From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 05 Dec 2007 14:44:30 -0500cb@df.lth.se (Christian Brunschen) writes:
a few web references:
http://www.transactionworld.com/articles/2003/July/industryTalksBack3.asp
http://www.prnewswire.com/cgi-bin/stories.pl?ACCT=104&STORY=/www/story/07-22-2003/0001987111&EDATE
http://www.classactionrefund.com/VisaInfo.html
http://www.inrevisacheckmastermoneyantitrustlitigation.com/history.php3
misc. recent posts mentioning class-action anti-trust and/or interchange fees
https://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007i.html#17 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#47 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#59 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#72 Free Checking
https://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007r.html#31 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#40 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007s.html#64 Is the media letting banks off the hook on payment card security
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Thu, 06 Dec 2007 07:13:03 -0500d10jhm1@US.IBM.COM (Jim Mulder) writes:
well, sort of.
one of the things to get rapidly to 16-way smp implementation, as well as addressing performance/scaling issues, was to relax standard 370 cache consistency rules (and, in fact, most SMP vendors going to larger numbers of processors have almost always involved how to deal with cache consistency issues).
remember that compare&swap ... misc. posts about smp and/or compare&swap
https://www.garlic.com/~lynn/subtopic.html#smp
was invented by charlie (compare&swap was chosen because CAS are
charlie's initials) at the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
and i've mentioned before the original difficulty of getting
compare&swap into 370 architecture. Some of the difficulties
is why the example of program failure still appears in the
compare&swap writeup
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/A.6.1?SHELF=DZ9ZBK03&DT=20040504121320
i've frequently claimed that the 801 risc effort
https://www.garlic.com/~lynn/subtopic.html#801
was attempt to go to the opposite extreme from what went on
in FS
https://www.garlic.com/~lynn/submain.html#futuresys
and also claimed the lack of cache consistency in 801 risc was adverse reaction to the heavy performance penalty paid in 370 by its strong cache consistency requirement. in fact, it wasn't until somerset (joint ibm, motorola, apple, et all) for power/pc that there was (risc) work on smp and addressing cache consistency.
in any case, part of doing 16-way smp (and relaxing 370 cache consistency rules) was much more detailed attention paid to every piece of code (because of the associated hardware changes for relaxed cache consistency).
for some more topic drift, in just the 3084 time-frame, both mvs and (standard) vm had effort to go thru all kernel data & storage management and make sure things were cache-line sensitised. the issue was the increased probability that more than one cache might be accessing different data items which happened to overlap in the same cache line (resulting in significant cache line thrashing). The claim at the time was that this effort resulted in 5-10 percent increased system thruput (for 4-way). As the number of independent caches that had to be coordinated, goes up ... the probability increases that there is going to be some kind of cache interference.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Thu, 06 Dec 2007 08:08:08 -0500re:
for slightly more light-hearted, seasonal reference, old email with
mvs/xa tso reference from long ago and far away:
Date: 08/26/82 15:24:21
re: mvs/xa; i've seen it for myself, a 3081 system completely idle
except for one MVS/XA tso user. Response time is longer for that
single TSO user on the 3081 than for CMS doing same type of stuff on a
loaded 3033. MVS/XA is copy of the one that <large internal
datacenter> is using for their development work. <the large
internal datacenter> has gen'ed the TSO logo screen (in big block
letters)
BAH
HUMBUG
The only thing slower than the 3081 service processer (5+ seconds to
single step one instruction) on the 3081 is possibly MVS/XA TSO. The
observation is that TSO is so slow, that you have lots of time to
syntax your next input & make sure that there are no mistakes (because
if there are ... then things will really be slow).
... snip ... top of post, old email index
somewhat related to post in this thread
https://www.garlic.com/~lynn/2007t.html#40 Why isn't OMVS command integrated with ISPF?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 06 Dec 2007 11:57:46 -0500cb@df.lth.se (Christian Brunschen) writes:
long ago and far away ... even before mac was announced, my brother was regional apple rep (claimed to have the largest physical territory in conus). one of the things he figured out was how to dial into corporate dataprocessing to look at manufacturing and delivery schedules ... which at the time, happened to be running on s/38.
sometimes when he was in town ... i would get invited to after work dinners. there were some with mac developers (before mac announcement) that i remember where i was arguing with them about features needed to be supported by mac in order to be successful.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Remembering the CDC 6600 Newsgroups: alt.folklore.computers Date: Thu, 06 Dec 2007 14:21:51 -0500John Byrns <byrnsj@sbcglobal.net> writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Public Computers Newsgroups: alt.folklore.computers Date: Thu, 06 Dec 2007 15:03:38 -0500Morten Reistad <first@last.name> writes:
includes a way to integrate into a single security infrastructure,
software, hardware, single & multi-factor authentication; i.e. from
3-factor authentiction model ... misc. 3-factor posts:
https://www.garlic.com/~lynn/subintegrity.html#3factor
we did do eal4+ evaluation on a specificly designed chip ... i had joked in the 90s about taking a $500 milspec part, doing aggressive cost reduction of 2-3 orders of magnitude while (at the same time) improving the security. part of the issue is that a lot of operations view the area as profit opportunity while we were purely treating the whole infrastructure as cost/expense.
i've complained in the past about not being able to do an eal5+
evaluation. misc. past posts about protection profiles. common critera,
and EAL evaluations.
https://www.garlic.com/~lynn/aadsm12.htm#13 anybody seen (EAL5) semi-formal specification for FIPS186-2/x9.62 ecdsa?
https://www.garlic.com/~lynn/aadsm12.htm#14 Challenge to TCPA/Palladium detractors
https://www.garlic.com/~lynn/aadsm18.htm#41 Adding reliability and trust to smartcards
https://www.garlic.com/~lynn/aadsm18.htm#47 Dell to Add Security Chip to PCs
https://www.garlic.com/~lynn/aadsm18.htm#48 Dell to Add Security Chip to PCs
https://www.garlic.com/~lynn/aadsm21.htm#4 Another entry in the internet security hall of shame
https://www.garlic.com/~lynn/aadsm24.htm#23 Use of TPM chip for RNG?
https://www.garlic.com/~lynn/aadsm24.htm#26 Naked Payments IV - let's all go naked
https://www.garlic.com/~lynn/aadsm25.htm#1 Crypto to defend chip IP: snake oil or good idea?
https://www.garlic.com/~lynn/aadsm27.htm#37 The bank fraud blame game
https://www.garlic.com/~lynn/2002c.html#15 Opinion on smartcard security requested
https://www.garlic.com/~lynn/2002h.html#71 history of CMS
https://www.garlic.com/~lynn/2002h.html#84 history of CMS
https://www.garlic.com/~lynn/2002j.html#86 formal fips186-2/x9.62 definition for eal 5/6 evaluation
https://www.garlic.com/~lynn/2002k.html#35 ... certification
https://www.garlic.com/~lynn/2002m.html#44 Beware, Intel to embed digital certificates in Banias
https://www.garlic.com/~lynn/2002m.html#72 Whatever happened to C2 "Orange Book" Windows security?
https://www.garlic.com/~lynn/2003c.html#39 DOD 5200.28-STD capable OS?
https://www.garlic.com/~lynn/2003i.html#35 electronic-ID and key-generation
https://www.garlic.com/~lynn/2003i.html#36 electronic-ID and key-generation
https://www.garlic.com/~lynn/2003k.html#51 Linux gets sensitive government use approval
https://www.garlic.com/~lynn/2003l.html#19 Secure OS Thoughts
https://www.garlic.com/~lynn/2003l.html#64 Can you use ECC to produce digital signatures? It doesn't see
https://www.garlic.com/~lynn/2004i.html#27 New Method for Authenticated Public Key Exchange without Digital Certificates
https://www.garlic.com/~lynn/2004j.html#2 Authenticated Public Key Exchange without Digital Certificates?
https://www.garlic.com/~lynn/2004m.html#41 EAL5
https://www.garlic.com/~lynn/2004m.html#49 EAL5
https://www.garlic.com/~lynn/2004m.html#50 EAL5
https://www.garlic.com/~lynn/2004m.html#53 4GHz is the glass ceiling?
https://www.garlic.com/~lynn/2005b.html#5 Relocating application architecture and compiler support
https://www.garlic.com/~lynn/2006t.html#38 Vulnerability Assessment of a EAL 4 system
https://www.garlic.com/~lynn/2007b.html#30 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#47 newbie need help (ECC and wireless)
https://www.garlic.com/~lynn/2007l.html#39 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007q.html#34 what does xp do when system is copying
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Open z/Architecture or Not Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Thu, 06 Dec 2007 15:43:30 -0500BShannon@ROCKETSOFTWARE.COM (Bob Shannon) writes:
in the early 80s there was a study of local vm370 system modifications. internal corporate "local" modifications were as large as the base system ... and the "share" library source changes were approximately equivalent to the internal corporate "local" modifications (in size and function).
part of all this started with unbundling announcement 23jun69
https://www.garlic.com/~lynn/submain.html#unbundle
starting to charge for application software. however, the case was made that kernel code could still be "free" (bundled).
A lot of the structural and functional enhancements that I had done to
cp67 as an undergraduate (and was picked up and shipped in the
product) was dropped in the morph from cp67 to vm370. However, I had
done the port myself ... referenced in this prior post
https://www.garlic.com/~lynn/2007t.html#69 T3 Sues IBM TO Break its Mainframe Monopoly
and this old email
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
I distributed and supported the "CSC/VM" system (mentioned in the above) for a large number of internal datacenters. The product picked up some small pieces of the above as part of VM370 rel3.
However, other pieces were selected to be released as separate
"resource manager" product ... and also got chosen to be guinea pig
for unbundling/charging for kernel software (which met that i had to
spend a lot of time with business people ironing out the policies
for kernel software charging).
https://www.garlic.com/~lynn/subtopic.html#fairshare
https://www.garlic.com/~lynn/subtopic.html#wsclock
because of the extensive source oriented culture ... most customers managed to regularly track local source code changes as new releases came out.
However, I know of (at least) one notable exception. Somehow or another, a very early "CSC/VM" system was leaked to AT&T longlines. Over a period of years, they developed a large body of their own source changes ... never bothered to track releases, and migrated it to a number of their own machines. Nearly a decade later, I was tracked down by the AT&T national marketing rep about trying to help get AT&T longlines off this ancient CSC/VM system.
The "OCO-wars" (object code only) in the early 80s were somewhat turbulent.
There had been some number of commercial online timesharing services
formed from cp67 and vm370.
https://www.garlic.com/~lynn/submain.html#timeshare
these were somewhat similar to the internal HONE systems that
worldwide sales and marketing used
https://www.garlic.com/~lynn/subtopic.html#hone
One of these was Tymshare which in the mid-70s started providing the
vmshare online discussion forum to share members. That vmshare forum
has now been archived here
http://vm.marist.edu/~vmshare/
included in the forum archives are the OCO-war discussions from the early 80s.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Public Computers Newsgroups: alt.folklore.computers Date: Thu, 06 Dec 2007 16:28:01 -0500Morten Reistad <first@last.name> writes:
but a NSF review of backbone (we had running internally) claimed that what we already had running was at least five yrs ahead of all nsfnet backbone bid submissions (to build something new).
other archeological references here
https://www.garlic.com/~lynn/subnetwork.html#nsfnet
and
https://www.garlic.com/~lynn/internet.htm
there is the claim that tcp/ip is the technology basis for modern internet, that nsfnet backbone was the operational basis for the modern internet and cix was the business basis for the modern internet.
there were some stuff that we had running on our backbone that looks to
have (finally) shown up in internet2 activity.
http://www.internet2.edu/network/
for totally other topic drift
Internet2 Middleware Initiative
http://middleware.internet2.edu/
somewhat related to this recent (middleware) thread/post
https://www.garlic.com/~lynn/2007t.html#39 important
referencing these posts
https://www.garlic.com/~lynn/99.html#201 Middleware - where did that come from?
https://www.garlic.com/~lynn/99.html#202 Middleware - where did that come from?
which in turn reference these even older posts
https://www.garlic.com/~lynn/96.html#16
https://www.garlic.com/~lynn/96.html#17
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Open z/Architecture or Not Newsgroups: bit.listserv.ibm-main,alt.folklore.computers To: <ibm-main@bama.ua.edu> Date: Thu, 06 Dec 2007 17:28:29 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
as before the vmshare archives are at
http://vm.marist.edu/~vmshare/
old vmshare post about the vm source maint infrastructure,
originally developed on cp67
http://vm.marist.edu/~vmshare/read.cgi?fn=HISTORY&ft=MEMO&line=49
a quicky search for some OCO related posts from archive ...
this is discussion from 93 regarding OCO's 10th b'day:
http://vm.marist.edu/~vmshare/browse.cgi?fn=OCO:BDAY&ft=MEMO
OCO Study Handouts from SHARE 72 (Feb89)
http://vm.marist.edu/~vmshare/browse.cgi?fn=OCOSTUDY&ft=NOTE
TUCC's MVS/370 to MVS/XA conversion experiences (Jun88)
http://vm.marist.edu/~vmshare/browse.cgi?fn=OCOCME&ft=NOTE
VM Program Products which should be distributed with Source Code.
(started May80)
http://vm.marist.edu/~vmshare/browse.cgi?fn=VMSOURCE&ft=MEMO
old email mentioning vmshare
https://www.garlic.com/~lynn/lhwemail.html#vmshare
... including discussing obtaining monthly copies of all vmshare files
for putting up on the HONE system for worldwide sales and marketing
https://www.garlic.com/~lynn/subtopic.html#hone
and other internal systems.
for other drift, one of the things i did during this period was do a
rex(x)-implementation replacement for ipcs debugging tool.
https://www.garlic.com/~lynn/submain.html#dumprx
part of the issue was to demonstrate that rex(s) wasn't just another pretty exec language. the objective was to be able to replace the existing ipcs (which was a large body of assembler implemented code) with a
1) rex(x) implementation, 2) that took less than half-time over 3months to implement, 3) had ten times the function and 4) ten times the performance (took some slight of hand)
a side-effect was that if it was decided to replace the existing implementation ... then "source" would have to be shipped for the new ipcs ... regardless of any OCO-policy.
It was never decided to ship the implementation as replacement IPCS ... but it eventually came to be used at effectively all internal datacenters and the majority of PSRs processing customer reported problems.
However, i was approved to give a share presentation on the implementation ... and within a couple months after the presentation, there were a number of similar implementations by various organizations.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Open z architecture and Linux questions Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Fri, 07 Dec 2007 10:36:16 -0500wdriscoll@JMESOFTWARE.COM (Wayne Driscoll) writes:
the effort to add mainframe EREP/RAS functionality to any of these ports was several times larger than just doing the straight forward port (while vm was able to satisfy the requirement, including for any of its guest operating systems). however, over the yrs, there has been more and more of virtual machine support functionality being moved into LPAR and service processor operation.
slightly related recent post
https://www.garlic.com/~lynn/2007t.html#77 T3 Sues IBM To Break its Mainframe Monopoly
also in this post
https://www.garlic.com/~lynn/2007u.html#8 Open z/Architecture or Not
the reference to various OCO related material from vmshare archives,
the reference to "TUCC's MVS/370 to MVS/XA conversion experiences"
describes part of the success was having access to SIE and VM/SF
information
http://vm.marist.edu/~vmshare/browse.cgi?fn=OCOCME&ft=NOTE
... part of difficulty discussion from above ...
The key to gaining performance from the primary guest operating system
is the I/O Passthru feature of SIE. This allows the guest system to
initiate I/O directly to the I/O subsystem without intervention from
VM/SF. The SIE microcode assist is a documented feature, however the
portion that supports I/O Passthru is not documented. As a result it
took us two months to correct this problem. The problem was
extraordinarly difficult to analyze, because the symptoms were
noticeable only after the problem occurred. We had all of MVS/370's
I/O devices in I/O Passthru, including the Memorex 1270 devices. In
certain circumstances, such as MVS disabling for 09x wait, VM/SF
decided to remove all of the I/O from I/O Passthru. After taking all
devices out of I/O passthru, VM/SF will then put them all back in.
Performing this function requires that VM/SF perform a Modify
Subchannel to each device to accomplish this.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Crypto Related Posts Newsgroups: bit.listserv.ibm-main To: <ibm-main@bama.ua.edu> Date: Fri, 07 Dec 2007 13:39:23 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
some recent related:
Why should merchants keep credit card data?
http://www.networkworld.com/news/2007/121107-dns-attack-could-signal-phishing.html
the proposed approach was raised at least a decade ago ... it addresses
harvesting "data-at-rest" in repostories ... but doesn't address the
evesdropping and skimming attacks.
https://www.garlic.com/~lynn/subintegrity.html#harvest
previous business process difficulties (with the suggested approach) was availability of online connectivity (giving merchants access to the necessary data for required/mandated business operations). the pervasive growth of internet connectivity has somewhat mitigated those issues.
Can mid-market merchants comply with PCI standards?
http://www.networkworld.com/news/2007/120607-why-should-merchants-keep-credit.html
another approach that has been tried is the "one time account numbers" (as an approach to eliminating replay attacks ... aka eliminating being able to use information from previous transactions for fraudulent activity).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Public Computers Newsgroups: alt.folklore.computers Date: Fri, 07 Dec 2007 16:16:50 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
for even more topic drift
https://www.garlic.com/~lynn/2007t.html#61 Crypto Related Posts
https://www.garlic.com/~lynn/2007u.html#10 Crypto Related Posts
there was quite a bit of work in the 90s on countermeasures for PC-related security threats and vulnerabilities ... a lot of it focused on smartcard oriented hardware tokens (and smartcard readers).
there was extensive work on the EU FINREAD smartcard reader standard
regarding countermeasures to most types of PC-related security
problems.
https://www.garlic.com/~lynn/subintegrity.html#finread
then there was a disastrous attempted consumer deployment of (financial)
smartcards where the resulting significant customer service problems
resulted in a wide spread opinion that smartcards (and by implication
other forms of hardware tokens) aren't practical in consumer market.
some recent discussions:
https://www.garlic.com/~lynn/aadsm27.htm#34 The bank fraud blame game
https://www.garlic.com/~lynn/2007n.html#65 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007t.html#22 'Man in the browser' is new threat to online banking
the aftermath had all sorts of retrenching on various hardware token efforts ... not only in purely consumer market ... but even in commercial environments where there were fears that retrofitting existing PCs might cost hundreds of dollars (per PC) in resolving installation problems.
some investigation of the actual consumer problems turned out to be most were totally related to PC hardware serial port ... the disastrous attempted consumer deployment specifically involving a PC/SC compliant serial port smartcard reader.
the assertion has been that there was institutional knowledge that could have headed off the disastrous attempted smartcard deployment (which also resulted in aborting quite a few other efforts).
