would provide a click/pay button where the (possibly fraudulent and/or spoofed) website provided the SSL URL to the browser. this accelerated the disconnect between consumers awareness between URL and the websites they thought they were talking to. In the case of payment processing outsourcing, the click/pay button could even involve a URL that was totally different than the merchant website's, widening the gap between end user's URL awareness and the corresponding website.
then SSL will dutifully encrypt/hide the transaction information between the end users and the possibly fraudulent website.
a crook just needed to register any domain name and obtain a
valid SSL domain name digital certificate for that domain
name. this was somewhat behind our early comments about "comfort"
certificates.
https://www.garlic.com/~lynn/subpubkey.html#sslcert
we then got involved with the x9a10 financial standard working group
which in the mid-90s had been given the requirement to preserve the
integrity of the financial infrastructure for all retail payments
... that resulted in the x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959
as part of the x9a10 effort, there were detail end-to-end
vulnerability and threat studies of all aspects of the payment
transactions ... lots of posts about fraud, threats, risks,
vulnerabilities, exploits
https://www.garlic.com/~lynn/subintegrity.html#fraud
and all the related business processes ... included regulations where merchants are mandated to have logs of transactions for extended periods as part of things like processing returns, charge backs, disputes, etc. ... part of the observation that the current infrastructure places diametrically oppossing requirements on the information ... that it be both readily (and potentially widely) available and at the same time kept confidential and never disclosed (aka potentially a payment card should be kept in the users safe deposit box and never used).
the work on x9.59 standard was required to address all the issues, not
just a small percentage potentially for some specific environment.
this is part of the characteristic that we claimed that x9.59 was made
privacy agnostic
https://www.garlic.com/~lynn/subpubkey.html#privacy
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: CSA 'above the bar' Newsgroups: alt.folklore.computers,bit.listserv.ibm-main Date: Tue, 06 Nov 2007 10:06:25 -0500Herbie.VanDalsen@ELAVON.COM (Van Dalsen, Herbie) writes:
... the way that i originally did sharing implementation and mmap
support
https://www.garlic.com/~lynn/submain.html#mmap
was that the same shared object wasn't required to occupy the same
virtual address in every virtual address space. however, it could
represent a challenge when program images with "relocatable address
constants" were involved
https://www.garlic.com/~lynn/submain.html#adcon
there would still be an issue of the amount of happiness (available in 24bit mode) as opposed to any happiness.
it would create a problem for processors that had virtual caches ... i.e. cache lines indexed by virtual address ... resulting in synonyms/duplicates in the cache when the same object was addressed by different virtual addresses.
here is old email discussing dual index 3090 D-cache
https://www.garlic.com/~lynn/2003j.html#email831118
in this post
https://www.garlic.com/~lynn/2003j.html#42 Flash 10208
other posts about virtual cache
https://www.garlic.com/~lynn/2006u.html#37 To RISC or not to RISC
https://www.garlic.com/~lynn/2006v.html#6 Reasons for the big paradigm switch
https://www.garlic.com/~lynn/2006w.html#17 Cache, TLB, and OS
one of the other issues for TLB (hardware that translates virtual page addresses to real page addresses) ... all the entries were tagged/associated with specific virtual address spaces ... i.e. "STO-associative". This generalized mechanism resulted in a huge number of "duplicated" entries CSA/common-segment. So as a special case optimization for the whole MVS CSA/common-segment hack gorp ... a special option was provided that identified virtual addresses as something belonging to common-segment. These areas then became associated in the TLB with effectively a system-wide, unique, artificial "common-segment" virtual address space (effectively violating the whole generalized virtual address space architecture ... rather than associated with generalized virtual address space ... it became associated with a custom operating system specific construct that was known to have very specific characteristics).
past post in this thread discussing rise of the whole ugly common
segment gorp
https://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'
other posts in this thread
https://www.garlic.com/~lynn/2007r.html#64 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#65 CSA 'above the bar'
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: High order bit in 31/24 bit address Newsgroups: alt.folklore.computers,bit.listserv.ibm-main Date: Tue, 06 Nov 2007 13:38:01 -0500ssamson@DC.RR.COM (Steve Samson) writes:
including various functional characteristics
http://www.bitsavers.org/pdf/ibm/360/functional_characteristics/
specifically 360/67 functional characteristics a27-2719-0
http://www.bitsavers.org/pdf/ibm/360/functional_characteristics/A27-2719-0_360-67_funcChar.pdf
and ga27-2719-2
http://www.bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf
which has a lot of the gory details.
