2007 Newsgroup postings (11/07 - 11/23) Lynn Wheeler

2007 Newsgroup Postings (11/07 - 11/23)

Marines look for a few less servers, via virtualization
Translation of IBM Basic Assembler to C?
Real storage usage - a quick question
OpenPGP becomes RFC4880. Consider Hypothesis #1: The One True Cipher Suite
Why do we think virtualization is new?
Poster of computer hardware events?
ATMs
ATMs
Anybody remember Keypunch cards?
Poster of computer hardware events?
Translation of IBM Basic Assembler to C?
Translation of IBM Basic Assembler to C?
Translation of IBM Basic Assembler to C?
The new urgency to fix online privacy
The new urgency to fix online privacy
The new urgency to fix online privacy
The new urgency to fix online privacy
Oddly good news week: Google announces a Caps library for Javascript
Oddly good news week: Google announces a Caps library for Javascript
Intel Ships Power-Efficient Penryn CPUs
Ellison Looks Back As Oracle Turns 30
Ellison Looks Back As Oracle Turns 30
America Competes spreads funds out
The new urgency to fix online privacy
[ClassicMainframes] multics source is now open
Translation of IBM Basic Assembler to C?
Oracle Introduces Oracle VM As It Leaps Into Virtualization
Oracle Introduces Oracle VM As It Leaps Into Virtualization
Translation of IBM Basic Assembler to C?
Intel Ships Power-Efficient Penryn CPUs
Intel Ships Power-Efficient Penryn CPUs
multics source is now open
Newsweek article--baby boomers and computers
Age of IBM VM
File sharing may lead to identity theft
Oracle Introduces Oracle VM As It Leaps Into Virtualization
Oracle Introduces Oracle VM As It Leaps Into Virtualization
2 byte interface
The new urgency to fix online privacy
CSA 'above the bar'
ongoing rush to the new, 40+ yr old virtual machine technology
Age of IBM VM
ongoing rush to the new, 40+ yr old virtual machine technology
Intel Ships Power-Efficient Penryn CPUs
"Server" processors for numbercrunching?
"Server" processors for numbercrunching?
"Server" processors for numbercrunching?
In The US, Email Is Only For Old People
ongoing rush to the new, 40+ yr old virtual machine technology
Hi all Need help in TCP/IP stack Rfcs
Running REXX program in a batch job
Translation of IBM Basic Assembler to C?
Translation of IBM Basic Assembler to C?
ongoing rush to the new, 40+ yr old virtual machine technology
ongoing rush to the new, 40+ yr old virtual machine technology
Translation of IBM Basic Assembler to C?
Translation of IBM Basic Assembler to C?
Intel Ships Power-Efficient Penryn CPUs
Translation of IBM Basic Assembler to C?
Translation of IBM Basic Assembler to C?
Translation of IBM Basic Assembler to C?
Translation of IBM Basic Assembler to C?
Translation of IBM Basic Assembler to C?
Newsweek article--baby boomers and computers
Is the media letting banks off the hook on payment card security
Translation of IBM Basic Assembler to C?
The new urgency to fix online privacy
Newsweek article--baby boomers and computers
Newsweek article--baby boomers and computers

Marines look for a few less servers, via virtualization

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Marines look for a few less servers, via virtualization
Newsgroups: alt.folklore.computers
Date: Wed, 07 Nov 2007 18:01:51 -0500

another example of the new, 40+ yr old technology

Marines look for a few less servers, via virtualization
http://www.networkworld.com/news/2007/111207-oracle-hypervisor.html

a couple more months and it will be 40yrs since i started working on virtual machines ... a couple recent references to cp67 being installed at the univ. last week of jan68.
https://www.garlic.com/~lynn/2007r.html#74 System 360 EBCDIC vs. ASCII
https://www.garlic.com/~lynn/2007r.html#75 Real storage usage - a quick question

other recent posts mentioning new, 40+ yr old technology
https://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#64 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#66 Off Topic But Concept should be Known To All
https://www.garlic.com/~lynn/2007n.html#27 What if phone company had developed Interne?
https://www.garlic.com/~lynn/2007n.html#30 How would a relational operating system look like?
https://www.garlic.com/~lynn/2007n.html#93 How old are you?
https://www.garlic.com/~lynn/2007o.html#31 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007o.html#36 It's No Secret: VMware to Develop Secure Systems for NSA
https://www.garlic.com/~lynn/2007o.html#38 It's No Secret: VMware to Develop Secure Systems for NSA
https://www.garlic.com/~lynn/2007o.html#39 It's No Secret: VMware to Develop Secure Systems for NSA
https://www.garlic.com/~lynn/2007p.html#28 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell
https://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
https://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
https://www.garlic.com/~lynn/2007q.html#49 Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
https://www.garlic.com/~lynn/2007q.html#59 Virtualization: Everybody's Doing It, but Few Know How
https://www.garlic.com/~lynn/2007q.html#64 Virtual Browsers: Disposable Security
https://www.garlic.com/~lynn/2007q.html#66 Direction of Stack Growth
https://www.garlic.com/~lynn/2007r.html#2 IBM System/3 & 3277-1
https://www.garlic.com/~lynn/2007r.html#42 New 'virtual IT job' could be very real
https://www.garlic.com/~lynn/2007r.html#47 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007r.html#48 Half a Century of Crappy Computing

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Thu, 08 Nov 2007 09:58:27 -0500

jmfbahciv writes:
But it is "protected" by a government instrument, not the banks'.

We have a law about the government guaranteeing reimbursement for $100K/account. The banks don't have to be held responsible.

financial institutions are required to contribute to fund that backs the guarantee, but it is really backed by taxes (and the people)

old, long winded, tome
https://www.garlic.com/~lynn/aepay3.htm#riskm Thread Between Risk Management and Information Security

mentions that variable rate loans nearly took citibank down in the 80s ... which resulted in them totally getting out of the mortgage business. recent reference
https://www.garlic.com/~lynn/2007r.html#60 Fixing our fraying Internet Infrastructure

the other item mentioned in the old, long winded, tome was that last incident involving mortgage market in the 80s resulted in an enormous bailout ... so large that it is carried offbooks ... since it would otherwise swamp the budget. the claim is that it is so large that it totally wipes out all real estate appreciation that occurred in the 70s and 80s.

it apparently ranked number one in terms of unfunded obligations ... at least until the recent round with medicare drug bill ... that comptroller general has railed about ... numbers claiming to possibly be something like four times larger than the real estate bailout from the 80s.

Real storage usage - a quick question

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Real storage usage - a quick question
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 08 Nov 2007 11:46:02 -0500

SKnutson@GEICO.COM (Knutson, Sam) writes:
You should have the PTFs for z/OS APAR OA17114 installed if you are using paged fixed buffers in DB2 V8. Not having it was one of the causes of a z/OS outage here when a DB2 DBA accidentally overcommitted storage to DB2.

aka application page fixed buffers ... allows applications to specify the "real addresses" in the channel program ... avoiding the dynamic channel program translation (creating a duplicate of the channel program passed by excp/svc0) and dynamic page fixing that otherwise has to occur on every i/o operations (however, it can eliminate pageable storage needed by the rest of system)

recent post mentioning difference between EXCP and EXCPVR (vis-a-vis channel program translation)
https://www.garlic.com/~lynn/2007q.html#8 GETMAIN/FREEMAIN and virtual storage backing up

other recent posts discussing dynamic channel program translation (in the initial translation from MVT to OS/VS2 supporting virtual memory, there was extensive borrowing of technology from cp67 CCWTRANS, channel program translation)
https://www.garlic.com/~lynn/2007e.html#19 Cycles per ASM instruction
https://www.garlic.com/~lynn/2007e.html#27 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007e.html#46 FBA rant
https://www.garlic.com/~lynn/2007f.html#0 FBA rant
https://www.garlic.com/~lynn/2007f.html#6 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007f.html#33 Historical curiosity question
https://www.garlic.com/~lynn/2007f.html#34 Historical curiosity question
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007n.html#35 IBM obsoleting mainframe hardware
https://www.garlic.com/~lynn/2007o.html#37 Each CPU usage
https://www.garlic.com/~lynn/2007o.html#41 Virtual Storage implementation
https://www.garlic.com/~lynn/2007p.html#69 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#70 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#72 A question for the Wheelers - Diagnose instruction
https://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'

OpenPGP becomes RFC4880. Consider Hypothesis #1: The One True Cipher Suite

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: OpenPGP becomes RFC4880. Consider Hypothesis #1: The One True Cipher Suite
Newsgroups: alt.folklore.computers
Date: Thu, 08 Nov 2007 12:09:39 -0500

OpenPGP becomes RFC4880. Consider Hypothesis #1: The One True Cipher Suite
https://financialcryptography.com/mt/archives/000983.html

from above:
Some good news: after a long hard decade, OpenPGP is now on standards track. That means that it is a standard, more or less, for the rest of us, and the IETF process will make it a "full standard" according to their own process in due course.

... snip ...

other reference

Hypothesis #1 -- The One True Cipher Suite
http://iang.org/ssl/h1_the_one_true_cipher_suite.html

and post i made this past weekend when RFC editors announcement for RFC 4880 went out
https://www.garlic.com/~lynn/2007r.html#49 How to tell a fake SSL certificate from a real one

also references numerous posts on certificate-less public key operation
https://www.garlic.com/~lynn/subpubkey.html#certless

as well as referencing email from 1981 describing certificate-less public key operation
https://www.garlic.com/~lynn/2006w.html#email810515

from this post last year
https://www.garlic.com/~lynn/2006w.html#12 more secure communication over the network

as well as mentioned here
https://www.garlic.com/~lynn/2007r.html#24 How to tell a fake SSL certificate from a real one

part of the issue was a lot of resistance to any sort of certificate-less operation in the ietf pkix contingent. some of the pkix backing of certificate-based PKI operation dates back to the early 90s in the days of x.509 identity digital certificates. this has been my observation that by the mid-90s, many institutions had realized that x.509 identity digital certificates, increasingly overloaded with excessive personal information, represented significant privacy and liability issues. as a result, there was many institutions that retrenched to relying-party-only certificates
https://www.garlic.com/~lynn/subpubkey.html#rpo

effectively containing some form of record locator (account number, userid, etc, where the necessary information was actually located) and a public key. however, it was trivial to demonstrate that

1) this apparently was attempting to recoup some of the massive investment that went into PKI-type deployments

2) the PKI/digital certificates were actually redundant and superfluous (aka the public key was frequently already in the same record with all the other information).

this shows up in the technical work (and patents) associated with account authority digital signature
https://www.garlic.com/~lynn/x959.html#aads

as well as in the x9.59 financial standard protocol.
https://www.garlic.com/~lynn/x959.html#x959

part of the orientation of x9.59 financial standard protocol was not just that the digital certificates were redundant and superfluous ... but that even the abbreviated relying-party-only digital certificates would represent adding one hundred times payload and processing bloat to existing payment transactions
https://www.garlic.com/~lynn/subpubkey.html#bloat

Why do we think virtualization is new?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Why do we think virtualization is new?
Newsgroups: alt.folklore.computers
Date: Thu, 08 Nov 2007 12:39:05 -0500

another item about the new, 40+ yr old technology

Why do we think virtualization is new?
http://www.regdeveloper.co.uk/2007/11/08/virtualization_not_new/

from above:
Those selling solutions, or more accurately, those marketing IT solutions often choose to make products sound new and exciting. Quite why they do so has often puzzled me since I, as a former IT manager, have always been highly skeptical of anything really new as it usually means trouble.

... snip ...

another recent virtualization item ... pushing some of the support down into BIOS ... getting more analogous to PR/SM and LPARs that appeared with 3090s in the 80s.

HyperSpace Aims to Open New OS Dimensions
http://www.linuxinsider.com/story/60214.html
Phoenix Intros Instant-On Laptop Tech
http://www.newsfactor.com/story.xhtml?story_id=0110014KTMI0
Phoenix Planning to Bypass Windows
http://www.techpowerup.com/?43771
Phoenix HyperSpace Bypasses Windows With Fast-Boot Technology
http://www.daylife.com/story/089l4RPgrhe1o/1?lead_article=101000000030464069
Phoenix Technologies' Hyperspace to Jumpstart 'PC 3.0'
http://www.ministryoftech.com/2007/11/05/pheonix-technologies-hyperspace-to-jumpstart-pc-30/

some amount of this involves virtual appliances ... which we started calling service virtual machines in the early 70s. misc. recent posts mentioning virtual appliances and/or service virtual machines
https://www.garlic.com/~lynn/2007i.html#21 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#36 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?

Poster of computer hardware events?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Poster of computer hardware events?
Newsgroups: alt.folklore.computers,bit.listserv.vmesa-l
Date: Fri, 09 Nov 2007 05:10:24 -0500

marty zimelis wrote:
Phil, Unless there was something else out there (a poster or whatever), that would have been me doing a riff in my VM Performance classes, first for Amdahl, then for Velocity. Your buddy's time frame is about right (15 years ago). I was attempting to emphasize the impact of an RPS miss (show of hands: who remembers what that was?) on response time.

The riff started by me "complaining" that I didn't have a good intuitive grasp of how fast CPUs were (tens of nanosecond cycle times at that point), so "let's slow down our timeframe and say a CPU cycle is one second. Then a page fault from Xstore is satisfied in [nn minutes], a DASD I/O satisfied from cache takes [mm hours] and one that has to go to the real disk takes [kk days]. An RPS miss adds [I think it was 16 hours] to that."

i had started making statements that disk relative system thruput had degraded by an order of magnitude over a period of yr (processors had gotten much faster than disks had gotten faster)

at some pt, somebody in gpd (disk division) took exception and assigned the gpd performance group to refute the statements. after several weeks, they effectively came back and said that i had understated the degradation because taking into account (the introduction of) RPS-miss actually made it worse.

they then put a different spin on the investigation and turned it into share presentation on recommendations to improve thruput ... past post with reference to SHARE 63 Presentation B874
https://www.garlic.com/~lynn/2002i.html#18 AS/400 and MVS - clarification please
https://www.garlic.com/~lynn/2006f.html#3 using 3390 mod-9s
https://www.garlic.com/~lynn/2006o.html#68 DASD Response Time (on antique 3390?)

part of this was when i had started doing dynamic adaptive resource management, i attempted to include (dynamic adaptive) scheduling to the bottleneck (as undergraduate in the 60s). in the 70s, bottlenecks started shifting from real storage to disk ... and you started seeing real storage being used more and more as "caching" ... either outboard in devices ... or by the system directly in processor storage (as means of attempting to compensate for disks growing system thruput bottleneck). misc. past posts mentioning resource manager
https://www.garlic.com/~lynn/subtopic.html#fairshare

somewhat a side investigation was that we had implemented disk record access trace and cache model in the late 70s. the cache model looked at all sorts of trade-offs based on actual disk record access traces (from a large number of different kinds of production environments)

one of the findings ... was given all other things being equal, one large common system cache was always better than partitioning the same amount of electronic storage out into channel-level, controller-level, and/or device-level caches (from cache efficiency standpoint). The counter forces have been that their have been limitations on total system memory, cost differential between different kinds of electronic storage, and/or processor overhead in managing system-level cache.

of course this somewhat supported the work that i had (also as undergraduate in the 60s) done on global LRU replacement algorithms vis-a-vis "local LRU" replacement algorithms (some work that was going on in the 60s about the same time i was working on global LRU replacement). misc. past posts mentioning replacement algorithms and cache management
https://www.garlic.com/~lynn/subtopic.html#wsclock

this even dragged me into a festish that brewed in the 80s over a stanford phd thesis on global LRU replacement (vis-a-vis local lru replacement).

i had done the global LRU replacement stuff that shipped in cp67 (and later vm370 when the resource manager reintroduced some cp67 technology back into vm370). the grenoble science center had done work on implementing local lru replacement for cp67 and published the results in cacm in the early 70s. The cp67 global LRU running on cambridge science center machine and the cp67 local lru running on grenoble science center machine were the only live, production comparisons.

and for lots more topic drift regarding replacement algorithms ... a couple recent posts
https://www.garlic.com/~lynn/2007r.html#65 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#75 Real storage usage - a quick question

ATMs

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ATMs
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 09 Nov 2007 05:33:55 -0500

R.Skorupka@BREMULTIBANK.COM.PL (R.S.) writes:
Yes, I can. AFAIK z/OS version is not popular one. I know *big* ATM installation which migrated from z/OS to NonStop. People from ACI claimed that most of their installtions are not on mainframe.

Timothy: I like mainframes, I have personal interest in mainframe business growth (at least survive), but I see no reason to be unhonest.

a reference from hp/nonstop

ACI's BASE24 on the NonStop server hits 40 billion transaction mark
http://www.hp.com/products1/24x7/strategic/aci.html

disclaimer ... we did some marketing against them when we were doing our ha/cmp product ... misc. past posts
https://www.garlic.com/~lynn/subtopic.html#hacmp

for even more drift, latest newsletter
http://www.tandemworld.net/newsletter%20nov07.htm

and in later life, even worked on some joint projects with ACI.

for instance AADS work
https://www.garlic.com/~lynn/x959.html#aads

nacha AADS rfi (submitted on our behalf, since were weren't nacha members)
https://www.garlic.com/~lynn/nacharfi.htm

involved modifying "pre-auth" capability in the EFT (debit) network switch

pilot results
https://web.archive.org/web/20020106102303/http://internetcouncil.nacha.org/Projects/ISAP_Results/ISAPresultsDocument-Final-2.PDF

ATMs

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ATMs
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 09 Nov 2007 05:49:16 -0500

timothy.sipples@US.IBM.COM (Timothy Sipples) writes:
It's an interesting bit of history that the first Tandem machine wasn't available until 1976, well after the first electronic ATM (1967) and lots of other ATMs. From what I've read the first networked ATM appeared in 1968, and the first "popular" ATM (i.e. same model placed into service by more than one bank) was the IBM 2984 starting in 1973. The IBM 2984 offered variable cash withdrawals and instantly deducted from your account, so it was 100% on-line -- 34 years ago. (I remember my father using our local bank's first ATM, newly installed, when I was a young child. It seemed like magic.) Presumably most if not all of these ATMs connected to IBM System/360s and /370s. Tandem came along after almost a decade of ATMs.

re:
https://www.garlic.com/~lynn/2007s.html#6 ATMs

early work was done at los gatos lab ... before i was spending any time there. however, i do remember people talking about having worked on the development. they had large supply of bills from numerous different countries ... which they kept in a locked vault in the basement (for testing with the machines during development). they also mentioned story about one of the early machines going in across the street from a fast food restaurant and kids feeding condiment packets into the card slot (one of the early bug fixes was countermeasure for such an attack).

old posts reference 2984
https://www.garlic.com/~lynn/2006q.html#5 Materiel and graft
https://www.garlic.com/~lynn/2006u.html#40 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006x.html#9 Plurals and language confusion
https://www.garlic.com/~lynn/2007l.html#47 My Dream PC -- Chip-Based

Anybody remember Keypunch cards?

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Anybody remember Keypunch cards?
Newsgroups: alt.folklore.computers
Date: Fri, 09 Nov 2007 05:56:52 -0500

Quadibloc <jsavard@ecn.ab.ca> writes:
But, as we know, IBM speaks of "direct access storage devices" when everybody else says "disk drives".

part of that is the "DASD" I/O architecture predates when disk drives came to dominate direct access storage devices

lots of past posts about getting to play disk engineer in bldgs. 14 & 15 ("dasd" engineering lab and "dasd" product test lab)
https://www.garlic.com/~lynn/subtopic.html#disk

and other posts about various issues with DASD I/O architecture
https://www.garlic.com/~lynn/submain.html#dasd

past posts mentioning patching punched "TXT" decks by duplicating card and "multi-punching" hex changes into the correct field (on 026 and later 029)
https://www.garlic.com/~lynn/93.html#17 unit record & other controllers
https://www.garlic.com/~lynn/2000f.html#75 Florida is in a 30 year flashback!
https://www.garlic.com/~lynn/2001b.html#26 HELP
https://www.garlic.com/~lynn/2001b.html#27 HELP
https://www.garlic.com/~lynn/2001k.html#27 Is anybody out there still writting BAL 370.
https://www.garlic.com/~lynn/2001k.html#28 Is anybody out there still writting BAL 370.
https://www.garlic.com/~lynn/2002k.html#63 OT (sort-of) - Does it take math skills to do data processing ?
https://www.garlic.com/~lynn/2004p.html#24 Systems software versus applications software definitions
https://www.garlic.com/~lynn/2005c.html#54 12-2-9 REP & 47F0
https://www.garlic.com/~lynn/2006c.html#17 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006g.html#43 Binder REP Cards (Was: What's the linkage editor really wants?)
https://www.garlic.com/~lynn/2006g.html#58 REP cards
https://www.garlic.com/~lynn/2006l.html#64 Large Computer Rescue
https://www.garlic.com/~lynn/2007d.html#51 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007f.html#78 What happened to the Teletype Corporation?
https://www.garlic.com/~lynn/2007q.html#69 IBM System/3 & 3277-1
https://www.garlic.com/~lynn/2007q.html#70 IBM System/3 & 3277-1

Poster of computer hardware events?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Poster of computer hardware events?
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 09 Nov 2007 10:33:25 -0500

DASDBill2@AOL.COM (, IBM Mainframe Discussion List) writes:
I made a mistake. A track not in the cache would take on the order of 20 milliseconds, so that would equate to 20 days instead of one day. A track already cached would result in an access time of one millisecond. If the 4K block can be found in a buffer somewhere in virtual storage inside the processor, it might take from 100 to 1000 instructions to find and access that data, which would equate to 100 to 1000 seconds, or roughly one to 17 minutes. And that assumes that the page containing the 4K block of data can be accessed without a page fault resulting in a page-in operation (another I/O), in which case we are back to several days to do the I/O.

