From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch Date: Sun, 16 Dec 2007 22:34:20 -0500haynes@alumni.uark.edu (Jim Haynes) writes:
there was something like that done (base&bound) in the microcode as part of oldtime emulation support.
one of the engineers on the boeing account used it to port cp67 to 370 before virtual memory was announced (using base&bound to limit virtual machine address space). the problem was that it required one contiguous region ... and because of the still somewhat limited real storage ... the whole area needed to be swapped.
for real storage system ... the 4bit protection keys allowed storage protection on 2k increments for up to 15 concurrent (different) tasks to coexist simultaneously (in the relatively small real storage of the period, 360/30s regularly operated with 32kbyte real storage, i started out on 360/30 with 64kbyte real storage).
this paper from apr64 by Amdahl, blaauw, and brooks discusses
some of the trade-off decisions in 360 design
http://www.research.ibm.com/journal/rd/082/ibmrd0802C.pdf
there were some number of "interactive" subsystems that evolved under
traditional os/360 batch platform that used logical base&bound ... for
instance apl\360 and associated workspaces. this contiguous limitation
wasn't so bad as long as the workspace size was typically 16kbytes to
32kbytes ... and required swapping the whole workspace to switch between
users. however, the small size of the contiguous workspace probably
contributed to its storage management and garbage collection
implementation ... which had to be completely reworked when the science
center
https://www.garlic.com/~lynn/subtopic.html#545tech
ported apl\360 to cms for cms\apl (and operating in potentially 16mbyte
paged virtual address space). some past posts mentioning apl &/or some
large apl applications
https://www.garlic.com/~lynn/subtopic.html#hone
later in the early 80s, hardware/microcode subset of virtual machine support (hypervisor) used something similar ... with dedicated real storage. Early implementations had two dedicated logical machine areas ... one typically would run a MVS batch system and the other would run virtual machine (software) hypervisor ... and the hardware/microcode would partition the resources for the two "machines".
The maximum number of supported LPARs on mainframe have undergone
increases since them. z990 supports up to 30 LPARs
http://www.redbooks.ibm.com/redbooks/pdfs/sg246863.pdf
Z9 Enterprise class supports up to 60 LPARs
http://www-03.ibm.com/systems/z/z9ec/
LPARs have also been adopted to other products lines. This is
description of LPARs on 801/RISC power/pc derivative used by AS/400 now
supporting up to 254 LPARs
http://www-03.ibm.com/servers/eserver/iseries/lpar/
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Mon, 17 Dec 2007 05:41:15 -0500Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
made all sorts of claims about infrastruction lifetime cost & complexity savings in moving from CKD to FBA as ROI justification for the $26m conversion costs (documentation, training, education, etc) ... but they just wanted to see increased disk sales attributed to CKD to FBA change, as ROI justification.
in mainframe forums there have been references to IBM statements about not introducing any new DASD models with changed geometry/configuration ... the underlaying fixed-block disk technology may go thru all sorts of transitions ... but they will hold the CKD emulation static.
for other topic drift, i had done q&d conversion of gcard ios3270 to html
https://www.garlic.com/~lynn/gcard.html
including oldtime DASD Capacity Formulae
https://www.garlic.com/~lynn/gcard.html#26.3
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Mon, 17 Dec 2007 06:14:59 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
from today:
Barclays' PINSentry roll-out marred by technical problems
http://www.theregister.co.uk/2007/12/17/pinsentry/
from above:
Barclays' online customers (both consumers and small business) are
required to use the handheld device to generate a one-time passcode that
will have to be entered at login and to run some online banking
functions, such as setting up payments to new third party accounts. The
device will only generate a passcode once the user's bank card has been
read, and the PIN code entered. The approach is a refinement of
two-factor authentication approaches already in use by some UK banks,
such at Lloyds TSB, and more widely by banks in Scandinavia and
elsewhere in Europe for some time
... snip ...
in the challenge/response scenario .. the device looks like a small calculator, the person enters the numeric challenge code on the calculator keys and reads out the response from the calculator display ... which is then entered.
part of the issue has always been the integrity of the session environment ... and/or is it necessary to move to transaction level armoring.
as referenced in these posts
https://www.garlic.com/~lynn/2007u.html#71 folklore indeed
https://www.garlic.com/~lynn/2007u.html#76 folklore indeed
the visual keyboard & captcha countermeasures basically assume that the PC has been compromised ... however, nowhere did they get a promise from the attackers ... that the only (compromised PC) attack would be limited to logging (for later replay as part of fraudulent transactions).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Mon, 17 Dec 2007 07:04:33 -0500re:
long ago and far way, a multi-track search folktale that appears
several times in past ckd (multi-track search) postings
https://www.garlic.com/~lynn/submain.html#dasd
datacenter for large national retailer was having severe performance problems and large number of experts had trooped thru the installation. the had dozen or more regional districts partitioned across several processor complexes in a large (shared) 3330 dasd loosely-coupled complex. they provided a lot of real-time applications down to individual store level. this was all running the commercial, favorite-son operating system.
the performance characteristics as load increased during the day, thruput appeared to almost come to a halt.
they finally got around to bringing me in ... to a class-room with dozen or so tables ... covered with foot high stacks of printed output from various performance & thruput reports. after maybe 45 minutes of leafing thru the reports there seemed to be somewhat anomolous correlation of about six disk i/os/sec (aggregate when manually sumed across all the individual processor complex reports) for a specific disk ... during periods of "bad" thruput. It didn't seem to be extremely out of the ordinary activity rate ... but seem to be highly consistent.
after a little investigation, this particular 3330 contained the main application program library for all stores ... organized in a PDS file-format ... sort of like a sub-file system, with its own PDS directory for all members in the file. It was rather large PDS file with a 3cylinder PDS directory.