In the 80s, there were numerous PC-based dial-up online banking offerings. In the mid-90s there were numerous presentations about major justification for moving to internet online banking was eliminating all the customer support costs related to dial-up serial port modems. One presentation claimed that one online banking service had accumulated something like sixty different serial-port modem device drivers that cost them to support and maintain.
Transition to internet-based infrastructure moved all those dial-up modem support costs to ISPs ... which could amortize it across a much broader range of services. Also with much more pervasive use of dial-up modems, PC builders could justify including built in modems (totally eliminating after market modem installation problems). The signifant hardware serial port issues was also behind the USB activity.
In the wake of the disastrous attempted financial smartcard deployment, there were some attempts to correct specific problems with USB devices. However, the impression was already wide-spread that it was a general hardware token issue ... and not practical in the consumer market (as opposed to a hardware serial port specific issue).
The issue raised here has to do with the smartcard reader (as opposed to
the hardware token itself)
https://www.garlic.com/~lynn/aadsm27.htm#38 The bank fraud blame game
In the EU FINREAD scenario, the consumer acquires their own FINREAD complient, stand-alone reader with its own display and input ... that operates independent of the PC it is connected to (and not subject to PC viruses, trojan horses, etc).
The problem shows up in a public environment ... how would a consumer know/trust whether or not any reader or terminal is actually FINREAD-complient, has not been (physically) compromised (at some point) and/or possibly counterfeit? Moving to a public environment, it then requires for an (especially paranoid) end-consumer to provide their own (secure/trusted) display and input device ... which implies (at least) something like a PDA or cellphone.
as mentioned in early AADS chip strawman post (from the 90s)
https://www.garlic.com/~lynn/aadsm2.htm#straw
the chip could either be packaged as an independent hardware token or as embedded chip in any sort of device.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Fri, 07 Dec 2007 19:41:29 -0500"Rostyslaw J. Lewyckyj" <urjlew@bellsouth.net> writes:
my brother said that when visiting (usually large institutional) customers, he would fawn over how fantastic their ibm-logo'ed coffee mugs were and would offer to trade an apple mug (or possibly 2-3) for their fantastic ibm mug.
previous mention coffee mugs
https://www.garlic.com/~lynn/2004l.html#46 Shipwrecks
some of the issues about attracting next generation were brought up in
the recent thread in bit.listserv.ibm-main (need for low-end offering in
educational/hobbiest context):
https://www.garlic.com/~lynn/2007t.html#68 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#69 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#71 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#75 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#77 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007u.html#1 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007u.html#2 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007u.html#6 Open z/Architecture or Not
https://www.garlic.com/~lynn/2007u.html#8 Open z/Architecture or Not
https://www.garlic.com/~lynn/2007u.html#9 Open z architecture and Linux questions
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: new 40+ yr old, disruptive technology Newsgroups: alt.folklore.computers Date: Fri, 07 Dec 2007 20:49:25 -0500CJT <abujlehc@prodigy.net> writes:
for other topic drift, old post about my wife being at engineering
graduate school in that period
https://www.garlic.com/~lynn/99.html#15 Glass Rooms (was Re: drum memory (was: Re: IBM S/360))
another mentioning
https://www.garlic.com/~lynn/2002l.html#22 Compter Architectures
that she got a job in future system project not long afterwards
https://www.garlic.com/~lynn/submain.html#futuresys
working for one of the people that had earlier been involved
in the virtual machine cp40 system at the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
csc/vm (&/or sjr/vm) posts
https://www.garlic.com/~lynn/submisc.html#cscvm
another old reference
https://www.garlic.com/~lynn/99.html#100 Why won't the AS/400 die? Or, It's 1999 why do I have to learn how to use
and another post about running into one of her classmates
many yrs later (she was the only female in the class)
https://www.garlic.com/~lynn/2002o.html#68 META: Newsgroup cliques?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Sat, 08 Dec 2007 09:17:15 -0500Peter Moylan <peter@DIESPAMMERSDIEpmoylan.org> writes:
i saw that in the original cp67 delivered to the univ, dispatch/scheduling overhead grew non-linear as number of users increased.
for other drift ... much, much later, on first encountering unix, i
commented about having fixed design flaws back in the 60s, conjecture
that cp67 and unix (via multics) shared somewhat common history back to
ctss ... aka some number of the ctss people went to the science
center on the 4th flr of 545 tech sq and others went to multics
on the 5th flr; misc posts mentioning 545 tech sq &/or science center
https://www.garlic.com/~lynn/subtopic.html#545tech
even quite a bit later ... i've mentioned getting called into consult
with a small client/server startup that wanted to do payments on their
server
https://www.garlic.com/~lynn/subnetwork.html#gateway
they were providing (server) online download for their client product and ran into a similar problem with nonlinear scale-up problem in tcp implementation ... in fact, there was a period in the valley where a large number of servers found that under increasing load, the processors were spending 99percent of the time in non-linear overhead dealing with a list.
The issue was that TCP sessions had been assumed to be long-lived and there would be relatively few sessions concurrently in close condition. This assumption was heavily violated by the client/server protocol that had been implemented ... using TCP layer to achieve a little additional reliability in the transaction oriented protocol. As a result, loaded systems could easily have thousands of entries in the session close management list.
for other drift ... possibly part of the reason that we were called in
... two of the people mentioned in this meeting
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15
when we were doing ha/cmp product
https://www.garlic.com/~lynn/subtopic.html#hacmp
and cluster scale-up ... some old email
https://www.garlic.com/~lynn/lhwemail.html#medusa
... had moved on and were at this small client/server startup responsible for something they called a commerce server ... that would be doing the payment transactions ... and is frequently now referred to as electronic commerce.
a descendent of that small client/server startup organization is now responsible for the email/newsreader client you mentioned.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Public Computers Newsgroups: alt.folklore.computers Date: Sat, 08 Dec 2007 13:40:51 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
part of the issue is that some number of the chipcard and hardware token
deployments were extremely narrowly focused ... where the chip may have
been claimed to totally eliminate all security threats and
vulnerabilities ... but in fact, the myopic chip-centric focus could
result in actually decreasing overall integrity. this was easily
observed with the chipcard work going on in the mid-90s resulting in the
yes card vulnerabilities ... and even dating back to deployments in
the late-90s:
https://www.garlic.com/~lynn/subintegrity.html#yescard
recent post mentioning spontaneous comment from somebody in the audience
listening to yes card description; do you mean they managed to spend
billions to prove that chipcards are less secure than magstripe?
https://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#61 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007r.html#34 Is the media letting banks off the hook on payment card security
... work that was going on concurrently when we were doing the AADS chip
strawman
https://www.garlic.com/~lynn/x959.html#aads
in the finread terminal case, the chipcard is presumed to be something you have authentication that is difficult to counterfeit and/or spoof. strong authentication is then used to scaffold some other parts of a secure infrastructure. the problem with "dumb" reader attached to PC ... are virus, trojans, keyloggers, etc ... can manipulate the chipcard in the reader w/o knowledge of the associated human.
the finread terminal was to provide trusted display and input that was immune from widely occurring PC compromises. the trusted display would provide a trusted display of every operation. the trusted input/pinpad would be immune from common keyloggers and unable to be simulated by virus and trojans resident on the PC. Authentication operations require something you know PIN-entry to be passed directly to the chipcard.
The PIN-entry (in conjunction with chipcard) then represents multi-factor authentication (the chip something you have and the PIN something you know).
The PIN represents a "secret" ... but not a shared-secret ... some
posts that differentiate between "secret" paradigms and shared-secret
paradigms.
https://www.garlic.com/~lynn/subintegrity.html#secrets
Part of operation of finread certified terminal was that physical human action was required for every PIN-entry ... and the infrastructure was such that there wouldn't be associated chipcard operation until the correct (human entered) PIN has been provided (countermeasures to PC trojan keyloggers also able to simulate human keyboard entry to valid chipcard as part of fraudulent transactions).
The critical distinction regarding infrastructure requiring human action
showed up when we were called in to help wordsmith the cal. state
electronic signature legislation and later the federal legislation.
https://www.garlic.com/~lynn/subpubkey.html#signature
Some factions were pushing hard to have digital signatures equivalent to human signatures. The observation was that human signatures require explicit action demonstrating having read, understood, agrees, approves, and/or authorizes.
Digital signatures are purely an indication of something you have authentication ... and are frequently performed w/o any demonstration of corresponding human action demonstrating having read, understood, agrees, approves, and/or authorizes. In some cases it was simply semantic confusion and/or cognitive dissonance because the terms "digital signature" and "human signature" both contain the word "signature".
for some additional topic drift:
http://www.answers.com/topic/cognitive-dissonance?cat=biz-fin
from above:
In general: psychological theory of human behavior. The theory suggests
that conflicts between behavior and beliefs create a sense of
discomfort, or cognitive dissonance, that the individual subconsciously
attempts to eliminate by modifying his or her beliefs. For example, a
man who believes in nonviolence may strike someone in anger. The theory
states that the man will either modify his beliefs about nonviolence to
justify the violent behavior or will believe his action to be something
other than violence.
... snip ...
in this application is some believing that if they validate a "digital signature" that it is then equivalent to "human signature" (w/o requiring any additional supporting infrastructure).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fazing out x86 Newsgroups: comp.arch Date: Sat, 08 Dec 2007 14:10:26 -0500Paul Gotch <paulg@at-cantab-dot.net> writes:
in the wake of the company going thru its downturn, including going into the red in 1992 ... quite a bit of the internal tool groups were dissolved and transition made to standard vendor tools. during this period, there were some number of people from VSLI tool groups doing technology transfer to outside vendors ... as sort of last task prior to their position being eliminated (some then showed up at as employees of the vendors they had been working with).
In the case of the Los Gatos group ... the bldg was leveled and the land sold off for housing development.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Sun, 09 Dec 2007 07:19:37 -0500hancock4 writes:
discussed in some detail in this reference (by one of
the executives):
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
from above:
IBM tried to react by launching a major project called the 'Future
System' (FS) in the early 1970's. The idea was to get so far ahead that
the competition would never be able to keep up, and to have such a high
level of integration that it would be impossible for competitors to
follow a compatible niche strategy. However, the project failed because
the objectives were too ambitious for the available technology. Many of
the ideas that were developed were nevertheless adapted for later
generations. Once IBM had acknowledged this failure, it launched its
'box strategy', which called for competitiveness with all the different
types of compatible sub-systems. But this proved to be difficult because
of IBM's cost structure and its R&D spending, and the strategy only
resulted in a partial narrowing of the price gap between IBM and its
rivals
... snip ...
I had participated having worked on a clone controller as an
undergraduate in the 60s (project precipitated because I
couldn't quite get the ibm box to do what I wanted) ... misc. past refs
https://www.garlic.com/~lynn/submain.html#360pcm
other posts in the thread
https://www.garlic.com/~lynn/2007t.html#68 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#69 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#71 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#75 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#77 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007u.html#1 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007u.html#2 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007u.html#6 Open z/Architecture or Not
https://www.garlic.com/~lynn/2007u.html#8 Open z/Architecture or Not
https://www.garlic.com/~lynn/2007u.html#9 Open z architecture and Linux questions
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Folklore references to CP67 at Lincoln Labs Newsgroups: alt.folklore.computers Date: Sun, 09 Dec 2007 08:14:00 -0500a few (out of a large number) lincoln lab folklore from Melinda's paper at
footnote on 360/67 SLT instruction
"The 360/67 SLT instruction RPQ was designed at Lincoln by Jack
Nolan. He was interested in using it for database list processing. Once
it was implemented, IBM found use for it to process lists in the CP
nucleus. I don't know if it was ever used by TSS or for any applications
program." (J.M. Winett, private communication, 1990.)
... snip ...
footnotes on two cp67 commercial timesharing companies (Arnow was
director of computing at Lincoln):
Almost immediately after that, two "spinoff" companies were formed by
former employees of Lincoln Lab, Union Carbide, and the IBM Cambridge
Scientific Center, to provide commercial services based on CP/CMS. Dick
Bayles, Mike Field, Hal Feinleib, and Bob Jay went to the company that
became National CSS.
Harit Nanavati, Bob Seawright, Jack Arnow, Frank Belvin, and Jim March
went to IDC (Interactive Data Corporation). Although the loss of so many
talented people was a blow, the CSC people felt that the success of the
two new companies greatly increased the credibility of CP-67
... snip ...
lots of past posts mentioning cp67&vm370 commercial timesharing
(including ncss and idc)
https://www.garlic.com/~lynn/submain.html#timeshare
The SLT (or search list) was used in CP67 kernel to search internal
kernel storage management tables. It was dropped when CP67 added
storage allocation "subpool" logic ... which was orders of magnitude
faster than searching lists ... even with hardware instruction. minor
recent topic drift mentioning list search overhead:
https://www.garlic.com/~lynn/2007u.html#14 What do YOU call the # sign?
I have an old SHARE Lincoln Labs software contribution document for
LLMPS listing Belvin and Winett as authors. Recent folklore reference
that MTS implementation was scaffold off LLMPS:
https://www.garlic.com/~lynn/2007t.html#54 new 40+ yr old, disruptive technology
for other topic drift ... an updated "database" hardware instruction
support from current principles of operation (trees instead of lists,
courtesy of Luther):
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/A.7?SHELF=DZ9ZBK03&DT=20040504121320
back in days working on the original RDBMS/SQL
https://www.garlic.com/~lynn/submain.html#systemr
there were a number of similar efforts on other database organization efforts (that shared some of the same objectives as system/r) that I also got to work on. One of them used some ideas similar to Luther's ... and, in fact, had him in to consult on some of the implementation.
misc. past posts mentioning SLT
https://www.garlic.com/~lynn/2000d.html#47 Charging for time-share CPU time
https://www.garlic.com/~lynn/2001c.html#15 OS/360 (was LINUS for S/390)
https://www.garlic.com/~lynn/2001d.html#23 why the machine word size is in radix 8??
https://www.garlic.com/~lynn/2001d.html#33 Very CISC Instuctions (Was: why the machine word size ...)
https://www.garlic.com/~lynn/2001h.html#71 IBM 9020 FAA/ATC Systems from 1960's
https://www.garlic.com/~lynn/2002.html#14 index searching
https://www.garlic.com/~lynn/2002.html#48 Microcode?
https://www.garlic.com/~lynn/2002f.html#54 WATFOR's Silver Anniversary
https://www.garlic.com/~lynn/2002h.html#87 Atomic operations redux
https://www.garlic.com/~lynn/2003m.html#35 SR 15,15 was: IEFBR14 Problems
https://www.garlic.com/~lynn/2004l.html#17 IBM 3090 : Was (and fek that) : Re: new computer kits
https://www.garlic.com/~lynn/2005b.html#28 Relocating application architecture and compiler support
https://www.garlic.com/~lynn/2005c.html#35 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2006e.html#40 transputers again was: The demise of Commodore
https://www.garlic.com/~lynn/2006j.html#21 virtual memory
https://www.garlic.com/~lynn/2007q.html#15 The SLT Search LisT instruction - Maybe another one for the Wheelers
https://www.garlic.com/~lynn/2007q.html#17 The SLT Search LisT instruction - Maybe another one for the Wheelers
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Distributed Computing Newsgroups: alt.folklore.computers Date: Sun, 09 Dec 2007 09:28:17 -0500A lot of vendors that have played in GRID (originally for various high-energy physics labs) have been trying to move the products into other market segments ... finding some early adopters in financial sector.
In the early 90s, there were quite a few projects attempting to
re-engineer legacy systems with distributed "killer micros" of the
period; large number of major efforts were built that used distributed
object oriented technologies. a couple old posts mentioning "killer
micros":
https://www.garlic.com/~lynn/2004p.html#12 360 longevity, was RISCs too close to hardware?
https://www.garlic.com/~lynn/2006.html#47 "VAX" Tradename reused !
The problem was that past the toy demo stage ... most found that the distributed object oriented technologies use, resulted in a factor of one hundred fold (or greater) increase in overhead ... vis-a-vis the existing mainframe legacy implementations (totally eliminating anticipated cost-savings and thruput scale-up). There were billions of dollars spent on these failed attempts to re-engineer legacy (mainframe) systems.
One of the areas that such efforts in the financial industry was focused at was the overnight batch window. Across a broad range of "real-time" transactions ... there was actually still a serious bottleneck. In many situations, the "batch applications" from the 60s&70s ... started to see "online" front-ends being built in the 70s&80s. However, these "online" implementations frequently only recorded details ... which were then queued up for final processing in overnight batch. The problems were two-fold, 1) growing businesses were finding that the workload was starting to exceed the capacity thruput of overnight batch window and 2) businesses moving into international operations were forcing the number of hrs for the overnight batch window to decrease.
One of the buzz-words from the early 90s was straight through processing (or STP) ... i.e. transactions would be processed in real-time all the way to completion (rather than being queued for final processing in the overnight batch window).
recent posts mentioning overnight batch window issues:
https://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
https://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
The newer generation effort is looking at combining several technologies, the physical packaging and management from GRID, virtualization for transparently handling large number of different work items ... and numerous related activities attempting to address efficient distributed scale-up issues.
We had worked on some of this in scale-up ... old email
https://www.garlic.com/~lynn/lhwemail.html#medusa
in our ha/cmp product activities
https://www.garlic.com/~lynn/subtopic.html#hacmp
also in these old postings
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15
One of the holy grails is to achieve significant improvements in distributed computing technologies to get the necessary cost savings and scale-up so that there can actually be a move to straight through processing and eliminate the legacy overnight batch window implementations (and related workload scale-up limitations).
a recent item in this area:
Red Hat Challenges IBM With Open Source Messaging System
http://news.yahoo.com/s/cmp/20071209/tc_cmp/204702773
from above:
Enterprise MRG is a combination of AMQP with real-time operations
already in the Linux kernel and grid computing capabilities flowing out
of the Condor Project at the University of Wisconsin.
...
AMQP.org established by developers at JPMorgan Chase; contributors
include Credit Suisse, Goldman Sachs, GE HP, Shell
... snip ...
it also references this website (which has an SSL certificate problem)
Advanced Message Queuing Protocol
https://jira.amqp.org/confluence/display/AMQP/Advanced+Message+Queuing+Protocol;jsessionid=7D159C65507C768C14D3749ABB864F71
from above:
Contributors
Cisco Systems, Credit Suisse, Deutsche Börse Systems, Envoy
Technologies, Inc., Goldman Sachs, IONA Technologies PLC, iMatix
Corporation sprl., JPMorgan Chase Bank Inc. N.A, Novell, Rabbit
Technologies Ltd., Red Hat, Inc., TWIST Process Innovations ltd, and
29West Inc.