as somewhat referenced here ... 360/67 was originally intended for use
by tss/360 ... but for a whole variety of reasons, most of them ran
cp67 (or in straight 360/65 mode with mvt w/o using virtual
memory hardware)
https://www.garlic.com/~lynn/2007r.html#64 CSA 'above the bar'
curtesy of science center
https://www.garlic.com/~lynn/subtopic.html#545tech
in any case, psw format, pg. 15
bit meaning 0-3 spare (must be 0) 4 24-32 bit address mode 5 translation control 6 i/o mask (summary) 7 external mask (summary) 8-11 protection key 12 ascii-8 mode 13 machine check mask 14 wait state 15 problem state 16-17 instruction length code 18-19 condition code 20-23 program mask 24-31 spare 32-63 instruction address...
there were a quite a few of the machines used internally.
one of the projects were adding 370 virtual machine option to cp67 simulation ... this was having cp67 simulate the new instructions added to 370 (prior to announcement of 370 virtual memory).
one of the places that deployed numerous of these machines was
in the field/data processing/sales division for a project
called HONE
https://www.garlic.com/~lynn/subtopic.html#hone
for Hands-On Network Environment ... the idea was that in the wake
of 23jun69 unbundling announcement
https://www.garlic.com/~lynn/submain.html#unbundle
that SEs in the branch office could get operating system "hands-on" experience with (370) systems running in cp67 (370) virtual machines.
however, the science center had also ported apl\360 to cms for cms\apl and done a lot of work enhancing it to operate in "large" virtual memory environment (most apl\360 was limited to 16k workspaces, hardly adequate for many real world problems). With cms\apl, there were lots of new (internal) apl-based applications developed (some number of them of the genre that today would be done with spreadsheets) ... including "configurators" ... which basically filled out mainframe system orders for the branch office personal. As the use of these applications grew on HONE ... eventually they eclipsed the virtual guest "hands-on" training and would consume all available resources. at some point in the 70s, it was not even possible to submit a mainframe order that hadn't been run thru HONE configurator.
science center had also done quite a bit of work in the area of
sophisticated system performance modeling ... including laying the
groundwork for what would become capacity planning. some of this
i've commented about with regard to calibrating and validating
https://www.garlic.com/~lynn/submain.html#benchmark
the release of my resource manager
https://www.garlic.com/~lynn/subtopic.html#fairshare
in addition, a flavor of the performance modeling work was also deployed on HONE as the (apl based) performance predictor. Branch office people could submit customer configuration and workload details/characteristics and then ask "what-if" questions of the performance predictor ... as to what would happen if there was configuration and/or workload changes.
another project was doing the cp67 changes to support a full 370 virtual memory implementation. this had a version cp67 running either in a 360/67 virtual machine (under cp67) or stand-alone real 360/67 simulating virtual machine with full 370 virtual memory operation. Then there was a custom version of cp67 that believed it ran on 370 virtual memory "hardware" (rather than on 360/67 hardware). This was in regular production use a year before the first engineering 370 machine with virtual memory support was operational (and long before announcement).
past posts in the related thread:
https://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#62 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#64 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#65 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#67 CSA 'above the bar'
misc. past posts mentioning performance predictor
https://www.garlic.com/~lynn/2001i.html#46 Withdrawal Announcement 901-218 - No More 'small machines'
https://www.garlic.com/~lynn/2002b.html#64 ... the need for a Museum of Computer Software
https://www.garlic.com/~lynn/2002c.html#45 cp/67 addenda (cross-post warning)
https://www.garlic.com/~lynn/2002q.html#28 Origin of XAUTOLOG (x-post)
https://www.garlic.com/~lynn/2003g.html#15 Disk capacity and backup solutions
https://www.garlic.com/~lynn/2003p.html#29 Sun researchers: Computers do bad math ;)
https://www.garlic.com/~lynn/2004g.html#42 command line switches [Re: [REALLY OT!] Overuse of symbolic constants]
https://www.garlic.com/~lynn/2004k.html#31 capacity planning: art, science or magic?
https://www.garlic.com/~lynn/2004o.html#10 Multi-processor timing issue
https://www.garlic.com/~lynn/2005d.html#1 Self restarting property of RTOS-How it works?