When a application program is loaded from a PDS file, first there is a multi-track search of the directory for the specific member ... in this particular case the search took avg of 1.5 cylinders. 3330s have 19 tracks and spin at 3600 rpm ... a single (full cylinder) multi-track search I/O operation was taking 19/60 (.31) seconds. It turns out in this scenario, six I/Os per second represented 100 precent device utilization and was able to perform only 2-3 application program loads per second across all processors in the loosely-coupled configuration (serving a large number of stores for this large national retailer).
This was long after advances in technology (and significant increases in real-storage sizes) would have allowed building/caching the PDS directory in real-storage as well as a large number of the individual application programs.
the previously mentioned CKD complexity ... of dealing with application setup and track size calculation ... tended to be a development issue ... but once done for a specific application ... it was established. The (performance) effects of multi-track search could cascade into affecting system operation of every second of every day.
the operational characteristics of mainframe i/o and channels further aggravated the enormous performance degradation of multi-track searches. because of various (early 60s) design trade-offs ... the search argument was resident in mainframe memory ... and the search operation refetched it for every compare operation for every field encountered as the disk was spinning. that met that the channel path to processor was held busy (as well as the disk controller) for the duration of the operation. typical configuration might have half-dozen (or more) disks shared on a the same controller. The full cylinder multi-track search not only met the device was busy for 19/60 seconds for each operation ... but also the associated controller and channel (locking out any other devices on the same controller and/or channel).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Mon, 17 Dec 2007 07:36:48 -0500re:
another multi-track folklore tale from long ago and far away ... was for a period SJR was running MVS on 168 and VM on 158 in (physically) shared 3330 dasd loosely-coupled configuration (168 has about 3 times processing power of the 158) ... although there were strict guidelines that the drives and controllers were strictly partitioned/allocated for the two systems (i.e. 3330 packs for MVS were never to be mounted on VM "drive").
one morning the computing center started getting angry calls from users that the vm/cms response and thruput had all of a sudden significantly degraded. after a little investigation, it turns out that an operator had recently mounted an "MVS" 3330 pack on a "VM" 3330 drive. The multi-track MVS searches to the "MVS" pack was resulting in significant busy for the associated "VM" controller (resulting in performance service disruption for VM to the VM 3330s on the same controller).
There was a demand that the "MVS" 3330 pack be immediately "moved". The "MVS" operations people refused to do it until end-of-day. So we mounted a "VM" 3330 pack on one of the "MVS" drives and with some specially crafted VM initiated multi-track searches (on a heavily loaded VM 158) managed to severely degrade the MVS (168) service ... and prompting the "MVS" operations people to immediately move all packs.
One of the sporadic claims about generally relatively horrible "TSO" response and thruput ... is that TSO doesn't know to operate w/o the underlying MVS system i.e. some of the inability of TSO to give reasonable service is inherited from characteristics of the underlying MVS system, not necessarily all TSO itself .... aka, as in this particular tale ... it was even possible for MVS to cause CMS service to look bad.
past posts mentioning ckd, multi-track search, dasd, etc
https://www.garlic.com/~lynn/submain.html#dasd
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: IPv6 vs Y2K and GOSIP Newsgroups: alt.folklore.computers Date: Mon, 17 Dec 2007 09:41:14 -0500IPv6 vs. Y2K and GOSIP; IPv6 upgrade has more in common with old GOSIP program than Year 2000 efforts
from above:
Y2K spawned congressional hearings, increased federal IT budgets and was
well-known among non-techies. The federal government's IPv6 upgrade, on
the other hand, is happening quietly behind the scenes with little
additional funding or fanfare. The Office of Management and Budget (OMB)
has directed all federal agencies to be capable of supporting IPv6 on
their network backbones by June 30, 2008.
...
Some long-time industry observers are comparing the federal government's
IPv6 mandate to an earlier federal mandate for a now-defunct network
technology called GOSIP, or Government Open Systems Interconnection
Profile.
... snip ...
and
Top IPv6 guru predicts last-minute switch to protocol; Asks: Do you have
enough public IPv4 addresses to sustain you?
http://www.networkworld.com/news/2007/121707-how-feds-are-dropping-the-ball-side-1.html
misc posts mentioning GOSIP:
https://www.garlic.com/~lynn/99.html#114 What is the use of OSI Reference Model?
https://www.garlic.com/~lynn/99.html#115 What is the use of OSI Reference Model?
https://www.garlic.com/~lynn/2000b.html#0 "Mainframe" Usage
https://www.garlic.com/~lynn/2000b.html#79 "Database" term ok for plain files?
https://www.garlic.com/~lynn/2000d.html#16 The author Ronda Hauben fights for our freedom.
https://www.garlic.com/~lynn/2000d.html#43 Al Gore: Inventing the Internet...
https://www.garlic.com/~lynn/2000d.html#63 Is Al Gore The Father of the Internet?