... snip ...
other recent posts mentioning GRID:
https://www.garlic.com/~lynn/2007.html#33 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007b.html#23 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007k.html#22 Another "migration" from the mainframe
https://www.garlic.com/~lynn/2007k.html#23 Another "migration" from the mainframe
https://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#42 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007l.html#63 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#65 mainframe = superserver
https://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
https://www.garlic.com/~lynn/2007r.html#59 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007s.html#62 Translation of IBM Basic Assembler to C?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sun, 09 Dec 2007 09:56:56 -0500jmfbahciv writes:
lots of 370 machines were in customer shops by the time they got around to announcing hardware virtual memory for 370s. this required adding virtual memory hardware to all new 370 machines ... but also offering a field hardware upgrade to existing 370 machines in the field.
the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
had worked with endicott to modify cp67 (running on real 360/67) to emulate 370 (including all the virtual memory features ... which differed in many ways from the 360/67 implementation). This was in common operation a year before the first 370 (145) engineering machine with virtual memory was working.
however, the 370/165 engineers were running into some significant difficulties implementing the full 370 virtual memory architecture. In various resolution meetings, they proposed dropping several features from 370 virtual memory architecture ... in order to gain (at least) six months in their schedule. The people from the favorite son operating system in pok could see no problem with dropping the features.
vm370 was already dependent on the new features ... and when they were dropped (the elimination of the features had to be propagated across all machines in the 370 line) ... had to go back and make some revisions with quick&dirty kludge (namely related to shared-segment support).
misc. past posts mentioning 370/165-II implementation problems and
gaining six months in delivery schedule by software groups agreeing
that the additional virtual memory architecture features could be
dropped/eliminated
https://www.garlic.com/~lynn/95.html#3 What is an IBM 137/148 ???
https://www.garlic.com/~lynn/99.html#7 IBM S/360
https://www.garlic.com/~lynn/99.html#204 Core (word usage) was anti-equipment etc
https://www.garlic.com/~lynn/99.html#209 Core (word usage) was anti-equipment etc
https://www.garlic.com/~lynn/2000d.html#82 "all-out" vs less aggressive designs (was: Re: 36 to 32 bit transition)
https://www.garlic.com/~lynn/2000f.html#55 X86 ultimate CISC? No. (was: Re: "all-out" vs less aggressive designs)
https://www.garlic.com/~lynn/2000f.html#63 TSS ancient history, was X86 ultimate CISC? designs)
https://www.garlic.com/~lynn/2000g.html#15 360/370 instruction cycle time
https://www.garlic.com/~lynn/2000g.html#16 360/370 instruction cycle time
https://www.garlic.com/~lynn/2001.html#63 Are the L1 and L2 caches flushed on a page fault ?
https://www.garlic.com/~lynn/2001b.html#37 John Mashey's greatest hits
https://www.garlic.com/~lynn/2001k.html#8 Minimalist design (was Re: Parity - why even or odd)
https://www.garlic.com/~lynn/2002.html#50 Microcode?
https://www.garlic.com/~lynn/2002g.html#47 Why are Mainframe Computers really still in use at all?
https://www.garlic.com/~lynn/2002m.html#2 Handling variable page sizes?
https://www.garlic.com/~lynn/2002m.html#68 Tweaking old computers?
https://www.garlic.com/~lynn/2002n.html#10 Coherent TLBs
https://www.garlic.com/~lynn/2002n.html#58 IBM S/370-168, 195, and 3033
https://www.garlic.com/~lynn/2003e.html#12 Resolved: There Are No Programs With >32 Bits of Text
https://www.garlic.com/~lynn/2003f.html#56 ECPS:VM DISPx instructions
https://www.garlic.com/~lynn/2003g.html#19 Multiple layers of virtual address translation
https://www.garlic.com/~lynn/2003g.html#20 price ov IBM virtual address box??
https://www.garlic.com/~lynn/2003h.html#37 Does PowerPC 970 has Tagged TLBs (Address Space Identifiers)
https://www.garlic.com/~lynn/2003m.html#37 S/360 undocumented instructions?
https://www.garlic.com/~lynn/2004c.html#6 If the x86 ISA could be redone
https://www.garlic.com/~lynn/2004p.html#8 vm/370 smp support and shared segment protection hack
https://www.garlic.com/~lynn/2005b.html#62 The mid-seventies SHARE survey
https://www.garlic.com/~lynn/2005h.html#10 Exceptions at basic block boundaries
https://www.garlic.com/~lynn/2005h.html#18 Exceptions at basic block boundaries
https://www.garlic.com/~lynn/2005j.html#39 A second look at memory access alignment
https://www.garlic.com/~lynn/2005p.html#45 HASP/ASP JES/JES2/JES3
https://www.garlic.com/~lynn/2006.html#13 VM maclib reference
https://www.garlic.com/~lynn/2006.html#38 Is VIO mandatory?
https://www.garlic.com/~lynn/2006e.html#0 About TLB in lower-level caches
https://www.garlic.com/~lynn/2006e.html#5 About TLB in lower-level caches
https://www.garlic.com/~lynn/2006e.html#12 About TLB in lower-level caches
https://www.garlic.com/~lynn/2006i.html#4 Mainframe vs. xSeries
https://www.garlic.com/~lynn/2006i.html#9 Hadware Support for Protection Bits: what does it really mean?
https://www.garlic.com/~lynn/2006i.html#23 Virtual memory implementation in S/370
https://www.garlic.com/~lynn/2006j.html#5 virtual memory
https://www.garlic.com/~lynn/2006j.html#41 virtual memory
https://www.garlic.com/~lynn/2006l.html#22 Virtual Virtualizers
https://www.garlic.com/~lynn/2006m.html#26 Mainframe Limericks
https://www.garlic.com/~lynn/2006n.html#16 On the 370/165 and the 360/85
https://www.garlic.com/~lynn/2006s.html#61 Is the teaching of non-reentrant HLASM coding practices ever defensible?
https://www.garlic.com/~lynn/2006t.html#1 Is the teaching of non-reentrant HLASM coding practices ever
https://www.garlic.com/~lynn/2006u.html#60 Why these original FORTRAN quirks?
https://www.garlic.com/~lynn/2006y.html#26 moving on
https://www.garlic.com/~lynn/2006y.html#35 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2007d.html#32 Running OS/390 on z9 BC
https://www.garlic.com/~lynn/2007f.html#7 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007g.html#72 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007j.html#43 z/VM usability
https://www.garlic.com/~lynn/2007n.html#35 IBM obsoleting mainframe hardware
https://www.garlic.com/~lynn/2007o.html#41 Virtual Storage implementation
https://www.garlic.com/~lynn/2007o.html#53 Virtual Storage implementation
https://www.garlic.com/~lynn/2007p.html#70 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007p.html#74 GETMAIN/FREEMAIN and virtual storage backing up
https://www.garlic.com/~lynn/2007r.html#62 CSA 'above the bar'
https://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Distributed Computing Newsgroups: alt.folklore.computers Date: Sun, 09 Dec 2007 11:25:48 -0500re:
I've posted before about overnight batch window and being called in to
look at one such large legacy application.
https://www.garlic.com/~lynn/2006u.html#50 Where can you get a Minor in Mainframe?
https://www.garlic.com/~lynn/2007l.html#20 John W. Backus, 82, Fortran developer, dies
... a 450k-plus line cobol program that ran on large tens of max'ed out mainframe systems (avg. $30m/per) ... this was at the same time the organization was spending a few hundred million on a distributed computing replacement.
it appeared at the time (thru much of the 90s), nobody in the industry was bothering to benchmark the (distributed object-oriented) toy demos and/or doing the related speeds&feeds analysis ... possibly because belief in mantra that a large enuf number of killer micros could overcome any level of inefficienciy ... and/or some of the other organizations on the distributed (object-oriented) computing bandwagon should have already done the speeds&feeds analysis. in fact, large billions went down the drain on these kinds of projects w/o anybody having done the necessary analysis.
In the case of the large 450k-plus line cobol program ... most of its lifetime it had been subject to "hot-spot" analysis ... i.e. sampling instruction location ... and then optimizing the instruction region where the program spent majority of its time. This approach had somewhat hit the wall and was showing little or no further returns.
This is similar to the analysis we did for architecting ECPS ...
which used both instruction address smapling as well as time-stamping
entry/exit ... old post about ECPS and results of time-stamping study
https://www.garlic.com/~lynn/94.html#21 370 ECPS VM microcode assist
I've mentioned before that the science center also pioneered system
modeling and multiple regression analysis for performance work (as
well as early work that eventually turned into capacity planning).
Lots of past related posts:
https://www.garlic.com/~lynn/submain.html#benchmark
One of the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
system modeling efforts was implemented in APL and (among other things)
was deployed on the world-wide sales & marketing (vm-based) HONE
system
https://www.garlic.com/~lynn/subtopic.html#hone
as the performance predictor. Sales/Marketing people could input customer configuration and workload profiles ... and ask "what if" questions about what happens when there are configuration and/or workload changes.
A distant descendent of the performance predictor was "sold off"
during the corporation downturn period ... recent reference in
another context in comp.arch post
https://www.garlic.com/~lynn/2007u.html#16 Fazing out x86
which then was taken and run thru an APL->C translator and the person was using it in a successful performance consulting business (large enterprise customers ... and not just mainframe). This person had also been hired to look at the large legacy overnight batch window application.
So the final thing that wasn't being done was multiple regression analysis. So I got them to supply me with a whole load of "activity" statistics across a large number of nightly runs on a large number of different machines ... to process. This identified a very fruitful area from which a 15percent performance improvement was gained (a functional area that wasn't obvious from other techniques). While 15percent doesn't seem like a lot ... if it is measured in just the hardware costs of the associated mainframes ... it comes to a couple hundred million.
a few past posts mentioning the activity:
https://www.garlic.com/~lynn/2002l.html#62 Itanium2 performance data from SGI
https://www.garlic.com/~lynn/2005d.html#6 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005k.html#17 More on garbage collection
https://www.garlic.com/~lynn/2005n.html#18 Code density and performance?
https://www.garlic.com/~lynn/2006f.html#22 A very basic question
https://www.garlic.com/~lynn/2006g.html#4 The Pankian Metaphor
https://www.garlic.com/~lynn/2006o.html#23 Strobe equivalents
https://www.garlic.com/~lynn/2006s.html#24 Curiousity: CPU % for COBOL program
https://www.garlic.com/~lynn/2006t.html#28 Why these original FORTRAN quirks?
https://www.garlic.com/~lynn/2006u.html#50 Where can you get a Minor in Mainframe?
https://www.garlic.com/~lynn/2007g.html#71 PAAppViewer3 (AppViewer3)?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Sun, 09 Dec 2007 14:06:42 -0500jmfbahciv writes:
Camelot and the Cultural Revolution: How the Assassination of
John F. Kennedy Shattered American Liberalism
http://www.booktv.org/program.aspx?ProgramId=8968&SectionName=&PlayMedia=No
will be repeated next sunday.
some of the statements had to do with the democratic party changing
from the party of John Locke ... wiki reference:
https://en.wikipedia.org/wiki/John_Locke
to the party of Hegel ... wiki reference:
https://en.wikipedia.org/wiki/Georg_Wilhelm_Friedrich_Hegel
There were some comments about Jackie and others felt that the shooting should have been the responsibility of the far right dispite there being absolutely no facts to support the feelings (and being at the root of the subsequent conspiracy theories) ... possibly as a way of attempting to make the death more meaningful.
Also some comments about contributing to the rise of appearance over substance.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly Newsgroups: bit.listserv.ibm-main,alt.folklore.computers To: <ibm-main@bama.ua.edu> Date: Sun, 09 Dec 2007 14:44:59 -0500shmuel+ibm-main@PATRIOT.NET (Shmuel Metz , Seymour J.) writes:
> The only operating systems that are legal to run on Hercules are Linux, > and MVS 3.8 (I think). Shirley all of these are legal: BOS/360 BPS/360 CALL/360 CP/67 DOS/VSE DOS/360 MTS OS/VS1 OS/VS2 R1.7 (SVS) TOS/360 TSS/360 VMF/370this recent post references
some (virtual machine) cp67 historical references from Melinda's VM
paper at
https://www.leeandmelindavarian.com/Melinda/
https://www.leeandmelindavarian.com/Melinda#VMHist
mentioning that very early, two new commercial companies were formed to
offer (virtual machine) cp67-based commercial timesharing services
https://www.garlic.com/~lynn/submain.html#timeshare
drawing people heavily from Science Center,
https://www.garlic.com/~lynn/subtopic.html#545tech
Lincoln Labs, and Union Carbide.
It also makes references to MTS folklore having been initially built on top of Lincoln Labs "LLMPS".
There was an OS/360 operators console application called ONLINE/OS that provided CMS-like interactive functionality. It was most frequently used with PCP ... but could also be used on MFT and MVT.
CP67 had a function that could save a "virtual memory" image of a running virtual machine. This was used with CMS to get rapid startup. However, a technique was developed that could also "checkpoint" a virtual memory image of OS/360 ... at point when I/O had been quiesed ... allowing OS/360 "quick start" in a virtual machine (just restore the saved virtual memory image). This could be used in conjunction with restoring a saved image of OS/360 where ONLINE/OS had already been up and running.
old posts mentioning online/os
https://www.garlic.com/~lynn/2001i.html#34 IBM OS Timeline?
https://www.garlic.com/~lynn/2001n.html#45 Valid reference on lunar mission data being unreadable?
https://www.garlic.com/~lynn/2004.html#48 AMD/Linux vs Intel/Microsoft
https://www.garlic.com/~lynn/2004d.html#33 someone looking to donate IBM magazines and stuff
https://www.garlic.com/~lynn/2007b.html#50 Is anyone still running
part of Melinda's paper has appendix mentioning ONLINE/OS was never
released outside the company (although I had a copy of it at the
university in the 60s, also much of the original work had been done by
a person on assignment from Union Carbide) ref:
E.C. Hendricks, C.I. Johnson, R.D. Seawright, and D.B. Tuttle,
Introduction to ONLINE/OS and ONLINE/OS User's Guide, IBM Cambridge
Scientific Center Reports 320-2036, 320-2037, March, 1969
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Sun, 09 Dec 2007 15:45:00 -0500"Skitt" <skitt99@comcast.net> writes:
slightly related past posts:
https://www.garlic.com/~lynn/97.html#19 Why Mainframes?
https://www.garlic.com/~lynn/2001k.html#8 Minimalist design (was Re: Parity - why even or odd)
https://www.garlic.com/~lynn/2001k.html#65 SMP idea for the future
https://www.garlic.com/~lynn/2002h.html#21 PowerPC Mainframe
https://www.garlic.com/~lynn/2002l.html#69 The problem with installable operating systems
https://www.garlic.com/~lynn/2003.html#72 Disk drives as commodities. Was Re: Yamhill
https://www.garlic.com/~lynn/2003l.html#31 IBM Manuals from the 1940's and 1950's
https://www.garlic.com/~lynn/2003n.html#29 Architect Mainframe system - books/guidenance
https://www.garlic.com/~lynn/2004q.html#30 High Level Assembler for MVS & VM & VSE
https://www.garlic.com/~lynn/2005.html#21 The Soul of Barb's New Machine (was Re: creat)
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Sun, 09 Dec 2007 16:21:05 -0500re:
and for totally unrelated, when i was a kid, we would bath in pool in nearby river on saturdays (at least in the summer) ... used bars of ivory since they floated.
there have been recent news articles speculating that significant higher incidence of asthma among kids from urban environments vis-a-vis children raised in the country ... is that non-urban environment exposes children to variety of environmental conditions that result in improved immune system.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: T3 Sues IBM To Break its Mainframe Monopoly Newsgroups: alt.folklore.computers Date: Sun, 09 Dec 2007 16:34:26 -0500John Ahlstrom <AhlstromJK@comcast.net> writes:
The Boeing folklore was that the Boeing people knew more about 360 announcement than the local IBM sales people did ... and presented the local salesman with an extremely large 360 order shortly after announcement ... and had to explain to the salesman what it was.
Also, the order was so large that it is supposed to have prompted the company's move from straight commission structure to sales quota system (supposedly the straight commission on this order made the salesman the highest paid employee in the corporation, for effectively not having done anything more than being there to accept the order).
misc. recent posts mentioning BCS:
https://www.garlic.com/~lynn/2007f.html#44 Is computer history taught now?
https://www.garlic.com/~lynn/2007f.html#54 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#19 IBM Unionization
https://www.garlic.com/~lynn/2007m.html#60 Scholars needed to build a computer history bibliography
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Sun, 09 Dec 2007 18:08:17 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
and the outhouse didn't have any water either to flush with or to wash with ... and frequently the paper were pages from a one of two common mail-order catalogues.
old post mentioning going back much later with my own family (and
accidentally "locking" my daughter in the outhouse)
https://www.garlic.com/~lynn/2007m.html#17 Scholars needed to build a computer history bibliography
repeat from the above post:
or like turning the block of wood on the outhouse door. the door had a spring on it ... but it had a wood block that was nailed to the outside frame ... and turned the block to keep the door from blowing open and help cut down on the flies.
on one trip back with the family ... at one point was out in the outhouse ... and my daughter was waiting outside for me to leave ... she slipped in as i exited ... and automatically i turned the block of wood (locking her in) as the door shut ... w/o even thinking about it consciously. 30-40 mins later ... somebody asked where she was ... and found her inside banging and yelling (couldn't hear her from the house).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Sun, 09 Dec 2007 19:00:15 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
and the follow-on to the above reference post
https://www.garlic.com/~lynn/2007m.html#18 Scholars needed to build a computer history bibliography
has a picture of me at a young age ... just out of view on the left of the picture in the post, was the rain barrel used to collect water for clothes washing.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Folklore references to CP67 at Lincoln Labs Newsgroups: alt.folklore.computers Date: Sun, 09 Dec 2007 19:59:09 -0500"Dave Wade" <g8mqw@yahoo.com> writes:
somewhat related post
https://www.garlic.com/~lynn/2007u.html#23 T3 Sues IBM To Break its Mainframe Monopoly
when i created a cp67 bootable tape for distribution ... some reference
in this old email references moving from doing cp67-based internal
distributions to vm370-based internal distributions
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
referenced in these recent posts
https://www.garlic.com/~lynn/2007u.html#6 Open z/Architecture or Not
... i would have exectuable kernel image and appended on the tape would be all the files & source needed to recreate the executable kernel image (including the procedures to process the source)
up thru the 80s, i had a few of these old tape images, some even triple
replicated in the (same) datacenter library. This was the source for the
cp67 multi-level source management provided to Melinda in fall of 85 ...
reference from vmshare archive
http://vm.marist.edu/~vmshare/read.cgi?fn=HISTORY&ft=MEMO&line=49
in this thread:
http://vm.marist.edu/~vmshare/browse.cgi?fn=HISTORY&ft=MEMO
i deny all knowledge related to the 2nd post in the above. However, slightly futher down in the above thread may be familiar names from this n.g.
but shortly after the above reference ... the datacenter went thru some
operational difficulties ... where mount requests for "scratch" tapes
somewhat randomly pulled tapes from the tape library ... and nearly all
my archive tapes with data from the 60s & 70s were wiped out (including
my old cp67 archives). some old posts mentioning the trauma:
https://www.garlic.com/~lynn/2003i.html#13 A Dark Day
https://www.garlic.com/~lynn/2003j.html#14 A Dark Day
https://www.garlic.com/~lynn/2003j.html#45 Hand cranking telephones
https://www.garlic.com/~lynn/2003m.html#12 Seven of Nine
https://www.garlic.com/~lynn/2004b.html#59 A POX on you, Dennis Ritchie!!!
https://www.garlic.com/~lynn/2006w.html#42 vmshare
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Mon, 10 Dec 2007 07:22:26 -0500jmfbahciv writes:
The "architecture" manual was strongly enforced. That is what allowed lots of groups to work in parallel ... not just hardware and software ... but also all the different hardware groups doing different processor models (at different locations ... in some cases on different continents).
slightly related recent post (mentions the "owner" of the architecture
book):
https://www.garlic.com/~lynn/2007u.html#24 What do YOU call the # sign?