By the way, it takes at least 5000 instructions in z/OS to start and finish one I/O operation, so you can add about two hours of overhead to perform the I/O that lasts for 20 days.

You really want to avoid doing an I/O if at all possible.

reply to comment about RPS-miss (in the vmesa-l flavor of this thread)
https://www.garlic.com/~lynn/2007s.html#5 Poster of computer hardware events?

i had been making comments over a period of yrs that disk relative system thruput had declined by an order of magnitude (i.e. disks were getting faster but processors were getting much faster, faster). this eventually led to somebody in the disk division (gpd) to assigning the gpd performance group to refute the statements. after several weeks they came back and effectively said that i had somewhat understated the disk relative system thruput degradation ... when RPS-miss was taken into account.

they then put a somewhat more positive spin on it and turned it into share 63 presentation b874 ... some past references:
https://www.garlic.com/~lynn/2002i.html#18 AS/400 and MVS - clarification please
https://www.garlic.com/~lynn/2006f.html#3 using 3390 mod-9s
https://www.garlic.com/~lynn/2006o.html#68 DASD Response Time (on antique 3390?)

one of the issues is does the 5k instruction pathlength roundtrip from EXCP (including channel program translation overhead) or roundtrip just after it has been passed to i/o supervisor???

for comparison numbers ... i had gotten cp67 total "roundtrip" for page fault down to approx. 500 instructions ... this included page fault handling, page replacement algorithm, a prorated fraction of page i/o write pathlength (which includes everything to start/finish i/o), total page i/o read pathlength (including full i/o supervisor), and two task switches thru dispatcher (one to switch to somebody else, waiting on the page fault to finish and another to switch back after the page i/o read finishes). to get it to 500 instructions involved touch almost every piece of code involved in all of the operations.

I believe the "5000" instruction number was one of the reasons that 3090 expanded store was a synchronous instruction (since the asynchronous overhead and all related gorp in mvs was so large).

earlier, there had been some number of "electronic" 2305 paging device deployed at internal datacenters ... referred to as "1655" model (from an outside vendor). these involved effectively low latency but limited to channel transfer and cost whatever the asynchronous processing overhead.

the 3090 expanded store was done because of physical packaging issues ... but later when physical packaging was no longer an issue ... there were periodic discussions about configuring portions of regular memory as simulated expanded store ... to compensate for various shortcomings in page replacement algorithms.

with regard to the cp67 "500" instruction number vis-a-vis MVS ... i would periodically take some heat regarding MVS having much more robust error recovery as part of the 5000 number (even tho the 500 number was doing significantly more). so later when i was getting to play in bldgs 14 & 15 (dasd engineering lab and dasd product test lab), i had opportunity to rewrite vm370 i/o supervisor. the labs in bldg. 14&15 were running processor "stand-alone" testing for the dasd/controller "testcells" (one at a time). They had tried doing this under MVS but had experienced 15min MTBF (system crashing and/or hanging with just a single testcell). I undertook to completely rewrite i/o supervisor to make it absolutely bullet proof, allowing concurrent testcell operation in operating system environment. lots of past posts mentioning getting to play disk engineer
https://www.garlic.com/~lynn/subtopic.html#disk

some old postings about comparisons of degradation of disk relative system thruput. the claim was that doing similar type of cms workload ... in going from cp67 on 360/67 with 80 users to vm370 on 3081 ... it should have shown an increase to several thousand online uses ... instead of increase to 300 or so online users. The increase in online users is roughly the change in disk system thruput ... as opposed to difference in processor thruput
https://www.garlic.com/~lynn/93.html#31 Big I/O or Kicking the Mainframe out the Door
https://www.garlic.com/~lynn/94.html#43 Bloat, elegance, simplicity and other irrelevant concepts
https://www.garlic.com/~lynn/94.html#55 How Do the Old Mainframes Compare to Today's Micros?
https://www.garlic.com/~lynn/95.html#10 Virtual Memory (A return to the past?)
https://www.garlic.com/~lynn/98.html#46 The god old days(???)
https://www.garlic.com/~lynn/99.html#4 IBM S/360
https://www.garlic.com/~lynn/2001d.html#66 Pentium 4 Prefetch engine?
https://www.garlic.com/~lynn/2001f.html#62 any 70's era supercomputers that ran as slow as today's supercomputers?
https://www.garlic.com/~lynn/2001l.html#40 MVS History (all parts)
https://www.garlic.com/~lynn/2001l.html#61 MVS History (all parts)
https://www.garlic.com/~lynn/2001m.html#23 Smallest Storage Capacity Hard Disk?
https://www.garlic.com/~lynn/2002.html#5 index searching
https://www.garlic.com/~lynn/2002b.html#11 Microcode? (& index searching)
https://www.garlic.com/~lynn/2002b.html#20 index searching
https://www.garlic.com/~lynn/2002e.html#8 What are some impressive page rates?
https://www.garlic.com/~lynn/2002e.html#9 What are some impressive page rates?
https://www.garlic.com/~lynn/2004p.html#39 100% CPU is not always bad

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Sat, 10 Nov 2007 11:32:13 -0500

re:
https://www.garlic.com/~lynn/2007r.html#72 Translation of IBM Basic Assembler to C?

New ATM security measures tackle growing rates of fraud
http://www.atmmarketplace.com/article.php?id=9386
Diebold releases ATM card-skimming-detection tech
http://www.atmmarketplace.com/article.php?id=9390

part of the issue is growing sophistication of skimming attacks, where attackers have compromised (and/or replaced) a valid card accepting device (atm machine, point-of-sale terminal) to record complete magstripe. misc. past posts mentioning harvesting for fraudulent purposes
https://www.garlic.com/~lynn/subintegrity.html#harvest

the attackers than are looking at 1) avoiding being identified and 2) avoiding having the compromised device being identified.

the skimmed information (from compromised devices) are used to create counterfeit cards (which are then used for fraudulent transactions). however, the attackers may go to great lengths to avoid usage patterns that might result identifying the original compromised device(s) (and shutting them down as source of continued information)

some of the device skimming compromises include wireless &/or internet harvesting techniques ...aka there is local recording storage inside the device and the recordings can be harvested via wireless (or internet) techniques ... as countermeasure to a suspect device being under surveillance.

all of this is long way from the sterotype armed robbers.

one of the other scenarios is in the period (from the 90s) that we were working on x9.59 financial industry standard
https://www.garlic.com/~lynn/x959.html#x959

and aads chip strawman
https://www.garlic.com/~lynn/x959.html#aads

there were other efforts to address fraudulent payment transactions. one involved a chipcard that was strongly oriented towards countermeasure against lost/stolen cards. however, it was still vulnerable to skimming attacks i.e. the chipcard was shown to be highly resistant to crooks in possession of a lost/stolen card. however, the card was still vulnerable to the growing incidents of skimming attacks (enabling a counterfeit chipcard to be created)

the confidence in the integrity of this chipcard was such that terminal/device interface was changed so that once a terminal believed it was dealing with a valid chipcard, the terminal would follow instructions from the chipcard.

now one of the fraud countermeasures in the current electronic payment environment is that with online transactions, the account can be flagged and new transactions not approved.

the terminal/chipcard interface change would have the terminal asking the chipcard 1) has the correct PIN been entered, 2) should the transaction be offline, and (if answered to #2 is YES) 3) is the transaction within the card's credit limit. This new class of counterfeit chipcards got the label YES CARD ... i.e. the crooks would program the counterfeit chipcard to always answer "YES" to all three questions
https://www.garlic.com/~lynn/subintegrity.html#yescard

Because of terminal relying on (potential counterfeit) chipcard for replies to all three questions, the attacker didn't even need to know the correct pin and since the transactions would always offline ... flagging the account (as in online transactions) was no longer effective. The skimming attack on terminal/devices was essentially identical to what was already being used for magstripe card skimming.

There were some number of other fraud countermeasures built into the (YES CARD) infrastructure for lost/stolen cards ... but the crooks would program the counterfeit cards to disregard them.

past posts mentioning criminal compromised device skimming activity (and getting more sophisticated)
https://www.garlic.com/~lynn/aepay10.htm#5 I-P: WHY I LOVE BIOMETRICS BY DOROTHY E. DENNING
https://www.garlic.com/~lynn/aepay10.htm#41 ATM Scams - Whose Liability Is It, Anyway?
https://www.garlic.com/~lynn/aadsm19.htm#38 massive data theft at MasterCard processor
https://www.garlic.com/~lynn/aadsm19.htm#46 the limits of crypto and authentication
https://www.garlic.com/~lynn/aadsm19.htm#47 the limits of crypto and authentication
https://www.garlic.com/~lynn/aadsm22.htm#44 Creativity and security
https://www.garlic.com/~lynn/aadsm22.htm#45 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
https://www.garlic.com/~lynn/aadsm22.htm#46 Court rules email addresses are not signatures, and signs death warrant for Digital Signatures
https://www.garlic.com/~lynn/aadsm23.htm#30 Petrol firm suspends chip-and-pin
https://www.garlic.com/~lynn/aadsm23.htm#34 Chip-and-Pin terminals were replaced by "repairworkers"?
https://www.garlic.com/~lynn/aadsm25.htm#8 smart cards with displays - at last!
https://www.garlic.com/~lynn/aadsm27.htm#32 The bank fraud blame game
https://www.garlic.com/~lynn/2001k.html#1 Are client certificates really secure?
https://www.garlic.com/~lynn/2002g.html#72 Biometrics not yet good enough?
https://www.garlic.com/~lynn/2002p.html#9 Cirtificate Authorities 'CAs', how curruptable are they to
https://www.garlic.com/~lynn/2004j.html#14 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
https://www.garlic.com/~lynn/2005g.html#41 Maximum RAM and ROM for smartcards
https://www.garlic.com/~lynn/2005i.html#50 XOR passphrase with a constant
https://www.garlic.com/~lynn/2005m.html#37 public key authentication
https://www.garlic.com/~lynn/2005o.html#42 Catch22. If you cannot legally be forced to sign a document etc - Tax Declaration etc etc etc
https://www.garlic.com/~lynn/2005u.html#31 AMD to leave x86 behind?
https://www.garlic.com/~lynn/2005u.html#33 PGP Lame question

Translation of IBM Basic Assembler to C?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Sat, 10 Nov 2007 14:43:25 -0500

Anne & Lynn Wheeler <lynn@garlic.com> writes:
the terminal/chipcard change would have the terminal asking the chipcard 1) has the correct PIN been entered, 2) should the transaction be offline, and (if answered to #2 is YES) 3) is the transaction within the card's credit limit. The new class of counterfeit chipcards got the label YES CARD ... i.e. the crooks would program the counterfeit chipcard to always answer YES to all three questions
https://www.garlic.com/~lynn/subintegrity.html#yescard

re:
https://www.garlic.com/~lynn/2007r.html#72 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#10 Translation of IBM Basic Assembler to C?

earlier in this decade ... something like million plus such (valid) cards had a deployment. when the YES CARD attack was explained (dating back to the previous decade), the response was that they would make sure that the (valid) issued cards would never answer YES to question about doing offline transaction ... i.e. the transactions would always be done online, and therefor the "flagged" account countermeasure would be able to prevent/limit possibly fraudulent transactions.

a possible problem or characteristic was that the individuals involved were so chipcard myopic that they didn't comprehend that the YES CARD attack is not against a valid card (which had been designed to have high resistance to lost/stolen card vulnerabilities). in effect, the YES CARD attack is against the card-accepting terminals (and the rest of the infrastructure), not against valid cards.

if there hasn't been end-to-end threat and vulnerability analysis and/or if the myopic focus is purely concentrated on attacks against valid cards, then other kinds of things can be left wide-open. in this case, the YES CARD attack took advantage of the apparent myopic focus on the (valid) chipcards ... to also be able to get around the "account flagging" fraud countermeasure (for online transactions), which has worked well against limiting the total amount of fraud that might be mounted against any specific account.

a general characteristic of these kinds of skimming attacks and resulting counterfeit card fraudulent transactions ... have been that the fraudulent transactions would tend to be done as far away as possible from the compromised, skimming device (avoid casting suspicion on the compromised, skimming device and therefor limiting its ongoing usefullness).

Translation of IBM Basic Assembler to C?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Sat, 10 Nov 2007 15:04:21 -0500

"Charlie Gibbs" <cgibbs@kltpzyxm.invalid> writes:
A local scheme combined a skimmer with a camera mounted in the ceiling to record PIN keystrokes (the unit was firmly attached to the counter in the optimum position for the camera to view it). At the time of the bust, the operators had 7000 fake cards, neatly filed with corresponding PINs, ready to go.

re:
https://www.garlic.com/~lynn/2007r.html#72 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#10 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#11 Translation of IBM Basic Assembler to C?

one of the issues with the whole shared-secret paradigm
https://www.garlic.com/~lynn/subintegrity.html#secrets

is that standard security practice is that every unique security domain requires a unique shared-secret (as countermeasure to cross-domain attacks, say local garage ISP with highschool employees and online banking or large employer).

from the 3-factor authentication paradigm
https://www.garlic.com/~lynn/subintegrity.html#3factor

something you have
something you know
something you are

PINs, passwords, and other shared-secrets are a form of something you know authentication. futhermore, multi-factor authentication (like both a card and a PIN) is considered more secure, assuming that the different factors are subject to different kinds of threats/compromises.

however, the proliferation of shared-secret authentication has overloaded standard human factors ... potentially facing having to deal with large tens or maybe hundreds of shared-secrets, the prevailing human response is to start recording the numerous values (no longer being able to remember all the something you know values). this shows up in studies of card-based implementations with accompanying PINs, where something like 1/3rd of the cards have the corresponding PINs written on them.

the other characteristic is that the various skimming attacks (of valid transactions) can represent a common threat/vulnerability against PIN-based card operation (negating assumptions about th security strength of multi-factor authentication), i.e. all the information to perform a fraudulent transaction can be gathered at one time.

however, this wasn't even necessary in the YES CARD scenario. The standard valid card requiring a pin (assuming the PIN hasn't been written on the card) is a countermeasure to lost/stolen card. However, in the YES CARD skimming, it wasn't even necessary to record the valid pin ... since the terminals would accept the counterfeit YES CARD telling them that YES, the PIN was valid (regardless of what was entered).
https://www.garlic.com/~lynn/subintegrity.html#yescard

The new urgency to fix online privacy

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The new urgency to fix online privacy
Newsgroups: alt.folklore.computers
Date: Sat, 10 Nov 2007 15:45:54 -0500

Steve O'Hara-Smith <steveo@eircom.net> writes:
Well yes - but an effect similar to Heisenburg applies to this. You may find out that the account was good for $1000 - but you have now eaten that and cannot tell how much is left until it says no. You can of course start high and work down - but velocity checks in the authorisation system will spot you before many iterations.

long ago and far away ... one of the fraud patterns for lost/stolen card was $5 at selfserve gas pump followed within 20mins with $100+ athletic shoes ... the selfserv gaspump was low vulnerability quick getaway to see if the account for the lost/stolen card had already been flagged.

the account flagging countermeasure works a lot better in the lost/stolen card scenario than the skimming scenario ... in the skimming scenario, something lost might not be realized until the next statement (the loss tends to be reported a lot earlier in lost/stolen case, so the possible fraud interval is greatly shortened).

avg. debit card skimming losses have been pegged up around $1000/account (in part because there may be longer delay before reporting suspicious activity)

recent related posts mentioning account flagging applicable to online transactions ... however has little effect on offline transactions
https://www.garlic.com/~lynn/2007r.html#72 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#10 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#11 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#12 Translation of IBM Basic Assembler to C?

The new urgency to fix online privacy

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The new urgency to fix online privacy
Newsgroups: alt.folklore.computers
Date: Sat, 10 Nov 2007 16:45:26 -0500

Privacy Vs. Personalization: Can Advertisers Ward Off Looming Threat Of Do Not Track List
http://www.informationweek.com/management/showArticle.jhtml?articleID=197004973

... from above
It's time to give consumers a say over all that data being collecting on them. Otherwise, a Do Not Track list--or worse--could be in the future.

... snip ...

other posts in this thread:
https://www.garlic.com/~lynn/2007r.html#26 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#29 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#54 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#61 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#66 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#71 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007s.html#13 The new urgency to fix online privacy

The new urgency to fix online privacy

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The new urgency to fix online privacy
Newsgroups: alt.folklore.computers
Date: Sat, 10 Nov 2007 19:44:49 -0500

Steve O'Hara-Smith <steveo@eircom.net> writes:
[1] authorisation rather than reservation is the term used by the processing organisations I've worked with.

there is even institutionalized $1 auth ... i.e. authorization does reduce the available credit, however the $1 auths aren't settled ... so it never shows on statement ... and the auth eventually expires and available credit goes back up.

misc. past posts mentioning $1 auth uses
https://www.garlic.com/~lynn/aepay3.htm#x959risk2 Risk Management in AA / draft X9.59
https://www.garlic.com/~lynn/aepay6.htm#dspki5 use of digital signatures and PKI (addenda)
https://www.garlic.com/~lynn/aadsm9.htm#cfppki4 CFP: PKI research workshop
https://www.garlic.com/~lynn/aepay11.htm#70 Confusing Authentication and Identiification? (addenda)
https://www.garlic.com/~lynn/aadsm12.htm#41 I-D ACTION:draft-ietf-pkix-sim-00.txt
https://www.garlic.com/~lynn/aadsm12.htm#54 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication
https://www.garlic.com/~lynn/2003h.html#18 Authentication protocol
https://www.garlic.com/~lynn/2003h.html#23 Authentication protocol

on the internet, some organizations would set up authentication operations based on once having done a $1 auth.

there was some work on "FAST" (financial authenticated secure transaction) standard in FSTC, using the same ISO8583 "rails" to perform authentication transactions for matters other than money (in part because some of the internet organizations having leveraged a business off $1 auths). misc. past posts mentioning FAST
https://www.garlic.com/~lynn/ansiepay.htm#privacy more on privacy
https://www.garlic.com/~lynn/ansiepay.htm#x959demo X9.59/AADS demos operational
https://www.garlic.com/~lynn/aadsmore.htm#x959demo AADS & X9.59 demos at BAI (annual world-wide retail banking) show in miami next week
https://www.garlic.com/~lynn/aepay6.htm#userauth MS masters NC mind-set (authentication is the key)
https://www.garlic.com/~lynn/aadsm9.htm#cfppki3 CFP: PKI research workshop
https://www.garlic.com/~lynn/aadsm9.htm#cfppki4 CFP: PKI research workshop
https://www.garlic.com/~lynn/aepay10.htm#8 FSTC to Validate WAP 1.2.1 Specification for Mobile Commerce
https://www.garlic.com/~lynn/aepay10.htm#31 some certification & authentication landscape summary from recent threads
https://www.garlic.com/~lynn/aepay11.htm#58 PKI's not working
https://www.garlic.com/~lynn/aepay11.htm#66 Confusing Authentication and Identiification?
https://www.garlic.com/~lynn/aepay11.htm#67 Confusing Authentication and Identiification?
https://www.garlic.com/~lynn/aepay11.htm#70 Confusing Authentication and Identiification? (addenda)
https://www.garlic.com/~lynn/aadsm11.htm#40 ALARMED ... Only Mostly Dead ... RIP PKI ... part II
https://www.garlic.com/~lynn/aadsm11.htm#42 ALARMED ... Only Mostly Dead ... RIP PKI ... part III
https://www.garlic.com/~lynn/aadsm12.htm#3 [3d-secure] NEWS: 3D-Secure and Passport
https://www.garlic.com/~lynn/aadsm12.htm#39 Identification = Payment Transaction?
https://www.garlic.com/~lynn/aadsm12.htm#41 I-D ACTION:draft-ietf-pkix-sim-00.txt
https://www.garlic.com/~lynn/aadsm12.htm#54 TTPs & AADS Was: First Data Unit Says It's Untangling Authentication
https://www.garlic.com/~lynn/aadsm16.htm#5 DOD prepares for credentialing pilot
https://www.garlic.com/~lynn/aadsm17.htm#19 PKI International Consortium
https://www.garlic.com/~lynn/aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
https://www.garlic.com/~lynn/aadsm26.htm#29 News.com: IBM donates new privacy tool to open-source Higgins
https://www.garlic.com/~lynn/99.html#171 checks (was S/390 on PowerPC?)
https://www.garlic.com/~lynn/99.html#216 Ask about Certification-less Public Key
https://www.garlic.com/~lynn/99.html#217 AADS/X9.59 demo & standards at BAI (world-wide retail banking) show
https://www.garlic.com/~lynn/2005l.html#36 More Phishing scams, still no SSL being used
https://www.garlic.com/~lynn/2005l.html#37 More Phishing scams, still no SSL being used
https://www.garlic.com/~lynn/2005l.html#42 More Phishing scams, still no SSL being used
https://www.garlic.com/~lynn/2007d.html#10 The logic of privacy
https://www.garlic.com/~lynn/2007d.html#12 One Time Identification, a request for comments/testing

The new urgency to fix online privacy

Refed: **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The new urgency to fix online privacy
Newsgroups: alt.folklore.computers
Date: Sun, 11 Nov 2007 10:07:27 -0500

Anne & Lynn Wheeler <lynn@garlic.com> writes:
we had also been called in to help wordsmith the cal. state electronic signature law ... and then the fed. electronic signature law
https://www.garlic.com/~lynn/subpubkey.html#signature

some of the other organizations that were participating in the electronic signature legislation were also involved in the data breach and security breach disclosure legislation effort and had done detailed consumer surveys and studies related to that effort. the primary concerns that were raised with regard to personal information disclosure was 1) enabling fraud and 2) could be used by organization and institutions for denial of service.

a lot of churn and swirl around privacy frequently fails to establish any priority or ranking as to different kinds of threats and vulnerabilities related to different kinds of personal information disclosure.

re:
https://www.garlic.com/~lynn/2007r.html#61 The new urgency to fix online privacy

After the Data Breach: Navigating State Disclosure Laws
http://www.ecommercetimes.com/story/60257.html

from above:
Large or small, companies should plan ahead to lessen the burden of notification in the event of a data breach. "Encryption is the single most effective way to avoid the negative business impact of data breaches," says Robert Scott, managing partner at the Dallas office of Scott & Scott, a law and IT services firm.