https://www.garlic.com/~lynn/2000d.html#70 When the Internet went private
https://www.garlic.com/~lynn/2001e.html#32 Blame it all on Microsoft
https://www.garlic.com/~lynn/2001i.html#5 YKYGOW...
https://www.garlic.com/~lynn/2001i.html#6 YKYGOW...
https://www.garlic.com/~lynn/2002g.html#21 Why did OSI fail compared with TCP-IP?
https://www.garlic.com/~lynn/2002g.html#30 Why did OSI fail compared with TCP-IP?
https://www.garlic.com/~lynn/2002i.html#15 Al Gore and the Internet
https://www.garlic.com/~lynn/2002m.html#59 The next big things that weren't
https://www.garlic.com/~lynn/2002n.html#42 Help! Good protocol for national ID card?
https://www.garlic.com/~lynn/2003e.html#71 GOSIP
https://www.garlic.com/~lynn/2003e.html#72 GOSIP
https://www.garlic.com/~lynn/2003o.html#68 History of Computer Network Industry
https://www.garlic.com/~lynn/2004c.html#52 Detecting when FIN has arrived
https://www.garlic.com/~lynn/2004e.html#13 were dumb terminals actually so dumb???
https://www.garlic.com/~lynn/2005.html#29 Network databases
https://www.garlic.com/~lynn/2005d.html#11 Cerf and Kahn receive Turing award
https://www.garlic.com/~lynn/2005e.html#39 xml-security vs. native security
https://www.garlic.com/~lynn/2005u.html#53 OSI model and an interview
https://www.garlic.com/~lynn/2006j.html#34 Arpa address
https://www.garlic.com/~lynn/2006k.html#6 Hey! Keep Your Hands Out Of My Abstraction Layer!
https://www.garlic.com/~lynn/2006k.html#45 Hey! Keep Your Hands Out Of My Abstraction Layer!
https://www.garlic.com/~lynn/2006k.html#47 Hey! Keep Your Hands Out Of My Abstraction Layer!
https://www.garlic.com/~lynn/2007.html#43 SSH protocol analyzer
https://www.garlic.com/~lynn/2007c.html#29 Being "Open" (Was: Mainframe vs. "Server")
https://www.garlic.com/~lynn/2007d.html#31 old tapes
https://www.garlic.com/~lynn/2007k.html#44 Why Ping Requires RAW Sockets?
https://www.garlic.com/~lynn/2007m.html#38 OSI abandoned!
and some posts mentioning Y2K
https://www.garlic.com/~lynn/99.html#21 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese Solve Y2K)
https://www.garlic.com/~lynn/99.html#22 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese Solve Y2K)
https://www.garlic.com/~lynn/99.html#23 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese Solve Y2K)
https://www.garlic.com/~lynn/99.html#24 BA Solves Y2K (Was: Re: Chinese Solve Y2K)
https://www.garlic.com/~lynn/99.html#27 Roads as Runways Was: Re: BA Solves Y2K (Was: Re: Chinese
https://www.garlic.com/~lynn/99.html#44 Internet and/or ARPANET?
https://www.garlic.com/~lynn/99.html#78 Mainframes Relevant?
https://www.garlic.com/~lynn/99.html#214 Ask about Certification-less Public Key
https://www.garlic.com/~lynn/2000.html#0 2000 = millennium?
https://www.garlic.com/~lynn/2001.html#68 California DMV
https://www.garlic.com/~lynn/2001n.html#74 The demise of compaq
https://www.garlic.com/~lynn/2002.html#30 Younger recruits versus experienced veterans ( was Re: The demise of compa
https://www.garlic.com/~lynn/2002.html#45 VM and/or Linux under OS/390?????
https://www.garlic.com/~lynn/2002j.html#20 MVS on Power (was Re: McKinley Cometh...)
https://www.garlic.com/~lynn/2002k.html#14 NASA MOC (mainframe mission operations computer) being powere d
https://www.garlic.com/~lynn/2002l.html#49 Do any architectures use instruction count instead of timer
https://www.garlic.com/~lynn/2002o.html#28 TPF
https://www.garlic.com/~lynn/2003p.html#21 Sun researchers: Computers do bad math ;)
https://www.garlic.com/~lynn/2003p.html#33 [IBM-MAIN] NY Times editorial on white collar jobs going
https://www.garlic.com/~lynn/2004b.html#2 The SOB that helped IT jobs move to India is dead!
https://www.garlic.com/~lynn/2004e.html#22 Pre-relational, post-relational, 1968 CODASYL "Survey of Data Base Systems"
https://www.garlic.com/~lynn/2004e.html#48 Data Display & Modeling
https://www.garlic.com/~lynn/2004f.html#39 Who said "The Mainframe is dead"?
https://www.garlic.com/~lynn/2004m.html#51 stop worrying about it offshoring - it's doing fine
https://www.garlic.com/~lynn/2004n.html#11 XML: The good, the bad, and the ugly
https://www.garlic.com/~lynn/2004o.html#66 Integer types for 128-bit addressing
https://www.garlic.com/~lynn/2004q.html#8 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2004q.html#13 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005.html#20 I told you ... everybody is going to Dalian,China
https://www.garlic.com/~lynn/2005c.html#6 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005s.html#16 Is a Hurricane about to hit IBM ?