Strongly enforcing everybody to follow the rules ... was also the
testimony (previously mentioned) that allowed the company to make sure
all models implemented the exact same architecture (the 165 example was
situation involving large number of people eventually agreeing to
something different ... and then also forcing everybody to comply with
the change) .. the point of the testimony was that none of the other
companies managed to achieve that level of control, providing ibm with a
competitive advantage ... recent posts mentioning that testimony
https://www.garlic.com/~lynn/2007m.html#34 IBM 8000 ???
https://www.garlic.com/~lynn/2007n.html#13 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007p.html#8 what does xp do when system is copying
https://www.garlic.com/~lynn/2007p.html#9 CA to IBM product swap
https://www.garlic.com/~lynn/2007t.html#63 Remembering the CDC 6600
recent posts mentioning the architecture "redbook"
https://www.garlic.com/~lynn/2007d.html#32 Running OS/390 on z9 BC
https://www.garlic.com/~lynn/2007f.html#7 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007i.html#31 Latest Principles of Operation
https://www.garlic.com/~lynn/2007r.html#23 Abend S0C0
https://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'
recent posts mentioning the "811" (i.e. 370-xa) architecture
specification:
https://www.garlic.com/~lynn/2007g.html#57 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
https://www.garlic.com/~lynn/2007k.html#28 IBM 360 Model 20 Questions
https://www.garlic.com/~lynn/2007l.html#71 IBM 360 Model 20 Questions
https://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Public Computers Newsgroups: alt.folklore.computers Date: Mon, 10 Dec 2007 07:32:49 -0500Morten Reistad <first@last.name> writes:
the other thing that went on in VM was that with a very focused microkernel-like specification ... it was a lot easier to focus on performance issues and their solution. it was also straight-forward progression to start including virtual machine operation as part of the hardware definition ... activity that started in the 70s.
there are also issues regarding preserving microkernel specification "purity" ... or taking short-cuts ... this has showed up more recently in some microkernel implementations attempting to get networking/tcpip support out of the kernel.
misc. posts mentioning microkernel (and/or virtual machine
implementation microkernel):
https://www.garlic.com/~lynn/2005b.html#22 The Mac is like a modern day Betamax
https://www.garlic.com/~lynn/2005c.html#44 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005c.html#56 intel's Vanderpool and virtualization in general
https://www.garlic.com/~lynn/2005c.html#63 intel's Vanderpool and virtualization in general
https://www.garlic.com/~lynn/2005f.html#10 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2006p.html#10 What part of z/OS is the OS?
https://www.garlic.com/~lynn/2006p.html#11 What part of z/OS is the OS?
https://www.garlic.com/~lynn/2007g.html#70 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007g.html#83 IBM to the PCM market
https://www.garlic.com/~lynn/2007i.html#26 Latest Principles of Operation
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007l.html#1 The top 10 dead (or dying) computer skills
https://www.garlic.com/~lynn/2007o.html#4 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Mon, 10 Dec 2007 10:42:46 -0500jmfbahciv writes:
well some barnyard stuff ... over the years ... mud scapper nailed to a timber and latter bolted to concrete block.
there was long haul east/west railroad not too far away ... and every other year or so ... they came thru doing track maintenance. cast-off railroad ties were still usable for lots of functions.
also picked up some other stuff at railroad auction ... my uncle did part-time house moving ... and jacks they used for moving tracks around could be adapted to house moving. i remember lightweight cast aluminum around 60-70 lbs and larger steel jacks around 120 lbs. tamping bar also usable as jack handle and misc. other functions.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Mon, 10 Dec 2007 10:58:59 -0500re:
item from today with a number of pros & cons (for xmas lights):
Good, bad and ugly of LEDs
http://www.eetimes.com/news/latest/showArticle.jhtml?articleID=204702684
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: 25 years: A technology timeline Newsgroups: alt.folklore.computers Date: Mon, 10 Dec 2007 11:06:09 -050025 years: A technology timeline
from above:
This timeline excludes a few technologies that might seem obvious choices, but they appeared before 1982. The Internet, for instance, was designed in 1974, though it did not open up until the 1980s. Personal digital assistants first appeared in 1975. TCP/IP goes back to the 1970s. Even in a time of accelerated technology advancements, innovations take time to gestate — wikis, which have caught fire in recent years, date to 1995.
... snip ...
and misc references on some of the subjects
rdbms
https://www.garlic.com/~lynn/submain.html#systemr
clusters
https://www.garlic.com/~lynn/lhwemail.html#medusa
and
https://www.garlic.com/~lynn/95.html#13
html and 1st webserver outside europe
https://www.garlic.com/~lynn/2007t.html#40 Why isn't OMVS command integrated with ISPF?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers,uk.rec.sheds Date: Mon, 10 Dec 2007 11:46:16 -0500Esra Sdrawkcab <admin@127.0.0.1> writes:
quicky search engine turns up a few hasp images here:
http://www.lockingsystems.com/PadlockHasps.htm
HASP for Houston Automated Spooling Program ... developed by ibm'ers on
the nasa houston account ... wiki reference
https://en.wikipedia.org/wiki/Houston_Automated_Spooling_Program
Above mentions first HASP meeting was at mar68 SHARE in Houston ... which is also where CP67 was announced. I got to attend the conference ... and went to some number of cp67, os360 as well as HASP meeting i.e. I had been done some amount of work on both os360 and HASP ... cp67 had only been installed at the univ the last week jan68.
misc. past posts mentioning HASP, JES2, and/or JES2 networking
https://www.garlic.com/~lynn/submain.html#hasp
my wife did a stint in the (gburg) JES group ... following FS being
killed ... referenced here
https://www.garlic.com/~lynn/2007u.html#13 new 40+ yr old, disruptive technology
which was handling morph of HASP->JES2 and ASP->JES3. One of her efforts
was to do detailed analysis of JES2 and JES3 features and come up with
definition for integrated product. recent post
https://www.garlic.com/~lynn/2007p.html#12 JES2 or JES3, Which one is older?
She was then con'ed into moving to POK to take responsibility for
"loosely-coupled" (mainframe for cluster) architecture. some posts
mentioning stint responsible for "loosely-coupled" architecture
https://www.garlic.com/~lynn/submain.html#shareddata
the HASP wiki article has URL for:
Session O441 - The History of HASP and JES2
http://www.redbug.org/dba/sharerpt/share79/o441.html
the above article also has some comments about the FS project that was
going on in the early 70s
https://www.garlic.com/~lynn/submain.html#futuresys
The history article also mentions the HASP team moving to Washington where RJE was added and released as HASP version 2.
At the univ., I had started work on adding CRJE support to HASP ... "deleting" the 2780/RJE code ... and inserting 2741&tty terminal support along with adding editor interface that implemented the CMS editor command syntax.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Mon, 10 Dec 2007 14:57:31 -0500Peter Duncanson <mail@peterduncanson.net> writes:
that summer you could periodically see serial #3 flying over the skys of seattle ... getting FAA certification.
as part of various orientations, I was given a number of tours, ... including 747 interior mockup ... and remember from that tour a comment that 747 would be carrying so many people that it would always be serviced by at least four jetways (because of the people congestion).
was renting a basement apartment from one of the 747 engineers working in everett ... who had some stories on how well the testing was going (at the time, BCS was at corporate hdqtrs just off boeing field).
placing the flight deck above the body of the plane was explaned as also pitching the plane as a "commercial" C5A-competition ... allowed a freight/cargo version where the nose swings open.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Mon, 10 Dec 2007 16:53:23 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
news item from today on recent Fed Payments Study
PIN Debit And the ACH Among the Big Gainers in Fed Payments Study
http://www.digitaltransactions.net/newsstory.cfm?newsid=1603
from above:
But efforts by merchants, including Wal-Mart, to push lower-cost PIN
debit appear to be effectively counteracting that promotion, according
to Oliver. Merchants not only are installing more PIN-reading
point-of-sale terminals, but they're also employing the practice of
"PIN-prompting" in which the terminal automatically asks the customer
to enter the PIN when a debit card offering both options is swiped.
... snip ...
above reference is to extensive tv advertisement and other promotions for signature debit being run by the card associations.
actual study is here:
http://www.frbservices.org/Retail/pdf/2007_payments_study.pdf
the study also mentions that the number of ATM cash withdrawals has been descreasing ... but the total value of cash withdrawals has increased. While not mentioned, some of the churn related to ATM fees might play a factor.
for more topic drift ... ATM & ACH settlements are part of the
transactions involved in overnight batch window
https://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Mainframe Funeral Newsgroups: alt.folklore.computers Date: Mon, 10 Dec 2007 17:00:29 -0500x-over reference from recent post in b.l.i
Manitoba Mainframe Funeral
http://www.cbc.ca/spark/blog/2007/11/manitoba_mainframe_funeral.html
and
In Loving Memory of the Mainframe (aka IMS)
http://umanitoba.ca/mainframe/
from above:
The first mainframe, an IBM 650 was installed in the year 1960 and went
through many upgrades and changes to the final hardware of an Amdahl
Millennium 1015. In its many forms the mainframe has supported the
Student Records systems, Payroll, Human Resources, Finance, Research,
student labs, etc.
The mainframe was predeceased by the Huron Object Star database,
telephone registration, punch cards, card readers, DT80 terminals
connected by the pink wire, and Mantes, the beloved file management
system.
... snip ...
for other topic drift ... a couple past references to Huron:
https://www.garlic.com/~lynn/2006t.html#13 VM SPOOL question
https://www.garlic.com/~lynn/2006x.html#2 The Future of CPUs: What's After Multi-Core?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: New, 40+ yr old, direction in operating systems Newsgroups: alt.folklore.computers Date: Mon, 10 Dec 2007 22:04:59 -0500re:
Virtualization is being used for consolidation and management ... but it is also being leveraged for creating virtual appliances (or what we used to call service virtual machines) ... which are also being characterized as light-weight operating systems (both the virtual machine hypervisor as a microkernel as well as the virtual appliance as a different kind of microkernel).
recent article in line about virtualization being leveraged to change nature of operating systems; most recent:
The OS: Fat or thin?; Future of IT: Cloud computing heralds winds of
change, but heavy-duty OSes hold their ground
http://www.gcn.com/print/26_30/45537-1.html
from above:
Because virtualization is getting easier, we are starting to see
independent software vendors start to package their applications with a
dedicated OS. When you buy the software, you actually get the software
and a complete operating environment. This practice allows vendors to
control the environment, which cuts the cost of supporting different
OSes. "So you don't patch the application, you patch the entire unit
together," Cathrow said.
... snip ...
also along the lines of this set of posts
https://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
other recent articles in the genre:
Red Hat Goes Grid and Real Time with Enterprise MRG Distro
http://www.itjungle.com/breaking/bn101705-story03.html
A Boom Year for Virtualization Management
http://www.gridtoday.com/grid/1934723.html
Red Hat Goes Grid
http://www.enterpriseitplanet.com/networking/news/article.php/3715051
Novell hits at Red Hat's real-time rant
http://community.zdnet.co.uk/blog/0,1000000567,10006694o-2000469549b,00.htm
Linux Jumps to Real Time
http://www.itbusinessedge.com/blogs/atc/?p=270
Future of IT: Cloud computing heralds winds of change but heavy-duty
OSes hold their ground
http://www.gcn.com/print/26_30/45537-1.html
recent posts mentioning virtual appliance and/or light-weight
operating system (running in virtual machines) are the
new (40+ yr old) direction:
https://www.garlic.com/~lynn/2007i.html#36 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007k.html#48 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#67 Operating systems are old and busted
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007o.html#3 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007q.html#25 VMware: New King Of The Data Center?
https://www.garlic.com/~lynn/2007s.html#4 Why do we think virtualization is new?
https://www.garlic.com/~lynn/2007s.html#26 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007s.html#35 Oracle Introduces Oracle VM As It Leaps Into Virtualization
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Computer language history Newsgroups: alt.folklore.computers Date: Tue, 11 Dec 2007 06:49:14 -0500Justa Lurker <JustaLurker@att.net> writes:
as the cp67 group grew and morphed into the vm370 group, it split off from the science center and absorbed the Boston Programming Center on the 3rd flr (later it outgrow the 3rd flr and moved out into the old SBC bldg. in burlington mall ... this was after the legal settlement and SBC became part of CDC).
other past posts mentioning Jean Sammet and Boston Programming Center
on the 3rd flr
https://www.garlic.com/~lynn/2000d.html#37 S/360 development burnout?
https://www.garlic.com/~lynn/2000f.html#66 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
https://www.garlic.com/~lynn/2001m.html#47 TSS/360
https://www.garlic.com/~lynn/2002h.html#59 history of CMS
https://www.garlic.com/~lynn/2002j.html#17 CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2002o.html#76 (old) list of (old) books
https://www.garlic.com/~lynn/2002o.html#78 Newsgroup cliques?
https://www.garlic.com/~lynn/2003c.html#0 Wanted: Weird Programming Language
https://www.garlic.com/~lynn/2003c.html#1 Wanted: Weird Programming Language
https://www.garlic.com/~lynn/2003k.html#55 S/360 IPL from 7 track tape
https://www.garlic.com/~lynn/2004.html#20 BASIC Language History?
https://www.garlic.com/~lynn/2004d.html#42 REXX still going strong after 25 years
https://www.garlic.com/~lynn/2004m.html#54 Shipwrecks
https://www.garlic.com/~lynn/2005.html#8 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2006j.html#44 virtual memory
https://www.garlic.com/~lynn/2006m.html#21 The very first text editor
https://www.garlic.com/~lynn/2006m.html#28 Mainframe Limericks
https://www.garlic.com/~lynn/2006s.html#1 Info on Compiler System 1 (Univac, Navy)?
https://www.garlic.com/~lynn/2007l.html#58 Scholars needed to build a computer history bibliography
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: New, 40+ yr old, direction in operating systems Newsgroups: alt.folklore.computers Date: Tue, 11 Dec 2007 07:12:32 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
relatively trivial example is in this recent post mentioning the port of
Open Solaris to mainframe virtual machine
https://www.garlic.com/~lynn/2007u.html#9 Open z architecture and Linux questions
and comments about the difference between a virtual machine port and port to running on native hardware.
a big issue is that native hardware service requirements tend to be fairly robust EREP and RAS. This showed up in the 80s unix ports of Amdahl UTS and also AIX/370. The observation at the time was that adding mainframe quality EREP and RAS to the port was an effort several times larger than the port itself.
It didn't mean that the unix port couldn't be run on the "native" hardware, it just was that it wouldn't have met the customer (and field service maintenance people) EREP & RAS requirements. In the virtual machine environment, the underlying virtual machine hypervisor would provide the underlying sophisticated EREP and RAS functions ... significantly simplifying the port.
Misc. news items:
Sine Nomine Shows Off Solaris on System z
http://www.ldworen.net/fun/osvu.html
OpenSolaris follows Linux to the mainframe
http://www.news.com/8301-13580_3-9826527-39.html
OpenSolaris follows Linux to the mainframe
http://www.zdnetasia.com/news/software/0,39044164,62035048,00.htm
Something similar could be claimed for the unix adaptation to stripped down TSS/370 kernel for internal AT&T use. UNIX api and applications were moved on top of highly modified TSS/370 kernel. Rather than "straight" virtual machine adaptation, squinting, the stripped down TSS/370 kernel could be considered a highly abstract virtual machine layer (leveraging the "bare machine" EREP & RAS support in TSS/370).
misc. past posts mentioning virtual machine EREP/RAS for mainframe
unix ports:
https://www.garlic.com/~lynn/2001k.html#18 HP-UX will not be ported to Alpha (no surprise)exit
https://www.garlic.com/~lynn/2001l.html#19 mainframe question
https://www.garlic.com/~lynn/2004q.html#37 A Glimpse into PC Development Philosophy
https://www.garlic.com/~lynn/2005q.html#26 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005s.html#34 Power5 and Cell, new issue of IBM Journal of R&D
https://www.garlic.com/~lynn/2006b.html#24 Seeking Info on XDS Sigma 7 APL
https://www.garlic.com/~lynn/2006y.html#43 Remote Tape drives
https://www.garlic.com/~lynn/2007.html#38 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#3 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007m.html#69 Operating systems are old and busted
https://www.garlic.com/~lynn/2007p.html#5 PL/S programming language
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Fazing out x86 Newsgroups: comp.arch Date: Tue, 11 Dec 2007 07:19:31 -0500"Ken Hagan" <K.Hagan@thermoteknix.co.uk> writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Tue, 11 Dec 2007 07:49:26 -0500jmfbahciv writes:
met to be understatement, somewhat facetious
... and cast aluminum jack was about 3ft high and around 70lbs ... so it could take some load ... not as much as the bigger steel jacks ... which were more like 4ft and 120lbs.
lifting a house usually went lifting one-side a foot or so, blocking it and then moving the jacks to the other side and lifting it ... taking the house up sort of seesaw back and forth and moving jacks from one-side to the other. it was awhile before i weighed more than the bigger jacks, carrying it from one side of house to the other.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Distributed Computing Newsgroups: alt.folklore.computers Date: Tue, 11 Dec 2007 11:39:58 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
some quicky search engine use for straight-through processing and/or overnight batch window turns up a few other references (some talking about risk exposure in securities industry of not doing real-time settlement):
Straight Through Processing Publication
http://www.venturefsg.com/article2.htm
Straight Through Processing in the Securities Industry
-Light at the End of the Tunnel
http://www.soforum.com/library/aba2.shtml
Using S.W.I.F.T. To Reduce The Risk - A White Paper For
Investment Managers
http://www.soforum.com/library/swift.shtml
Scandal to push systems redesign
http://www.computerworld.com/managementtopics/ebusiness/story/0,10801,71646,00.html
Design strategies for legacy system involvement in SOA solutions
http://www-128.ibm.com/developerworks/webservices/library/ws-soa-legacy/
EP1384180 Accenture european software patent - A method and system for
identifying bottlenecks in a securities processing system
http://gauss.ffii.org/PatentView/EP1384180
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Folklore references to CP67 at Lincoln Labs Newsgroups: alt.folklore.computers Date: Tue, 11 Dec 2007 14:08:53 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
topic drift, somewhat related to cp67 source management ... one of the
people that did some work on it ... mentioned here
http://alum.mit.edu/ne/noteworthy/profiles/mockapetris.html
then can drift to this recent news item
DNS Attack Could Signal Phishing 2.0
http://news.yahoo.com/s/pcworld/20071211/tc_pcworld/140465
DNS Attack Could Signal Phishing 2.0
http://www.pcworld.com/article/id,140465-c,onlinesafety/article.html
DNS attack could signal Phishing 2.0
http://www.networkworld.com/news/2007/121307-microsoft-releases-beta-of-hyper-v.html
DNS attack could signal Phishing 2.0
http://www.infoworld.com/article/07/12/11/DNS-attack-could-signal-Phishing-2.0_1.html
note that one of the original purposes for SSL ... a few related
posts here
https://www.garlic.com/~lynn/subpubkey.html#sslcert
and here
https://www.garlic.com/~lynn/subpubkey.html#catch22
... was as countermeasure to some number of integrity issues in DNS (and related exploits).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Tue, 11 Dec 2007 16:18:37 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
some discussion of track jacks from google
http://books.google.com/books?id=elg5AAAAMAAJ&pg=PA254&lpg=PA254&dq=railroad+%22track+jack%22&source=web&ots=CLcQ-DGtmz&sig=_ooGtWYgCqfiOq3VfKSGEHk6u7w
another description/picture:
http://books.google.com/books?id=raVyq4jzQQMC&pg=PA217&lpg=PR13&dq=railroad+%22track+jack%22
current product list ... largest 20ton jack weighs 104lbs
(about 15lbs less than what i remember)
http://www.tksimplex.com/assets/applets/RATCHET_JACK.pdf
also lists 6' 20lb jack handle
It has 10 ton ratchet jacks, 22B weighing 70lbs with ductile iron housing and "identical" A1022 weighing 42lbs with aluminum housing.