... snip ...

and as per the x9.59 financial standard references
https://www.garlic.com/~lynn/x959.html#x959

we had taken a slightly different approach in the mid-90s ... recognizing that there was diametrically opposing requirements for account transaction related data (needing to be both readily available and at the same time, kept confidential and never divulged to anybody) ... the approach was to drastically reduce the threats and exploits associated with the most common data breaches (i.e. make the information useless to attackers for the purposes of performing fraudulent transactions).

this was the basis of the periodic comment (regarding account transaction data) that even if the planet was buried under miles of information hiding encryption, it still couldn't prevent the information leakage.

this is also the basis behind thread about naked transaction metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments

about the impossible task of providing complete end-to-end infrastructure coverage to protect naked transactions

other recent posts related to this theme
https://www.garlic.com/~lynn/2007r.html#26 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#29 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#30 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#54 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#55 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007r.html#61 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#63 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007r.html#66 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#71 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#73 Translation of IBM Basic Assembler to C?

misc. past posts with comment about attempts to bury the planet under miles of encryption
https://www.garlic.com/~lynn/aadsm25.htm#24 DDA cards may address the UK Chip&Pin woes
https://www.garlic.com/~lynn/aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
https://www.garlic.com/~lynn/2005v.html#2 ABN Tape - Found
https://www.garlic.com/~lynn/2006e.html#44 Does the Data Protection Act of 2005 Make Sense
https://www.garlic.com/~lynn/2006k.html#5 Value of an old IBM PS/2 CL57 SX Laptop
https://www.garlic.com/~lynn/2006k.html#18 Value of an old IBM PS/2 CL57 SX Laptop
https://www.garlic.com/~lynn/2006y.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007i.html#65 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007o.html#5 The Unexpected Fact about the First Computer Programmer
https://www.garlic.com/~lynn/2007o.html#28 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007r.html#21 Is the media letting banks off the hook on payment card security

Oddly good news week: Google announces a Caps library for Javascript

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Oddly good news week: Google announces a Caps library for Javascript
Newsgroups: alt.folklore.computers
Date: Sun, 11 Nov 2007 10:47:11 -0500

Oddly good news week: Google announces a Caps library for Javascript
https://financialcryptography.com/mt/archives/000984.html

from above:
It is heavily challenged in the practical world in two respects: the (human) language is opaque and the ideas are simply not widely deployed. Consider this personal example: I spent many years trying to figure out what caps really was, only to eventually discover that it was what I was doing all along with nymous keys. The same thing happens to most senior FC architects and systems developments, as they end up re-inventing caps without knowing it: SSH, Skype, Lynn's x95.9, and Hushmail all have travelled the same path as Gary Howland's nymous design. There's no patent on this stuff, but maybe there should have been, to knock over the ivory tower.

... snip ...

some earlier work on capability based infrastructure was the Gnosis done starting in the 70s by Tymshare. Tymshare had a vm370-based commercial, online timesharing system
https://www.garlic.com/~lynn/submain.html#timeshare

When Tymshare was bought by M/D, Gnosis was spun off as KeyKOS (disclaimer, I was brought in to audit Gnosis as part of the spin-off). Other trivia, M/D sold off Tymshare's TYMNET to B/T.

KeyKOS Documentation webpage
http://www.agorics.com/Library/keykosindex.html

other efforts that grew out of KeyKOS:

EROS: The Extremely Reliable Operating System
http://www.eros-os.org/

CapROS: The Capability-based Reliable Operating System
http://www.capros.org/

which has this reference back to KeyKOS
http://cap-lore.com/CapTheory/upenn/

The Coyotos Secure Operating System
http://www.coyotos.org/

from Coyotos history page ...
Coyotos is the successor to the EROS system, which is in turn the successor to the KeyKOS system. Since the system inherits 30 years of prior research and development history, it seems appropriate to briefly describe some of that history and the prople who contributed to it.

... snip ...

more from Coyotos history page ...
My own contact with this work came in 1990. As a co-founder of HaL computer systems, I became involved in evaluating various operating system platforms for use by HaL. In 1990, UNIX robustness wasn't great, and we hoped to find something that would be largely operator free and highly robust. Key Logic made a presentation to us about KeyKOS. For reasons that were largely political, HaL decided not to gamble on KeyKOS, but I became convinced that KeyKOS offered something worthwhile.

... snip ...

for other trivia, the "H" in "HaL" had been head of the austin workstation division (in an earlier life, for a time, I had been his only direct report) and the "L" had come from SUN.

there use to be a joke in the valley that there were only 200 people in the business ... they kept moving around, so it just appeared like there were more.

Oddly good news week: Google announces a Caps library for Javascript

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Oddly good news week: Google announces a Caps library for Javascript
Newsgroups: alt.folklore.computers
Date: Mon, 12 Nov 2007 05:11:30 -0500

re:
https://www.garlic.com/~lynn/2007s.html#17 Oddly good news week: Google announces a Caps library for Javascript
https://www.garlic.com/~lynn/aadsm27.htm#63 Oddly good news week: Google announces a Caps library for Javascript

aka
https://financialcryptography.com/mt/archives/000984.html

also from above:
Which all creates 3 views;

1. low security, which is characterised by the coolness world of PHP and Linux: shove any package in and smoke it. 2. medium security, characterised by banks deploying huge numbers of enterprise apps that are all at some point secure as long as the bits around them are secure. 3. high security, where the applications are engineered for security, from ground up.

The Internet as a whole is stalled at the 2nd level, and everyone is madly busy fixing security bugs and deploying tools with the word "security" in them. Breaking through the glass ceiling and getting up to high security requires deep changes, and any sign of life in that direction is welcome. Well done Google.

... snip ...

somewhat related
https://www.garlic.com/~lynn/2007r.html#45 Translation of IBM Basic Assembler to C?

mentioning personal computer heritage is stand-alone machine, where numerous applications were accustomed to taking over the whole machine.

now a recent article with slightly different perspective

Microsoft not letting the door hit former employees on their way to Google
http://valleywag.com/tech/exits/microsoft-not-letting-the-door-hit-former-employees-on-their-way-to-google-320493.php
Microsoft's Treatment of Google Defectors
http://slashdot.org/articles/07/11/11/1341256.shtml

from above:
Anyone leaving Redmond for the search leader is a threat. Not because they'll scurry around collecting company secrets — as if Google's interested in Microsoft's '90s-era technologies. Departing employees, however, might tell other 'Softies how much better Google is.

... snip ...

Oddly reminds me of the jan96 microsoft developer's forum at moscone ... while the internet was mentioned ... the theme was all about protecting the developers' (enormous) investment (in visual basic). a couple past posts mentioning the conference theme:
https://www.garlic.com/~lynn/2004k.html#32 Frontiernet insists on being my firewall
https://www.garlic.com/~lynn/2004l.html#51 Specifying all biz rules in relational data

for a little more topic drift, lots of past posts related to assurance
https://www.garlic.com/~lynn/subintegrity.html#assurance

and for other drift ... lots of past posts about internet
https://www.garlic.com/~lynn/subnetwork.html#internet

where tcp/ip has been the technical basis, nsfnet backbone was the operational basis and cix was the business basis. post mentioning nsfnet backbone
https://www.garlic.com/~lynn/subnetwork.html#nsfnet

and old email related to the subject
https://www.garlic.com/~lynn/lhwemail.html#nsfnet

Intel Ships Power-Efficient Penryn CPUs

Refed: **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Intel Ships Power-Efficient Penryn CPUs
Newsgroups: alt.folklore.computers
Date: Mon, 12 Nov 2007 05:28:11 -0500

more of the new 40+ yr old technology

Intel Ships Power-Efficient Penryn CPUs
http://www.pcworld.com/article/id,139511-c,intel/article.html

listed features included from the above ...
Hardware enhancements allow virtual machines to load up to 75 percent faster, Smith said.

... snip ...

Ellison Looks Back As Oracle Turns 30

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject:  Ellison Looks Back As Oracle Turns 30
Newsgroups: alt.folklore.computers
Date: Mon, 12 Nov 2007 06:09:30 -0500

folklore tidbit

Ellison Looks Back As Oracle Turns 30
http://www.crn.com/software/202804935

tidbits from above:
With Oracle likely to sell more than $18 billion in software this year, it's hard to believe the world's second-largest software company in its infancy in 1977 had $2,000 pooled by its four founders. And its first "CFO" was the accounting student who delivered pizzas to the startup.

... snip ...

other historical tidbits, postings on original rdbms/sql ... system/r
https://www.garlic.com/~lynn/submain.html#systemr

and old reference to meeting on oracle supporting ha/cmp scale-up
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#16

for other topic drift, old email on ha/cmp scale-up
https://www.garlic.com/~lynn/lhwemail.html#medusa

another historical site on early RDBMS and SQL

The 1995 SQL Reunion: People, Projects, and Politics
http://www.mcjones.org/System_R/SQL_Reunion_95/index.html

specific discussion of Oracle from above
http://www.mcjones.org/System_R/SQL_Reunion_95/sqlr95-Oracle.html

from above (speaking of oracle running on pdp-11):
Mike Blasgen: I don't remember; probably 1979 or 1980. The thing that impressed me the most was that it ran on a little PDP-11. The machine looked to be the size of a carton of cigarettes. It must have been an LSI-11 version of the machine, if my recollection of the size is correct. And System R at the time in most of our joint studies and at IBM was running on 168s. Now a 168 is only maybe the power of a 486DX2 or something, but the fact of the matter is it was a huge machine which would probably not fit in this room.

... snip ...

another interesting tidbut from above:
Roger Bamford: ... At the time that I joined they were embarking on this portability strategy, which actually made a lot of sense, because hardware was expensive in 1984, and by making the software portable, you could essentially commoditize hardware. Which is what Oracle did, and that created a lot of revenue potential for Oracle, because they got back the money that the customers were saving by going to open systems.

... snip ...

for other topic drift (also from above):
Brad Wade: Well, when was Ted Codd made an IBM Fellow?

Mike Blasgen: 1976.

Brad Wade: I remember the reception they had for him in the Building 28 Cafeteria. At that time he said, "It's the first time that I recall of someone being made an IBM Fellow for someone else's product." It was Oracle's.

... snip ...

It could have also been reference to MULTICS Relational Data Store (first commercial relational database product):
https://www.multicians.org/mgm.html#MRDS

for true topic drift ... the above makes reference to "unbundled"
https://www.multicians.org/mgu.html#unbundled

from above:
unbundled

Costs extra. Some Multics software was not "bundled" with the hardware purchase, but instead had an additional charge. Typically there would be several prices: a large amount for a one-time paid-up license, or an initial fee and then a monthly license charge. This practice, of unbundling software and leasing it to the customer for a monthly fee, was introduced by IBM about 1970, and represented a radical shift in computer finance. Multics took to it reluctantly. It led to complications, since we had to avoid dependencies from standard software on unbundled products: for example, we couldn't use MRDS to store accounting data and produce reports. Unbundled software was stored in >system_library_unbundled, also called >unb.

... snip ...

aka unbundling announcement 23jun69 ... lots of past posts mentioning unbundling
https://www.garlic.com/~lynn/submain.html#unbundle

including getting involved in dependencies between standard software on "unbundled products" ... when I release my resource manager (guinea pig for starting to charge for some types of kernel software, not just application software) ... which included a lot of stuff that was required for multiprocessor support (which was "free").
https://www.garlic.com/~lynn/subtopic.html#fairshare

Ellison Looks Back As Oracle Turns 30

Refed: **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Ellison Looks Back As Oracle Turns 30
Newsgroups: alt.folklore.computers
Date: Mon, 12 Nov 2007 09:14:35 -0500

re:
https://www.garlic.com/~lynn/2007s.html#20 Ellison Looks Back As Oracle Turns 30
and
https://www.garlic.com/~lynn/submain.html#systemr

also from this same reunion:

The 1995 SQL Reunion: People, Projects, and Politics
http://www.mcjones.org/System_R/SQL_Reunion_95/index.html

http://www.mcjones.org/System_R/SQL_Reunion_95/sqlr95-Teradata.html

from above, about m'soft contracting for RDBMS from Sybase:
Jim Gray: And Microsoft took their code and sold it on OS/2. The reason for that was that about 1986, IBM was trying to take over the PC market, and they had their own operating system - OS/2 - they had their own hardware. Microsoft said that they had to somehow protect themselves against something called OS/2 Extended Edition. There was going to be this thing called OS/2, which was basic OS/2, and then Extended Edition, which was going to cost hardly anything more, was going to have a database system in it, and compilers, and query - QBE was going to be built into it, and all sorts of stuff. So Microsoft felt they had to have something like that. So they went to Sybase and said, "We'll get our SQL engine from the Sybase guys, and that will be our Microsoft Extended Edition." And Microsoft remarketed Sybase in the OS/2 world. The relations between Microsoft and Sybase were not warm or cordial. When it came time to port Sybase to NT, Sybase let Microsoft do the job. And then there was a divorce at some point, similar to the IBM divorce about OS/2, that IBM would do OS/2, and Microsoft would go its own way. There was a similar divorce vis-a-vis Microsoft, where Microsoft now owns the Sybase code, so the Microsoft SQL Server now is going its own way, and they've made it more SQL-compliant, and they're adding GUIs to it, and so on. It's now a major force in this whole database world. And the thing that's driving everybody crazy I believe in the database world is, this thing is very cheap. It's, order, five thousand dollars for a server, as opposed to a hundred thousand dollars for a server. This server is capable of doing hundreds of transactions a second. Scary. Pat, did I ... ?

... snip ...

QBE was query-by-example ... old posts/references
https://www.garlic.com/~lynn/2002e.html#44 SQL wildcard origins?
https://www.garlic.com/~lynn/2002o.html#70 Pismronunciation
https://www.garlic.com/~lynn/2003n.html#11 Dreaming About Redesigning SQL
https://www.garlic.com/~lynn/2004l.html#44 Shipwrecks
https://www.garlic.com/~lynn/2005.html#25 Network databases

as to the RDBMS for OS2, the project was code-named shelby, writing a new RDBMS from scratch in C, a few past posts
https://www.garlic.com/~lynn/2005b.html#1 Foreign key in Oracle Sql
https://www.garlic.com/~lynn/2005u.html#41 Mainframe Applications and Records Keeping?
https://www.garlic.com/~lynn/2006w.html#13 IBM sues maker of Intel-based Mainframe clones
https://www.garlic.com/~lynn/2007j.html#12 Newbie question on table design

there was technology transfer of system/r (PLS-language) implementation to Endicott for SQL/DS. Then there was technology transfer back to STL for DB2 ... one of the people in this meeting mentioned that they handled much of that transfer from Endicott SQL/DS to STL for DB2
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15

Shelby portable (C-language) offering on various platforms is now also called DB2 ... even though it is a totally different implementation.

America Competes spreads funds out

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: America Competes spreads funds out
Newsgroups: alt.folklore.computers
Date: Mon, 12 Nov 2007 09:30:49 -0500

America Competes spreads funds out
http://www.eetimes.com/news/latest/showArticle.jhtml?articleID=202804031

from above:
The America Competes Act authorizes $33.6 billion in new funding for three broad areas: increasing research investment; strengthening science, technology, engineering and mathematics (STEM) education from elementary through graduate school; and promoting innovation. It creates at least 40 new federal programs.

... snip ...

The new urgency to fix online privacy

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The new urgency to fix online privacy
Newsgroups: alt.folklore.computers
Date: Mon, 12 Nov 2007 09:33:57 -0500

and now for something completely different

Security loophole found in Windows operating system
http://www.eurekalert.org/pub_releases/2007-11/uoh-slf111207.php

from above:
The researchers found the security loophole in the random number generator of Windows. This is a program which is, among other things, a critical building block for file and email encryption, and for the SSL encryption protocol which is used by all Internet browsers. For example: in correspondence with a bank or any other website that requires typing in a password, or a credit card number, the random number generator creates a random encryption key, which is used to encrypt the communication so that only the relevant website can read the correspondence. The research team found a way to decipher how the random number generator works and thereby compute previous and future encryption keys used by the computer, and eavesdrop on private communication.

... snip ...

[ClassicMainframes] multics source is now open

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: [ClassicMainframes] multics source is now open
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Mon, 12 Nov 2007 10:18:17 -0500

Peter.Farley@BROADRIDGE.COM (Farley, Peter x23353) writes:
Thanks a lot for the info and the link. Most interesting. Another important piece of computer history available to the world at large. Bravo to Bull for releasing it.

It would be an interesting project to write the emulator for that machine architecture.

for even more topic drift ... recent RDBMS related post ... drifting into mentioning that Multics shipped the first RDBMS product, MRDS
https://www.garlic.com/~lynn/2007s.html#20 Ellison Looks Back As Oracle Turns 30
and even further drift in followup
https://www.garlic.com/~lynn/2007s.html#21 Ellison Looks Back As Oracle Turns 30

also mentions that Multics "unbundled" MRDS ... which created issues about not allowing base system (free) software to have dependencies on "priced" software.

lots of past posts mentioning RDBMS
https://www.garlic.com/~lynn/submain.html#systemr

I ran into a similar problem when my resource manager was selected to be guinea pig for starting to charge for kernel software. I had a lot of kernel restructuring (in the resource manager) for multiprocessor operation. This created a problem for bundled/free multiprocessor operation needed lots of code from the resource manager.
https://www.garlic.com/~lynn/submain.html#unbundle

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Mon, 12 Nov 2007 12:37:40 -0500

Frank McCoy <mccoyf@millcomm.com> writes:
It's rather like the present system of fixed versus variable-rate loans. Variable-rate-loans are attractive to *banks*, because *they* are protected if interest rates rise. Thus they offer lower overall rates for such loans. OTOH, fixed-rate-loans are attractive to *customers* because it protects the borrower from interest-rate-increases, while the bank loses (comparatively). So, the bank charges a higher rate for such loans.

modulo not doing detailed analysis and variable rate loans almost took citibank down in the '80s (after which they totally got out of the home mortgage business) ... long winded post recently referenced a number of times
https://www.garlic.com/~lynn/aepay3.htm#riskm Thread Between Risk Management and Information Security

the current scenario involving credit backed securitized instruments ... has quite a bit of variable rate loans as the root (although in conjunction with introductory subprime teaser rates for the variable rate loans). this morning on one of the financial channels quoted probabilities for internet-based financial players in the subprime market actually going bankrupt (related to clients just wanting to bail as quickly as possible w/o waiting to see how polluted some of the holdings actually are). recent posts with references to these securitized credit instruments possibly obfuscating risk assessments
https://www.garlic.com/~lynn/2007p.html#50 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#41 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007r.html#60 Fixing our fraying Internet infrastructure

Oracle Introduces Oracle VM As It Leaps Into Virtualization

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Oracle Introduces Oracle VM As It Leaps Into Virtualization
Newsgroups: alt.folklore.computers
Date: Mon, 12 Nov 2007 17:11:33 -0500

latest in the new, 40+ yr old technology

Oracle Introduces Oracle VM As It Leaps Into Virtualization
http://www.informationweek.com/news/showArticle.jhtml?articleID=202805954

couple items from above:
Oracle jumped into the virtualization market Monday, announcing Oracle VM, or server virtualization software to run Oracle databases and applications.

...

Oracle will supply preconfigured images -- or virtualized files that combine the Oracle database with a preconfigured version of Linux -- for ease of installation and deployment. The move is Oracle's way of picking up on the use of virtualized appliances, software preconfigured with an operating system to run in a virtual machine.

... snip ...

possibly another take on commodization (leaving more on the table for the product vendor?) mentioned here
https://www.garlic.com/~lynn/2007s.html#20 Ellison Looks Back As Oracle Turns 30

... effectively another kind of virtual appliance or what we started out calling server virtual machine ... misc. past posts
https://www.garlic.com/~lynn/2007i.html#36 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
https://www.garlic.com/~lynn/2007s.html#4 Why do we think virtualization is new?

Oracle Introduces Oracle VM As It Leaps Into Virtualization

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Oracle Introduces Oracle VM As It Leaps Into Virtualization
Newsgroups: alt.folklore.computers
Date: Mon, 12 Nov 2007 19:04:10 -0500

re:
https://www.garlic.com/~lynn/2007s.html#26 Oracle Introduces Oracle VM As It Leaps Into Virtualization

other news items during the day ...