https://www.garlic.com/~lynn/2006b.html#29 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006c.html#33 Military Time?
https://www.garlic.com/~lynn/2006g.html#21 Taxes
https://www.garlic.com/~lynn/2006h.html#49 Mainframe vs. xSeries
https://www.garlic.com/~lynn/2006k.html#50 TSO and more was: PDP-1
https://www.garlic.com/~lynn/2006o.html#9 Pa Tpk spends $30 million for "Duet" system; but benefits are unknown
https://www.garlic.com/~lynn/2006q.html#54 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006r.html#16 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006s.html#40 Ranking of non-IBM mainframe builders?
https://www.garlic.com/~lynn/2006u.html#13 Year-end computer bug could ground Shuttle
https://www.garlic.com/~lynn/2006u.html#35 Friday fun - Discovery on the pad and the software's not done
https://www.garlic.com/~lynn/2007b.html#26 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007g.html#39 Wylbur and Paging
https://www.garlic.com/~lynn/2007h.html#10 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007l.html#18 Non-Standard Mainframe Language?
https://www.garlic.com/~lynn/2007n.html#38 Is Parallel Programming Just Too Hard?
https://www.garlic.com/~lynn/2007p.html#31 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#39 India is outsourcing jobs as well
https://www.garlic.com/~lynn/2007r.html#26 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#36 Students mostly not ready for math, science college courses
https://www.garlic.com/~lynn/2007t.html#19 Translation of IBM Basic Assembler to C?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Ironkey Newsgroups: alt.computer.security Date: Mon, 17 Dec 2007 11:02:21 -0500comphelp@toddh.net (Todd H.) writes:
this has somewhat given rise to the visual keyboards operated by mouse
clicks. some discussion in this thread:
https://www.garlic.com/~lynn/2007u.html#76
however, almost immediately after the appearance of such approach, the crooks had loggers that could capture screens and mouse operations. there was then some iterations attempting to obscure the screens ... which is ongoing (loosing) battle. There has been some recent comments that not being able to keep up with the crooks regarding obscuring the screen ... is the doom of secure online sessions.
however, the crooks had never promised that they would only
limit what a compromised PC might do to just logging ... long
winded discussion here
https://www.garlic.com/~lynn/2007u.html#76
with some other ways a compromised PC might react.
Part of the issue is knowing whether or not any human interaction was
actually involved in specific operations (or being simulated by some
virus/trojan in a compromised PC). This was studied in the 90s in
conjunction with formulating the EU finread terminal standard as
countermeasure to numerous possible things that a compromised PC might
do.
https://www.garlic.com/~lynn/subintegrity.html#finread
another such approach is the device referenced in
this posting
https://www.garlic.com/~lynn/2007v.html#2
which basically air-gaps the device from the PC and operates with challenge/response, the challenge value is read off the screen, typed into the device which produces the response ... which is then typed at the keyboard.
there is still the issue of secure session-oriented operations running in a possibly compromised PC ... as opposed to changing to challenge/response for transaction-oriented operations.
for other topic drift ... misc. posts mentioning 40+ yr old technology
attempting to address problems with PCs becoming infected and
compromised.
https://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007q.html#64 Virtual Browsers: Disposable Security
https://www.garlic.com/~lynn/2007r.html#47 Translation of IBM Basic Assembler to C?
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Faster Chips Are Leaving Programmers in Their Dust Newsgroups: alt.folklore.computers Date: Mon, 17 Dec 2007 14:40:46 -0500on going theme that is being repeated many times:
Faster Chips Are Leaving Programmers in Their Dust
http://developers.slashdot.org/developers/07/12/17/1635200.shtml
from above:
Engineers and computer scientists acknowledge that despite advances in
recent decades, the computer industry is still lagging in its ability to
write parallel programs. It mirrors what C++ guru and now Microsoft
architect Herb Sutter has been saying in articles such as his "The Free
Lunch Is Over: A Fundamental Turn Toward Concurrency in Software."
... snip ...
referenced in the above
The Free Lunch Is Over; A Fundamental Turn Toward Concurrency in
Software
http://gotw.ca/publications/concurrency-ddj.htm
more lengthy discussion ... from above Conclusion:
If you haven't done so already, now is the time to take a hard look at
the design of your application, determine what operations are
CPU-sensitive now or are likely to become so soon, and identify how
those places could benefit from concurrency. Now is also the time for
you and your team to grok concurrent programming's requirements,
pitfalls, styles, and idioms.
... snip ...
as before, a basic primitive for over 35yrs has been compare&swap
instruction ... misc. posts
https://www.garlic.com/~lynn/subtopic.html#smp
invented by Charlie (compare&swap was chosen because CAS are charlie's
initials) at the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
working on fine-grain locking for cp67. The initial attempt to get compare&swap into 370 architecture was rebuffed ... with statements about the favorite son operating system felt that the test&set instruction was perfectly fine for multiprocessor operation. The challenge then was to come up with a non-multiprocessor specific use of compare&swap. Thus was born the example uses for multithreaded applications (not necessarily running on real multiprocessors) to serialize operations (adopted big time by large multi-threaded applications like database systems ... to avoid some of the enormous overhead of performing kernel calls for every such use).
from appendix of current z/architecture principles of operation
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/A.6?SHELF=DZ9ZBK03&DT=20040504121320
multiprogramming is mainframe lingo for multithreaded operation.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Virtualization still hot, death of antivirus software imminent Newsgroups: alt.folklore.computers Date: Mon, 17 Dec 2007 17:27:59 -0500as before the following article talks about the new 40+ yr old technology, but also mentions an old approach to eliminating major mechanism for network originated compromises
Virtualization still hot, death of antivirus software imminent, VC
http://www.networkworld.com/news/2007/121707-crystal-ball-virtualization.html
from above:
Another trend Maeder predicts for 2008 is, at long last, the death of
antivirus software and other security products that allow employees to
install and download any programs they'd like onto their PCs, and then
attempt to weed out the malicious code. Instead, products that protect
endpoints by only allowing IT-approved code to be installed will become
the norm.