It lists 15ton A1538 ("A" for aluminum housing?) weighing 62lbs ... but it is a utility pole jack.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 08:11:56 -0500Morten Reistad <first@last.name> writes:
was that dongle/chipcards could be operated by virus/trojans while connected to PC.
straight password is static something you know authentication,
from 3-factor authentication paradigm
https://www.garlic.com/~lynn/subintegrity.html#3factor
and vulnerable to evesdropping/skimming and replay attacks.
dongle/chipcard is something you have authentication ... that in conjunction with a pin/password can provide multi-factor authentication. multi-factor authentication is presumed to provide better security assuming the different factors are subject to independent vulnerabilities..
EU FINREAD standard was to address threats where dongle/chipcard is connected to PC and operated in conjunction with PC display and keyboard ... which have loads of threats/vulnerabilities; aka a virus/trojan can include keylogger, capture PIN-entry (used in conjuction with chipcard/dongle), and then execute transactions against the chipcard/dongle simulating human interaction.
The EU FINREAD standard had a independent device with its own trusted display and keypad, connected to the PC and highly resistent to well-studied PC vulnerabilities ... providing security isoliation of chipcard/dongle from these exploits.
The theory was that the EU FINREAD trusted display would show the transaction (like amount/reason) that the chipcard/dongle was being used for ... and then the human would have to enter correct PIN/password on the independent trusted keypad (in response to that display) ... before the chipcard/dongle operated.
Almost a decard ago, the whole genre of such attachments came into severe disrepute after a disastrous, attempted deployment of a similar kind of device ... that had significant installation and operational problems (as opposed to security issues)
recent post referring to EU FINREAD:
https://www.garlic.com/~lynn/2007t.html#22 'Man in the browser' is new threat to online banking
https://www.garlic.com/~lynn/2007u.html#11 Public Computers
https://www.garlic.com/~lynn/2007u.html#15 Public Computers
The EU FINREAD standard somewhat assumed individually owned PC and
individually owned FINREAD terminal. Moving into public environment,
there is likelyhood that the terminal is provided and not the person's
own private device. As a countermeasure to such terminals being
counterfeit and/or compromised, the suggestion is packaging
chipcard/dongle with its own private/trusted display/keypad ... as could
be done with privately owned cellphone/PDA. somewhat related recent
post
https://www.garlic.com/~lynn/aadsm27.htm#38 The bank fraud blame game
https://www.garlic.com/~lynn/2007u.html#5 Public Computers
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 08:16:21 -0500Esra Sdrawkcab <admin@127.0.0.1> writes:
enhanced keyloggers that capture mouse actions appeared almost
immediately (captured screen and what the mouse actions
motion/clicks was doing ... past posts mentioning that
such keyloggers appeared almost immediately
https://www.garlic.com/~lynn/aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
https://www.garlic.com/~lynn/2006k.html#15 Passwords for bank sites - change or not?
https://www.garlic.com/~lynn/2006k.html#22 Encryption for Powerpoint?
https://www.garlic.com/~lynn/2006k.html#46 Keylogger resistance
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 08:21:58 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
... oops, finger slip ... that should have been
https://www.garlic.com/~lynn/2007u.html#47 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 08:37:26 -0500Esra Sdrawkcab <admin@127.0.0.1> writes:
one of the recent references cited here
https://www.garlic.com/~lynn/aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
Say Hi to the mouse click capturing Trojan
http://www.theregister.co.uk/2006/03/16/mouse_click_capturing_trojan/
also in these posts
https://www.garlic.com/~lynn/aadsm26.htm#12 Who has a Core Competency in Security?
https://www.garlic.com/~lynn/aadsm27.htm#7 Solution to phishing -- an idea who's time has come?
few references ...
Defeating Image-Based Virtual Keyboards and Phishing Banks
http://blogs.securiteam.com/index.php/archives/678
Hacking Citibank's Virtual Keyboard
http://www.physorg.com/news98193340.html
Defeating Citi-Bank Virtual Keyboard Protection
http://seclists.org/bugtraq/2005/Aug/0088.html
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 08:56:57 -0500John Varela <OLDlamps@verizon.net> writes:
it wasn't so bad 30-40 yrs ago when a person might only have a very few places requiring shared-secret for something you know authentication.
part of the problem is that beginning security 101 ... requires a unique something you know authentication for every unique security domain (as countermeasure to cross-domain attacks; aka say local neighborhood ISP possibly with high-school employees and fortune 50 employer and/or online banking).
the other part is that it now isn't uncommon for an individual to be face with large scores of different environments requiring (unique) shared-secret something you know authentication.
dongle/chipcards have been posed as countermeasure for evesdropping/skimming vulnerabilities and static shared-secrets in conjunction with simple replay attacks.
unfortunately some of the dongle/chipcards deployments have managed to
bungle the implementation and also present "static" data authentication
... also vulnerable to skimming/evesdropping and trivially allowing the
creation of counterfeit dongle/chipcards ... some recent posts on one
such example
https://www.garlic.com/~lynn/subintegrity.html#yescard
for topic drift ... kerberos and radius are the two most widely deployed
authentication environments for both the internet and ISPs ... as well
as PC systems. some past posts discussing enhancements to eliminate
static shared-secret threats/vulnerabilities in these environments
https://www.garlic.com/~lynn/subpubkey.html#kerberos
https://www.garlic.com/~lynn/subpubkey.html#radius
the simple security 101 approach for dongle/chipcard was to have the institution substitute a dongle/chipcard for the password. this somewhat exhibits the institutional-centric myopic approach that gave rise to requiring individuals needing to remember large scores of unique pin/passwords ... except it potentially now requires them to walk around with large scores (or hundreds) of unique dongle/chipcards. This can quickly become as impractical as attempting to remember all the passwords.
i've posted before about infrastructure to enable transition from an
institutional-centric paradigm to a person-centric paradigm (allowing a
person to limit their unique dongle/chipcards to a very small few).
https://www.garlic.com/~lynn/2007b.html#12 Special characters in passwords was Re: RACF - Password rules
https://www.garlic.com/~lynn/2007b.html#13 special characters in passwords
https://www.garlic.com/~lynn/2007d.html#12 One Time Identification, a request for comments/testing
https://www.garlic.com/~lynn/2007l.html#8 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#9 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#43 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007m.html#27 nouns and adjectives
https://www.garlic.com/~lynn/2007m.html#31 nouns and adjectives
https://www.garlic.com/~lynn/2007s.html#59 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#62 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#65 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007t.html#8 Translation of IBM Basic Assembler to C?
From: lynn@GARLIC.COM (Anne & Lynn Wheeler) Subject: Re: The future of PDSs Newsgroups: bit.listserv.ibm-main Date: 12 Dec 2007 06:47:42 -0800howard.brazee writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 10:08:22 -0500Esra Sdrawkcab <admin@127.0.0.1> writes:
part of the problem has frequently been that the countermeasures are response to specific instance/characteristic, not the underlying threats and vulnerabilities.
there have been a number of articles written on security efforts appearing to be constantly chasing and trying to keep up with the badguys. part of the problem has been attempting to address the problems with a whole gamet of simple point solutions ... w/o doing a detailed thread/vulnerability study and w/o understanding what the fundamental issues are.
a few past posts referring to (failings of) the simple point solution genre:
https://www.garlic.com/~lynn/2005t.html#25 Why does my address appear as part of my name?
https://www.garlic.com/~lynn/2007e.html#12 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007i.html#66 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#67 open source voting
https://www.garlic.com/~lynn/2007k.html#55 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/aadsm27.htm#8 Leadership, the very definition of fraud, and the court of security ideas
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 10:44:13 -0500cb@mer.df.lth.se (Christian Brunschen) writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 10:59:04 -0500cb@mer.df.lth.se (Christian Brunschen) writes:
that just means that keyloggers just have to gather more information
... i.e. the simple-minded point solution was more related to the old-fashion shoulder surfer ... rather than intelligent advisary leveraging automated techniques (some of it might actually be rocket science).
there have been some articles written not only pointing out the constant churn of the simple-minded point solutions trying to keep up with the badguys (as an alternative to detailed study of threats and vulnerabilities) ... but also some of the simple-minded point solutions might be analogous to some of the charaterizing of confiscating fingernail clippers at checkpoints (i.e. something that majority of population could relate to ... even if it didn't actually improve security ... and so it could have been designed purely as something to comfort the public).
there has also been some articles written that a lot of law enforcement has trouble dealing with modern generation of cybercriminals ... since their orientation is towards threats, attacks, vulnerabilities, exploits, etc that are physical oriented (the armed robber).
note that there have also been some number of solutions that claim to counter simple-minded counterfeit websites ... also attempting to gather static information (phishing) for purposes of replay attacks.
however, a form of man-in-the-middle attack ... misc. postings
https://www.garlic.com/~lynn/subintegrity.html#mitmattack
is actually simpler. The "counterfeit" website is purely running
a modified version of proxy code ... rather than actually attempting
to replicate the real webiste ... aka it creates a session with
the end-user and a second session with the real website ... and
records the data that it transparently passes back and forth
between the two sessions. some recent posts:
https://www.garlic.com/~lynn/2007n.html#5 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007q.html#6 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#29 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#31 what does xp do when system is copying
https://www.garlic.com/~lynn/2007r.html#12 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007r.html#18 How to tell a fake SSL certificate from a real one
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 12:49:51 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
the man-in-the-middle proxy attack has been well known for much longer than replicated counterfeit websites ... and is orders of magnitude simpler for the attackers to implement and deploy.
one might be tempted to conjecture that countermeasures for just the replicated counterfeit website exploit ... driving the attackers to a much, much simpler MITM-proxy attack ... is simply a diversion.
for other attack topic drift, diverting/driving clients to ip-addresses
for counterfeit websites and/or MITM-proxy ... is also possibly behind
the attacks on DNS infrastructure, articles referenced in this recent
post
https://www.garlic.com/~lynn/2007u.html#45 Folklore reference to CP67 to Lincoln Labs
another attack vector is recently mentioned man-in-the-browser attacks,
i.e. rather than the attackers harvesting/phishing information at some
external server, and/or a system installed logger ... the
harvesting/skimming/evesdropping is inserted into the client browser.
https://www.garlic.com/~lynn/2007t.html#22 'Man in the browser' is new threat to online banking
https://www.garlic.com/~lynn/2007t.html#27 'Man in the browser' is new threat to online banking
https://www.garlic.com/~lynn/2007t.html#28 'Man in the browser' is new threat to online banking
https://www.garlic.com/~lynn/2007u.html#11 Public Computers
https://www.garlic.com/~lynn/2007u.html#47 folklore indeed
misc. postings on harvesting information for fraudulent purposes
(generally static information that can be used in a form of
replay-attack):
https://www.garlic.com/~lynn/subintegrity.html#harvest
lots of general posts mentioning threats, vulnerabilities, exploits,
fraud, and/or risks
https://www.garlic.com/~lynn/subintegrity.html#fraud
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 12:53:59 -0500Walter Bushell <proto@oanix.com> writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 13:20:02 -0500Walter Bushell <proto@oanix.com> writes:
this has been cited in various articles that signature-debit has 15 times the fraud rate of pin-debit.
however, there are some common vulnerabilities for pin-debit that have appeared.
The ATM machine has been assumed to be an "armored" end-point which captures both the magstripe and the PIN information and strongly encrypts the information before passing it own (so, in theory, there should be relatively little difference between the transaction flowing over private VAN or thru the internet).
However, ATM "overlays", compromised ATM machines, and/or counterfeit ATM machines date back possibly two decades. These are where the attackers have skimmers that can harvest both the magstripe information and the PIN-information at the end-point (before being encrypted and transmitted). Then the attackers can produce counterfeit cards with the replicated magstripe information ... potentially with the recorded PIN embossed on the card (as part of the counterfeiting operation).
The other approach with the growing use of signature-debit ... the same debit card is usable for both PIN-debit operations as well as signature-debit operations. The attackers might capture just the magstripe information (at a real ATM machine) w/o the PIN ... and produce a counterfeit card that is used in signature-debit operations (not requiring the PIN-entry).
A decade ago there were stories about leveraging the internet to transmit skimmed information to the opposite of the planet where counterfeit cards would be on the streets within minutes.
lots of past posts mentioning threats, vulnerabilities, exploits,
fraud, and risks:
https://www.garlic.com/~lynn/subintegrity.html#fraud
there was recent tv program investigating identity theft ... although this is of the account fraud variety. the investigation was working with one of the card companies and had created bogus cards/accounts. they then offered the account details (presumably from fraudulent skimming) for sale on "underground" chatrooms.
They then used a stopwatch to clock the time between the time the account information was transmitted/sold and the time that the card company started seeing transactions on the account. You "saw" fraudulent transactions starting within 90 seconds, originating from a totally different continent and the fraudulent transactions continued from multiple locations around the world.
for other drift, past posts mentioning signature debit
https://www.garlic.com/~lynn/aadsm22.htm#22 FraudWatch - Chip&Pin, a new tenner (USD10)
https://www.garlic.com/~lynn/aadsm26.htm#6 Citibank e-mail looks phishy
https://www.garlic.com/~lynn/aadsm27.htm#40 a fraud is a sale, Re: The bank fraud blame game
https://www.garlic.com/~lynn/2004i.html#18 New Method for Authenticated Public Key Exchange without Digital Certificates
https://www.garlic.com/~lynn/2005u.html#14 AMD to leave x86 behind?
https://www.garlic.com/~lynn/2005u.html#16 AMD to leave x86 behind?
https://www.garlic.com/~lynn/2006e.html#4 When *not* to sign an e-mail message?
https://www.garlic.com/~lynn/2006e.html#21 Debit Cards HACKED now
https://www.garlic.com/~lynn/2006e.html#24 Debit Cards HACKED now
https://www.garlic.com/~lynn/2006u.html#48 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006v.html#1 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2007.html#0 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#64 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007i.html#51 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#59 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#15 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#60 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#12 IBM Unionization
https://www.garlic.com/~lynn/2007o.html#29 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007r.html#34 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#40 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007s.html#64 Is the media letting banks off the hook on payment card security
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 13:51:48 -0500cb@mer.df.lth.se (Christian Brunschen) writes:
however, as noted, just need to gather a little bit more information
https://www.garlic.com/~lynn/2007u.html#55 folklore indeed
either via enhanced loggers installed in the client system, mitm-proxies
seeing all the traffic going in both ways, and/or the newer references
to compromise of the client browser.
https://www.garlic.com/~lynn/2007u.html#56 folklore indeed
at the core is long recognized vulnerability in shared-secret paradigm. one can consider this from two, completely different dimensions.
1) the enormous number and kinds of replay attacks associated with harvesting/skimming/evesdropping static authentication information
2) enormous number and kinds of threats and vulnerabilities associated with requiring a unique (static, shared-secret) something you know authentication for every unique security domain (i.e. the simple minded security 101 approach common at least 3-4 decades ago assuming there was one and only one security domain that users participated in).
there have been other approaches attempting to convert a static shared-secret into dynamic and non-repeated exchange ... as well as enabling the same shared-secret to be used in multiple different domains (leveraging the dynamic and non-repeated exchange to use different/unique process for different/unique security domains).
one such is one-time-password approach that is now an internet standard RFC2289.
from my rfc index
https://www.garlic.com/~lynn/rfcietff.htm
and select Term (term->RFC#) in the RFCs listed by section.
Then select "OTP" in the Acronym fastpath section:
one-time password (OTP)
see also password
4793 4226 2444 2289 2243 1938 1760
clicking on the RFC number brings up the rfc summary in the lower frame:
2289 S
A One-Time Password System, Haller N., Metz C., Nesser P., Straw M.,
1998/02/26 (25pp) (.txt=56495) (STD-61) (Obsoletes 1938) (Refs 1320,
1321, 1704, 1760, 1825, 1826, 1827) (Ref'ed By 2444, 2808, 3552, 3631,
3748, 3888, 4764, 4793, 4949) (ONE-PASS)
and (as always), clicking on the ".txt=nnn" field (in the summary)
retrieves the actual RFC.
some past posts discussing threats/vulnerabitilies/weakness in the standard:
https://www.garlic.com/~lynn/aadsm19.htm#37 expanding a password into many keys
https://www.garlic.com/~lynn/aadsm20.htm#24 [Clips] Escaping Password Purgatory
https://www.garlic.com/~lynn/aadsm21.htm#7 simple (&secure??) PW-based web login (was Re: Another entry in the internet security hall of shame....)
https://www.garlic.com/~lynn/aadsm25.htm#45 hashes on restricted domains: random functions or permutations?
https://www.garlic.com/~lynn/2003m.html#50 public key vs passwd authentication?
https://www.garlic.com/~lynn/2003n.html#1 public key vs passwd authentication?
https://www.garlic.com/~lynn/2003n.html#2 public key vs passwd authentication?
https://www.garlic.com/~lynn/2003n.html#3 public key vs passwd authentication?
https://www.garlic.com/~lynn/2004b.html#45 Foiling Replay Attacks
https://www.garlic.com/~lynn/2005i.html#50 XOR passphrase with a constant
https://www.garlic.com/~lynn/2005l.html#8 derive key from password
https://www.garlic.com/~lynn/2005o.html#0 The Chinese MD5 attack
https://www.garlic.com/~lynn/2006k.html#28 Hashes and Passwords
https://www.garlic.com/~lynn/2006u.html#4 ssh - password control or key control?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 14:06:22 -0500Walter Bushell <proto@oanix.com> writes:
I'm not talking about having to do such a study ... just have enuf industry awareness that such studies had already been done.
most of the detailed vulnerability and threat studies have been well
understood for possibly two decades (or more). for instance a lot of
the detailed understanding prompted the EU FINREAD standard at least a
decade ago.
https://www.garlic.com/~lynn/subintegrity.html#finread
one might conjecture that some of the problems are (again) point solutions by people with extremely narrow and myopic view ... not even bothering to investigate whether it had been studied.