Oracle: Just say no to operating systems
http://www.cnet.com/8301-13556_1-9815094-61.html
Oracle VM virtualization software for free
http://stuff.techwhack.com/archives/2007/11/13/oracle-vm/
Oracle virtualization 3x better than the competition?
http://blogs.zdnet.com/BTL/?p=6966
Oracle VM takes on VMware
http://www.vnunet.com/vnunet/news/2203267/oracle-goes-virtual
Oracle adds virtualization as VMware shares fall
http://news.yahoo.com/s/nm/oracle_virtualization_dc
Oracle takes on VMware, others, with its own hypervisor
http://www.linuxworld.com/news/2007/111207-oracle-hypervisor.html
Oracle adds virtualization as VMware shares fall
http://investing.reuters.co.uk/news/articleinvesting.aspx?type=tnBusinessNews&storyID=2007-11-12T203344Z_01_N12484064_RTRIDST_0_BUSINESS-ORACLE-VIRTUALIZATION-DC.XML
Oracle adds virtualization, VMware shares fall
http://www.reuters.com/article/technology-media-telco-SP/idUSN1248652920071112
Oracle launches Xen-based virtualization platform
http://searchservervirtualization.techtarget.com/originalContent/0,289142,sid94_gci1281648,00.html
Oracle takes on VMware, others, with its own hypervisor
http://www.networkworld.com/news/2007/111407-future-threats-to-virtualization-security.html
ORACLE NEWS :: LIQUID COMPUTING SUPPORTS ORACLE(R) VM
http://www.ad-hoc-news.de/Aktie/12717320/News/14147371/ORACLE.html

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Tue, 13 Nov 2007 11:06:31 -0500

Anne & Lynn Wheeler <lynn@garlic.com> writes:
modulo not doing detailed analysis and variable rate loans almost took citibank down in the '80s (after which they totally got out of the home mortgage business) ... long winded post recently referenced a number of times
https://www.garlic.com/~lynn/aepay3.htm#riskm Thread Between Risk Management and Information Security

re:
https://www.garlic.com/~lynn/2007s.html#25 Translation of IBM Basic Assembler to C?

a website with an extremely caustic view on how credit backed securitized instruments have been rated.

Next Phase of the Financial Markets Credit Crunch Crisis: The Great Ratings Debacle
http://www.marketoracle.co.uk/Article2748.html

Intel Ships Power-Efficient Penryn CPUs

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Intel Ships Power-Efficient Penryn CPUs
Newsgroups: alt.folklore.computers
Date: Tue, 13 Nov 2007 11:44:58 -0500

Anne & Lynn Wheeler <lynn@garlic.com> writes:
more of the new 40+ yr old technology

Intel Ships Power-Efficient Penryn CPUs
http://www.pcworld.com/article/id,139511-c,intel/article.html

re:
https://www.garlic.com/~lynn/2007s.html#19 Intel Ships Power-Efficient Penryn CPUs

somewhat confluence of this old article, from dec2001

Virtual Machines & VMware, Part I
http://www.extremetech.com/article2/0,1697,10403,00.asp

the webpage currently has RSS reference to
http://www.podtrac.com/pts/redirect.mp3/zdpub.vo.llnwd.net/o2/ET/et.10.29.07.mp3

with reference to
Penryn Arrives:

• Runs cool; overclocks to 3.6GHz / DDR3-1600 easily
• Slightly better performance across the board
• Still 333MHz FSB; want 400!

... snip ...

however the article goes on
http://www.extremetech.com/article2/0,1697,1156606,00.asp
The Genesis of Virtual Machines

The idea of a virtual machine is not new--its roots actually go back almost to the beginning of computing itself. Initially, the concept of a virtual machine came about in the 1960's on mainframes as a way to create less complex multi user time share environments.

... snip ...

also includes reference to Melinda's paper "VM and the VM Community: Past, Present, and Future" at
https://www.leeandmelindavarian.com/Melinda/
https://www.leeandmelindavarian.com/Melinda#VMHist

reference also mentioned in this post
https://www.garlic.com/~lynn/2007r.html#51 Translation of IBM Basic Assembler to C

with a footnote from Melinda's tome about when Creasy had decided to build the first virtual machine system, CP40
Creasy had decided to build CP-40 while riding on the MTA. "I launched the effort between Xmas 1964 and year's end, after making the decision while on an MTA bus from Arlington to Cambridge. It was a Tuesday, I believe." (R.J. Creasy, private communication, 1989.)

... snip ...

at the science center
https://www.garlic.com/~lynn/subtopic.html#545tech

other posts mentioning cp67 and/or vm370 based commercial timesharing services
https://www.garlic.com/~lynn/submain.html#timeshare

misc. other recent posts with reference to Melinda's paper:
https://www.garlic.com/~lynn/2007d.html#48 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007d.html#52 CMS (PC Operating Systems)
https://www.garlic.com/~lynn/2007f.html#7 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007g.html#36 Wylbur and Paging
https://www.garlic.com/~lynn/2007i.html#14 when was MMU virtualization first considered practical?
https://www.garlic.com/~lynn/2007j.html#43 z/VM usability
https://www.garlic.com/~lynn/2007k.html#43 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#47 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#55 Scholars needed to build a computer history bibliography
https://www.garlic.com/~lynn/2007m.html#60 Scholars needed to build a computer history bibliography
https://www.garlic.com/~lynn/2007o.html#41 Virtual Storage implementation
https://www.garlic.com/~lynn/2007r.html#64 CSA 'above the bar'

Intel Ships Power-Efficient Penryn CPUs

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Intel Ships Power-Efficient Penryn CPUs
Newsgroups: alt.folklore.computers
Date: Tue, 13 Nov 2007 12:34:57 -0500

Walter Bushell <proto@oanix.com> writes:
Weren't we making the transition from small to large scale integrated circuits about 1967? No, a brief google says that was in the mid 70's. Just plain integrated circuits in 1967 then and many machines extant with discrete transistor logic. LSI is "tens of thousands of transistors".

re:
https://www.garlic.com/~lynn/2007s.html#19 Intel Ships Power-Efficient Penryn CPUs
https://www.garlic.com/~lynn/2007s.html#23 Intel Ships Power-Efficient Penryn CPUs

cp40 was done at the science center
https://www.garlic.com/~lynn/subtopic.html#545tech

on a 360/40 with custom modified virtual memory hardware. when 360/67 with standard virtual memory became available, cp40 morphed into cp67

another cp67/cms reference from the multics website (i.e. multics was on the 5th flr of 545 tech sq, the science center was on the 4th flr of 545 tech sq, and the science center machine room with 360/67 was on 2nd flr of 545 tech sq)
https://www.multicians.org/thvv/360-67.html

directory with standard 360 principles of operation
http://www.bitsavers.org/pdf/ibm/360/poo/

360/67 functional characteristics (from bitsavers) ... includes description of hardware virtual memory support (addon to 360)
http://www.bitsavers.org/pdf/ibm/360/functional_characteristics/A27-2719-0_360-67_funcChar.pdf
http://www.bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf

vm370 documents on bitsavers (morph of cp67 for 370 machines)
http://www.bitsavers.org/pdf/ibm/370/vm370/
also CMS (interactive interface in cp67 and vm370)
http://www.bitsavers.org/pdf/ibm/370/vm370/

and from around the web, some 360/67 images
https://web.archive.org/web/20030813223021/www.cs.ncl.ac.uk/events/anniversaries/40th/images/ibm360_67/index.html
https://web.archive.org/web/20030813224124/www.cs.ncl.ac.uk/events/anniversaries/40th/images/ibm360_672/index.html

picture of 360/65 (360/67 was nearly identical, having the addition of virtual memory hardware and 32-bit virtual addressing option)
http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_2423PH2065C.html

a little more eclectic 360/67 reference
http://www.ibm-collectables.com/gallery/view_album.php?set_albumName=album79

from this web page
http://ibmcollectables.com/gallery/albums.php

for other drift, picture of first high-speed processor cache ... for 360/85 (from 1968):
http://www-03.ibm.com/ibm/history/history/year_1968.html

multics source is now open

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: multics source is now open
Newsgroups: alt.folklore.computers
Date: Tue, 13 Nov 2007 15:37:02 -0500

ok, has been slashdot'ed

MIT Releases the Source of MULTICS, Father of UNIX
http://slashdot.org/articles/07/11/13/1710224.shtml
The Last Multics System Decommissioned
http://slashdot.org/articles/00/11/13/066228.shtml

for other topic drift

old reference to Multics security study
https://www.garlic.com/~lynn/2002l.html#42 Thirty Years Later: Lessons from the Multics Security Evaluation
https://www.garlic.com/~lynn/2002l.html#44 Thirty Years Later: Lessons from the Multics Security Evaluation
https://www.garlic.com/~lynn/2002l.html#45 Thirty Years Later: Lessons from the Multics Security Evaluation

paper now at:
http://www.acsac.org/2002/papers/classic-multics.pdf
and original study:
http://csrc.nist.gov/publications/history/karg74.pdf

and recent posts mentioning multics on 5th flr of 545 tech sq ... and science center was on 4th flr of 545 tech sq ... where original virtual machine work was done:
https://www.garlic.com/~lynn/2007b.html#51 Special characters in passwords was Re: RACF - Password rules
https://www.garlic.com/~lynn/2007d.html#52 CMS (PC Operating Systems)
https://www.garlic.com/~lynn/2007l.html#55 Scholars needed to build a computer history bibliography
https://www.garlic.com/~lynn/2007l.html#58 Scholars needed to build a computer history bibliography
https://www.garlic.com/~lynn/2007m.html#56 Capacity and Relational Database
https://www.garlic.com/~lynn/2007n.html#69 women as computer operators in the 1960s
https://www.garlic.com/~lynn/2007o.html#70 The name "shell"
https://www.garlic.com/~lynn/2007p.html#35 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007s.html#30 Intel Ships Power-Efficient Penryn CPUs

Newsweek article--baby boomers and computers

Refed: **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Newsweek article--baby boomers and computers
Newsgroups: alt.folklore.computers
Date: Tue, 13 Nov 2007 19:03:05 -0500

Anne & Lynn Wheeler <lynn@garlic.com> writes:
the interviewer asked what are the possible reasons for the shortfall in investments. the "specialist" explained that one reason is that 1/2 of the production project specialists will reach retirement age over the next three years and there wasn't enough talent to undertake additional projects that typically take 7-8yrs.

re:
https://www.garlic.com/~lynn/2007q.html#42 Newsweek article--baby boomers and computers

and along similar lines:

Federal Managers Think Agencies Aren't Ready For Boomer Exodus
http://www.informationweek.com/news/showArticle.jhtml?articleID=203100122

from the article ...
Sixty-one percent of federal managers say their agencies do not have knowledge management policies to help prepare for the impending brain-drain, according to a recent survey.

...

Organizations "can't afford a single gap of knowledge," said Joel Brunson, president of Tandberg's federal market business. However, when a mass exodus of workers do leave their jobs, "it's about losing day-to-day knowledge, tricks of the trade," and an accumulation of what's been learn over 25 to 35 years, he said.

... snip ...

earlier thread/post mentioning downside of boomers retiring
https://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness

and other posts in the thread:
https://www.garlic.com/~lynn/2007p.html#14 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#16 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#21 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#27 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#28 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#29 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#30 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#31 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#35 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#38 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#50 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#41 Newsweek article--baby boomers and computers

Age of IBM VM

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Age of IBM VM
Newsgroups: alt.folklore.computers,bit.listsev.vmesa-l
Date: Wed, 14 Nov 2007 03:55:57 -0500

Marty Zimelis wrote:
Bob, Right name, but I believe the wrong derivation. The "67" in CP-67 comes form the fact that it ran on the S/360 model 67, the only production model of the S/360 line that implemented Dynamic Address Translation (DAT) -- virtual storage.

Some would argue that was the first version of VM. Others would argue that the line starts with VM/370, the first generally available version of VM, which was first released in August of 1972. (FWIW, SHARE has been celebrating VM's birthdays using the VM/370 release date as the origin. Hence the 35th birthday was celebrated at SHARE 109 in San Diego last Summer.)

CP40 predated CP67. Cambridge Science Center had cp67 up and running and had also installed it out at Lincoln Labs. The last week in Jan68, three people came out to install it at the university where I was an undergraduate. I was then invited to attend the spring 68 SHARE meeting in Houston where cp67 was "officially" announced. In that sense, the univ. was early "beta test" for cp67. For other topic drift, the univ was also "best test" site for original CICS ... and I got tasked to support/debug also ... misc. past posts mentioning CICS
https://www.garlic.com/~lynn/submain.html#bdam

I had been doing various work on os360, including a lot of workload throughput optimization. When CP67 was installed, I also started doing some work on it ... and then made a presentation on some of the work at the fall68 SHARE meeting in Atlantic City. Old post with part of that presentation
https://www.garlic.com/~lynn/94.html#18 CP/67 & OS MFT14

part of this post I made earlier this yr, has been repeated in this thread
https://www.garlic.com/~lynn/2007b.html#21 history question

some more recent posts mentioning cp40 (and early virtual machine work)
https://www.garlic.com/~lynn/2007p.html#19 zH/OS (z/OS on Hercules for personal use only)
https://www.garlic.com/~lynn/2007p.html#69 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell
https://www.garlic.com/~lynn/2007r.html#51 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007r.html#64 CSA 'above the bar'
https://www.garlic.com/~lynn/2007s.html#29 Intel Ships Power-Efficient Penryn CPUs
https://www.garlic.com/~lynn/2007s.html#30 Intel Ships Power-Efficient Penryn CPUs

The cp67 group "split" off from the science center and took over the (IBM) Boston Programming Group on the 3rd flr of 545 tech sq; science center was on the 4th flr, science center machine room was on the 2nd flr.
https://www.garlic.com/~lynn/subtopic.html#545tech

For other trivia, multics was on the 5th flr ... a couple recent refs
https://www.garlic.com/~lynn/2007s.html#24 multics source is now open
https://www.garlic.com/~lynn/2007s.html#31 multics source is now open

In the morph from cp67 to vm370, the group continued to expand, eventually outgrowing the 3rd flr and moved out to the old SBC bldg in Burlington Mall. During this period the company (and some amount of the vm group) got distracted by the Future System effort
https://www.garlic.com/~lynn/submain.html#futuresys

However, I continued to work on various 360 & 370 things (and also made some less than flattering references about FS). Old email referencing some of that work
https://www.garlic.com/~lynn/lhwemail.html#1973
https://www.garlic.com/~lynn/lhwemail.html#1975

When FS was finally killed, there was a mad scramble to get things back into the 370 hardware and software product pipeline. Possibly somewhat as a result, the development group picked up quite a bit of stuff that I had been doing and shipped it in vm370 release 3. Then there was also a decision to release other stuff that I had been doing as the resource manager. Misc. posts
https://www.garlic.com/~lynn/subtopic.html#fairshare

It was also in this time-frame that the internal scramble was on to get going on MVS/XA. POK finally convinced the company that it was necessary to kill the vm370 product, shutdown the burlington mall location and transfer all the people to POK as part of being able to meet the MVS/XA delivery schedule. Eventually, Endicott was able to salvage the vm370 product mission ... but effectively had to rebuild an organization nearly from scratch.

Somebody from ibm forwarded me this photo from the vm370 b'day event at SHARE 99
https://www.garlic.com/~lynn/LynnWheeler023.jpg

vm b'day picture

40th anniv. of when I first got acquainted with cp67 is coming up in two months ... and the 40th anniv of cp67 announcement is later next spring.

For other drift, 23jan69, the company announced unbundling ... somewhat as the result of various litigation going on. However, the case was made that unbundling and starting to charge separately for software only applied to application software; kernel software still needed to be "bundled" with the machine (and "free").

A big part of the motivation for FS was reaction to clone controller business ... recent post discussing this
https://www.garlic.com/~lynn/2007r.html#74 System 360 EBCDIC vs. ASCII

which talks about adding TTY/ascii terminal support to cp67 and coming up against some 2702 controller limitation. As a result the univ. kicked off a project to build a clone controller (using an Interdata/3 minicomputer) ... which subsequently got written up blaming four of us for clone controller business.
https://www.garlic.com/~lynn/submain.html#360pcm

Anyway, some case can be made that as the result of clone controllers, resulting in the corporation's effort for the Future System activity ... allowing the 370 product pipeline to somewhat go bare ... helped provide an opening for clone processors in the 70s.

In any case, as I was about to release the resource manager and in response to clone processors ... the corporation made a decision to start transition to charging for kernel software ... and the resource manager was selected as guinea pig. as a result, I got to spend a lot of time with business people and lawyers over a period of several months, helping figure out policies for kernel software unbundling/charging.
https://www.garlic.com/~lynn/submain.html#unbundle

One of the issues with early kernel unbundle was there was some kernel software that was bundled and some that was not, but a policy decision was that "free" kernel software couldn't have dependency on unbundled/priced kernel software. Unfortunately, I had included quite a bit of multiprocessor kernel reorg as part of the resource manager. This created a delima when it was decided to go ahead and release vm370 multiprocessing support (bundled/free ... but couldn't require the priced resource manager as a dependency)

lots of past posts mentioning multiprocessor support
https://www.garlic.com/~lynn/subtopic.html#smp

for some completely other drift ... the original relational database/SQL implementation had been done on vm370 (I transferred to the west coast and doing various work on it)
https://www.garlic.com/~lynn/submain.html#systemr

however, the first commercial RDBMS product was from the multics group. this recent post strays into the issue that the multics group had with "unbundling" their RDBMS product
https://www.garlic.com/~lynn/2007s.html#20 Ellison Looks Back As Oracle Turns 30
https://www.garlic.com/~lynn/2007s.html#21 Ellison Looks Back As Oracle Turns 30

Another part of unbundling was that SE services started to be charged for. Up until that time, a lot of new SEs got their training "on the job" at customer sites (as part of a SE team, sort of apprentice type program). With unbundling, that came to a halt. To somewhat compensate a program was started called HONE (Hands-On Network Environment) which was going to have several cp67 installations around the US and branch SEs could remotely log in and gain experience running various operating systems in virtual machines.

However, one of the other things that the science center had done was to port apl\360 to cms ... and the dataprocessing organization starting using HONE to host a number of sales and marketing support applications implemented in cms\apl. Eventually this grew to dominate all HONE usage and the original HONE purpose dwindled away. HONE then made the transition from cp67 with cms\apl to vm370 with apl\cms ... and numerous clones were created around the world. one of my hobbies was building highly customized kernels ... which i provided and supported to various internal organizations, including HONE. Some number of the HONE clones, I personally installed. One of the first was when EMEA hdqtrs moved from the US to La Defense (just outside paris). Also at some point, it was not even possible to submit customer machine orders without having first being processed by some HONE application. misc. past posts mentioning HONE and/or APL
https://www.garlic.com/~lynn/subtopic.html#hone

File sharing may lead to identity theft

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: File sharing may lead to identity theft
Newsgroups: alt.folklore.computers
Date: Wed, 14 Nov 2007 10:35:05 -0500

hancock4 writes:
I'm not exactly sure what the difference is between "file sharing" and a plain download. Apparently "file sharing" is what people do to download music and videos, sometimes without properly paying for them. Could someone elaborate on the technical differences?

download implies a pull operation from the server to the client. servers open themselves up to connections from external sources and frequently have various kinds of firewall technologies that limit the kind and scope of incoming connection requests (lots of systems having numerous kinds of deficiencies and vulnerabilities in parts of the system supporting incoming connection requests ... and the widespread vulnerabilities in this system area being one of the original motivations for various kind of firewalls).

filesharing implies that these clients start acting as servers and other clients can create connections and retrieve files. frequently this may involve disabling various kinds of defenses and firewalls (that turn-off incoming connection requests).

a recent post about a lot of systems not being designed from the ground up for the hostile, wild anarchy of the internet.
https://www.garlic.com/~lynn/2007r.html#45 Translation of IBM Basic Assembler to C?

another kind of analogy is the human body not being designed/built for open space and requiring space suit armoring to survive.

a more trivial scenario is that attackers can use the filesharing capability to break-out of any controls (regarding what files can be retrieved) and retrieve any file from the victim system.

for another perspective on defenses and countermeasures required for operating a server on the internet:

Survey finds thousands of database servers open to attack
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1281896,00.html
Half a million database servers 'have no firewall'
http://www.computerworlduk.com/management/security/data-control/news/index.cfm?newsid=6198
Half a Million Database Servers 'Have no Firewall'
http://it.slashdot.org/it/07/11/14/1344209.shtml
Researcher: Half a million database servers have no firewall
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9046821
Researcher: Half a million database servers have no firewall
http://www.infoworld.com/article/07/11/14/Half-million-database-servers-have-no-firewall_1.html

aka ... a lot of filesharing apps effectively turns client machines into servers.

long ago and far away we were brought in to consult with small client/server company that wanted to do payment transactions on their server ... some past posts mentioning the activity
https://www.garlic.com/~lynn/subnetwork.html#gateway

proxies and firewalls were already starting to become standard countermeasure for attaching to the internet. however, in doing detailed studies about threats and vulnerabilities for such servers ... one item found that resulted in successful exploits of systems on the internet was "maintenance".

basically the process involved disconnecting from the internet, disabling all the defenses as part of doing maintenance, and when all done ... for various reasons, they forgot to re-enable the defenses before reconnecting to the internet.

lots of past posts mentioning risks, exploits, threats, vulnerabilities, fraud, etc
https://www.garlic.com/~lynn/subintegrity.html#fraud

Oracle Introduces Oracle VM As It Leaps Into Virtualization

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Oracle Introduces Oracle VM As It Leaps Into Virtualization
Newsgroups: alt.folklore.computers
Date: Wed, 14 Nov 2007 14:50:43 -0500

hancock4 writes:
Could you translate into layman's terms? What exactly is "server virtualization software"?

The concept of "virtual storage", as I understand it, is making an application program think it had more core ('RAM') memory than it had by using disk storage for parts of a program not being used at that moment. It's power was limited as trying to compress too much of a program slowed it down significantly. To me, today the concept is almost obsolete since RAM memory is damn cheap, measured in many hundreds of meagabytes. Virtual was developed when memory was still in kilobytes or at best a few megabytes.

Anyway, I don't see how the above definition applies today to something like Oracle.