... snip ...
A recent post mentioning a two-decade version of this:
https://www.garlic.com/~lynn/2007u.html#87 CompUSA to Close after Jan. 1st 2008
one of the references in the above:
http://vm.marist.edu/~vmshare/browse.cgi?fn=CHRISTMA&ft=PROB
another recent post mentioning problems related to compromised PCs
https://www.garlic.com/~lynn/2007v.html#6 Ironkey
and other recent posts mentioning compromised PCs
https://www.garlic.com/~lynn/2007u.html#15 Public Computers
https://www.garlic.com/~lynn/2007u.html#68 folklore indeed
https://www.garlic.com/~lynn/2007u.html#76 folklore indeed
https://www.garlic.com/~lynn/2007v.html#2 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Tue, 18 Dec 2007 09:07:33 -0500Nick Atty <1-nospam@temporary-address.org.uk> writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: About 1 in 5 IBM employees now in India - so what ? Newsgroups: bit.listserv.ibm-main Date: Tue, 18 Dec 2007 09:25:39 -0500howard.brazee writes:
posts on recently published study on educational ranking of
different countries
https://www.garlic.com/~lynn/2007u.html#78 Educational ranking
https://www.garlic.com/~lynn/2007u.html#80 Educational ranking
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Tue, 18 Dec 2007 21:20:25 -0500Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
there were the 360 batch systems which were real memory and the storage protect keys were to separate different applications running in the same real memory (as well as the kernel). some of the underlying hardware had base&bound but wasn't part of 360 architecture ... was used for some of the emulation support.
the flagship timesharing system was to be tss/360 running on 360/67
which had hardware virtual memory in the mid-60s ... although tss/360
ran into implementation and scheduling problems ... which then saw the
rise of other virtual memory implementations on the 360/67, like MTS
at UofMich and cp67 (which also implemented virtual machines)
from the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
there were also early cp67 spin-offs that offered commercial
service bureau timesharing starting in the late 60s
https://www.garlic.com/~lynn/submain.html#timeshare
boeing huntsville did do a custom modification of os360 mvt release 13 that made use of the virtual memory on 360/67 ... not for paging ... but purely for storage management. os360 mvt had problem with storage fragmentation with long running applications (and applications needing contiguous range of storage) ... and boeing huntsville machine was supporting a large number of (long running) 2250 graphics application ... and experiencing significant problems with MVT storage fragmentation. the boeing huntsville modifications were purely for rearranging the real storage locations into contiguous ranges (w/o any support for paging operations).
i've commented before that in some cases that there were more cp67 & vm370 timesharing installs than some other companies total customer installations .... however, in the publics minds, these are possible overshadow by the significantly large number of batch machine installs. I've also commented that not only were there significantly larger number of customer batch installations than the customer timesharing installations ... but also the customer timesharing installations were much larger than the number of internal (cp67&vm370) timesharing instllations. One of my hobbies was building, distributed and supporting highly modified cp67 & vm370 for (small percentage of) internal installations.
Partially since the science center was on 4th flr of 545 tech and Multics was on the 5th flr ... i've commented that at one point the small percentage of internal installations that I was distributing to and supporting was as large as the total number of Multics systems in its whole lifetime.
some number of customer installations having large batch operation ... would sometimes attempt to adapt a portion of the computing power for interactive (psuedo timesharing) operation ... even tho the underlying hardware and software had never been intended for that purpose.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers,uk.rec.sheds Date: Wed, 19 Dec 2007 06:40:35 -0500Oleg Lego <rat@atatatat.com> writes:
the ferry shots were actually the old steilicom ferry that ran between mainland, mcneil island and anderson island. ferry was later converted to tourist boat that makes the rounds on lake washington ... out of kirkland. one of the "highlights" of the tour is compound of the founder of m'soft.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Ageing data centers limiting benefits of new technologies Newsgroups: alt.folklore.computers Date: Wed, 19 Dec 2007 07:06:15 -0500Ageing data centers limiting benefits of new technologies
an "aging" data center is one that is over four yrs old?
from above:
They were battling to cope with the power and cooling needs of newer
technologies such as blade servers and vitualization, but slow to
respond to these extra demands on their infrastructure.
... snip ...
besides missing an "r" in virtualization ... within the context of datacenters and blade servers, virtualization is more typically associated with server consolication onto a much smaller number and more compactly packaged (blade) servers (reducing overall power and cooling needs).
also from the article:
More than half those firms building or planning to build data centers
expected to consume between one and five megawatts, and almost a quarter
thought they would use double that.