The yes card scenario
https://www.garlic.com/~lynn/subintegrity.html#yescard
might be considered a situation where people with extremely chip-centric myopic view worked on designing a solution to lost/stolen (magstripe) card w/o any inkling that skimming attacks had been going on for well over a decade ... and their solution, while addressing lost/stolen card vulnerability, significantly exacerbated the skimming attack vulnerability (i.e. they saw a card ... but they had absolutely no inkling or concept of the environment that a card was used in).
I'm not sure if security has a similar folklore saying to (university)
computer science undergoes a complete mind-wipe every five years.
a few past references:
https://www.garlic.com/~lynn/aadsm5.htm#asrn4 assurance, X9.59, etc
https://www.garlic.com/~lynn/2001f.html#6 Oldest program you've written, and still in use?
https://www.garlic.com/~lynn/2004l.html#58 Specifying all biz rules in relational data
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 14:22:33 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
the computer science periodic complete mind-wipe might be considered
behind the billions dumped down the drain in the 90s on various
unsuccessful projects ... including the efforts to use distributed
object oriented to address the overnight batch window and
straight-through processing opportunities:
https://www.garlic.com/~lynn/2007t.html#3 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007t.html#5 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#37 folklore indeed
https://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 14:35:44 -0500re:
oh, another possible contribution to the simple point-solution orientation is focus on finding and/or exploiting (specific) vulnerabilities.
i've mentioned before that we had held a mini-conference at our house
about CS security graduate programs. a major issue discussed was the
prevalent focus by students on garnering bragging rights from
finding/exploiting a vulnerability
https://www.garlic.com/~lynn/aadsm27.htm#2 Threatwatch: Still searching for the economic MITM
https://www.garlic.com/~lynn/2002c.html#35 TOPS-10 logins (Was Re: HP-2000F - want to know more about it)
https://www.garlic.com/~lynn/2005c.html#26 [Lit.] Buffer overruns
there was little or no social standing for designing, implementing and deploying an infrastructure that had no security vulnerabilities ... so comprehensive solutions effectively become an item of non-interest.
it could be claimed that the focus on finding/exploiting specific vulnerabilities would reinforce a narrow, focused "point" mentality ... leading to a simple-minded point solution culture.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 14:51:33 -0500re:
another hypothetical speculation is a comprehensive improvement in security might decimate the associated revenue flow related to security, threats, vulnerabilities, etc (simple minded, point solution related revenue flow could be structured to continue for nearly forever).
this might be considered related to relative recent reference
to nothing succeeds quite like failure
https://www.garlic.com/~lynn/aadsm26.htm#59 On cleaning up the security mess: escaping the self-perpetuating trap of Fraud?
https://www.garlic.com/~lynn/aadsm27.htm#8 Leadership, the very definition of fraud, and the court of security ideas
https://www.garlic.com/~lynn/2007h.html#29 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007l.html#46 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
https://www.garlic.com/~lynn/2007q.html#62 Fixing our fraying Internet infrastructure
from risk digest article
http://catless.ncl.ac.uk/Risks/24.62.html
Nothing succeeds like failure
http://catless.ncl.ac.uk/Risks/24.62.html#subj2
or this theme
Bad Security Driving Out the Good
http://it.slashdot.org/it/07/04/19/140245.shtml
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Nike 90 football shoes for sale Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 17:25:02 -0500John Varela <OLDlamps@verizon.net> writes:
above post also overlaps this other subthread:
https://www.garlic.com/~lynn/2007u.html#12 folklore indeed
somewhat related post here:
https://www.garlic.com/~lynn/2006r.html#48 cold war again
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 19:48:55 -0500Esra Sdrawkcab <admin@127.0.0.1> writes:
article from today:
Is internet banking safe?
http://www.smh.com.au/news/security/is-internet-banking-safe/2007/12/12/1197135470454.html
Is internet banking safe?
http://www.theage.com.au/news/security/is-internet-banking-safe/2007/12/12/1197135470454.html?s_cid=rss_technology
reminiscent of this old thread ...
https://www.garlic.com/~lynn/aepay7.htm#netbank net banking, is it safe?? ... power to the consumer
https://www.garlic.com/~lynn/aepay7.htm#netbank2 net banking, is it safe?? ... security proportional to risk
https://www.garlic.com/~lynn/2001h.html#53 Net banking, is it safe???
https://www.garlic.com/~lynn/2001h.html#58 Net banking, is it safe???
https://www.garlic.com/~lynn/2001h.html#61 Net banking, is it safe???
https://www.garlic.com/~lynn/2001h.html#62 Net banking, is it safe???
https://www.garlic.com/~lynn/2001h.html#64 Net banking, is it safe???
https://www.garlic.com/~lynn/2001h.html#68 Net banking, is it safe???
https://www.garlic.com/~lynn/2001h.html#70 Net banking, is it safe???
https://www.garlic.com/~lynn/2001h.html#75 Net banking, is it safe???
https://www.garlic.com/~lynn/2001i.html#9 Net banking, is it safe???
https://www.garlic.com/~lynn/2001i.html#10 Net banking, is it safe???
https://www.garlic.com/~lynn/2001i.html#16 Net banking, is it safe???
https://www.garlic.com/~lynn/2001i.html#25 Net banking, is it safe???
https://www.garlic.com/~lynn/2001i.html#35 Net banking, is it safe???
https://www.garlic.com/~lynn/2001i.html#36 Net banking, is it safe???
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 12 Dec 2007 22:01:15 -0500"Charlie Gibbs" <cgibbs@kltpzyxm.invalid> writes:
CAPTCHA: Telling Humans and Computers Apart Automatically
http://www.captcha.net/
CAPTCHA
https://en.wikipedia.org/wiki/Captcha
from above:
The term CAPTCHA was coined in 2000 by Luis von Ahn, Manuel Blum,
Nicholas J. Hopper (all of Carnegie Mellon University), and John
Langford (then of IBM). A common type of CAPTCHA requires that the user
type the letters of a distorted image, sometimes with the addition of an
obscured sequence of letters or digits that appears on the screen.
... snip ...
reference in above ...
Breaking CAPTCHAs Without Using OCR
http://www.puremango.co.uk/cm_breaking_captcha_115.php
quicky use of search engine for captcha breaking
Breaking a Visual CAPTCHA
http://www.cs.sfu.ca/~mori/research/gimpy/
PWNtcha - captcha decoder
http://sam.zoy.org/pwntcha/
CAPTCHA Breaking Game
http://ha.ckers.org/blog/20070613/captcha-breaking-game/
How to Break/Crack online CAPTCHA
http://hoozi.wordpress.com/2007/10/24/how-to-breakcrack-online-captcha/
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 13 Dec 2007 08:56:44 -0500Morten Reistad <first@last.name> writes:
part of the x9.59 was eliminating the account number as major vulnerability (useless to the attackers for performing fraudulent transactions).
detailed threat and vulnerability studies showed (that in the existing infrastructure) the account number having diametrically opposing requirements
1) essentially as a kind of authentication ... it was required to be kept confidential and never exposed/divulged to anybody
2) as part of numerous business processes, it has to be available in numerous places (for processing) over extended period of time.
this is related to the periodic comment that even if the planet was buried under miles of (information hiding) encryption, it still wouldn't prevent information leakage (x9.59 instead of attempting to prevent such leakage, eliminating such leakage as a threat and vulnerability).
part of this is discussed in postings on the "naked transaction"
metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments
some of the point solutions attempt authentication and encryption for limited part of the operation ... but doesn't provide end-to-end coverage.
there have been challenge/response dongles if you are doing direct
communication with financial institutions ... say online or telephone
banking operation ... but not doing retail transaction at a merchant
that operates in single round-trip (of existing authorization business
process) ... this was somewhat referenced in this post
https://www.garlic.com/~lynn/2007u.html#65 folklore indeed
referencing: is net/internet banking safe?
in the previous thread we mentioned visiting the company that produced
the devices and then driving with the owner down to brussels for EU
finread meeting ... also referenced in these posts:
https://www.garlic.com/~lynn/2001g.html#57 Q: Internet banking
https://www.garlic.com/~lynn/2001g.html#60 PKI/Digital signature doesn't work
https://www.garlic.com/~lynn/2001g.html#61 PKI/Digital signature doesn't work
https://www.garlic.com/~lynn/2001k.html#55 I-net banking security
https://www.garlic.com/~lynn/2002f.html#55 Security Issues of using Internet Banking
https://www.garlic.com/~lynn/2007n.html#43 Windows Monitor or CUSP?
one of the perspectives is that the challenge/response is a session oriented protocol with the challenge/response appearing as part of setting up the session ... and then individual (unprotected) transactions appearing within the session protections. this works much better if the two processing/responsible parties are doing the direct session (i.e. the online banking scenario, directly between the customer and the customer's financial institution).
as mentioned in the posts regarding the "naked transaction" metaphor, this still leaves the actual transaction vulnerable ... outside of that specific session ... and doesn't protect transactions that don't have directly connected sessions between the customer and the customer's financial institution.
from this viewpoint, x9.59 is a transaction oriented protocol ... that provides protection and authentication for the actual transaction ... providing integrity and security regardless of where or how the transaction operates; that means it works while the transaction is being sent directly to the bank, being sent to a merchant, sitting in a merchant transaction log (as part of other mandated business processes) ... or possibly hundreds of other circumstances. It also satisfies the existing merchant business process that has a retail transaction flowing in a single round trip (potentially from customer thru merchant to merchant acquiring processor, to card association, to customer issuing processor and back).
another approach to eliminating some of the account number as a
vulnerability (replay attacks after skimming/harvesting/evesdropping)
... however w/o directly/also protecting the existing transaction
... is the one-time account number scenario. the customer carries a
list of unique, one-time account numbers. when they are to perform a
transaction, they supply an unused account number for every
transaction. recent reference to one-time account number. recent
posts mentioning one-time account number implementations:
https://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#15 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#19 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007h.html#36 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007j.html#3 John W. Backus, 82, Fortran developer, dies
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 13 Dec 2007 09:17:07 -0500cb@mer.df.lth.se (Christian Brunschen) writes:
if 95% of the deployed harvesting/skimming technologies are software ... and 5% of the techniques are external hardware dongles that sit between the keyboard and the PC (requiring somebody to have physically compromised the PC and then potentially physically return to retrieve the information)... then using some other method for pin/password entry, will eliminate the external hardware keyboard dongles from capturing the pin/password.
given a choice of deploying a simple-minded point solution that only addresses a very small percentage of the existing exploits ... or deploying a much more general purpose solution that addresses all exploits ... is it cost effective to deploy the simple-minded point solution?
recent posts mentioning the simple-minded point solution approach
https://www.garlic.com/~lynn/2007e.html#12 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007i.html#66 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#67 open source voting
https://www.garlic.com/~lynn/2007k.html#55 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007u.html#53 folklore indeed
https://www.garlic.com/~lynn/2007u.html#55 folklore indeed
https://www.garlic.com/~lynn/2007u.html#57 folklore indeed
https://www.garlic.com/~lynn/2007u.html#62 folklore indeed
https://www.garlic.com/~lynn/2007u.html#63 folklore indeed
https://www.garlic.com/~lynn/2007u.html#67 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 13 Dec 2007 09:39:18 -0500re:
the other analogy that i've sometimes used is putting all your valuables behind a 6' thick bank vault door installed in the middle of a field ... no walls, no ceilings, no floor. again, the issue is whether or not the bar has actually, effectively moved ... or are the security experts attempting to focus all the attention on all the security characteristics of the bank vault door, attempting to distract attention from the fact that there is no actual accompanying bank vault.
past post referencing the bank vault door
https://www.garlic.com/~lynn/aadsm20.htm#28 solving the wrong problem
https://www.garlic.com/~lynn/aadsm20.htm#42 Another entry in the internet security hall of shame
https://www.garlic.com/~lynn/2002l.html#12 IEEE article on intelligence and security
https://www.garlic.com/~lynn/2003h.html#26 HELP, Vulnerability in Debit PIN Encryption security, possibly
https://www.garlic.com/~lynn/2003n.html#10 Cracking SSL
https://www.garlic.com/~lynn/2006c.html#35 X.509 and ssh
this is also related to reference to nothing succeeds quite like failure
https://www.garlic.com/~lynn/2007u.html#63 folklore indeed
and schneier's reference to bad security driving out the good
Bad Security Driving Out the Good
http://it.slashdot.org/it/07/04/19/140245.shtml
How Security Companies Sucker Us With Lemons
http://www.wired.com/politics/security/commentary/securitymatters/2007/04/securitymatters_0419?currentPage=all
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 13 Dec 2007 10:14:05 -0500cb@mer.df.lth.se (Christian Brunschen) writes:
by comparison, the infrastructure costs are enormous with the introduction of each change; institutional development and deployment, end-users effort to install and be retrained (lots of times, the cost/effort for end-users of changes/retraining are effectively ignored)
the costs of cryptocards are nearly negligable. the price of introducing cryptocards have been significant ... especially some of the recently referenced failed aborted deployments (in large part not having a significant broad understanding of all the implications and issues related to consumer deployments).
part of this are some institutions viewing cryptocards as a profit item
rather than a cost item. we attempted to highlight this in the mid-90s
when we claimed we were going to take a $500 milspec (cryptocard) part
and aggresively cost-reduce it by 2-3 orders of magnitude while at the
same time increasing its integrity.
https://www.garlic.com/~lynn/x959.html#aads
one of the brick walls we ran into temporarily was cost of the chips (in volumes) is basically the yield from wafers (fixed cost per wafer). we had so aggresively size reduced the chip ... that more wafer surface area was going to slicing&dicing the chips ... than the chips themselves. It turns out this was also one of the issues facing (UPC) RFID chips ... and eventually there was a solution that drastically reduced the wafer surface area needed to slice&dice the wafer ... allowing the number of (small) chips per wafer to dramatically increase (effectively allowing nearly another order of magnitude increase in chips per wafer, effectively a corresponding order of magnitude reduction in per-chip costs).
part of this was, because rather than starting with a crypto card as a solution, and then attempting to force fit into business processes (which frequently has been the case, i.e. start with the answer and attempt to force fit it into some problem) ... we started with the business process requirements and used that to drive our (new) chip design.
the challenge then isn't the chip cost themselves ... but the whole rest of the infrastructure traditionally used to get a chip to the end consumer.
part of our solution was looking at the chip being integrated into some other existing deployment (making the chip deployment cost, the actual cost of the chip itself ... leverage other deployments that were going on anyway). then we showed how some number of these other deployment processes might be eliminated by adding a chip to the infrastructure.
The infrastructure costs of any deployment is a couple orders of magnitude larger than a single chip cost. The incremental cost of adding a chip to an existing deployment then can become negligible. Leveraging the presence of the chip to eliminate some additional infrastructure deployments ... can result in overall infrastructure cost savings many orders of times larger than the cost of the chip.
As mentioned in the discussion of past failed deployment ... was (at least) a couple hundred million was dumped on an effort for a independent deployment ... when it failed the whole thing then had to be written off.
recent discussions of past failed deployment attempts:
https://www.garlic.com/~lynn/aadsm27.htm#38 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#50 If your CSO lacks an MBA, fire one of you
https://www.garlic.com/~lynn/aadsm27.htm#52 more on firing your MBA-less CSO
https://www.garlic.com/~lynn/2007n.html#54 Windows Monitor or CUSP?
https://www.garlic.com/~lynn/2007n.html#63 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007n.html#75 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007n.html#78 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007u.html#11 Public Computers
https://www.garlic.com/~lynn/2007u.html#47 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 13 Dec 2007 13:34:27 -0500re:
another item from today ...
Botnet-controlled Trojan robbing online bank customers
http://www.networkworld.com/news/2007/121707-crystal-ball-virtualization.html
from above:
If the attacker succeeds in getting the Trojan malware onto the victim's
computer, he can piggyback on a session of online banking without even
having to use the victim's name and password. The infected computer
communicates back to the Trojan's command-and-controller exactly which
bank the victim has an account with. It then automatically feeds code
that tells the Trojan how to mimic actual online transactions with a
particular bank to do wire transfers or bill payments
... snip ...
i.e. an inherent vulnerability of a "session" oriented paradigm
... also mentioned in the naked transaction metaphor posts
https://www.garlic.com/~lynn/subintegrity.html#payments
and one of the things recognized in the 90s as part of the specification
for the finread terminal (countermeasure to trojan/virus fraudulent
transactions once online banking session had been established)
https://www.garlic.com/~lynn/subintegrity.html#finread
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Parse/Template Function Newsgroups: comp.lang.rexx,alt.folklore.computers Date: Thu, 13 Dec 2007 15:13:15 -0500Gary Scott <garylscott@sbcglobal.net> writes:
misc. other archeological references mentioning the project:
https://www.garlic.com/~lynn/2005f.html#48 1403 printers
https://www.garlic.com/~lynn/2006p.html#49 Materiel and graft
https://www.garlic.com/~lynn/2006q.html#1 Materiel and graft
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: New, 40+ yr old, direction in operating systems Newsgroups: alt.folklore.computers Date: Thu, 13 Dec 2007 15:20:10 -0500re:
more mention of 40+ yr old technology ...