How does this new product make it easier and more efficient for data processing centers?

re:
https://www.garlic.com/~lynn/2007s.html#26 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007s.html#27 Oracle Introduces Oracle VM As It Leaps Into Virtualization

operating system used to be bundled with processors ... misc. posts discussing bundling and unbundling
https://www.garlic.com/~lynn/submain.html#unbundle

... and then you added/installed applications afterwards ... hoping that you got the correct level of application software that worked with the specific operating system and processor (not only initial install but also life-cycle maintenance going on independently for all the components).

then things have somewhat gone back and forth between having operating systems pre-installed on you hardware and consumer doing after market operating system installs, upgrades, re-installs, etc. (and hoping that the application software, operating systems, and processors still were all compatible and worked with each other).

also over the years, monolithic operating systems have tended to get more and more complex.

when we did virtual machine hypervisor ... the hypervisor was a much simpler set of software with a very well defined interface (minimizing complexity and incompatibilies).

we then found out that we could do something called service virtual machines ... basicly a stripped down, simplified operating system ... somewhat tailored to run in a virtual machine ... and targeted at doing only one kind of specific task.

in the rebirth of virtual machine technology, the service virtual machine concept is sometimes being referred to as virtual appliance ... rather than having one large, monolithic, complex (and error prone) body of (kernel) software ... there were highly optimized, stripped down, simpler software targeted at done only one (or very few) kinds of tasks.

so one thing that can be done ... rather than having a large number of the different possible (monolithic, complex, error prone) "operating systems" ... where something like oracle ... has to deliver an application installation process that tries to adapt the oracle application to all the idiosyncrasies of the "operating system" it might be installed on.

Oracle can ship a preconfigured oracle virtual appliance executable image ... that includes its own stripped down, highly optimized and highly tailored kernel (as part of the executable image) ... all set up for operation in a virtual machine. This can drastically reduce life-cycle maintenance headaches (with applications and operating systems getting out of sync and developing incompatibilities).

This not only reduces the ongoing lifecycle headaches ... but can also reduce the total cost of ownership as well as skill levels at customer sites required for its care&feeding.

misc. past posts mentioning virtual appliance and/or service virtual machine technologies:
https://www.garlic.com/~lynn/2007i.html#21 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#36 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007o.html#1 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007o.html#2 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007o.html#4 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007o.html#7 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007o.html#9 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007o.html#16 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
https://www.garlic.com/~lynn/2007s.html#4 Why do we think virtualization is new?

other recent posts mentioning the new, 40+ yr old technology
https://www.garlic.com/~lynn/2007b.html#21 history question
https://www.garlic.com/~lynn/2007d.html#52 CMS (PC Operating Systems)
https://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#77 Linux: The Completely Fair Scheduler
https://www.garlic.com/~lynn/2007j.html#43 z/VM usability
https://www.garlic.com/~lynn/2007k.html#47 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#52 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#23 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#64 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#66 Off Topic But Concept should be Known To All
https://www.garlic.com/~lynn/2007n.html#27 What if phone company had developed Internet?
https://www.garlic.com/~lynn/2007n.html#30 How would a relational operating system look like?
https://www.garlic.com/~lynn/2007n.html#93 How old are you?
https://www.garlic.com/~lynn/2007o.html#36 It's No Secret: VMware to Develop Secure Systems for NSA
https://www.garlic.com/~lynn/2007o.html#38 It's No Secret: VMware to Develop Secure Systems for NSA
https://www.garlic.com/~lynn/2007o.html#39 It's No Secret: VMware to Develop Secure Systems for NSA
https://www.garlic.com/~lynn/2007p.html#28 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#59 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux
https://www.garlic.com/~lynn/2007q.html#49 Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
https://www.garlic.com/~lynn/2007q.html#59 Virtualization: Everybody's Doing It, but Few Know How
https://www.garlic.com/~lynn/2007q.html#64 Virtual Browsers: Disposable Security
https://www.garlic.com/~lynn/2007s.html#0 Marines look for a few less servers, via virtualization
https://www.garlic.com/~lynn/2007s.html#19 Intel Ships Power-Efficient Penryn CPUs
https://www.garlic.com/~lynn/2007s.html#29 Intel Ships Power-Efficient Penryn CPUs
https://www.garlic.com/~lynn/2007s.html#33 Age of IBM VM

Oracle Introduces Oracle VM As It Leaps Into Virtualization

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Oracle Introduces Oracle VM As It Leaps Into Virtualization
Newsgroups: alt.folklore.computers
Date: Wed, 14 Nov 2007 15:47:08 -0500

hancock4 writes:
Could you translate into layman's terms? What exactly is "server virtualization software"?

The concept of "virtual storage", as I understand it, is making an application program think it had more core ('RAM') memory than it had by using disk storage for parts of a program not being used at that moment. It's power was limited as trying to compress too much of a program slowed it down significantly. To me, today the concept is almost obsolete since RAM memory is damn cheap, measured in many hundreds of meagabytes. Virtual was developed when memory was still in kilobytes or at best a few megabytes.

Anyway, I don't see how the above definition applies today to something like Oracle.

How does this new product make it easier and more efficient for data processing centers?

Thanks.

re:
https://www.garlic.com/~lynn/2007s.html#26 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007s.html#27 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007s.html#35 Oracle Introduces Oracle VM As It Leaps Into Virtualization

for some topic drift and x-over with this thread
https://www.garlic.com/~lynn/2007s.html#33 Age of IBM VM

Endicott was working on the follow-on to 135/145 ... virgil/tully ... which had spare room for microcode. There was starting to be mid-range clone processor competition (primarily outside the US) and was looking for new added value features ... in addition to simply better price/performance. They had done a VS1 (kernel) microcode assist and approached the VM group out in burlington about doing a VM370 microcode assist.

The VM group turned them down, saying that they were too busy doing other stuff. As a result, they eventually showed up on my doorstep. Old post with some results into initial investigation into selecting portions of vm kernel to "drop" into mcode:
https://www.garlic.com/~lynn/94.html#21 370 ECPS VM microcode assist

In addition to the other stuff I was doing in the same timeframe, not only did i get roped into working on design for ECPS VM microcode assist ... Endicott then wanted me to run around the world with them to explain what it all met to the business and forecasting people in different countries around the world. unlike domestic/US, world trade countries would forecast sales for the upcoming year ... which then turned into build orders at manufacturing plants ... which were then bought/delivered to the countries ... which in turn had to be sold to customers (by contrast, domestic forecasts were not directly tied to actual sales volume ... so manufacturing plant sites had to do significant amount of investigation regarding US forecasts since the plant sites would have to "eat" any inaccuracies).

It turns out that 138/148 (virgil/tully) was just on the leading edge of shift from hardware costs dominating customer budgets to change-over to people costs starting to dominate (and skill availability representing bottleneck to customer installs). As a result, Endicott pushed hard for having VM370 preinstalled and transparently integrated into every 138/148 shipped from the factory (slightly akin to LPARS in the current generation of mainframes). The problem was that large portions of the corporation viewed vm370 as "competitive" with other operating system offerings and for one reason or another were out to kill the product. Having vm370 preinstalled and transparently integrated into every 138/148 shipped ran counter to this other political forces (for instance POK was in the process of making the case for killing off vm370 and having all the people in the burlington mall group transferred to pok as part of helping mvs/xa schedules). In any case, the vm370 preinstall and transparently integrated for every 138/148 was shot down.

As i've posted before, the mid-range product sales really accelerated with the 138/148 followin ... 43xx machines (as well as vax machines). past posts mentioning the departmental server phenonama for 43xx (and vax) machines (43xx had some edge over vax with some large commercial customers placing 43xx machine orders in multiples of hundreds). a few recent posts
https://www.garlic.com/~lynn/2007b.html#51 Special characters in passwords was Re: RACF - Password rules
https://www.garlic.com/~lynn/2007j.html#7 Newbie question on table design
https://www.garlic.com/~lynn/2007m.html#72 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007n.html#18 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007n.html#20 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007n.html#21 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007o.html#10 IBM 8000 series
https://www.garlic.com/~lynn/2007o.html#56 360/30 memory
https://www.garlic.com/~lynn/2007r.html#15 The history of Structure capabilities

this market segment then started transition to workstations and large PCs ... so that the 4331/4341 follow-ons, 4361/4381 never saw the success of its predecessor (vax sales saw similar effect)

for other topic drift, another group wanted to do vm370-only, 5-way smp also approached me about the same time ... so i was doing a lot of work on that project at the same time I was doing the endicott ecps related stuff (and all the other kernel modifications and enhancements mentioned in the previous post, including leading up to the releasing the source manager). the 5-way smp project eventually got canceled before shipping misc. past posts about the https://www.garlic.com/~lynn/submain.html#bounce

the 5-way smp project included significant microcode capability ... so i moved a lot of i/o scheduling, dispatching, and other kernel operations into the microcode as defined functions (different approach than ecps which was moving very targeted short snipets of kernel code into microcode). the i/o scheduling has some characteristics of what was later seen in 370/xa ... and the dispatching bore some resumblance to the later work done in i432 (making management and number of processors somewhat transparent to the kernel code). all of these functions could execute concurrently on different processors.

after 5-way project was killed, a quick&dirty version was adapted to vanilla vm370 kernel running on standard 370 multiprocessors (w/o all the microcode capability). This involved about 6000 bytes of kernel code that would execute concurrently with fine-grain locking on multiple different processors. However, the majority of the kernel smp support was done with traditional single kernel lock that was state-of-the-art in the period.

The were some differences, i.e that standard single kernel lock (of the period) was used for all of the kernel, and processors on entry to the kernel would "spin" on the lock until it was made available (effectively the kernel would only be executing on single processor at a time).

The adaption of the VAMPS design had fine-grain locking multiprocessing changes for only (very) small portion of the kernel that represented the majority of time spent in the kernel. I didn't have to make go thru the rest of the kernel making multiprocessors changes ... since it continued to run on only one processor at a time (with single kernel lock). I contended it provided nearly the thruput of having completely modified the whole kernel for fine-grain lock and parallelism ... while requiring a small fraction of the source code changes.

The other difference was that there was a extremely light-weight queuing mechanism ... instead of single kernel "spin-lock" (for the majority of the kernel code) ... it was something that I originally called a bounce lock ... i.e. an attempt was made to obtain the kernel lock, and the processor couldn't obtain the lock, it would queue a request (for the kernel lock) and go off to the dispatcher to look for other kinds of work.

Some of the kernel restructuring in preparation for this kind of multiprocessor support ... was what was included in the resource manager
https://www.garlic.com/~lynn/subtopic.html#fairshare

... as mentioned in
https://www.garlic.com/~lynn/2007s.html#33 Age of IBM VM

and created a dilemma when it was decided to release standard product multiprocessor support (the resource manager was "unbundled" and charged for ... while the multiprocessor support was to ship as bundled/free).
https://www.garlic.com/~lynn/submain.html#unbundle

2 byte interface

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 2 byte interface
Newsgroups: alt.folklore.computers
Date: Wed, 14 Nov 2007 17:17:14 -0500

Paul Hinman <paul.hinman@shaw.ca> writes:
Back in the olden days some high speed devices required the "2 byte interface" on the channel. I believe that this was a requirement for connecting the 2305 FHSD to the 2880 block mutliplexor channel. I assume that this meant some changes/additions to the channel itself. In terms of the actual device connection instead of a bus and tag cable dit it require 2 bus cables and a single tag cable.

earlier 3mbyte/sec interface ... before data-streaming 3mbyte/sec ... aka standard channel interface had been handshake on every byte transferred (with accompanying signal and processing latency). later 3mbyte/sec "data-streaming" (used for 3880 disks) relaxed the hand-shaking on every byte ... allowing doubling the transfer rate ... as well as doubling maximum channel lengths from 200' to 400'

there were two 2305 models:
http://www-03.ibm.com/ibm/history/exhibits/storage/storage_2305.html

2305-1 with 5.4mbytes, 2.5 mills avg rotational latency and 3mbyte/sec transfer

2305-2 with 11.2mbytes, 5mills avg rotation latency and 1.5mbyte/sec transfer

another website with 2305 pictures:
http://www.chilton-computing.org.uk/ca/technology/s360_195/p005.htm

i never saw a 2305-1 but my impression was that it had the same number of heads as 2305-2, but pairs of heads were configured on opposite side of the disk surface. only needed quarter rotation to get desired record under head ... and then transfer on two heads in parallel.

in past threads, somebody mentioned that an external crypto device also operated at 3mbyte/sec.

misc. past posts mentioning 2305 and 3mbyte transfer:
https://www.garlic.com/~lynn/93.html#31 Big I/O or Kicking the Mainframe out the Door
https://www.garlic.com/~lynn/2000g.html#42 4M pages are a bad idea (was Re: AMD 64bit Hammer CPU and VM)
https://www.garlic.com/~lynn/2000g.html#45 4M pages are a bad idea (was Re: AMD 64bit Hammer CPU and VM)
https://www.garlic.com/~lynn/2002b.html#11 Microcode? (& index searching)
https://www.garlic.com/~lynn/2002e.html#8 What are some impressive page rates?
https://www.garlic.com/~lynn/2002m.html#73 VLSI and "the real world"
https://www.garlic.com/~lynn/2006g.html#0 IBM 3380 and 3880 maintenance docs needed
https://www.garlic.com/~lynn/2006r.html#36 REAL memory column in SDSF
https://www.garlic.com/~lynn/2006s.html#32 Why magnetic drums was/are worse than disks ?
https://www.garlic.com/~lynn/2006s.html#33 Why magnetic drums was/are worse than disks ?
https://www.garlic.com/~lynn/2006s.html#42 Ranking of non-IBM mainframe builders?
https://www.garlic.com/~lynn/2007e.html#59 FBA rant
https://www.garlic.com/~lynn/2007h.html#34 GA24-3639

The new urgency to fix online privacy

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The new urgency to fix online privacy
Newsgroups: alt.folklore.computers
Date: Wed, 14 Nov 2007 17:38:29 -0500

"Rostyslaw J. Lewyckyj" <urjlew@bellsouth.net> writes:
Curious that the revelation/warning is not considered very noteworthy by the SANS security organization, and no promises of fixes or even acknowledgment from MS.

re:
https://www.garlic.com/~lynn/2007s.html#23 The new urgency to fix online privacy

a comment/response from m'soft here

Microsoft finds holes in Windows 2000 flaw claim
http://www.arnnet.com.au/index.php/id;1375654448;fp;4;fpid;1382389953

other URLs carrying the original article

Loophole in Windows Random Number Generator
http://it.slashdot.org/it/07/11/12/1528211.shtml
Security loophole in Windows 2000 exposes users' private info (data breach)
http://www.computerworld.com.au/index.php/id;1165210682;fp;2;fpid;1
Security Loophole Found In Windows Operating System (data breach)
http://www.sciencedaily.com/releases/2007/11/071112091850.htm
Security loophole found in Windows operating system (data breach)
http://www.physorg.com/news114086937.html
Windows random number generator is so not random
http://www.theregister.co.uk/2007/11/13/windows_random_number_gen_flawed/
GSS warns over Windows 2000 random number generator flaw
http://www.mcsolutions.co.uk/article/12096/GSS-warns-over-Windows-2000-random-number-generator-flaw-.aspx
Israeli researchers decipher Windows 2000 random number generator
http://www.scmagazineus.com/Israeli-researchers-decipher-Windows-2000-random-number-generator/article/96351/
Window's random number generator not random enough
http://www.pcpro.co.uk/news/138819/windows-random-number-generator-not-random-enough.html
Weaknesses in the Windows 2000 random number generator
http://www.heise-security.co.uk/news/98934
'Windows 2000' users' emails, credit card numbers susceptible to hacking
http://www.topnews.in/windows-2000-users-emails-credit-card-numbers-susceptible-hacking-25878
Security loophole in Windows 2000 exposes users' private info
http://www.arnnet.com.au/index.php/id;1165210682

CSA 'above the bar'

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: CSA 'above the bar'
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Wed, 14 Nov 2007 21:40:52 -0500

shmuel+ibm-main@PATRIOT.NET (Shmuel Metz , Seymour J.) writes:
PSA is real address 0; it's absolute address 0 for at most one of the processors in the complex. Neither real nor absolute addresses are virtual addresses, and the mapping of virtual 0 to real 0[1] is strictly a software convention.

multiprocessor support required a unique PSA for every processor.

in 360 multiprocessor, the prefix register (for every processor) contained the "real" address of the PSA for that processor; different processors chose different "real" addresses for their PSA ... so as to have a unique PSA for every processor in the complex. the real, "real" page zero was no longer addressable (assuming every processor chose some other "real" address than zero).

this was modified for 370, the prefix register specified the "real" address of the PSA for that processor (as in 360) ... however, if the processor addressed the address in the prefix register, it would "reverse" translate to real page zero. as a result, the real, real page zero could be used as common communication area between all processors in the complex ... and was addressed by using the address in the processor's prefix register.
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/dz9zr003/3.7?DT=20040504121320

from above:
1. Bits 0-50 of the address, if all zeros, are replaced with bits 0-50 of the prefix.

2. Bits 0-50 of the address, if equal to bits 0-50 of the prefix, are replaced with zeros.

3. Bits 0-50 of the address, if not all zeros and not equal to bits 0-50 of the prefix, remain unchanged.

... snip ...

#1 & #3 was how things operated in 360 multiprocessor support; #2 was introduced with 370 multiprocessor support (modulo 360 & 370 were 4kbyte pages & 24bit real addressing while the above description is for 64bit Z and 8kbyte pages)

past posts mentioning multiprocessor support and/or compare&swap instruction
https://www.garlic.com/~lynn/subtopic.html#smp

other recent posts in this thread:
https://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#62 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#64 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#65 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#67 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#69 CSA 'above the bar'

ongoing rush to the new, 40+ yr old virtual machine technology

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: ongoing rush to the new, 40+ yr old virtual machine technology
Newsgroups: alt.folklore.computers
Date: Thu, 15 Nov 2007 01:03:03 -0500

Sun Bids $2 Billion To Join Virtualization Gold Rush
http://www.informationweek.com/news/showArticle.jhtml?articleID=203100432
Schwartz Unveils Sun's Virtualization Hypervisor
http://www.crn.com/software/203100098
Sun releases more details about its virtualization products
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9047000

and

Sun joins virtualization fray with xVM
http://www.infoworld.com/article/07/11/14/Sun-joins-virtualization-fray-with-xVM_1.html

coincidential or not, current flavor of cp67&vm370 is called zVM.
http://www.vm.ibm.com/library/index.html
http://www.vm.ibm.com/news/

few recent posts on the virtual machine craze
https://www.garlic.com/~lynn/2007q.html#3 Virtualization: Don't Ask, Don't Tell
https://www.garlic.com/~lynn/2007q.html#16 History dictates future of virtualization
https://www.garlic.com/~lynn/2007q.html#49 Slimmed Down Windows Offers Glimpse Into Microsoft's Virtualization Ambitions
https://www.garlic.com/~lynn/2007q.html#59 Virtualization: Everybody's Doing It, but Few Know How
https://www.garlic.com/~lynn/2007s.html#0 Marines look for a few less servers, via virtualization
https://www.garlic.com/~lynn/2007s.html#4 Why do we think virtualization is new?
https://www.garlic.com/~lynn/2007s.html#19 Intel Ships Power-Efficient Penryn CPUs
https://www.garlic.com/~lynn/2007s.html#26 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007s.html#27 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007s.html#29 Intel Ships Power-Efficient Penryn CPUs
https://www.garlic.com/~lynn/2007s.html#30 Intel Ships Power-Efficient Penryn CPUs
https://www.garlic.com/~lynn/2007s.html#33 Age of IBM VM
https://www.garlic.com/~lynn/2007s.html#35 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007s.html#36 Oracle Introduces Oracle VM As It Leaps Into Virtualization

Age of IBM VM

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Age of IBM VM
Newsgroups: alt.folklore.computers
Date: Thu, 15 Nov 2007 01:33:49 -0500

re:
https://www.garlic.com/~lynn/2007s.html#33 Age of IBM VM
https://www.garlic.com/~lynn/2007s.html#36 Oracle Introduces Oracle VM As It Leaps Into Virtualization

one could claim that the relationship of cp67 to vm370 is somewhat like the relationship of HASP to JES2. misc past posts mentioning HASP, JES2, and/or JES2/HASP networking support
https://www.garlic.com/~lynn/submain.html#hasp

other cp67 heritage ... in the transition from MVT to os/vs2 (i.e. os/360 with virtual memory support) ... basically MVT was laid out in single virtual address space ... thus the reference to OS/VS2 SVS (single virtual storage) to distinguish from later OS/VS2 release MVS (multiple virtual storage).

One might claim that there was little difference between OS/VS2 SVS and MVT with VM handshaking laid out in 16mbyte virtual address space. The biggest difference was needing to have channel program translation built into MVT. The initial prototypes of OS/VS2 SVS was built with minimal virtual address space support and a copy of CP67 CCWTRANS (and a couple other CP67 routines associated with channel program translation) hacked into the side.

there was other technology from the science center
https://www.garlic.com/~lynn/subtopic.html#545tech

used in lots of transition to operating in virtual memory environment for 370. the science center had a number of efforts going on in the area of system and performance monitoring, modeling, and simulation (some of it being the runup to capacity planning). one of the projects involved tracing instruction and data storage references and then doing semi-automated program reorganization to optimize for operation in virtual memory environment. This was used for several yrs internally before being turned into product and released to customers as "VS/REPACK" (two months before my vm370 resource manager was first released).