... snip ...
maybe the server consolidation activity isn't so much increasing overall power consumption but compacting a large number of servers in geographically diverse locations into single location (and thereby drawing attention to the actual aggregate power demands).
Recent virtualization server consolidation references/posts
https://www.garlic.com/~lynn/2007s.html#0 Marines look for a few less servers, via virtualization
https://www.garlic.com/~lynn/2007s.html#35 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007s.html#40 ongoing rush to the new, 40+ yr old virtual machine technology
https://www.garlic.com/~lynn/2007s.html#53 ongoing rush to the new, 40+ yr old virtual machine technology
https://www.garlic.com/~lynn/2007t.html#55 new 40+ yr old, disruptive technology
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Faster Chips Are Leaving Programmers in Their Dust Newsgroups: alt.folklore.computers Date: Wed, 19 Dec 2007 08:34:19 -0500Quadibloc <jsavard@ecn.ab.ca> writes:
there are some additional complexities.
lots of the circuit size shrinkage has resulted in increasing transistors per chip. more transistors per chip can mean enormous increase in chip design complexity, as well as signal latency going through a large number of circuits.
Higher processor rates also exacerbates the relative latency to other parts of system (i.e. as measured in increased processor cycles for some signal ... like to memory).
The latency issue pushes towards some sort of asynchronous/parallel operation. While multiple core represents increased programming complexity ... lots of the other possible asynchronous/parallel paradigms can represent even greater overall complexity.
One of my oft-repeated old-time example is that disk relative system thruput declined by an order of magnitude over a 10-15 yr period starting with the mid-60s ... i.e. disks got maybe five times faster but processors got fifty times faster. The onward march of faster&faster processor speeds resulted in enormous increases in various component relative system latencies (as measured in number of processor cycles) ... first seen with disks ... and then with main storage ... and then even between different circuits on the same chip. All of these required paradigm shifts along with increasing levels of asynchronous behavior and/or other kinds of parallel/overlapped operation.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 19 Dec 2007 09:21:17 -0500Lon Stowell <lon.stowell@comcast.net> writes:
old email referencing many of the modifications
https://www.garlic.com/~lynn/2006w.html#email750102
recent post in another thread about my hobby of producing and
supporting highly modified, custom operating systems
https://www.garlic.com/~lynn/2007v.html#11 IBM mainframe history, was Floating-point myths
it was around 83 when the at&t national marketing rep tracked
me down ... asking about helping trying to move the customer
off that old vm version ... misc. old post references:
https://www.garlic.com/~lynn/95.html#14 characters
https://www.garlic.com/~lynn/96.html#35 Mainframes & Unix (and TPF)
https://www.garlic.com/~lynn/97.html#15 OSes commerical, history
https://www.garlic.com/~lynn/2000.html#5 IBM XT/370 and AT/370 (was Re: Computer of the century)
https://www.garlic.com/~lynn/2000f.html#60 360 Architecture, Multics, ... was (Re: X86 ultimate CISC? No.)
https://www.garlic.com/~lynn/2001f.html#3 Oldest program you've written, and still in use?
https://www.garlic.com/~lynn/2002.html#4 Buffer overflow
https://www.garlic.com/~lynn/2002.html#11 The demise of compaq
https://www.garlic.com/~lynn/2002c.html#11 OS Workloads : Interactive etc
https://www.garlic.com/~lynn/2002i.html#32 IBM was: CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2002k.html#66 OT (sort-of) - Does it take math skills to do data processing ?
https://www.garlic.com/~lynn/2002p.html#23 Cost of computing in 1958?
https://www.garlic.com/~lynn/2003.html#17 vax6k.openecs.org rebirth
https://www.garlic.com/~lynn/2003d.html#46 unix
https://www.garlic.com/~lynn/2003k.html#4 1950s AT&T/IBM lack of collaboration?
https://www.garlic.com/~lynn/2004e.html#32 The attack of the killer mainframes
https://www.garlic.com/~lynn/2004m.html#58 Shipwrecks
https://www.garlic.com/~lynn/2005p.html#31 z/VM performance
https://www.garlic.com/~lynn/2006b.html#21 IBM 3090/VM Humor
https://www.garlic.com/~lynn/2007g.html#54 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007g.html#56 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007u.html#6 Open z/Architecture or Not
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Wed, 19 Dec 2007 09:52:27 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
a little more topic drift ... from another thread
https://www.garlic.com/~lynn/2007v.html#10 About 1 in 5 IBM employees now in India - so what?
About 1 in 5 IBM Employees Now in India
http://www.redorbit.com/news/technology/1183162/about_1_in_5_ibm_employees_now_in_india/index.html
About 1 in 5 IBM employees now in India
http://news.yahoo.com/s/ap/ibm_employees
About 1 in 5 IBM Employees Now in India
http://www.physorg.com/news116875153.html
About 1 in 5 IBM employees now in India
http://sify.com/finance/fullstory.php?id=14576360
India home to 1 in 5 IBM employees
http://www.australianit.news.com.au/story/0,24897,22935653-5013040,00.html
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Amazon's "Simple" Database Newsgroups: comp.databases.theory,alt.folklore.computers Date: Wed, 19 Dec 2007 10:55:31 -0500Sampo Syreeni <decoy@iki.fi> writes:
GML was invented at the science center in '69
https://www.garlic.com/~lynn/subtopic.html#545tech
(G, M, and L, are the inventors initials, and motivated requirement
for acronym with those letters) ... at the time, somewhat targeted at
need for use in legal documents.