https://www.garlic.com/~lynn/2005d.html#6 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005d.html#33 Thou shalt have no other gods before the ANSI C standard
https://www.garlic.com/~lynn/2005d.html#48 Secure design
https://www.garlic.com/~lynn/2005h.html#1 Single System Image questions
https://www.garlic.com/~lynn/2005h.html#15 Exceptions at basic block boundaries
https://www.garlic.com/~lynn/2005j.html#12 Performance and Capacity Planning
https://www.garlic.com/~lynn/2005k.html#17 More on garbage collection
https://www.garlic.com/~lynn/2005o.html#30 auto reIPL
https://www.garlic.com/~lynn/2005o.html#34 Not enough parallelism in programming
https://www.garlic.com/~lynn/2006b.html#15 {SPAM?} Re: Expanded Storage
https://www.garlic.com/~lynn/2006b.html#17 {SPAM?} Re: Expanded Storage
https://www.garlic.com/~lynn/2006f.html#22 A very basic question
https://www.garlic.com/~lynn/2006f.html#30 A very basic question
https://www.garlic.com/~lynn/2006g.html#34 The Pankian Metaphor
https://www.garlic.com/~lynn/2006h.html#25 The Pankian Metaphor
https://www.garlic.com/~lynn/2006l.html#3 virtual memory
https://www.garlic.com/~lynn/2006o.html#23 Strobe equivalents
https://www.garlic.com/~lynn/2006o.html#25 CPU usage for paging
https://www.garlic.com/~lynn/2006s.html#24 Curiousity: CPU % for COBOL program
https://www.garlic.com/~lynn/2006t.html#28 Why these original FORTRAN quirks?
https://www.garlic.com/~lynn/2007k.html#65 Non-Standard Mainframe Language?
misc. past posts discussing internal cp67 versions that supported 370
virtual machines and/or ran on 370 (as opposed to running on 360/67)
https://www.garlic.com/~lynn/2002j.html#0 HONE was .. Hercules and System/390 - do we need it?
https://www.garlic.com/~lynn/2004b.html#31 determining memory size
https://www.garlic.com/~lynn/2004h.html#27 Vintage computers are better than modern crap !
https://www.garlic.com/~lynn/2004p.html#50 IBM 3614 and 3624 ATM's
https://www.garlic.com/~lynn/2005c.html#59 intel's Vanderpool and virtualization in general
https://www.garlic.com/~lynn/2005d.html#66 Virtual Machine Hardware
https://www.garlic.com/~lynn/2005g.html#17 DOS/360: Forty years
https://www.garlic.com/~lynn/2005h.html#18 Exceptions at basic block boundaries
https://www.garlic.com/~lynn/2005j.html#50 virtual 360/67 support in cp67
https://www.garlic.com/~lynn/2005p.html#27 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2006.html#38 Is VIO mandatory?
https://www.garlic.com/~lynn/2006e.html#7 About TLB in lower-level caches
https://www.garlic.com/~lynn/2006f.html#5 3380-3390 Conversion - DISAPPOINTMENT
https://www.garlic.com/~lynn/2006l.html#21 Virtual Virtualizers
https://www.garlic.com/~lynn/2006m.html#26 Mainframe Limericks
https://www.garlic.com/~lynn/2006o.html#19 Source maintenance was Re: SEQUENCE NUMBERS
https://www.garlic.com/~lynn/2006q.html#1 Materiel and graft
https://www.garlic.com/~lynn/2006q.html#45 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006q.html#49 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006w.html#3 IBM sues maker of Intel-based Mainframe clones
https://www.garlic.com/~lynn/2007b.html#20 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007f.html#12 FBA rant
https://www.garlic.com/~lynn/2007i.html#16 when was MMU virtualization first considered practical?
https://www.garlic.com/~lynn/2007p.html#74 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007q.html#23 GETMAIN/FREEMAIN and virtual storage backing up
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: CSA 'above the bar' Newsgroups: alt.folklore.computers,bit.listserv.ibm-main Date: Tue, 06 Nov 2007 15:05:52 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
from z/architecture principles of operation
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/CCONTENTS
segment-table entries
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/3.11.2.2?DT=20040504121320
defining the (MVS-specific) common-segment bit (in 64bit address segment
table) ... aka
Common-Segment Bit (C): Bit 59 controls the use of the
translation-lookaside-buffer (TLB) copies of the segment-table entry and
of the page table which it designates. A zero identifies a private
segment; in this case, the segment-table entry and the page table it
designates may be used only in association with the segment-table origin
that designates the segment table in which the segment-table entry
resides. A one identifies a common segment; in this case, the
segment-table entry and the page table it designates may continue to be
used for translating addresses corresponding to the segment index, even
though a different segment table is specified.