An early version of the technology was used to help in the morph of apl\360 to cms\apl (originally on cp67/cms) ... which required completely redoing the apl storage allocation and garbage collection implementation for operation in virtual memory environment.

vs/repack was also used by a number of product groups ... not only for helping with transition from real storage to virtual memory environment ... but also for things like application "hot spot" identification (i.e. where program is spending a lot of its time). For instance it was used in STL by the IMS development group for extensive studies of IMS operation and performance.

misc. recent posts mentioning VS/REPACK
https://www.garlic.com/~lynn/2007g.html#31 Wylbur and Paging
https://www.garlic.com/~lynn/2007m.html#55 Capacity and Relational Database
https://www.garlic.com/~lynn/2007o.html#53 Virtual Storage implementation
https://www.garlic.com/~lynn/2007o.html#57 ACP/TPF

another tool was an system performance analytical model implemented in APL which was eventually made available as sales and marketing support tool on (internal cms-based timesharing service) HONE
https://www.garlic.com/~lynn/subtopic.html#hone

as the performance predictor. branch people could input customer configuration and workload details and ask "what-if" questions about what would happen if there were configuration and/or workload changes.

ongoing rush to the new, 40+ yr old virtual machine technology

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ongoing rush to the new, 40+ yr old virtual machine technology
Newsgroups: alt.folklore.computers
Date: Fri, 16 Nov 2007 10:26:49 -0500

re:
https://www.garlic.com/~lynn/2007s.html#40 ongoing rush to the new, 40+ yr old virtual machine technology

IBM Ships 10,000th Storage Virtualization Engine
http://www.marketwire.com/mw/release.do?id=793928

from above:
"IBM has been delivering virtualization capabilities for more than 40 years and today we unveil a milestone in the area of data storage virtualization with the shipment of 10,000 storage virtualization engines -- a fact no other storage company in the world can claim," said Kelly Beavers, Director, Storage Software, IBM. "By working across multiple platforms, IBM's storage virtualization helps to lower energy costs and unlocks the proprietary hold that other storage vendors have had on customers for years -- which IBM believes makes storage virtualization the killer application in the storage industry over the next decade."

... snip ...

in 1967, the science center:
https://www.garlic.com/~lynn/subtopic.html#545tech

had moved cp40 to 360/67 for cp67 and also had it installed out at lincoln labs. it wasn't installed at univ. where i was undergraduate (3rd installation) until last week in jan68 ... and it wasn't "officially" announced until spring share in houston, 1st week mar68. minor reference mentioning 35th anniv of cp67 announce
https://www.garlic.com/~lynn/2003d.html#72 cp/67 35th anniversary

other recent posts
https://www.garlic.com/~lynn/2007s.html#33 Age of IBM VM
https://www.garlic.com/~lynn/2007s.html#41 Age of IBM VM

Intel Ships Power-Efficient Penryn CPUs

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Intel Ships Power-Efficient Penryn CPUs
Newsgroups: alt.folklore.computers
Date: Fri, 16 Nov 2007 16:47:12 -0500

Brian Inglis <Brian.Inglis@SystematicSW.Invalid> writes:
They were used for timesharing bureaux, so accessible from terminals at work and later home, and later PCs running terminal emulators. They were also available to run directly on PCs using add-in 370 coprocessor cards.

re:
https://www.garlic.com/~lynn/2007s.html#19 Intel Ships Power-Efficient Penryn CPUs
https://www.garlic.com/~lynn/2007s.html#29 Intel Ships Power-Efficient Penryn CPUs
https://www.garlic.com/~lynn/2007s.html#30 Intel Ships Power-Efficient Penryn CPUs

i didn't get a 2471 terminal at home for remote dialin until mar70 (less than 40yrs ago) ... misc. past posts with reference:
https://www.garlic.com/~lynn/2004q.html#57 high speed network, cross-over from sci.crypt
https://www.garlic.com/~lynn/2006c.html#25 Change in computers as a hobbiest
https://www.garlic.com/~lynn/2006n.html#24 sorting was: The System/360 Model 20 Wasn't As Bad As All That
https://www.garlic.com/~lynn/2006s.html#54 Why these original FORTRAN quirks?
https://www.garlic.com/~lynn/2007e.html#13 time spent/day on a computer
https://www.garlic.com/~lynn/2007g.html#66 Memory Mapped Vs I/O Mapped Vs others
https://www.garlic.com/~lynn/2007m.html#68 Operating systems are old and busted
https://www.garlic.com/~lynn/2007p.html#14 Newsweek article--baby boomers and computers

misc. posts mentioning cp67 and vm370 based commerical timesharing services
https://www.garlic.com/~lynn/submain.html#timeshare

misc. past posts mentioning "washington" (code-name for xt/370, 370 card in pc/xt running customized vm370 and cms)
https://www.garlic.com/~lynn/2001i.html#20 Very CISC Instuctions (Was: why the machine word size ...)
https://www.garlic.com/~lynn/2002d.html#4 IBM Mainframe at home
https://www.garlic.com/~lynn/2002l.html#27 End of Moore's law and how it can influence job market
https://www.garlic.com/~lynn/2003f.html#56 ECPS:VM DISPx instructions
https://www.garlic.com/~lynn/2003h.html#40 IBM system 370
https://www.garlic.com/~lynn/2004m.html#7 Whatever happened to IBM's VM PC software?
https://www.garlic.com/~lynn/2005f.html#6 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2006j.html#36 The Pankian Metaphor
https://www.garlic.com/~lynn/2006m.html#56 DCSS
https://www.garlic.com/~lynn/2006n.html#14 RCA Spectra 70/25: Another Mystery Computer?
https://www.garlic.com/~lynn/2007d.html#7 Has anyone ever used self-modifying microcode? Would it even be useful?
https://www.garlic.com/~lynn/2007d.html#25 modern paging
https://www.garlic.com/~lynn/2007e.html#5 Is computer history taugh now?
https://www.garlic.com/~lynn/2007j.html#41 z/VM usability
https://www.garlic.com/~lynn/2007l.html#61 John W. Backus, 82, Fortran developer, dies

"Server" processors for numbercrunching?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: "Server" processors for numbercrunching?
Newsgroups: comp.arch
Date: Sat, 17 Nov 2007 10:32:44 -0500

nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
I don't know when IBM 'discovered' FLOPS, but my recollection is that it really only gained currency with the Whetstone benchmark, and it most definitely was FLOPS or KiloFLOPS then (case ignored). My recollection is that IBM remained wedded to MIPS for at least a decade after that.

whetstone history/benchmark page
http://freespace.virgin.net/roy.longbottom/whetstone.htm

there was 195 ... other than that, I didn't notice a lot until mid-70s ... HSM for 168-3 and some work done for 148.

the only reason that I noticed the 148 ... was I got involved in doing ECPS microcode assist for 138/148 and then got dragged into selling the machine internally around the world .. for a little topic drift recent post
https://www.garlic.com/~lynn/2007s.html#36 Oracle Introduces Oracle VM As It Leaps Into Virtualization

... other parts of the world, the low-end and mid-range much more dominated the market. the machine had to be "sold" to the business and market forecast people in the different non-us business operations ... since they were the people that would establish the number of machines that would be ordered from manufacturing ... which, in turn, would be the machines that would be available for the different country salesmen to sell to customers. so there were these one-week sessions at various countries (or country collection) meetings around the world explaining why customers would order/replace/upgrade 138/148 (vis-a-vis 135/145, clone competitors, etc). One of the items that I remember "selling" was that 148 increased floating point significantly over 145 (much more than the 145->148 MIP rate increase, apparently something that was important in some of the world trade market segments).

"Server" processors for numbercrunching?

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: "Server" processors for numbercrunching?
Newsgroups: comp.arch,alt.folklore.computers
Date: Sat, 17 Nov 2007 14:37:11 -0500

nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
Yes. I was peripherally involved with Whetstone benchmarking from 1972 onwards, and was an IBM user (i.e. support staff) from the same year (on a 370/165). I don't remembger IBM making much of Flops until much later.

re:
https://www.garlic.com/~lynn/2007s.html#44 "Server" processors for numbercrunching?

some of this may have been the difference between some of the machine engineers and the specific people in sales&marketing in (specific?) branch offices. the 148 engineers felt that they had greatly improved things significantly via-a-vis 145 ... and it was one of the things touted to business planning and forecasting people in emea (europe, middle east, africa) and afe (asia and far east).

i've commented before about something analogous with respect to commercial batch processing and timesharing ... that the commercial batch processing market so dominated sales that hardly anybody associates the company with timesharing ... some past comments about cp67 & vm370 commercial timesharing offerings
https://www.garlic.com/~lynn/submain.html#timeshare

it wasn't that there wasn't significant timesharing ... but that the commercial batch processing market was so enormously larger that hardly anybody thinks about the timesharing aspect.

one of my sample comparisons was that the number of customer commercial batch processing installations was enormously larger than the number of customer timesharing installations, the number of customer timesharing installations was significantly larger than the number of internal timesharing installations ... and the total number of internal timesharing installations was larger than the maximum number of internal timesharing installations that i supported.

one of my hobbies was building, distributing (and supporting) highly customized kernels ... like for HONE and other internal installations
https://www.garlic.com/~lynn/subtopic.html#hone

at one point, the total number of installations that I was providing systems for was approx. the same as the total number of multics installations that ever existed. this was semi-rivalry since the science center (responsible for virtual machines, internal networking technology, some amount of interactive computing, inventing markup languages, etc) was on 4th flr, 545 tech sq
https://www.garlic.com/~lynn/subtopic.html#545tech

and multics was on the 5th flr.

"Server" processors for numbercrunching?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: "Server" processors for numbercrunching?
Newsgroups: comp.arch,alt.folklore.computers
Date: Sat, 17 Nov 2007 15:01:03 -0500

so the other side of the coin would have been RIOS and RS/6000.

801/risc went thru an early phase circa 1980 where it was going to replace a wide variety of internal, custom microprocessor chips (for instance the microprocessor for the 4341 follow-on was at one time going to be 801/risc). several of those projects from the period floundered.

another project was 801/risc ROMP ... which was a chip for the office products division for the displaywriter follow-on. when that was canceled, the group searched around for something else to use the product for and somewhat fell into deciding on using it for (unix) workstation market. it required some amount of tweaking the machine and hiring the company that had done the at&t unix port for pc/ix ... to do something similar ... and it was announced as pc/rt and aix.

however, the unix workstation product somewhat fell into national labs and technical, numerical intensive market segment ... where FLOPS were significantly more important ... and for which PC/RT didn't do a very good job. having found a niche market ... they then tried to do significantly better for FLOPS with RIOS chipset (the romp follow-on) that was eventually announced as power and rs/6000. misc. 801, risc, romp, rios, iliad, fort knox, power, etc posts
https://www.garlic.com/~lynn/subtopic.html#801
misc. old 801/risc email
https://www.garlic.com/~lynn/lhwemail.html#801

here was a product that was almost exclusively targeting the numerical intensive market place ... and wasn't even suppose to stray (very far) into commerical. one could even say that when we started doing scale-up work ... some old medusa project email
https://www.garlic.com/~lynn/lhwemail.html#medusa

for both numerical intensive as well as commercial market place ... we got slapped down for the commercial scale-up part of the effort ... i.e. a couple posts with some topic drift (and things like scalable distributed lock manager)
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15

where the technology was moved over so that it would exclusive concentrate on only the numerical intensive market segment (and we were informed we couldn't work on anything involving more than four processors)
https://www.garlic.com/~lynn/subtopic.html#hacmp

In The US, Email Is Only For Old People

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: In The US, Email Is Only For Old People
Newsgroups: alt.folklore.computers
Date: Sun, 18 Nov 2007 00:46:11 -0500

In The US, Email Is Only For Old People
http://slashdot.org/articles/07/11/17/2125206.shtml

from above:
I can still remember the proud moment in 1996 when I sent my first e-mail from the college computer lab. It felt like sending a postcard from the future

... snip ...

other refs:

The death of e-mail.
http://slate.com/id/2177969/
In Korea, Email Is Only For Old People
http://slashdot.org/articles/04/11/30/0034259.shtml?tid=215
New Forms of Online Communication Spell End of Email Era in Korea
http://english.chosun.com/w21data/html/news/200411/200411280034.html

i can remember the difficulty when i was in paris in the early 70s, doing a HONE clone install ... as part of emea hdqtrs moving from the US to la defense (just outside paris) ... and trying to figure out how to read my email back in the states. misc. posts mentioning hone
https://www.garlic.com/~lynn/subtopic.html#hone

the corporate history web page mentions that EMEA hdqtrs moved to La Defense in 1983.

what i remember is doing a HONE clone install at La Defense in the early 70s as part of emea moving from US to La Defense. There were three bldgs, possibly only one finished so that it was being moved into ... and ground surrounding the three bldgs were still bare dirt, landscaping hadn't been done.

old email predating 1983 (but I'm not sure which bldg. I did the install).
To: wheeler From: somebody at ehqvm1

....

Tour Franklin, 2nd Floor 92081 Paris-La Defense FRANCE

... snip ...

this webpage
https://en.wikipedia.org/wiki/La_Defense

mentions only two finished in 1972, Tour Franklin and Tour Neptune. and two finished 1973, Tour Opus12, Tour Winterthur.

ongoing rush to the new, 40+ yr old virtual machine technology

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ongoing rush to the new, 40+ yr old virtual machine technology
Newsgroups: alt.folklore.computers
Date: Sun, 18 Nov 2007 10:20:12 -0500

re:
https://www.garlic.com/~lynn/2007s.html#40 ongoing rush to the new, 40+ yr old virtual machine technology
https://www.garlic.com/~lynn/2007s.html#42 ongoing rush to the new, 40+ yr old virtual machine technology

misc. additional references:

In Virtualization Race, Microsoft Unbundles In Bid To Catch Up
http://www.informationweek.com/news/showArticle.jhtml?articleID=204204152
Microsoft's Virtualization becomes Hyper-V
http://weblog.infoworld.com/virtualization/archives/2007/11/microsofts_virt_3.html
What's all the Hubbub about Virtualization and Databases Anyway?
http://weblog.infoworld.com/virtualization/archives/2007/11/whats_all_the_h.html
Ten Reasons Why Oracle Databases Run Best on VMware
http://blogs.vmware.com/performance/2007/11/ten-reasons-why.html

Hi all Need help in TCP/IP stack Rfcs

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Hi all Need help in TCP/IP stack Rfcs
Newsgroups: comp.protocols.tcp-ip
Date: Sun, 18 Nov 2007 16:25:33 -0500

"linuxsrbabu@gmail.com" <linuxsrbabu@gmail.com> writes:
Can i get any chart or table which gives a brief overview of Tcp/ip protocols RfcNos, that is main Rfc of the Respective protocol and its update. can any one can me give url or any site where can i get it. Please help me in this regard.

well, my rfc index does some stuff
https://www.garlic.com/~lynn/rfcietff.htm

has RFCs listed by section, for Author, Date, Protocol, etc

The "protocols" index, gives specific RFC(s) listed for specific protocol names
https://www.garlic.com/~lynn/rfcprot.htm

clicking on RFC number, brings up that RFC's summary, which contains the RFCs that it updates, obsoletes, and/or references, as well as the RFCs that may update, obsolete, and/or reference it.

for instance TCP related:


TCP - (Stan) - Transmission Control Protocol
793 (STD-7) - Transmission Control Protocol
TCP-ACK - (Prop) - TCP Selective Acknowledgement Options
2018 - TCP Selective Acknowledgement Options
TCP-ACO - (Expe) - TCP alternate checksum options
1146 - TCP Alternate Checksum Options
TCP-CC - (Prop) - TCP Congestion Control
2581 - TCP Congestion Control
TCP-EXT - (Prop) - TCP Extensions for High Performance
1323 - TCP Extensions for High Performance
TCP-POS - (Expe) - An Extension to TCP : Partial Order Service
1693 - An Extension to TCP : Partial Order Service
TCP/IPXMIB - (Expe) - TCP/IPX Connection Mib Specification
1792 - TCP/IPX Connection Mib Specification

and summary for 793:
793 S
Transmission Control Protocol, Postel J., 1981/09/01 (85pp) (.txt=172710) (STD-7) (Updated by 3168) (Obsoletes 761) (Ref'ed By 788, 821, 879, 882, 883, 915, 916, 959, 964, 977, 983, 1001, 1006, 1034, 1035, 1050, 1057, 1063, 1072, 1085, 1086, 1095, 1105, 1106, 1122, 1163, 1177, 1185, 1189, 1190, 1201, 1206, 1241, 1244, 1254, 1267, 1270, 1301, 1323, 1325, 1349, 1379, 1475, 1538, 1561, 1594, 1626, 1644, 1654, 1693, 1700, 1705, 1707, 1726, 1770, 1771, 1812, 1831, 1858, 1859, 1936, 1948, 1953, 1982, 2012, 2018, 2074, 2126, 2140, 2219, 2246, 2326, 2391, 2428, 2481, 2488, 2507, 2525, 2577, 2581, 2637, 2663, 2675, 2747, 2760, 2775, 2780, 2795, 2821, 2828, 2873, 2885, 2896, 2914, 2960, 2975, 2988, 2993, 3015, 3018, 3022, 3033, 3042, 3080, 3081, 3093, 3094, 3117, 3124, 3135, 3142, 3148, 3155, 3168, 3196, 3237, 3242, 3252, 3322, 3360, 3366, 3430, 3436, 3449, 3481, 3511, 3517, 3522, 3525, 3530, 3539, 3588, 3639, 3708, 3715, 3720, 3723, 3724, 3730, 3734, 3748, 3783, 3819, 3821, 3828, 3836, 3920, 3955, 4138, 4145, 4163, 4180, 4294, 4297, 4340, 4341, 4347, 4362, 4413, 4497, 4712, 4728, 4786, 4821, 4930, 4934, 4953, 4961, 4987, 4995, 4996, 5040, 5041) (TCP)

and summary for 3168:
3168 PS
The Addition of Explicit Congestion Notification (ECN) to IP, Black D., Floyd S., Ramakrishnan K., 2001/09/14 (63pp) (.txt=170966) (Obsoletes 2481) (Updates 793, 2401, 2474) (Refs 791, 793, 1122, 1141, 1349, 1455, 1701, 1702, 2003, 2309, 2401, 2402, 2406, 2407, 2408, 2409, 2474, 2475, 2481, 2581, 2637, 2661, 2702, 2780, 2884, 2983) (Ref'ed By 3260, 3270, 3332, 3360, 3390, 3426, 3448, 3449, 3481, 3522, 3540, 3714, 3819, 4015, 4101, 4160, 4161, 4163, 4213, 4218, 4301, 4302, 4306, 4323, 4336, 4340, 4341, 4342, 4413, 4495, 4594, 4614, 4654, 4689, 4727, 4774, 4782, 4828, 4898, 4960, 4996)

clicking on the ".txt=nnnn" field retrieves the actual RFC.

Running REXX program in a batch job

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Running REXX program in a batch job
Newsgroups: alt.folklore.computers
To: <ibm-main@bama.ua.edu>
Date: Sun, 18 Nov 2007 19:51:36 -0500

gilmap@UNIX.STORTEK.COM (Paul Gilmartin) writes:
I believe Cowlishaw's book reports that Rexx was developed in the VM and MVS environments concurrently. It flourished in the former and withered in the latter, less likely because CLIST fulfilled the need better than EXEC2 than because less enthusiasm for innovation exists in the MVS environment (case in point: TCP/IP). Rexx didn't resurface under MVS until TSO/E.

well, not quite:

posting of old reference/quote
https://www.garlic.com/~lynn/2005j.html#41 TSO replacement

from Melinda's vm history paper
https://www.leeandmelindavarian.com/Melinda/25paper.pdf

one of the quotes:
Mike Cowlishaw had made the decision to write a new CMS executor on March 20, 1979. two months later, he began circulating the first implementation of the new language, which was then called "REX". Once Mike made REX available over VNET, users spontaneously formed the REX Language Committee, which Mike consulted before making further enhancements to the language. He was deluged with feedback from REX users, to the extent of about 350 mail files a day. By consulting with the Committee to decide which of the suggestions should be implemented, he rather quickly created a monumentally successful piece of software.

... snip ...

similar comments are mentioned in rexx wiki page
https://en.wikipedia.org/wiki/REXX

and another old quote from this post
https://www.garlic.com/~lynn/2006p.html#31 25th Anniversary of the Personal Computer

from one of the references in the above:
By far the most important influence on the development of Rexx was the availability of the IBM electronic network, called VNET. In 1979, more than three hundred of IBM's mainframe computers, mostly running the Virtual Machine/370 (VM) operating system, were linked by VNET. This store-and-forward network allowed very rapid exchange of messages (chat) and e-mail, and reliable distribution of software. It made it possible to design, develop, and distribute Rexx and its first implementation from one country (the UK) even though most of its users were five to eight time zones distant, in the USA.

... snip ...

and for other topic drift, this was part of the thread related to the internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet

having been larger than the arpanet/internet from just about the beginning until sometime mid-85. part of the internal network issues was that while there were mvs/jes2 nodes, nearly all the nodes were vm ... and the jes2 nodes had to be carefully regulated.

there were several issues around why jes2 nodes had to be carefully regulated on the internal network (some independent of the fact that the number of vm systems were significantly larger than the number of mvs systems)

1) jes2 networking started out being some HASP mods from TUCC that defined network nodes using the HASP psuedo device table ... limited to 255 entries ... 60-80 entries nominally taken up by psuedo spool devices ... leaving possibly only 170 entries for network node definitions

2) jes2 implementation would discard traffic if it didn't have either the origin or destination node in local defintion. the internal network had more nodes than jes2 could define for the majority of its lifetime ... so jes2 needed to be restricted to boundary nodes (at least not discarding traffic just passing thru).