http://xml.coverpages.org/sgmlhist0.html
science center was also responsible for virtual machine implementation and a lot of timesharing and interactive related applications.
the original documentation formater developed at the science center was
called script, used "dot" formating commands ... somewhat similar
to earlier implementation done for ctss
https://en.wikipedia.org/wiki/RUNOFF
and
http://mit.edu/Saltzer/www/publications/CC-244.html
aka some of the ctss people went to the science center on 4th flr of 545 tech sq and some went to multics on 5th flr.
the initial "gml" implementation was done by adding gml tag support to script document formater.
cern was also a large virtual machine installation ... using
various applications ... including a script clone written by univ. of
waterloo. this talks about evolution from sgml into html:
http://infomesh.net/html/history/early/
the first webserver outside of europe was on the virtual
machine system at slac (slac and cern shared a lot of software)
https://ahro.slac.stanford.edu/wwwslac-exhibit
the science center's virtual machine technology was also
used at sjr for the original relational/sql implementation
https://www.garlic.com/~lynn/submain.html#systemr
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Traffic Jam Mystery Solved By Mathematicians Newsgroups: alt.folklore.computers Date: Wed, 19 Dec 2007 11:37:13 -0500and now for something a little bit different
Traffic Jam Mystery Solved By Mathematicians
http://www.sciencedaily.com/releases/2007/12/071219103102.htm
from above:
The team developed a mathematical model to show the impact of unexpected
events such as a lorry (tractor trailer) pulling out of its lane on a
dual carriageway (divided highway with median between traffic going in
opposite directions). Their model revealed that slowing down below a
critical speed when reacting to such an event, a driver would force the
car behind to slow down further and the next car back to reduce its
speed further still.
... snip ...
this is what i've referred to in the past as the accordian
effect from brake taping and/or rapid lane changes:
https://www.garlic.com/~lynn/2004c.html#17 If there had been no MS-DOS
https://www.garlic.com/~lynn/2005p.html#4 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005p.html#7 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2006p.html#5 sorting
https://www.garlic.com/~lynn/2006p.html#12 sorting
https://www.garlic.com/~lynn/2007e.html#34 Is computer history taught now?
as i've commented before ... at certain traffic loading ... even one percent or fewer drivers responsible for such activity (poor/irresponsible driving behavior) ... can dramatic change effective traffic thruput.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Wed, 19 Dec 2007 12:42:47 -0500jmfbahciv writes:
one might also claim that contributed to the large billions spent in the 90s attempting to implement straight-through processing ... as a solution to the overnight batch window bottleneck ... using distributed object oriented technology in an attempt to power large number of processors in parallel. frequently the toy demos were also accompanied with object oriented gui interfaces.
then the world would fall apart when attempting industrial scale-up ... and finding that the additional added overhead was on the order of 100 times (or more ... greater than two orders of magnitude); totally wiping out any anticipated increased throughput of using large numbers of processors in parallel.
misc. past posts mentioning billions of dollars in write-offs attempting
to use (object oriented) distributed computing for straight-through
processing as a means of eliminating much of the overnight batch
window bottlenecks.
https://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
https://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#20 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
https://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#37 folklore indeed
https://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#61 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Wed, 19 Dec 2007 15:07:50 -0500House and Senate Slash Science Budget Increases
from above:
This comes in spite of the earlier announced presidential initiative to
increase funding for basic research to improve the future economic
competitiveness of the United States.
... snip ...
the above references:
A Budget Too Small
http://sciencenow.sciencemag.org/cgi/content/full/2007/1218/1
from above:
"In exchange for an arbitrary cap on domestic spending and thousands of
earmarks, the Administration and Congress have sacrificed investments in
research and education that would help assure our nation's long-term
national and economic security,"
... snip ...
there was a comment on the radio yesterday that this year's congressional session has had the lowest attendance of any congress in history ... which may be related to a reference a couple months ago that while the president's public approval rate was low ... the congressional public approval rate was 1/3rd that of the president's.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: It keeps getting uglier Newsgroups: bit.listserv.ibm-main Date: Wed, 19 Dec 2007 19:36:10 -0500phil@ISHAM-RESEARCH.FREESERVE.CO.UK (Phil Payne) writes:
for other topic drift ... recent post mentioning cms script, gml,
sgml, html, system/r, rdbms ... etc
https://www.garlic.com/~lynn/2007v.html#17 Amazon's "Simple" Database
misc. past postings mentioning architecture redbook
https://www.garlic.com/~lynn/2003f.html#52 ECPS:VM DISPx instructions
https://www.garlic.com/~lynn/2004b.html#57 PLO instruction
https://www.garlic.com/~lynn/2004c.html#6 If the x86 ISA could be redone
https://www.garlic.com/~lynn/2004k.html#45 August 23, 1957
https://www.garlic.com/~lynn/2005b.html#25 360POO
https://www.garlic.com/~lynn/2005i.html#40 Friday question: How far back is PLO instruction supported?
https://www.garlic.com/~lynn/2005j.html#39 A second look at memory access alignment
https://www.garlic.com/~lynn/2005j.html#43 A second look at memory access alignment
https://www.garlic.com/~lynn/2005k.html#1 More on garbage
https://www.garlic.com/~lynn/2005n.html#48 Good System Architecture Sites?