... snip ...
... aka segment table (and the corresponding segment table origin address or "STO") is effective equivalent to unique virtual address space.
since MVS has the common segment(s) appearing in every virtual address space, rathing than filling up TLB entries with large number of duplicated entries for the same information, effectively create a special class of virtual addresses that apply across everything in the system. this ugly common segment gorp then creates all sort of complications (that weren't part of the original virtual memory architecture) ... see the programming notes regarding common segment operation/problems at the above URL describing segment-table entries.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Latest OECD broadband data puts US in middle of the pack on speed, price Newsgroups: alt.folklore.computers Date: Tue, 06 Nov 2007 15:33:19 -0500Latest OECD broadband data puts US in middle of the pack on speed, price
misc. items from above:
After OECD reports showed the US dropping down the list when it came to
broadband penetration (it is now ranked 15th in the number of broadband
subscribers per 100 inhabitants), ...
...
The OECD examined the average monthly subscription for a broadband
connection (regardless of speed or technology) and found that the US
sits in 21st place.
...
If we look at raw speed, the US is still stuck in 14th.
... snip ...
other threads related to this topic:
https://www.garlic.com/~lynn/2007g.html#6 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#34 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#35 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#52 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#68 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007h.html#42 Experts: Education key to U.S. competitiveness
https://www.garlic.com/~lynn/2007i.html#13 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007l.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007o.html#20 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007o.html#21 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007o.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007p.html#15 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007p.html#18 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007p.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007p.html#32 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007q.html#18 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007q.html#19 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007q.html#60 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007q.html#62 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007r.html#25 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007r.html#33 Students mostly not ready for math, science college courses
https://www.garlic.com/~lynn/2007r.html#36 Students mostly not ready for math, science college courses
https://www.garlic.com/~lynn/2007r.html#38 Students mostly not ready for math, science college courses
https://www.garlic.com/~lynn/2007r.html#46 Students mostly not ready for math, science college courses
https://www.garlic.com/~lynn/2007r.html#53 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007r.html#58 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007r.html#59 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007r.html#60 Fixing our fraying Internet infrastructure
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: The new urgency to fix online privacy Newsgroups: alt.folklore.computers Date: Tue, 06 Nov 2007 17:03:30 -0500Dave Garland <dave.garland@wizinfo.com> writes:
New Fed Pricing Expected to Spur Further Moves to Electronic Processing
http://www.digitaltransactions.net/newsstory.cfm?newsid=1572
from above:
The Federal Reserve Board is cutting its fees for handling Check 21
items delivered to paying banks electronically but raising tariffs for
processing paper checks and the substitute checks authorized under Check
21, a Fed announcement released on Tuesday says.
... snip ...
there is also some recent news items about patent legal action against companies implementing/deploying remote/electronic check image capture.
Other Shoe Drops As USPTO Affirms Second DataTreasury Patent
http://www.digitaltransactions.net/newsstory.cfm?newsid=1556
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Tue, 06 Nov 2007 17:46:21 -0500Charlton Wilbur <cwilbur@chromatico.net> writes:
That gave rise to "skimming" attacks ... recording all the information off a valid magstripe (necessary) for production of counterfeit cards.
just manual copying, pretty much limits fraud to card-not-present attack (i.e. internet, phone, mail-order) ... all kinds of card-not-present fraud is something like 1/6th to 1/5th of all credit card fraud. fraud from waiter doing manual copying of credt card information would be some limited part of card-not-present fraud.
in the 90s there was case of (NYC) waiter who had miniture card swipe reader pinned to the inside of his lapel connected to a PDA. at the end of the shift ... all of the harvested magstripe information was sent over the internet to some location in the far east where counterfeit cards were on the street almost immediately
there has been quite a bit about various kinds of compromises of point-of-sale terminals (overlays, insides electroniclly modified, etc) comparable to some of the skimming/compromises documented for ATM machines
similar article from jan2002
https://www.garlic.com/~lynn/aepay10.htm#6 credit card & gift card fraud
above referenced article mentions that the kind of magstripe card skimming device was demonstrated at CalTech in the 60s.
others
https://www.garlic.com/~lynn/aepay6.htm#ccfraud latest credit scam puts plastic in peril ... is your credit card being cloned?