3) jes2 implementation had a number of other deficiencies, including having confused header information as to network specific and local process handling. different versions or releases with minor variation in headers would bring down whole mvs system. even restricted to purely boundary nodes, there is infamous story of jes2 upgrade in san jose resulted in mvs system crashes in hursley. as a consequence there was special vm drivers created for talking to mvs jes2 systems ... which would convert jes2 headers to compatible format for the specific system on the other end of the line. this was somewhat the side-effect of the vm implementation having separated networking control information from other types of information ... effectively providing a kind of gateway implementation ... something not possible in the JES2 networking infrastructure (including not having a way from protecting itself from other JES2 systems, requiring intermediary vm systems to keep the JES2 systems from crashing each other).

misc. past posts mentioning hasp, jes2, and/or jes2 networking
https://www.garlic.com/~lynn/submain.html#hasp

at some point ... while VM could run native protocol drivers as well as (multiple different) JES2 drivers ... JES2 could only run a specific JES2 drivers ... it was decided to start shipping VM only with JES2 drivers (even tho the native VM protocol drivers were more efficient). this was seen in the bitnet deployment
https://www.garlic.com/~lynn/subnetwork.html#bitnet

the vm tcp/ip product was developed in vs/pascal ... originally adapted from pascal compiler developed in the los gatos lab for developing (mostly vm/cms based) vlsi tools.

there were some thruput issues with the vm implementation getting only about 44kbyte/sec thruput using nearly 3090 processor. i then did the rfc 1044 implementation and in some tuning tests at cray research between cray and 4341-clone, got 1mbyte/sec thruput (4341 channel media thruput) using only a modest amount of the 4341 processor.
https://www.garlic.com/~lynn/subnetwork.html#1044

the base vm implementation was "ported" to mvs by doing a vm diagnose implementation for mvs.

later there was a vtam-based tcp/ip implementation done by a subcontractor. the folklore is that the initial implementation had tcp thruput significantly faster than lu6.2. the subcontractor was then told that everybody knows that lu6.2 is faster than tcp/ip and the only way that tcp/ip would be faster is if it was an incorrect implementation ... and only a "correct" implementation was acceptable.

for some totally other drift ... early on, i wanted to show that rex(x) was not just another pretty exec. i undertook to do a replacement for the kernel dump analyser ... ipcs, which was mostly a large assembler program. i wanted to demonstrate that in half-time over three month period, i could re-implement ipcs in rex(x) with ten times the function as well as ten times faster than the assembler implementation.
https://www.garlic.com/~lynn/submain.html#dumprx

this was eventually in use at nearly all internal installations, although never released to customers.

other post/references to os/vs2 picking up cp67 technology for transition from mvt to virtal memory environment:
https://www.garlic.com/~lynn/2007p.html#69 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#70 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#74 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007q.html#8 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#64 CSA 'above the bar'
https://www.garlic.com/~lynn/2007r.html#65 CSA 'above the bar'
https://www.garlic.com/~lynn/2007s.html#2 Real storage usage - a quick question
https://www.garlic.com/~lynn/2007s.html#41 Age of IBM VM

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Mon, 19 Nov 2007 11:53:14 -0500

Steve O'Hara-Smith <steveo@eircom.net> writes:
The problems with letting the patient hold the data are the risks of loss and unskilled alteration. A decent logically centralised, physically distributed access controlled store would be my preferred solution.

problems not limited to loss ... but also phishing and things like fraudulent alteration (and/or counterfeits)

long ago we were helping out with small conference that was pitching chipcards and some number of other technologies. part of the attendees were from county with large medical social services. they were reasonably confident that they had a population of approx. 7mill eligible for medical social services ... but had over 20mill registered (i.e. each eligible person was registered an avg. of three times). they had to go to logical centralized to eliminate huge number of duplicates (quite a bit of the duplicates also involved various kinds of fraud, while the avg. was 3/person, they found some people having 30-40 or more different registrations).

effectively the web model is adaptable for such a operation ... for instance, lots of the larger web services offer significant physically replicated in large number of places ... and/or caching.

for other drift ... the chipcard scenario i've referenced numerous times as the "offline" model vis-a-vis the "online" model. various govs. and commercial entities have sunk billions into chipcard technology ... targeted at the offline chipcard model.

one of the favorite chipcard scenarios is lengthy medical record information can be loaded into personal chipcards for use by emergency personal and/or first responders. this scenario presumes (spending billions on the program) 1) emergency personal has time to access the card, 2) information on the chipcard is useful/applicable for emergency personal, 3) emergency personal have the facilities for chipcard operation/access and 4) implicit in all this is that the information is for "offline" environment by emergency personal having capability to access the chipcard information AND NOT having realtime, online access to qualifed medical personal.

the counter argument for the extremely expensive deployment for (offline) chipcard based personal emergency medical information ... is that the money would show significant better return-on-investment by improving the online capabilities (however, this results in enormous write-offs for investment in the distributed, offline paradigm).

similar scenario is applicable to the x.509 identity digital certificates (from the early 90s) and was facing the ever increasing amount of (general, not limited to medical) personal information that would be carried in such certificates ... and by the mid-90s, numerous institations realizing that this represented significant privacy and liability issues. there was quite a bit of x-over with the offline chipcard emergency medical scenario ... since the same/similar chipcards presumed to contain x.509 identity digital certificates.

misc. past posts mentioning the privacy/liability exposure specifically for the x.509 identity digital certificate scenario
https://www.garlic.com/~lynn/subpubkey.html#rpo

in some of the current identity card scenarios ... there are flavors of attempting to recoup some of the past billions in chipcard investments ... and resurgance of earlier efforts to have ever increasing amounts of personal information involved.

this also strays into confusing identification and authentication. for an online environment, a chipcard can be (difficult to counterfeit) simple something you have authentication ... from 3-factor authentication
https://www.garlic.com/~lynn/subintegrity.html#3factor

while "identification" basically starts down the path (again) of loading ever increasing amounts of personal information.

the other "old" scenario for such "offline" (large, expensive) chipcard infrastructure (besides large amounts of personal emergency medical information) was the "electronic" drivers license. The drivers license chipcard would contain large amounts of personal (and identity related) information (as opposed to much simpler "somthing you have" authentication). The target was offline environment ... where "appropriate" people could integrate the chipcard for all the necessary information.

The things that the chipcard industry somewhat missed was that law enforcement transition to online environment ... if they went to the trouble of stopping the person, officers would do an online interrogation ... which would have a superset of any information that might be contained on the card. The issue again, was what scenario could there possibly be where it was important enuf to take time-out to do an (offline) check of information on the card ... and not bother to do an online check for realtime information. The case then is made that rather than investing huge amounts of information in beefing up an offline paradigm ... there is much bigger return-on-investment in putting the money in beefing up the online paradigm (with its much higher quality real-time information).

recent posts mentioning identification and/or identity and (unnecessarily) confusing it with authentication (and offline vis-a-vis online paradigm tradeoffs)
https://www.garlic.com/~lynn/aadsm26.htm#0 Flaw in RFID-enabled passports (part 2?)
https://www.garlic.com/~lynn/aadsm26.htm#1 Extended Validation - setting the minimum liability, the CA trap, the market in browser governance
https://www.garlic.com/~lynn/aadsm26.htm#6 Citibank e-mail looks phishy
https://www.garlic.com/~lynn/aadsm26.htm#13 Who has a Core Competency in Security?
https://www.garlic.com/~lynn/aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
https://www.garlic.com/~lynn/aadsm26.htm#26 man in the middle, SSL
https://www.garlic.com/~lynn/aadsm26.htm#27 man in the middle, SSL ... addenda
https://www.garlic.com/~lynn/aadsm26.htm#29 News.com: IBM donates new privacy tool to open-source Higgins
https://www.garlic.com/~lynn/aadsm26.htm#32 Failure of PKI in messaging
https://www.garlic.com/~lynn/aadsm26.htm#35 Failure of PKI in messaging
https://www.garlic.com/~lynn/aadsm26.htm#36 New Credit Cards May Leak Personal Information
https://www.garlic.com/~lynn/aadsm26.htm#41 PKI: The terrorists' secret weapon (part II)
https://www.garlic.com/~lynn/aadsm26.htm#42 "Dilemmas of Privacy and Surveillance" report launched
https://www.garlic.com/~lynn/aadsm26.htm#43 Cost of an identity
https://www.garlic.com/~lynn/aadsm26.htm#45 Cost of an identity
https://www.garlic.com/~lynn/aadsm26.htm#48 Governance of anonymous financial services
https://www.garlic.com/~lynn/aadsm26.htm#51 The One True Identity -- cracks being examined, filled, and rotted out from the inside
https://www.garlic.com/~lynn/aadsm26.htm#52 The One True Identity -- cracks being examined, filled, and rotted out from the inside
https://www.garlic.com/~lynn/aadsm26.htm#53 The One True Identity -- cracks being examined, filled, and rotted out from the inside
https://www.garlic.com/~lynn/aadsm26.htm#55 The One True Identity -- cracks being examined, filled, and rotted out from the inside
https://www.garlic.com/~lynn/aadsm26.htm#61 crypto component services - is there a market?
https://www.garlic.com/~lynn/aadsm27.htm#9 Enterprise Right Management vs. Traditional Encryption Tools
https://www.garlic.com/~lynn/aadsm27.htm#14 307 digit number factored
https://www.garlic.com/~lynn/aadsm27.htm#15 307 digit number factored
https://www.garlic.com/~lynn/aadsm27.htm#22 A crazy thought?
https://www.garlic.com/~lynn/aadsm27.htm#23 Identity resurges as a debate topic
https://www.garlic.com/~lynn/aadsm27.htm#24 Why self describing data formats:
https://www.garlic.com/~lynn/aadsm27.htm#26 A crazy thought?
https://www.garlic.com/~lynn/aadsm27.htm#27 A crazy thought?
https://www.garlic.com/~lynn/aadsm27.htm#35 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#42 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
https://www.garlic.com/~lynn/aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater
https://www.garlic.com/~lynn/aadsm27.htm#53 Doom and Gloom spreads, security revisionism suggests "H6.5: Be an adept!"
https://www.garlic.com/~lynn/aadsm27.htm#55 Microsoft asserts itself as an uber-CA
https://www.garlic.com/~lynn/aadsm27.htm#59 Threatwatch - more data on cost of your identity
https://www.garlic.com/~lynn/2007.html#7 SSL info
https://www.garlic.com/~lynn/2007.html#15 SSL info
https://www.garlic.com/~lynn/2007.html#17 SSL info
https://www.garlic.com/~lynn/2007.html#34 SSL info
https://www.garlic.com/~lynn/2007.html#42 The logic of privacy
https://www.garlic.com/~lynn/2007b.html#12 Special characters in passwords was Re: RACF - Password rules
https://www.garlic.com/~lynn/2007b.html#27 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#61 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#11 Decoding the encryption puzzle
https://www.garlic.com/~lynn/2007c.html#22 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#25 Special characters in passwords was Re: RACF - Password rules
https://www.garlic.com/~lynn/2007c.html#32 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#37 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#10 The logic of privacy
https://www.garlic.com/~lynn/2007d.html#12 One Time Identification, a request for comments/testing
https://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#31 Is that secure : <form action="https" from a local HTML page ?
https://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#15 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007h.html#20 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#22 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#26 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#32 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#43 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007j.html#26 Even worse than UNIX
https://www.garlic.com/~lynn/2007j.html#64 Disc Drives
https://www.garlic.com/~lynn/2007j.html#76 Linux: The Completely Fair Scheduler
https://www.garlic.com/~lynn/2007k.html#32 SSL Security
https://www.garlic.com/~lynn/2007k.html#79 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#0 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#8 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#9 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#11 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#12 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007l.html#64 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#70 nouns and adjectives
https://www.garlic.com/~lynn/2007m.html#27 nouns and adjectives
https://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
https://www.garlic.com/~lynn/2007m.html#41 X.509 weakness?
https://www.garlic.com/~lynn/2007n.html#46 Windows Monitor or CUSP?
https://www.garlic.com/~lynn/2007n.html#52 Windows Monitor or CUSP?
https://www.garlic.com/~lynn/2007n.html#61 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007n.html#63 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007n.html#71 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007o.html#27 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007o.html#30 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007p.html#36 Writing 23FDs
https://www.garlic.com/~lynn/2007q.html#1 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#5 Windows Live vs Kerberos
https://www.garlic.com/~lynn/2007q.html#24 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#30 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#72 Value of SSL client certificates?
https://www.garlic.com/~lynn/2007r.html#26 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#29 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#54 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#61 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007s.html#3 OpenPGP becomes RFC4880. Consider Hypothesis #1: The One True Cipher Suite
https://www.garlic.com/~lynn/2007s.html#15 The new urgency to fix online privacy

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Mon, 19 Nov 2007 12:10:37 -0500

re:
https://www.garlic.com/~lynn/2007s.html#51 Translation of IBM Basic Assembler to ?C

for other topic drift

The Swarm Intelligence and Internet Servers
http://www.technologynewsdaily.com/node/8544

from above
A bee dance-inspired communications system developed by Georgia Tech helps Internet servers that would normally be devoted solely to one task move between tasks as needed, reducing the chances that a Web site could be overwhelmed with requests and lock out potential users and customers. Compared with the way server banks are commonly run, the honeybee method typically improves service by 4 percent to 25 percent in tests based on real Internet traffic. The research was published in the journal Bioinspiration and Biomimetics.

... snip ...

note that there is quite a bit of overlap between this and virtualization for server consolidation. the avg. load for most servers tend to be very low ... but with randomly occurring spikes. if you host several such servers on single machine or cluster of machines ... then randomly occurring usage spikes for any specific server can be averaged out across all the commonly hosted servers.

misc. past posts mentioning server consolidation:
https://www.garlic.com/~lynn/2007h.html#2 The Mainframe in 10 Years
https://www.garlic.com/~lynn/2007l.html#65 mainframe = superserver
https://www.garlic.com/~lynn/2007m.html#51 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#52 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#27 What if phone company had developed Internet?
https://www.garlic.com/~lynn/2007q.html#22 Enterprise: Accelerating the Progress of Linux

ongoing rush to the new, 40+ yr old virtual machine technology

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ongoing rush to the new, 40+ yr old virtual machine technology
Newsgroups: alt.folklore.computers
Date: Mon, 19 Nov 2007 12:26:47 -0500

re:
https://www.garlic.com/~lynn/2007s.html#0 Marines look for a few less servers, via virtualization
https://www.garlic.com/~lynn/2007s.html#40 ongoing rush to the new, 40+ yr old virtual machine technology
https://www.garlic.com/~lynn/2007s.html#42 ongoing rush to the new, 40+ yr old virtual machine technology
https://www.garlic.com/~lynn/2007s.html#48 ongoing rush to the new, 40+ yr old virtual machine technology

and possibly a little x-over with posting from this thread
https://www.garlic.com/~lynn/2007s.html#52 Translation of IBM Basic Assembler to C?

Marines Find Value in Virtualization
http://www.linuxinsider.com/story/60378.html

from above:
The USMC, which has about 12,000 x86-based servers, is adopting an enterprise-wide approach to virtualization via a deal with VMware. The project includes a plan to reduce the USMC's current total of about 300 data centers to 30 facilities plus 100 "mobile platforms." A major goal of the virtualization strategy is increasing system availability and operational continuity.

... snip ...

also from above:
For instance, when IT workers want to take a server offline for maintenance now, they have to do the work at night and issue a half-dozen or so warning notices starting 30 days in advance.

... snip ...

ongoing rush to the new, 40+ yr old virtual machine technology

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ongoing rush to the new, 40+ yr old virtual machine technology
Newsgroups: alt.folklore.computers
Date: Mon, 19 Nov 2007 13:02:03 -0500

Anne & Lynn Wheeler <lynn@garlic.com> writes:
also from above:

For instance, when IT workers want to take a server offline for maintenance now, they have to do the work at night and issue a half-dozen or so warning notices starting 30 days in advance.

... snip ...

re:
https://www.garlic.com/~lynn/2007s.html#53 ongoing rush to the new, 40+ yr old virtual machine technology

this was virtual machine common/frequent refrain from the 60s and 70s .... modulo some of my kernel work ... where i still needed to take down the whole machine for some new kernel work on the real machine ... especially performance related work.

i've made several past posts about cp67 kernel work being modified to simulate 370 (virtual memory) as opposed to simualting 360/67 ... and nearly all of that work went on in virtual machines. recent past posts mentioning simulating 370 with cp67 (on real 360/67s)
https://www.garlic.com/~lynn/2007b.html#20 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007f.html#11 Is computer history taught now?
https://www.garlic.com/~lynn/2007i.html#16 when was MMU virtualization first considered practical?
https://www.garlic.com/~lynn/2007p.html#74 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007q.html#23 GETMAIN/FREEMAIN and virtual storage backing up

however getting ready for releasing the resource manager ... i had to do significant amount of (performance-related) benchmarking as part of validating/calibrating the resource manager. final sequence involved 2000 (largely automated) benchmarks that took three months elapsed time to run
https://www.garlic.com/~lynn/submain.html#benchmark

other posts mentioning the resource manager ... it had a lot of dynamic adaptive features that i had done as undergraduate in the 60s ... frequently referred to as the "fairshare" scheduler since the default policy was fair share:
https://www.garlic.com/~lynn/subtopic.html#fairshare

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Mon, 19 Nov 2007 14:22:47 -0500

Steve O'Hara-Smith <steveo@eircom.net> writes:
Access control specification and the fine details of interaction protocols are all that remain. I'd be inclined to go with something like RSA keyfobs for identification of authorised users and but the policy requirements are not clear to me.

re:
https://www.garlic.com/~lynn/2007s.html#51 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#52 Translation of IBM Basic Assembler to C?

the RSA keyfobs are primarily the secure-id rolling time that rsa inc, when secureid bought rsa ... and changed their name to rsa, inc (since then EMC bought the resulting rsa, inc).

the upside with sercureid tokens is that they displayed a non-repeating shared-secret ... which then could be entered with a standard keyboard. the downside was that it is a chore to keep the changing values in sync ... especially if multiple jurisdictions and/or systems are involved (aka this is not a public key implementation).

we looked at quite a bit of this when we were involved in co-authoring x9.99 financial industry privacy standard. this including talking to glba guys ... but also some of the gov. agency people behind crafting hipaa (one guy who had done initial work on hipaa regulations back in the 70s and some of the provisions still haven't been invoked) ... aka financial comes under hipaa in areas like billing statements where specific procedures may be listed.

this showed up from another facet when we were brought in to help word-smith cal state (& federal) electronic signature law.
https://www.garlic.com/~lynn/subpubkey.html#signature

various participants were also heavily involved in "disclosure" (and information sharing) legislation ... especially regarding "opt-out" vis-a-vis "opt-in" provisions. part of the overlap between the two was use of electronic signatures for various kinds of electronic authorization documents.

as mentioned before there were surveys regarding overall "privacy" and the top two issues were 1) identity theft (resulting in various kinds of personal financial fraud) and 2) denial of service (gov. agencies and/or commercial entities basing decisions on information that they shouldn't have access to).

one set of policies involve signatures (potentially electronic signatures) by the individual, explicitly authorizing access. the other set of policies are more along the lines of traditional security access control where some institution has deamed that it has access ... and it is trying to control which institution members/employees can actually get access (actually trying to prevent non-authorized access as a whole category). the keyfob thing is mostly limited to specific institution trying to do traditional security access control ... but runs into difficulty when it attempts to go cross-domain .... for much the same reason that all shared-secret oriented operations have difficulty with cross-domain deployments.

we actually looked at common (authentication/authorization) infrastructure that could satisfy all the possible policies and requirements (traditional security access control ... including x-domain extended across multiple institutions ... as well as individual explicitly authorizing access).

one of the big policy/paradigm problems was shifting traditional security thinking (in the x9.99 privacy standard work) where CSOs were doing traditional protecting the institution assets (from outside access) to protecting the individual's assets (in some cases from the institution). Myopic concentration on the similarities with traditional institutional security failed to adequately take into account the full implications of all the personal privacy issues.

... this was analogous to the work on x9.59 financial transaction standard where the requirement was to preserve the integrity of the financial infrastructure for ALL retail payments.

misc. recent posts x9.99, privacy, etc
https://www.garlic.com/~lynn/2007b.html#61 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#44 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#72 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#15 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007g.html#40 Electronic signature outside Europe
https://www.garlic.com/~lynn/2007h.html#27 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007i.html#74 public key password authentication
https://www.garlic.com/~lynn/2007l.html#2 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#3 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#9 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007o.html#13 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007r.html#26 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#29 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#61 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007s.html#16 The new urgency to fix online privacy

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Mon, 19 Nov 2007 16:00:15 -0500

Frank McCoy <mccoyf@millcomm.com> writes:
Not to mention that Insurance-Companies can then misuse those same records to deny coverage that they should otherwise do.

aka one of the previously referred to "denial of service" scenario.

this was one of the issues raised in the previously mentioned work on electronic signature legislation
https://www.garlic.com/~lynn/subpubkey.html#signature

... where the intersection was possible use of electronic signatures for opt-in/authorization scenarios for access to information (w/o it institutions weren't allowed to access personal information ... potentially already in their possession)

re:
https://www.garlic.com/~lynn/2007s.html#51 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#52 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#55 Translation of IBM Basic Assembler to C?

one of the big paradigm disruption/discontinuities was trying to help (institution) CSOs and security officers getting their heads around the concept that they weren't just trying to prevent unauthorized/external access to institutional assets ... but having to also prevent institutional access to personal information (and/or only allow institutional access to personal information when specific access has been authorized by the individual).