Virtualisation provides utilisation and IT efficiency boost
http://www.computerweekly.com/Articles/2007/12/13/228594/virtualisation-provides-utilisation-and-it-efficiency.htm
New online service for more efficient virtualisation product purchase
http://www.computerweekly.com/Articles/2007/12/13/228596/new-online-service-for-more-efficient-virtualisation-product-purchase.htm
Virtualization for consumers? Cisco sees it down the road
http://computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=hardware&articleId=9052901&taxonomyId=12amp;articleId=9052901&taxonomyId=12
Virtualization On Itanium: Intel Enables Choice And Flexibility
http://www.datastorageconnection.com/content/news/article.asp?DocID=%7B1C8B0E0E-37DC-49CD-A211-A5D026CCCDC3%7D&Bucket=Current+Headlines&VNETCOOKIE=NO
Server virtualization for SMBs by Regan Technologies
http://research.pcpro.co.uk/detail/RES/1197478114_789.html?src=pcpro
SAP supports VMware ESX Server in production
http://www.mcsolutions.co.uk/article/12453/SAP-supports-VMware-ESX-Server-in-production-.aspx
Oracle VM a sign of the times
http://searchoracle.techtarget.com/originalContent/0,289142,sid41_gci1286084,00.html
VMware Adds Partners
http://www.byteandswitch.com/document.asp?doc_id=141185&WT.svl=wire1_6
Virtualization OK for Apple Leopard Server
http://www.dabcc.com/article.aspx?id=6682
Microsoft releases Windows Server Virtualization test
http://www.betanews.com/article/Another_big_beta_Microsoft_releases_Windows_Server_Virtualization_test/1197566153
Microsoft releases beta of Hyper-V virtualization technology
http://www.networkworld.com/news/2007/121307-zbot-trojan-robbing-banks.html
Microsoft Releases Virtualization Beta
http://www.eweek.com/article2/0,1895,2233957,00.asp
Microsoft to release Hyper-V virtualization beta
http://blogs.zdnet.com/microsoft/?p=1043
Microsoft releases beta of Hyper-V virtualization technology
http://www.infoworld.com/article/07/12/13/Microsoft-releases-beta-of-Hyper-V-virtualization-technology_1.html
Microsoft Unwraps Virtualization Surprise
http://money.cnn.com/news/newsfeeds/articles/prnewswire/AQTH03913122007-1.htm
VMware competition nears; Microsoft ships Hyper-V beta
http://servervirtualization.blogs.techtarget.com/2007/12/13/vmware-competition-nears-microsoft-ships-hyper-v-beta/
Microsoft starts public test of rival to VMware
http://www.reuters.com/article/technologyNews/idUSN1352724420071213
Microsoft Launches Hyper-V Beta
http://www.thewhir.com/marketwatch/121307_Microsoft_Launches_Hyper-V_Beta.cfm
Microsoft's hypervisor beta arrives early
http://www.news.com/8301-13860_3-9833445-56.html
Microsoft's hypervisor beta arrives early
http://www.news.com/beyond-binary/8301-13860_3-9833445-56.html
Server - Hyper-V Beta: More Microsoft Gifting
http://www.microsoft-watch.com/content/server/hyper-v_beta_more_microsoft_gifting.html
Microsoft Windows Server 2008 Enterprise with Hyper-V
http://fileforum.betanews.com/detail/Microsoft_Windows_Server_2008_Enterprise_with_HyperV/1196885352/2
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 13 Dec 2007 23:43:02 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
a couple more articles in the same genre ... i.e. it has been known for a long time that virus/trojans can do more than log/evesdrop and forward the harvesting information. part of finread was not only using it for session authentication ... but also individual transaction authentication (as countermeasure to trojan/virus initiated operations).
Sophisticated Trojan loots business bank accounts
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9053018
from above:
A variant of the Prg Banking malware, the new Trojan has stolen hundreds
of thousands from accounts at some of the biggest banks in the U.S., the
U.K., Spain and Italy, said Jackson. "This is not widespread, but it is
very dangerous. They've already stolen more than $200,000 from the
accounts we've monitored, but this has really flown under the radar."
... snip ...
New Trojan Attacks Clients At Four Worldwide Banks
http://www.crn.com/security/204803106
from above:
To avoid the bank's fraud alerts, the Trojan simulates keystrokes and
visits all of the bank's Web pages in order, as an actual banking client
would do while conducting a financial transaction. The malware also
allows for changes if the hackers need to designate a new account number
for the stolen revenue, without having to completely reconfigure the Prg
Trojan.
... snip ...
and some other articles on compromising of PCs.
Rise of the rootkits
http://www.vnunet.com/vnunet/news/2205752/rise-rootkits
One in Five PCs Infected With Rootkits
http://www.pcworld.com/article/id,140538/article.html
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: The rise of parallelism (and other computing challenges) Newsgroups: alt.folklore.computers Date: Fri, 14 Dec 2007 21:44:40 -0500The rise of parallelism (and other computing challenges)
from above:
The ILLIAC IV supercomputer led its field in 1966 as a parallel
computing machine. This computer was only ever quarter finished, but
took eleven years to build at nearly four times the original estimated
cost.
... snip ...
misc. recent parallel related posts/thread
https://www.garlic.com/~lynn/2007l.html#24 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#26 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#34 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#38 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#60 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007l.html#63 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#13 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#14 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#19 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#22 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#26 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#29 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#37 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#39 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#49 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#51 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#52 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#53 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#54 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#58 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#59 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#61 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007m.html#70 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#1 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#3 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#6 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#25 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#28 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#38 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007n.html#39 Is Parallel Programming Just Too Hard?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sat, 15 Dec 2007 11:58:49 -0500cb@mer.df.lth.se (Christian Brunschen) writes:
for a little more topic drift ... this post
https://www.garlic.com/~lynn/aadsm27.htm#65 MITM spotted in Tor
in thread on new MITM
https://financialcryptography.com/mt/archives/000987.html
mentioning that obviously the visual keyboard with mouse clicks is a
countermeasure to a presumably compromised PC. the issue then, where is
it mandated that virus/trojan (in compromised PC) is limited only to
keylogging ... as mentioned here
https://www.garlic.com/~lynn/2007u.html#74 folklore indeed
where voila, a compromised PC is doing something more than keylogging.
at least back to the mid-90s, the issue of compromised PC was
studied in detail ... one of the countermeasures (from the 90s)
was the EU finread standard
https://www.garlic.com/~lynn/subintegrity.html#finread
it was targeted at both strong authentication for both sessions and transactions (as part of the related chipcard) ... but features were added to the finread terminal as countermeasures to a broad range of things that assumed could be associated with compromised PC. the details of the transaction/operation were presented in a (trusted) terminal display and human action was required in the form of pin-entry in the (trusted) pinpad. this not only eliminated the phishing/harvesting/logging exploits by a virus/trojan (in a compromised PC) but also a virus/trojan performing operations (requiring authentication) w/o the person's knowledge .... aka the things that a compromised PC might perform and the necessary countermeasures have been well understood for at least a decade.
the value of cryptocards introduction is particularly prohibative when the fully loaded deployment costs are significantly larger than the actual card costs ... including end-user training ... and the deployment is a disaster and has to be completely written off and start again from nearly scratch.
i've posted a number of times that a number of well thot out
countermeasures, were well on their way to be deployed, when the whole
thing came to a screeching halt because of a particularly disastrous,
aborted deployment attempt.
https://www.garlic.com/~lynn/2007n.html#54 Windows Monitor or CUSP?
https://www.garlic.com/~lynn/2007n.html#63 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007n.html#75 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007n.html#78 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007u.html#11 Public Computers
https://www.garlic.com/~lynn/2007u.html#47 folklore indeed
https://www.garlic.com/~lynn/2007u.html#70 folklore indeed
somewhat related to factors mentioned
https://www.garlic.com/~lynn/2007u.html#70 folklore indeed
for even more topic drift an old writeup on not only reducing the incremental chip related cost to as close to zero as possible ... but actually leveraging the chip to reduce the current infrastructure cost by several orders larger than the incremental chip cost (for a significant overall infrastructure savings)
we've looked at minimum circuits to do sha+ecdsa ... which is on the
order of a few 10k circuits. take that and add it to a upc-rfid like
core ... and you are nearly on the rfid cost curve ... but supporting
(digital signature) dynamic data .... in lieu of easily spoofed static
data ... not like what was done in the YES CARD scenario
https://www.garlic.com/~lynn/subintegrity.html#yescard
it can do the operation in small fraction of second ... requires somewhat more power than standard upc-rfid chip ... but is easily within the iso 14443 specification.
say for a few cents per ... you add them to the magstripe
gift/stored-value cards found at supermarket checkout counters.
https://www.garlic.com/~lynn/x959.html#aads
using x9.59 financial standard,
https://www.garlic.com/~lynn/x959.html#x959
it is now possible to leverage such a chipcard not only to improve the integrity of stored-value transactions but leverage the same card for use with every point-of-sale (magstripe) transaction the consumer performs. there have been lots of statements made that all the "new" point-of-sale chipcard-enabled terminals ... are program downloadable ... which would support the claim that it would be trivially possible to upgrade all existing chipcard-enabled point-of-sale terminals to support x9.59 transactions (for all kinds of transaction that might be possible at point-of-sale terminal).
with a USB adapter for less than a couple dollars, the consumer could also use the same chipcard with their PC for every authentication operation ... including converting all electronic commerce transactions to x9.59.
long ago and far away ... kerberos was being done at MIT project athena ... and used shared-secret password methodology. Project Athena was underwritten by two corporations which would periodically send teams in to review the projects. My wife and I were one such team that periodically went in to review project athena projects (including kerberos).
later pk-init specified a certificate-less digital signature (including
possibly ecdsa) authentication operation (for kerberos) ... and some
intense lobbying eventually also added certificate-based digital
signature operation to the specification. in any case, the same chip
... not only the same kind of chip, but the same exact card that
consumer obtained at the supermarket checkout line ... might be used for
pk-init kerberos authentication. kerberos is also one of the main
authentication infrastructures in the world today. misc. past posts
mentioning kerberos and/or pk-init
https://www.garlic.com/~lynn/subpubkey.html#kerberos
my IETF RFC index
https://www.garlic.com/~lynn/rfcietff.htm
select Term (term->RFC#) in the RFCs listed by section and
then scroll down to
kerberos
see also authentication , generic security service , security
5021 4757 4752 4559 4557 4556 4537 4430 4402 4121 4120 3962 3961 3244
3129 2942 2712 2623 1964 1510 1411
selecting an RFC numbers brings up that RFC summary in the lower
frame. Selecting the ".txt=nnnn" field retrieves the actual RFC.
the other major authentication infrastructure in the world today is RADIUS. RADIUS had been a proprietary protocol developed by a modem router box vendor. For instance, some number of the modem pools that were used by the oldstyle online banking (dialing directly into modem pools at the financial institutions) were controlled by such boxes and used RADIUS for authentication (I actually configured and help deploy one such installation). The vendor was eventually bought by a much larger corporation and the protocol donated to IETF for internet standard. Its use evolved to be used by almost everybody operating dail-in modem pools (including all the ISPs around the world) ... and then was also leveraged for lots of other authentication operations within the same institution.
my IETF RFC index
https://www.garlic.com/~lynn/rfcietff.htm
select Term (term->RFC#) in the RFCs listed by section and
then select RADIUS in the Acronym fastpath section:
remote authentication dial in user service (RADIUS )
see also authentication , network access server , network services
5030 4849 4818 4679 4675 4673 4672 4671 4670 4669 4668 4590 4372 4014
3580 3579 3576 3575 3162 2882 2869 2868 2867 2866 2865 2809 2621 2620
2619 2618 2548 2139 2138 2059 2058
it then is also straight-forward to have a RADIUS deployment that
supports pk-init kind of challenge/response authentication (including be
able to use the same chip that might be deployed in a supermarket gift
card) ... supported concurrently with several other authentication
methods, and specific authentication method specifiable on a per account
basis.
https://www.garlic.com/~lynn/subpubkey.html#radius
The same RADIUS authentication infrastructure has also been leverage by a lot of web-services operation ... so it then becomes trivial increment for them to also support such a supermarket deployed gift card.
So for a trivial incremental cost, it would be possible to add (& widely deploy) an extremely high integrity something you have authentication chip (/cryptocard) ... that the consumer might be able to use across a broad range of different applications needing stronger authentication (all point-of-sale transactions, all internet transactions, all session authentication operations, etc).
This can also be treated as trivial example of parameterised risk management ... requiring the authentication integrity strength to be proportional to what is at risk (treating any transition from password to chip ... or other technology, on purely an account by account basis).
We've even proposed a way of leveraging such an environment to radically simplify SSL/TLS protocol chatter. The effort started out being targeted at stateless, transaction operation ... but the protocol chatter significantly increased the overhead for simple transactions. The recent approaches have been trying to amortize the SSL/TLS protocol chatter over a much larger number of operations (as an approach to reducing overall infrastructure overhead). This other approach could bring the chatter down so that it was much more acceptable for transaction operation.
As frequently noted before, a primary use of SSL/TLS in the world today
is hiding account numbers in electronic commerce transactions
... misc. references
https://www.garlic.com/~lynn/subnetwork.html#gateway
and
https://www.garlic.com/~lynn/subpubkey.html#sslcert
However, a transition to x9.59 financial standard protocol for electronic commerce transactions, eliminates any need to hide the account numbers ... and therefor eliminating one of the primary justifications/uses for SSL/TLS.
Eliminating the need to hide account numbers also does away with the
current activities spending enormous amounts and enormous efforts trying
to improve the hiding of account numbers ... again this circumstance is
somewhat an attribute of the "naked transaction" metaphor discussed in
these posts
https://www.garlic.com/~lynn/subintegrity.html#payments
a problem is that this (described AADS chip strawman) is a pure infrastructure cost-based approach ... as opposed to more frequently profit oriented approach. A side effect of profit oriented solutions ... typically include making solution appear as complex/complicated as possible, in support of justifying the price (and therefor the profit margin).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sat, 15 Dec 2007 16:31:51 -0500nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
justifying its virtual memory/virtual machine project:
What was most significant was that the commitment to virtual memory was
backed with no successful experience. A system of that period that had
implemented virtual memory was the Ferranti Atlas computer, and that was
known not to be working well. What was frightening is that nobody who
was setting this virtual memory direction at IBM knew why Atlas didn't
work
... snip ...
found in melinda's historical document
https://www.leeandmelindavarian.com/Melinda/
https://www.leeandmelindavarian.com/Melinda#VMHist
another item from the above:
Creasy had decided to build CP-40 while riding on the MTA. "I launched
the effort between Xmas 1964 and year's end, after making the decision
while on an MTA bus from Arlington to Cambridge. It was a Tuesday, I
believe." (R.J. Creasy, private communication, 1989.)
... snip ...
the original implementation, cp40 was on a specially modified 360/40 with virtual memory hardware. this morphed into cp67 when 360/67 (with virtual memory) became generally available. the 360/67 supported both 24bit and 32bit (virtual) addressing modes.
the folklore is that the science center got budget from the company by telling them that it was going to be spent on a graphical interface project ... to avoid/sidestep the political consequences of raising awareness that the science center would be trampling on some other organizations turf (doing some virtual memory related stuff).
i then significantly redid lots of the cp67 virtual memory
implementation when i was an undergraduate ... after cp67 had been
installed at the univ., last week jan68 ... some related posts
https://www.garlic.com/~lynn/subtopic.html#wsclock
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Education ranking Newsgroups: alt.folklore.computers Date: Sat, 15 Dec 2007 18:47:07 -0500just heard part of news broadcast about 2006 survey of 15yr olds in 39(?) industrial countries. US ranked 25th(?) in science and 35th(?) in math.
doing web news search (stories seems to be what subcollection of countries are used to calculate how low the US ranks)
This article says it was 15yr olds in 57 countries and
Finnish pupils top PISA study
http://www.norden.org/webb/news/news.asp?id=7441&lang=6
US Students fall short in Math and Science ... but
it talks about 30 developed nations
http://www.edweek.org/ew/articles/2007/12/04/14pisa_web.h27.html
The Real Test the U.S. Keeps Flunking
http://www.tcf.org/list.asp?type=NC&pubid=1752
New report ranks U.S. teens 29th in science worldwide
http://axcessnews.com/index.php/articles/show/id/13282
a few earlier posts on this subject:
https://www.garlic.com/~lynn/2007g.html#6 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#29 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007g.html#31 Wylbur and Paging
https://www.garlic.com/~lynn/2007g.html#34 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#35 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#52 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#68 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007h.html#42 Experts: Education key to U.S. competitiveness
https://www.garlic.com/~lynn/2007i.html#13 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007j.html#31 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#33 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#51 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#52 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#58 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#85 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#88 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#13 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#24 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#30 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#34 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#42 IBM Unionization
https://www.garlic.com/~lynn/2007l.html#5 IBM Unionization
https://www.garlic.com/~lynn/2007l.html#14 Superconductors and computing
https://www.garlic.com/~lynn/2007l.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007n.html#31 IBM obsoleting mainframe hardware
https://www.garlic.com/~lynn/2007n.html#34 IBM obsoleting mainframe hardware
https://www.garlic.com/~lynn/2007o.html#20 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007o.html#21 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007o.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007o.html#31 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007o.html#33 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007o.html#62 Horrid thought about Politics, President Bush, and Democrats
https://www.garlic.com/~lynn/2007p.html#14 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#15 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007p.html#18 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007p.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#25 Horrid thought about Politics, President Bush, and Democrats
https://www.garlic.com/~lynn/2007p.html#32 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007s.html#22 America Competes spreads funds out
https://www.garlic.com/~lynn/2007s.html#36 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007t.html#15 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#18 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#43 Newsweek article--baby boomers and computers
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sat, 15 Dec 2007 19:26:57 -0500nmm1@cus.cam.ac.uk (Nick Maclaren) writes:
I have no direct knowledge ... just that quote from Melinda's paper from
early science center justification from doing virtual memory, virtual
machine work.
https://www.leeandmelindavarian.com/Melinda/
https://www.leeandmelindavarian.com/Melinda#VMHist
with a little bit of work, I easily got cp67 to 35-40 users on 360/67 doing mix-mode edit, compile, execute workload with subsecond response ... at a time when tss/360 (the corporate strategic virtual memory effort) on the same hardware couldn't get subsecond response running four users doing effectively same workload mix.
with a little bit more work, i got it to 75-80 users on 360/67 getting subsecond response.
Grenoble science center had 1mbyte (about 155 pageable pages after fixed memory requirements) 360/67 and did a modified cp67 for the "working set" dispatcher. Cambridge science center had 768kbyte (104 pageable pages after fixed memory requirements) 360/67 (i.e. Grenoble configuration had 50percent more real storage for paging than Cambridge System).
Cambridge with 80 users got about the same response and thruput as Grenoble with 35 users (both configurations running similar workload mix).
CP67 was "officially" announce at the spring 68 SHARE meeting in Houston
and customers commingly ran 35-40 users. Some number of stuff that I had
done as undergraduate had been incorporated and shipped in the product.