https://www.garlic.com/~lynn/aepay6.htm#ccfraud2 out of control credit card fraud
https://www.garlic.com/~lynn/aepay9.htm#risks credit card & gift card fraud
https://www.garlic.com/~lynn/aepay10.htm#41 ATM Scams - Whose Liability Is It, Anyway?
https://www.garlic.com/~lynn/aepay10.htm#44 Credit Card Skimming Rising In the US
https://www.garlic.com/~lynn/aepay11.htm#18 Hacker accesses 2.2 million credit cards
https://www.garlic.com/~lynn/aepay11.htm#22 FBI Probing Theft of 8 Million Credit Card Numbers
a little search engine for information about rates turns
up this for australia
http://www.moneybuddy.com.au/credit-cards/credit-card-security.html
that states that nearly half the credit card fraud is from magstripe "skimming" (either compromising the normal terminal with special recording and/or having dedicated device for additional swipes for the purpose).
previous post
https://www.garlic.com/~lynn/2007o.html#27 EZPass: Yes, Big Borther IS Watching You!
that found statistics where 1/3 of credit card fraud was from combination of "lost/stolen" card and "intercepted in post".
all kinds of "card-not-present" fraud is on the order of 1/6th to 1/5th of all credit card fraud. fraud from waiter doing manual copying of credit card information would be some limited part of card-not-present fraud.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Translation of IBM Basic Assembler to C? Newsgroups: alt.folklore.computers Date: Wed, 07 Nov 2007 07:59:11 -0500Howard S Shubs <howard@shubs.net> writes:
the referenced article has several statements about both paper checks and electronic checks
New Fed Pricing Expected to Spur Further Moves to Electronic Processing
http://www.digitaltransactions.net/newsstory.cfm?newsid=1572
another reference from above:
Over the past four years, the Fed has reduced the number of
check-processing sites from 45 to 19, and has plans to reduce that count
to four by early 2011.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: System 360 EBCDIC vs. ASCII Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Wed, 07 Nov 2007 09:12:30 -0500timothy.sipples@US.IBM.COM (Timothy Sipples) writes:
the base cp67 code had some stuff for dynamically determining the terminal type and "switching" the 2702 line scanner using the SAD command. so to remain consistent, i worked out a process to add TTY/ascii terminal support ... preserving the base cp67 dynamic terminal type determination. the univ. also was getting dial-up interface ... with base number that would roll-over to the first unused line. the idea that all terminals could dial in on the same phone number, regardless of type.
this "almost" worked ... but it turned out that they had taken some short cuts with 2702 implementation. the issue was that while SAD command would switch the line scanner ... but the short-cut was that the line-speed oscillator was hard-wired to each port. for hard-wired lines ... the appropriate terminal types was connected to the appropriate 2702 with the corresponding line-speed wired (and then cp67 could dynamically determine the correct terminal type and switch the line scanner as needed with the SAD command). However, this wouldn't work for dial-up lines with common dial-in pool ... where any terminal type might get connected to any 2702 port.
so somewhat because of this, the univ. decided to build our own clone
controller that would also be able to perform dynamic line-speed
determination. this involved reverse engineering the 360/67
multiplexor channel interface and building a channel interface board
for an Interdata/3 minicomputer (platform for implemented controller
clone). misc. past posts about the clone controller project
https://www.garlic.com/~lynn/submain.html#360pcm
i remember two "bugs" from the project.
one bug involved "red-lighting" the 360/67. the 360/67 had high-resolution timer that tic'ed at approx 13microsec. the timer had to update loc. 80 storage when it "tic'ed". If the timer tic'ed a 2nd time before the previous tic had been updated in storage (say because some channel/controller had obtained the storage bus and failed to release it for that perioid), the timer would force a red-light/machine check.
the other bug was initially getting ascii data into storage .. after running it thru standard ascii->ebcdic translation table, it was all garbage. we eventually figured out every byte was "bit-reversed" ... i.e. 2702 line-scanner would take leading bit off the line and store it in low-order bit position (in a byte ... reversing the order of bits off the line). the interdata/3 started out doing standard ascii taking leading bit off the line and storing it in the high-order bit in a byte. so initially, the ascii bytes was getting to 360/67 main memory in non-bit-reversed bytes and then being run through the standard 2702 ascii->ebcdic (bit-reversed) translation table.
this project got written up as the four of us being instrumental in starting the clone controller business.