Intel Ships Power-Efficient Penryn CPUs

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Intel Ships Power-Efficient Penryn CPUs
Newsgroups: alt.folklore.computers
Date: Mon, 19 Nov 2007 19:19:40 -0500

Anne & Lynn Wheeler <lynn@garlic.com> writes:
i didn't get a 2471 terminal at home for remote dialin until mar70 (less than 40yrs ago) ... misc. past posts with reference:
https://www.garlic.com/~lynn/2004q.html#57 high speed network, cross-over from sci.crypt
https://www.garlic.com/~lynn/2006c.html#25 Change in computers as a hobbiest
https://www.garlic.com/~lynn/2006n.html#24 sorting was: The System/360 Model 20 Wasn't As Bad As All That
https://www.garlic.com/~lynn/2006s.html#54 Why these original FORTRAN quirks?
https://www.garlic.com/~lynn/2007e.html#13 time spent/day on a computer
https://www.garlic.com/~lynn/2007g.html#66 Memory Mapped Vs I/O Mapped Vs others
https://www.garlic.com/~lynn/2007m.html#68 Operating systems are old and busted
https://www.garlic.com/~lynn/2007p.html#14 Newsweek article--baby boomers and computers

re:
https://www.garlic.com/~lynn/2007s.html#43 Intel Ships Power-Efficient Penryn CPUs

and for even more topic drift ...

Telecommuting Has Mostly Positive Consequences For Employees And Employers
http://www.sciencedaily.com/releases/2007/11/071119182930.htm
Telecommuting has mostly positive consequences for employees and employers
http://www.eurekalert.org/pub_releases/2007-11/apa-thm111507.php

from above:
Telecommuting is a win-win for employees and employers, resulting in higher morale and job satisfaction and lower employee stress and turnover. These were among the conclusions of psychologists who examined 20 years of research on flexible work arrangements.

... snip ...

and for other drift ... misc. past posts mentioning computer-mediated communication
https://www.garlic.com/~lynn/subnetwork.html#cmc

Translation of IBM Basic Assembler to C?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Tue, 20 Nov 2007 08:25:02 -0500

Steve O'Hara-Smith <steveo@eircom.net> writes:
Indeed they are, OTOH records in the form of a folder full of loose bits of paper are really scary as are partial records spread around several incompatible systems with no data transfer mechanism or policy.

If a central store is created it should not be a government thing (for one thing it should be international). I would go for something set up by a group of medical authorities.

the offline advocates
https://www.garlic.com/~lynn/2007s.html#51 Translation of IBM Basic Assembler to C?

complained that (online) "central" operation ... for something like financial transactions ... met that it was obviously a single location for the whole world. however, the "central" financial transaction model is lots of "centralized" locations ... much more like the web "central" location ... but dating back to the 60s (ubiquitous networking).

even the "web model" (even if financial use of the model dates back to the 60s) single location for any specific data ... can have multiple replicated sites for availability. for some drift ... we had coined the term disaster survivability and geographic survivability) (to differentiate from disaster recovery)
https://www.garlic.com/~lynn/submain.html#available

back when we were doing marketing for our ha/cmp product
https://www.garlic.com/~lynn/subtopic.html#hacmp

other posts in this thread:
https://www.garlic.com/~lynn/2007s.html#52 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#55 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#56 Translation of IBM Basic Assembler to C?

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Tue, 20 Nov 2007 08:50:42 -0500

Steve O'Hara-Smith <steveo@eircom.net> writes:
Doesn't keeping them in sync just depend on decent timekeeping ? Keeping good time on the authentication servers is easy (ntp), eventually the keyfob will drift too far out (but by then the battery you can't get at to change is probably dead anyway so you need a new keyfob).

re:
https://www.garlic.com/~lynn/2007s.html#55 Translation of IBM Basic Assembler to C?

there is a secret involved that is permuted in non-obvious way by time. the issue in handling multiple domains (aka multiple different servers across multiple different domains or authorities) it means keeping all the servers and keybobs in sync ... as well as the secrets across all the servers in all the domains. it doesn't scale well.

this is somewhat implied in the discussion of large number of different "centralized" locations.
https://www.garlic.com/~lynn/2007s.html#58 Translation of IBM Basic Assembler to C?

other posts in this thread:
https://www.garlic.com/~lynn/2007s.html#52 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#56 Translation of IBM Basic Assembler to C?

the other aspect is what we characterize as the "institutional-centric" model vis-a-vis person-centric model. we've claimed that if the use of "institutional-centric" tokens (or other kinds of secure something you have authentication devices) as substitution for passwords ... becomes widespread ... then you have one physical token in place of every password ... and becomes as equally unwieldy (as passwords) to manage.

In general, basic security principle is unique shared-secret is required for every unique security domain. misc. refs
https://www.garlic.com/~lynn/subintegrity.html#secrets

and something you have authentication from 3-factor authentication model
https://www.garlic.com/~lynn/subintegrity.html#3factor

• something you have
• something you know
• something you are

The other analogy is the anti-privacy/DRM efforts in the 80s with applications loaded on harddisks ... and a "special" application floppy disk (unique for every application) that had to be loaded into the floppy drive (in order for the application to run). Again, an institutional-centric solution that becomes unwiedly for more than a few special cases.

In the 90s, we did some work on the AADS chip strawman
https://www.garlic.com/~lynn/x959.html#aads

for used as something you have authentication hardware token. Somewhat facetiously I would say that I was taking a $500 milspec token and aggresively cost reducing by 2-3 orders of magnitude while improving the security.

the other aspect, was there was a lot of work done looking at the whole end-to-end process and what would be needed to enable the whole paradigm to be a person-centric operation (and acceptable to all the existing institutions). The claim was that the overall infrastructure savings might be 4-5 orders of magnitude (say 100,000 times) ... aka 2-3 orders of magnitude cost in a single token and couple order magnitude reduction in total number of tokens (under assumption that hardware authentication tokens ever caught on).

Translation of IBM Basic Assembler to C?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Tue, 20 Nov 2007 09:49:21 -0500

Howard S Shubs <howard@shubs.net> writes:
Multiple implants, preferably including the skull, one in each limb, the torso, the genitalia, the ears... So you can copy someone's identity by cutting off an ear or a limb, yes. The one in the skull might be difficult to steal, but it's also difficult to implant. The one in the

re:
https://www.garlic.com/~lynn/2007s.html#51 Translation of IBM Basic Assembler to C?

the issue in the original scenario was the probability (and associated return on investment) was that the chip would be useful.

the scenario justifying the chip

1) accident/emergency

2) emergency medical personal and/or first responder on the scene

3) emgergency personal don't have online access to medical personal (watching TV, they seem to be very limited in what they are allowed to do, much of it requires electronic communication and supervision by remote doctor)

4) emgergency personal do have time, resources, and capability to access information in a persons chip and are capable of effectively utilizing the available information (when they otherwise aren't in electronic communication with real doctor ... which also limits what they are allowed to do)

the claim is that meeting all the conditions, in order to justify the chip, is so close to zero ... that the money is much better spent improving other aspects of the emergency response infrastructure.

the scenario with a chip being destroyed and/or otherwise unavailable ... and still meeting all the other criteria (justifying multiple chips) further pushes the hypothetical scenarios into the fantasy category

a simple counter argument would be that in any dire emergency with injuries that would likely destroy a single chip ... would result in emergency personal being so preoccupied that taking time out to find/access detailed medical records in such any other chip ... might be considered a lot of electronic noise.

for some topic drift ... while boyd was responsible for f16 and lots of the characteristics of f15 and f18 ... he commented that the early f16 headsup displays were counter productive ... that they provided a lot of scrolling numbers that hindered (rather than helped) a pilots ability to operate in a critical encounter (aka distracting noise)

misc. past post mentioning boyd
https://www.garlic.com/~lynn/subboyd.html#boyd
misc. URLs from around the web mentioning boyd:
https://www.garlic.com/~lynn/subboyd.html#boyd2

other posts in the thread:
https://www.garlic.com/~lynn/2007s.html#52 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#55 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#56 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#57 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#59 Translation of IBM Basic Assembler to C?

Translation of IBM Basic Assembler to C?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Wed, 21 Nov 2007 08:13:10 -0500

Steve O'Hara-Smith <steveo@eircom.net> writes:
If a central store is created it should not be a government thing (for one thing it should be international). I would go for something set up by a group of medical authorities.

single large government store

Police Complaints joins inquest into Darling data giveaway (data breach)
http://www.theregister.co.uk/2007/11/21/ipcc_investigates_hmrc_data_loss/
UK Government in Uproar Following Data Loss (data breach)
http://www.darkreading.com/document.asp?doc_id=139647
Darling admits Revenue loss of 25m personal records (data breach)
http://www.theregister.co.uk/2007/11/20/hmrc_loses_lots_data/
Chancellor Faces Up to UK's Worst Data Breach
http://www2.csoonline.com/blog_view.html?CID=33312 Revenue head quits after massive data breach
http://www.itpro.co.uk/internet/news/140448/revenue-head-quits-after-massive-data-breach.html
Darling's Data giveaway - what the readers say (data breach)
http://www.theregister.co.uk/2007/11/21/reader_comments_on_hmrc/
Moneybox | Thousands at risk after data loss (data breach)
http://news.bbc.co.uk/1/hi/programmes/moneybox/7076106.stm
Will Darling's data giveaway kill off ID cards? (data breach)
http://www.theregister.co.uk/2007/11/21/response_data_breach/
How HMRC gave away the UK's national identity (data breach)
http://www.theregister.co.uk/2007/11/20/hmrc_huge_data_loss/

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Wed, 21 Nov 2007 15:38:21 -0500

Steve O'Hara-Smith <steveo@eircom.net> writes:
In short I don't see insurmountable problems with using them for authentication and they are easily combined with something you know for two factor authentication simply by using the keyfob to control access to a password login.

re:
https://www.garlic.com/~lynn/2007s.html#55 Translation of IBM Basic Assembler to C?

I think the GRID guys claimed that they were running into problems with the same individual using the same keyfob across 6-12 different independent institutions. for instance can you show up with your own keyfob at each institution and have it registered? if you register it at one institution (say local ISP that may have staff from local highschool students) would it possibly compromise using the same keyfob registration at your employer or online banking?

that was one of the reasons (including significant infrastructure scale-up) that grid guys invited me to give a talk
http://www.ggf.org/ggf_events_past_11.htm
on "naked"
http://forge.ggf.org/sf/go/doc12899;jsessionid=E86ACAF7A29F2E1FC2575AD0CD04E39E?nav=1
aka certificate-less public key
https://www.garlic.com/~lynn/subpubkey.html#certless
and aads chip strawman
https://www.garlic.com/~lynn/x959.html#aads

again, some of this also touches on the difference between institutional centric and person-centric paradigms discussed
https://www.garlic.com/~lynn/2007s.html#59 Translation of IBM Basic Assembler to C?

I think that the GRID guys were also trying to adapt both RADIUS
https://www.garlic.com/~lynn/subpubkey.html#radius
and KERBEROS
https://www.garlic.com/~lynn/subpubkey.html#kerberos

as administrative platforms for handling both single domain, multiple installation as well as x-domain (aka multiple independent institutional authentication operation). Part of the issue is the something you have token authentication mechanism ... but the other issue is the administrative infrastructure to manage the authentication policies and operations as well as the corresponding authorization policies and operations (what is the authorization implication that corresponds to some authentication).

recent post touching on some of the Kerberos specific issues:
https://www.garlic.com/~lynn/2007q.html#2 Windows Live vs Kerberos
https://www.garlic.com/~lynn/2007q.html#5 Windows Live vs Kerberos

Newsweek article--baby boomers and computers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Newsweek article--baby boomers and computers
Newsgroups: alt.folklore.computers
Date: Wed, 21 Nov 2007 17:46:59 -0500

Anne & Lynn Wheeler <lynn@garlic.com> writes:
somewhat unrelated ... but a business news channel had interview with oil investment specialist ... who made some statement that oil exploration/development investment was underfunded in 2005 by 1/3rd ... likely leading to 1m barrel/day production shortfall in 2010-2011 timeframe (although there are significant uncertainties that could affect that shortfall prediction), growing to possibly 4m barrel/day production shortfall by 2013-2014.

the interviewer asked what are the possible reasons for the shortfall in investments. the "specialist" explained that one reason is that 1/2 of the production project specialists will reach retirement age over the next three years and there wasn't enough talent to undertake additional projects that typically take 7-8yrs.

re:
https://www.garlic.com/~lynn/2007q.html#42 Newsweek article--baby boomers and computers

New Oil Crisis: An Engineer Shortage
http://www.time.com/time/business/article/0,8599,1686084,00.html

from above:
You've heard the reasons for high oil prices: instability in the Middle East, booming demand in China and India, the sagging dollar. Now add another one to the list: Engineers. The world doesn't have enough of them.

... snip ...

Is the media letting banks off the hook on payment card security

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is the media letting banks off the hook on payment card security
Newsgroups: alt.folklore.computers
Date: Wed, 21 Nov 2007 18:17:22 -0500

Anne & Lynn Wheeler <lynn@garlic.com> writes:
much of financial institution income from payment transactions comes in the form of interchange fees payed by merchants ...

re:
https://www.garlic.com/~lynn/2007r.html#31 Is the media letting banks off the hook on payment card security

today news item ...

An EFT Summit Helps Costco Weigh Options for Web-Based PIN Debit
http://www.digitaltransactions.net/newsstory.cfm?newsid=1588

from above:
A move by Costco, a top-25 Internet merchant, to take PIN debit on its site would lend considerable credibility to the idea of taking PIN debit online. This is a notion many EFT officials have historically shied away from, citing concerns about security and about a possible threat to the interchange income EFT network members earn from signature debit. PIN debit interchange rates are typically lower than those for signature debit.

... snip ...

reference to NACHA pilot earlier in this decade
https://www.garlic.com/~lynn/x959.html#aadsnacha
and original proposal for the pilot (submitted by somebody else since we weren't nacha members)
https://www.garlic.com/~lynn/nacharfi.htm

other posts in this thread:
https://www.garlic.com/~lynn/2007r.html#21 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#30 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#32 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#34 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#35 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#40 Is the media letting banks off the hook on payment card security

other recent posts mentioning interchange fees
https://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007i.html#17 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#47 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#59 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#72 Free Checking
https://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use

Translation of IBM Basic Assembler to C?

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Translation of IBM Basic Assembler to C?
Newsgroups: alt.folklore.computers
Date: Thu, 22 Nov 2007 07:16:42 -0500

Steve O'Hara-Smith <steveo@eircom.net> writes:
I don't see how unless you also have the secret for it. In every use I have seen the institution issuing the keyfob keeps the secret carefully ... well secret. So the keyfob can only be used with that institution.

re:
https://www.garlic.com/~lynn/2007s.html#62 Translation of IBM Basic Assembler to C?

a frequent and common reoccurring problem with shared-secret paradigm ... it is almost as if every institution/environment really believes that an individual only has the relationship with that institution as the one and only relationship requiring authentication and there were no others
https://www.garlic.com/~lynn/subintegrity.html#secrets

aka if tokens were to ever catch on ... rather than carrying around a piece of paper (or electronic memo) with 100+ shared-secrets ... you would always carry around a backpack with 100+ (shared-secret paradigm) keyfobs ... you might need to have the backpack organized into separate categories and maybe color coding ... so to help facilitate being able to help identify the correct, needed keyfob at any specific instant. discussion of person-centric vis-a-vis institutional-centric authentication paradigms
https://www.garlic.com/~lynn/2007s.html#59 Translation of IBM Basic Assembler to C?

for a little more topic drift in the recent post in this thread
https://www.garlic.com/~lynn/2007s.html#64 Is the media letting banks off the hook on payment card security

there is these recent discussions about past difficulties in introducing authentication tokens into the consumer market (and some of the ongoing after effects)
https://www.garlic.com/~lynn/aadsm27.htm#34 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#35 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#37 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#37 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#38 a fraud is a sale, Re: The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#39 a fraud is a sale, Re: The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#40 a fraud is a sale, Re: The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#41 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#42 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
https://www.garlic.com/~lynn/aadsm27.htm#51 Know Your Enemy: Scott McNeally on security theater
https://www.garlic.com/~lynn/aadsm27.htm#58 On the downside of the MBA-equiped CSO

other posts in the thread
https://www.garlic.com/~lynn/2007r.html#21 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#30 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#31 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#32 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#34 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#35 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#40 Is the media letting banks off the hook on payment card security

The new urgency to fix online privacy

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The new urgency to fix online privacy
Newsgroups: alt.folklore.computers
Date: Thu, 22 Nov 2007 07:50:21 -0500

Microsoft confirms that XP contains random number generator bug
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9048438&intsrc=hm_list

from above:
As recently as last Friday, Microsoft hedged in answering questions about whether XP and Vista could be attacked in the same way, saying only that later versions of Windows "contain various changes and enhancements to the random number generator." Yesterday, however, Microsoft responded to further questions and acknowledged that Windows XP is vulnerable to the complex attack that Pinkas, Gutterman and Dorrendorf laid out in their paper, which was published earlier this month.

... snip ...

Newsweek article--baby boomers and computers

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Newsweek article--baby boomers and computers
Newsgroups: alt.folklore.computers
Date: Fri, 23 Nov 2007 09:36:17 -0500

CBFalconer <cbfalconer@yahoo.com> writes:
It probably is, or at least nearly so. Comparison with the Euro or the Canadian dollar cuts the price down to about $60 today, which allows for considerable Chinese competition, oilco profiteering, etc. The basic problem is the dollar deflation, driven by the

some part is huge balance of trade deficit that has been going on for decades with most of the countries ... which means they have enormous surplus of dollars. some of the enormous surplus of foreign dollars are being invested back into the country, helping dampen interest rates (since there is significant source of funds from these dollar surpluses)

the big oil crunch in the early 70s resulted in wage and price controls attempting to stabilize things (and that is when precentage of imported oil was about half what it is today) ... a couple posts mentioning early 70s
https://www.garlic.com/~lynn/2007k.html#0 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#5 IBM Unionization

one of the things supporting the dollar in the past was size of the associated economy vis-a-vis various alternatives. EU created comparable sized economy helping strengthen the euro ... euro not only rises vis-a-vis the dollar ... but also creates a currency competitor for the dollar (weakening the dollar as primary world currency choice). Similar forces going on in the far east.

The yen rose significantly against the dollar since the early 70s ... recent posts with reference (from about 300/dollar to around 100/dollar)
https://www.garlic.com/~lynn/2007g.html#34 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#35 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007j.html#88 IBM Unionization

however, the claim can be made that its associated economy wasn't large enuf to create a world reserve currency competitor. However its industries become world competitors ... which contributed to decline in some major US industries (weakening the US economy and currency). some recent posts vis-a-vis the auto industry
https://www.garlic.com/~lynn/2007f.html#50 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007g.html#29 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007g.html#34 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#52 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007i.html#13 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007j.html#33 IBM Unionization
https://www.garlic.com/~lynn/2007n.html#31 IBM obsoleting mainframe hardware
https://www.garlic.com/~lynn/2007q.html#4 Horrid thought about Politics, President Bush, and Democrats

The EU and more recent the rise of economies in asia has created currencies increasing in value (against the dollar) ... but also backed by economy on par with the US. I believe there was previous post mentioning that the dollar having been dominant currency of choice in the world which could possibly account for 1/3rd of its perceived value (aka helping prop up dollar value against all world currencies ... aka some cases, specific currencies can rise against the dollar ... as the case of the yen since the early 70s ... and/or the dollar can "fall" against several major currencies).

some URLs form quicky search engine use

The Currency Denomination of World Trade after European Monetary Union
http://www.sciencedirect.com/science?_ob=ArticleURL&_udi=B6WMC-45J5C7M-7&_user=10&_coverDate=12%2F31%2F1998&_rdoc=1&_fmt=&_orig=search&_sort=d&view=c&_acct=C000050221&_version=1&_urlVersion=0&_userid=10&md5=04933c131a71381f4d980fc5c78eb474
Dollar Hegemony
http://www.henryckliu.com/page2.html
Reserve currency
https://en.wikipedia.org/wiki/Reserve_currency
Dollar is world currency "for a reason"
http://biz.yahoo.com/rb/071109/usa_paulson_dollar.html?.v=4
The Dollar's Falling! Does It Really Matter
http://www.ecommercetimes.com/story/38826.html

past posts in this thread:
https://www.garlic.com/~lynn/2007p.html#14 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#16 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#21 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#27 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#28 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#29 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#30 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#31 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#35 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#38 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#50 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#41 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#42 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007s.html#32 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007s.html#63 Newsweek article--baby boomers and computers

Newsweek article--baby boomers and computers

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Newsweek article--baby boomers and computers
Newsgroups: alt.folklore.computers
Date: Fri, 23 Nov 2007 10:21:43 -0500

greymaus <greymausg@mail.com> writes:


Local price of petrol at a Mom&Pop operation,
fortnight or so ago, 117.4 cents/litre
yesterday            122.5 cents/litre

re:
https://www.garlic.com/~lynn/2007s.html#67 Newsweek article--baby boomers and computers
https://en.wikipedia.org/wiki/Oil_price_increases_of_2004-2006
excerpt from above:
The previous high was $1.42 per gallon in March 1981, which would be $3.20 per gallon after adjustment for inflation. In comparison, the average retail price of a litre of petrol in the United Kingdom (gasoline in American English) was 86.4p on 19 October 2006.[6] This equates to US$6.13 per U.S. gallon

... snip ...

above wiki article has reference to

(june '07) gas prices ($/gal) around the world
http://www.theoildrum.com/node/2653

with US at $3.10/gal is one of the least expensive of major countries (by comparison norway is $7.76/gal)

also has gal of gas as percentage of daily GDP by country (again, US is one of the lowest, nearly half that of canada).

previous, next, index - home