Some other stuff didn't ship until vm370 timeframe when my resource
manager was released
https://www.garlic.com/~lynn/subtopic.html#fairshare
however, there was a fairly close apples-to-apples comparison between the system running in Cambridge (modulo not having as much hardware) and the one running in Grenoble ... except Grenoble's "working set dispatcher" couldn't achieve the peek workload thruput as the Cambridge system (mainly because of the limitations of the working set dispatcher despite running on system with more resources).
misc past posts mentioning Cambridge/Grenoble comparisons
https://www.garlic.com/~lynn/2006b.html#4 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006d.html#0 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006e.html#7 About TLB in lower-level caches
https://www.garlic.com/~lynn/2006e.html#37 The Pankian Metaphor
https://www.garlic.com/~lynn/2006f.html#0 using 3390 mod-9s
https://www.garlic.com/~lynn/2006i.html#31 virtual memory
https://www.garlic.com/~lynn/2006i.html#36 virtual memory
https://www.garlic.com/~lynn/2006i.html#37 virtual memory
https://www.garlic.com/~lynn/2006i.html#42 virtual memory
https://www.garlic.com/~lynn/2006j.html#1 virtual memory
https://www.garlic.com/~lynn/2006j.html#17 virtual memory
https://www.garlic.com/~lynn/2006j.html#25 virtual memory
https://www.garlic.com/~lynn/2006l.html#14 virtual memory
https://www.garlic.com/~lynn/2006o.html#11 Article on Painted Post, NY
https://www.garlic.com/~lynn/2006q.html#19 virtual memory
https://www.garlic.com/~lynn/2006q.html#21 virtual memory
https://www.garlic.com/~lynn/2006r.html#34 REAL memory column in SDSF
https://www.garlic.com/~lynn/2006u.html#50 Where can you get a Minor in Mainframe?
https://www.garlic.com/~lynn/2006w.html#46 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2007i.html#15 when was MMU virtualization first considered practical?
https://www.garlic.com/~lynn/2007m.html#60 Scholars needed to build a computer history bibliography
https://www.garlic.com/~lynn/2007s.html#5 Poster of computer hardware events?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Sat, 15 Dec 2007 19:36:53 -0500Justa Lurker <JustaLurker@att.net> writes:
this particular study is 15yr olds ... so doesn't involve any career, college, university or graduate programs ... just basic knowledge that every public school graduate should know (in past posts there were reference to states that were suspending requirements for 12th grade highschool grauduates needing to meet 7th grade math proficiency).
as to separate issue of career and graduate-level programs, there may be some chicken & egg here ... this (education) trend has been going on for at least three decades; so the question then has the jobs moved because of the poor quality education or is the poor quality education because the jobs have moved. the poor education results dating back three decades seems to have predated a lot of the jobs going other places.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sun, 16 Dec 2007 10:46:00 -0500Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
there was a separate issue with os/360 system convention ... as opposed to 360 hardware.
os/360 system convention was that program images on disk had something called "relocatable address constants" ... and as part of fetching the program image into memory (real or virtual) ... the "relocatable address constants" would be swizzeled to absolute address.
contrast this with tss/360 ... built for virtual memory 360/67 machine ... had their "relocatable address constants" as separate structures from the program image. this allowed the same program image to appear at different locations in different virtual address spaces ... with the "relocatable address constant" structure adjusted appropriately for a specific image (as previously mentioned, tss/360 got lots of other things wrong ... including lots of thruput/performance)
As os/360 added virtual memory support and morphed into MVS ... it maintained its "relocatable adcon" implementation. This required that as part of program loading, the loader had to run thru the (uniquely loaded) program image and finding and modifying all the (somewhat randomly distributed) relocatable adcons. This resulted in heavy initialization for program loading (prefetching and modifying all the virtual pages containing relocatable adcons). It also precluded any program loader implementation that could leverage page-mapped filesystem and/or easily sharing common program image across multiple virtual address space (i.e. say by leverage segmentation hardware).
CMS (cambridge monitor system, later conversational monitor system) was developed at the science center, originally with cp40, and then moving along with the morph of cp40 to cp67 and then to vm370. It could be consider similar to the genre of virtual appliance activity associated with current day virtualization activity.
CMS provided os/360 compatibility simulation that was heavily used to run os/360 applications and programs ... and suffered the same overhead of hitting and modifying every program image virtual pages containing the (somewhat randomly distributed) relocatable adcons. CMS did have a feature to save a fixed-address program image (after all the relocatable adcons had been swizzled) ... and then do "fast" program reload.
In the early 70s, I had implemented a CMS (virtual memory) paged-mapped
filesystem ... some old references
https://www.garlic.com/~lynn/submain.html#mmap
and leveraged the virtual memory segment hardware to support page-mapped "loading" of common program image (or any file) shared across multiple different (CMS) virtual address spaces ... even the same image appearing at different addresses in different virtual address spaces.
However, the (os/360) relocatable address constant convention gave me fits, i had the choice between page-mapped loading program image
1) before the relocatable adcons had been swizzled ... the swizzling would modify the image and preclude it being shared across multiple virtual spaces
2) after the relocatable adcons had been swizzled ... the images could be shared ... but were forced to appear at the same address in every virtual address space.
So I developed a relative address hack ... redoing some amount of
program source so I could page-map load common program image (across
multiple virtual address space) and allow it to be loaded at whatever
free address/segment was available in any virtual address space. Lots of
past post mentioning difficulty of doing relative address hack (despite
any limitations in the underlying hardware)
https://www.garlic.com/~lynn/submain.html#adcon
for other topic drift ... there were some number of companies spun off
in the cp67 and early vm370 timeframe to offer (virtual machine based)
commercial timesharing
https://www.garlic.com/~lynn/submain.html#timeshare
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Sun, 16 Dec 2007 11:00:10 -0500Morten Reistad <first@last.name> writes:
this has already been mentioned as one of the reasons
why there has been cutback in oil exploration/drilling
projects
https://www.garlic.com/~lynn/2007q.html#42 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007s.html#63 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#43 Newsweek article--baby boomers and computers
as well as other major business risks with the boomer exodus
https://www.garlic.com/~lynn/2007s.html#32 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#1 Newsweek article--baby boomers and computers
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sun, 16 Dec 2007 11:23:28 -0500Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
one of the more complicated areas is I/O ... and the mainframe I/O "channel programs". The I/O channels execute "channel programs" using real addresses.
cp67, to provide virtual machine simulation had to intercept I/O activation, and scan the associated virtual machine's channel program, create a shadow copy of it, fetch each specified virtual page and fix in real memory (until the i/o operation has completed) ... and then activate the shadow copy channel program for execution.
OS/360 had a convention where applications built "real" channel programs (mostly done by called library routines) which were then passed to the OS/360 kernel for activation. In the transition of OS/360 to a virtual memory environment (when hardware became generally available on 370s), it had to 1) build virtual address space tables, 2) handle page faults and paging operations, and 3) translate the passed application channel programs ... in manner similar to that described for cp67.
in fact, the initial os/360 virtual memory implementation ... borrowed the channel program translation code (CCWTRANS) from cp67.
These days if you have MVS running in a VM virtual machine, MVS will translate the application's channel program, activating the translated copy/shadow channel program; VM hypervisor will then intercept the activation and perform the translation all over again.
Early on, CP67 provided custom hypervisor interfaces ... several of which were tailored to CMS operation to reduce virtual machine emulation overhead. I had done a flavor of one while an undergradate to drastically cut down on the (translation) overhead associated with doing CMS file i/o operations. However, this retained the virtual->real address translation metaphor (although the pathlength to scan, copy, and translate was drastically reduced).
I completely eliminated that overhead in the early 70s, when i did
a hypervisor API that supported page-mapped filesystem operations
https://www.garlic.com/~lynn/submain.html#mmap
also mentioned in this previous post
https://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, IBM Floating-point myths
I/O continues to be one of the major issues in virtual machine implementations.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sun, 16 Dec 2007 11:49:49 -0500YANSWBVCG <daf@puf2.localhost.comcast.net> writes:
virtual memory system was designed for 360/67 ... a lot of it in
response to project mac. you can read more about it in melinda's virtual
machine history ... which contains a lot of early history leading up to
360 virtual memory
https://www.leeandmelindavarian.com/Melinda/
https://www.leeandmelindavarian.com/Melinda#VMHist
the "official" product for 360/67 was tss/360 and was sold to a lot of universities. when tss/360 ran into all sort of implementation and schedule problems ... lots of places started looking around for alternatives .. including Univ. of Michigan, developing MTS for 360/67. 360 was replaced by 370 ... but initially announced and shipped to customers w/o virtual memory capability ... later virtual memory was announced for all 370s ... and Michigan morphed MTS from 360/67 to 370 virtual memory (replacing 360/67 with 370/168).
starting prior to 360/67 being announced and marketing to customers
(including several univ), the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
had been involved in the Project MAC bid ... and then questioned what was being done for 360/67 and tss/360 (i.e. part of the motivation behind the reference to Atlas in prior post).
this also prompted the science center to modify a 360/40 with virtual memory hardware and create cp40 ... which later morphed into cp67 when standard 360/67 with virtual memory became available.
some recent posts in other threads mentioning MTS and UofM
https://www.garlic.com/~lynn/2007t.html#54 new 40+ yr old, disruptive technology
https://www.garlic.com/~lynn/2007u.html#13 new 40+ yr old, disruptive technology
https://www.garlic.com/~lynn/2007u.html#18 Folklore references to CP67 at Lincoln Labs
https://www.garlic.com/~lynn/2007u.html#23 T3 Sues IBM To Break its Mainframe Monopoly
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sun, 16 Dec 2007 12:26:29 -0500re:
some pictures of the MTS 360/67
http://www.eecis.udel.edu/~mills/gallery/gallery8.html
umich.edu use to have quite a few webpages on MTS and its history, from a 1996 article that went 404 ... but somebody had apparently cloned the pages and put them up ... but those went 404 also.
however, the wayback machine is your friend (although it doesn't
have the images)
https://web.archive.org/web/20050408065420/http://www.itd.umich.edu/~doc/Digest/0596/index.html
https://web.archive.org/web/20050212073715/http://www.itd.umich.edu/~doc/Digest/0596/feat01.html
https://web.archive.org/web/20050822212817/http://www.itd.umich.edu/~doc/Digest/0596/feat02.html
https://web.archive.org/web/20050403221053/http://www.itd.umich.edu/~doc/Digest/0596/feat03.html
from the above pages:
MTS Begins as Experiment
While waiting for the Model 65M to arrive, Computing Center personnel
were able to perform their early timesharing experiments using an IBM
Model 360/50 that was funded by the ConComp Project. Headed by Computing
Center associate director Frank Westervelt with funding from ARPA
(Advanced Research Projects Agency of the U.S. Department of Defense),
the ConComp Project was investigating "conversational computing."
The timesharing experiment began as a "half-page of code on the kitchen
table." By combining this new code with a version of a small
multi-programming system (LLMPS) from MIT Lincoln Laboratories--which
was modified and became the U-M Multi-Programming System (UMMPS)--MTS
architects Mike Alexander and Don Boettner were able to create a
prototype timesharing system.
This was the earliest incarnation of MTS, which Alexander and Boettner
intended as "a throw-away system that we worked on while we waited for
TSS to become available."
IBM's TimeSharing System
With requests for over 100 new machines, now called the System/360 Model
67, IBM realized there was a market for timesharing, and it agreed to
develop the software as well as build the machine. However, development
work on IBM's TimeSharing System (TSS) took longer than anticipated and,
therefore, was not yet available when the Model 67 arrived at the
Computing Center in 1967.
The ball was now in U-M's court to decide whether to return the Model 67
and select another main-frame or to create an interim system to use
until TSS was ready. The Computing Center staff members decided to
continue their own experiments with timesharing and moved their
development work from the Model 50 to the Model 67.
... snip ...
note that in the above, MTS timesharing work started with a 360/50 w/o virtual memory (and LLMPs from Lincoln Labs).
some more from the above pages:
Undeterred by this pronouncement, the Computing Center launched a major
development effort to enhance the capabilities of MTS. According to
Alexander, "We developed MTS because we didn't know it was impossible."
Five months later, in May 1967, MTS was released to the campus.
... snip ...
cambridge morphed cp40 to cp67 when they were finally able to get a 360/67 machine (they were very low priority, machines would go to tss/360 development and customers before they would be made available to other internal locations). The cp67 morph was installed at Lincoln Labs 67 during 1967 and installed at the univ (where i was undergraduate) the last week jan68.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sun, 16 Dec 2007 15:13:25 -0500Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
cp40/cp67/vm370 for virtual memory paging, formated (and treated) the (CKD) disks as if they were fixed block.
CMS ... possibly some of its heritage back to CTSS & 7094 ... had a filesystem that formated (and treated) the (CKD) disks as if they were fixed block.
however, CKD support search & multi-track search operations. An operating system (OS/360) could design a filesystem where it could offload i/o programs that searched for the desired file or record (say, as opposed to keeping the information cached in real storage). This could be seen as IO/real-storage implementation trade-off from the early 60s were there was much more (relatively) abundant system I/O capacity and real-storage was extremely constrained.
in this time-frame, the multi-track search overhead ... in terms of
scarce i/o resources ... was becoming a major resource hog and
bottleneck ... however, the use of multi-track search had become
ingrained in the standard os/360 descendants. misc. past posts
https://www.garlic.com/~lynn/submain.html#dasd
i've frequently commented starting at least in the mid-70s that resource trade-off was starting to change ... relative system i/o capacity was becoming much more of a bottleneck and relative system real storage had become much more abundant. As a result, lots of infrastructures was starting to leverage the relatively "abundant" real storage to compensate for the increasingly i/o bottleneck (like high level indexes and caching).
One place this change can be seen is with RDBMS. The original relational/sql implementation done by research in bldg. 28 ... was having skirmishes with the 60s "physical database" people in bldg. 90 (ten miles south). The 60s database people were claiming that system/r doubled the physical disk space (for the indexes) and significantly increased the i/o (as well as serializing) access. The rdbms faction countered that the relational metaphor abstracted the direct record pointer (used in the 60s) implementation ... eliminating significant administrative and application development overhead associated with exposed/direct record pointer management.
going into the 80s, the disk cost-per-byte (continued) declining ... significantly mitigating the cost overhead of the (relational) indexes. also, the continued increase in (relatively abundant) real storage allowed implementations to cache the relational indexes ... significantly cutting down the I/O overhead and serialization dealing with indexes.
some number of past posts about system/r, its morphing into
sql/ds and db2 as well as other rdbms related posts
https://www.garlic.com/~lynn/submain.html#systemr
i've mentioned in the past, that at one point i was claiming that relative disk system thruput had declined by an order of magnitude over a period of approx. 15 yrs ... and some disk division executive asked their performance group to refute the claims. After serveral weeks, they effectively came back and said that I had slightly understated the case.
in some of these old posts about that assertion, I point at that the
increase in CMS user workload (between cp67 on 360/67 and vm370 on 3081)
is basically proportional to the increase in I/O thruput ... not
increase in either processor or real-storage. Since processor thruput
increased by an order of magnitude more than disk i/o increased, the
relative system disk i/o thruput declined by an order of magnitude.
https://www.garlic.com/~lynn/93.html#31 Big I/O or Kicking the Mainframe out the Door
https://www.garlic.com/~lynn/94.html#43 Bloat, elegance, simplicity and other irrelevant concepts
https://www.garlic.com/~lynn/94.html#55 How Do the Old Mainframes Compare to Today's Micros?
https://www.garlic.com/~lynn/95.html#10 Virtual Memory (A return to the past?)
https://www.garlic.com/~lynn/98.html#46 The god old days(???)
https://www.garlic.com/~lynn/99.html#4 IBM S/360
https://www.garlic.com/~lynn/2001d.html#66 Pentium 4 Prefetch engine?
https://www.garlic.com/~lynn/2001f.html#62 any 70's era supercomputers that ran as slow as today's supercomputers?
https://www.garlic.com/~lynn/2001l.html#40 MVS History (all parts)
https://www.garlic.com/~lynn/2001l.html#61 MVS History (all parts)
https://www.garlic.com/~lynn/2001m.html#23 Smallest Storage Capacity Hard Disk?
https://www.garlic.com/~lynn/2002.html#5 index searching
https://www.garlic.com/~lynn/2002b.html#11 Microcode? (& index searching)
https://www.garlic.com/~lynn/2002b.html#20 index searching
https://www.garlic.com/~lynn/2002e.html#8 What are some impressive page rates?
during some of this period i was getting to play disk engineer
in bldg. 14&15
https://www.garlic.com/~lynn/subtopic.html#disk
and the disk division had introduced a family of "fixed block architecture" disks. vm370 and some of the other corporate operating systems easily adapted to supporting the devices. However, the high-end favorite son operating system wasn't able ... not so much because of fixed-block vis-a-vis variable-length ... but because the multi-track search operation no longer existed.
I discussed this in some detail with their filesystem people. The claimed that even if i provided them with fully integrated and tested code supporting fixed-block-architecture (FBA) devices, it would still cost $26m in documentation, training, education, etc. to ship the support to customers. I need to show that customers would buy enuf extra disks (because of the feature) to show a significant ROI justifying the $26m. The counter argument at the time, was that the customers would effectively change from buying CKD disks to buying FBA disks ... w/o actually increasing the amount of purchases. This discounted all the lifetime savings and simplifications from moving to FBA infrastructure.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: CompUSA to Close after Jan. 1st 2008 Newsgroups: alt.folklore.computers Date: Sun, 16 Dec 2007 16:03:59 -0500AZ Nomad <aznomad.2@PremoveOBthisOX.COM> writes:
more than a decade earlier and established rules to avoid the problem.
however, an instance of one such rapidly spreading implementation
did appear on bitnet
https://www.garlic.com/~lynn/subnetwork.html#bitnet
some of which did leak over into the internal network ... the xmas exec even predated the morris worm.
past reference
https://www.garlic.com/~lynn/2004p.html#13 Mainframe Virus ????
past reference from vmshare archive (almost exactly
two decade anniversary, 10dec87)
http://vm.marist.edu/~vmshare/browse.cgi?fn=CHRISTMA&ft=PROB
reference (from joe morris) in risk digest archive
(21dec87)
http://catless.ncl.ac.uk/Risks/5.81.html#subj1
by comparison, the morris worm was a year later:
https://en.wikipedia.org/wiki/Morris_worm
the basic vulnerability was allowing executable command scripts/execs to be loaded from arriving network traffic.
now at the jan96 mdf at moscone ... while internet was mentioned frequently ... the theme appeared to be "protecting your investment" ... i.e. all the basic/VB technology that had evolved for stand-alone environment and private/departmental networking would be carried forward into the internet environment ... promoting extensive VB applications that evolved in the private/departmental networking environment to be extended to the internet environment ... w/o also dealing with the significant threat/vulnerability differences between the private/departmental networking environments and the wide-open, hostile anarchy of the internet.
misc. past posts mentioning "protect your investment" theme
https://www.garlic.com/~lynn/2004k.html#32 Frontiernet insists on being my firewall
https://www.garlic.com/~lynn/2004l.html#51 Specifying all biz rules in relational data
https://www.garlic.com/~lynn/2007s.html#18 Oddly good news week: Google announces a Caps library for Javascript