of course, all the clone controller business was the major motivation
for the future system project ... lots of past posts
https://www.garlic.com/~lynn/submain.html#futuresys
including a few with this reference
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
from above:
IBM tried to react by launching a major project called the 'Future
System' (FS) in the early 1970's. The idea was to get so far ahead
that the competition would never be able to keep up, and to have such
a high level of integration that it would be impossible for
competitors to follow a compatible niche strategy. However, the
project failed because the objectives were too ambitious for the
available technology. Many of the ideas that were developed were
nevertheless adapted for later generations. Once IBM had acknowledged
this failure, it launched its 'box strategy', which called for
competitiveness with all the different types of compatible
sub-systems. But this proved to be difficult because of IBM's cost
structure and its R&D spending, and the strategy only resulted in a
partial narrowing of the price gap between IBM and its rivals
... snip ...
there has been various speculation that the extremely boroque characteristics of the pu4/pu5 (vtam/ncp) interface was result of "box strategy", following FS being killed.
The lack of attention to the 370 product line (because of the FS distraction) then appeared to provide openings for clone processor makers to gain traction. When FS was finally killed, there then was mad rush to get stuff back into the 370 hardware and software pipelines.
I was at the science center during the FS days ... and didn't endure myself to the participants by drawing some analogy between their activities and a cult film that had been playing down in central sq. for over a decade (while continuing to do work on cp67 and 370).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Real storage usage - a quick question Newsgroups: bit.listserv.ibm-main,alt.folklore.computers To: <ibm-main@bama.ua.edu> Date: Wed, 07 Nov 2007 10:44:19 -0500VeilleuxJL@AETNA.COM (Veilleux, Jon L) writes:
one of the things found in "clock" LRU-approximation that i had
originally done as undergraduate in the 60s
https://www.garlic.com/~lynn/subtopic.html#wsclock
was that if the interval between page resets started to exceed some limit, then there was little differention benefit of the reset activity ... least recently used tends to have some implicit dependencies on amount of "history" ... if the duration is too long ... then it lost much of its correlation being able to differentate between pages as to future page reference pattern.
however across a wide range of configurations and workloads in the 70s, "clock" LRU-approximation had the advantage of effectively being able to (usefully) dynamically adapt the interval. however with a lot of cp67 experimenting and also heavy use of storage reference traces and page replacement modeling ... it was possible to show that outside some useful operating range ... the use of LRU algorithms for differentiating/predicting future page reference behavior became less and less accurate. It was also possible to show that for very large memories ... that the overhead of repeatedly resetting page reference bits provided less benefit than any possible improvement in page replacement strategy.
we did do some experimenting at the science center attempting to recognize the operating region/environment across where clock LRU-approximated was beneficial ... and attempt to take some secondary measures/strategies when it was outside that operating region/environment.
one of the scenarios was that most LRU-approximation algorithms are measured against how well they performed vis-a-vis simulation that exactly implemented least-recently-used page ordering (measured in terms of total page faults for given workload and real storage size). "Good" approximations tended to come within 5-15 percent (total page faults) of "real" least-recently-used page ordering. We were able to find some page replacement variations that instead of being 5-15 percent worse/more (total page faults compared to simulated "real" least-recently-used page ordering), we were able to show 5-15 percent fewer total page faults.
the scenario was that in some configuration/workload scenarios, LRU-approximate could effectively cycle thru every page in real storage w/o finding a candidate ... and then take the first page it started with. Besides having a lot of processing overhead, this characteristic effectively degraded to FIFO page replacement (there are operating regions for LRU where it can degenerate to FIFO page replacement at the same time taking an extrodinary amount of processor overhead). our variation tended to recognize when operating in this configuration/workload region and effectively switched to RANDOM page replacement at very low processor overhead (and modeling showed that when not able to make any other differentiation between pages to be replaced ... RANDOM replacement makes better choice than FIFO, independent of the overhead issue).
In fact, the original cp67 delivered at the univ. last week jan68,
... also referenced here
https://www.garlic.com/~lynn/2007r.html#74 System 360 EBCDIC vs. ASCII
... effectively implemented something that tended to operate as FIFO replacement with purely software and didn't make use of the hardware reference bits. As undergraduate, I did the kernel algorithm and software changes to implement "clock" LRU-approximation page replacement ... taking advantage of page replacement bits. In this scenario ... with only on the order of 120 real "pageable pages" ... this reduced the time spent in page replacement selection (under relatively heavy load) from approx. 10 percent of total processor to effectively unmeasureable (and at the same time drastically improvement the quality of the replacement choice).