https://www.garlic.com/~lynn/2005p.html#45 HASP/ASP JES/JES2/JES3
https://www.garlic.com/~lynn/2006s.html#53 Is the teaching of non-reentrant HLASM coding practices ever defensible?
https://www.garlic.com/~lynn/2007f.html#7 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007i.html#31 Latest Principles of Operation
https://www.garlic.com/~lynn/2007r.html#56 CSA 'above the bar'
https://www.garlic.com/~lynn/2007u.html#30 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Faster Chips Are Leaving Programmers in Their Dust Newsgroups: alt.folklore.computers Date: Wed, 19 Dec 2007 19:49:49 -0500Computing in a Parallel Universe; Multicore chips could bring about the biggest change in computing since the microprocessor
from above:
The next computer you bring home, a few years from now, could have
hundreds or even thousands of processors. If all goes according to plan,
you may notice nothing different about the new machines apart from
another boost in performance. Inside, though, coordinating all those
separate computational cores is going to require profound changes in the
way programs are designed.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 20 Dec 2007 08:56:38 -0500kkt <kkt@zipcon.net> writes:
wiki cics entry
https://en.wikipedia.org/wiki/CICS
cics history page
https://web.archive.org/web/20080123061613/http://www.yelavich.com/history/toc.htm
cics as program product
https://web.archive.org/web/20060325095234/http://www.yelavich.com/history/ev196901.htm
above also mentions 23jun69 unbundling announcement
https://www.garlic.com/~lynn/submain.html#unbundle
2321 picture
http://www.columbia.edu/cu/computinghistory/datacell.html
misc. past posts mentioning cics (&/or bdam)
https://www.garlic.com/~lynn/submain.html#cics
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: segmentation or lack thereof Newsgroups: comp.arch,alt.os.development,comp.sys.unisys Date: Thu, 20 Dec 2007 12:59:35 -0500Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
As you point out that it was common coding practice on 360 to using overlapping move to clear space. However, studying the 360/67 functional specs. document indicated that it would be faster to fill a whole page with zeros with storing registers ... aka save all registers ... initialize ten or so registers to zero, setup the other registers for BXLE loop and do STM of ten registers of zero at a time.
Old 360 functional characteristic manuals ... giving detailed
instruction timing forumulas
http://www.bitsavers.org/pdf/ibm/360/functional_characteristics/
some of the coding performance trade-offs could be different in
different models. 360/67 functional characteristic manuals (including
detailed description of virtual memory and segment hardware)
http://www.bitsavers.org/pdf/ibm/360/functional_characteristics/A27-2719-0_360-67_funcChar.pdf
http://www.bitsavers.org/pdf/ibm/360/functional_characteristics/GA27-2719-2_360-67_funcChar.pdf
I have some vague recollection that at some stage, some processor implementations looked at overlapping moves for special case processing involving doubleword operation at a time (even tho it was nominally a byte at a time instruction).
For 370, "long instructions" were introduced that had field length in register (instead of encoded in the instruction) ... and could be used for several mbytes. the MVCL instruction also allowed for different source and destination lengths and specifying a "PAD" byte when the source was shorter than destination (source length zero byte and target length was 4k). However, it took some machine generations before there was optimized MVCL microcode for this case that beat the STM loop.
current MVCL long instruction description (given operation in 24-bit,
31-bit, and 64-bit addressing modes):
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/7.5.90?SHELF=DZ9ZBK03&DT=20040504121320
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Newsweek article--baby boomers and computers Newsgroups: alt.folklore.computers Date: Thu, 20 Dec 2007 13:57:49 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
there were some bonds that were supposedly insured and therefor had a higher ranking ... however current round:
Bond insurer defaults threaten big banks
http://money.cnn.com/2007/12/20/news/companies/benner_ACA.fortune/?postversion=2007122011
from above:
These CDOs were not included in previous write downs because, though
sullied by bad mortgage debt, they were supposedly insured or hedged by
entities like ACA. Now that ACA can't backstop the losses, the credit
ratings on those bonds will fall, and result in losses.
... snip ...
computer (modeling) and related to the earlier "new" (computer) risk analysis perspective that prompted citibank to get out of mortgages
How Conventional CDO Analytics Missed the Mark
http://www.bobsguide.com/guide/news/2007/Dec/20/Kamakura_Releases_Study:_How_Conventional_CDO_Analytics_Missed_the_Mark.html
from above:
"Two years ago the Wall Street Journal in a page 1 story pointed out the
dangers in relying on the copula approach for CDO valuation, but
investors were slow to realize the magnitude of their model risk"
... snip ...
U.S. Mortgage Crisis Rivals S&L Meltdown
http://online.wsj.com/article/SB119724657737318810.html?mod=googlenews_wsj
from above:
Indeed, coming up with a value for a CDO entails analyzing more than 100
separate securities, each of which contains several thousand individual
loans -- a feat that, if done on any scale, can require millions of
dollars in computing power alone.
... snip ...
Legal battle over complex CDOs
http://www.theaustralian.news.com.au/story/0,25197,22939223-36375,00.html
from above
JP Morgan projects that by the second quarter, $US40 billion to $US50
billion in sub-prime mortgage bonds could be sold by distressed CDOs
that decide to liquidate.
... snip ...
A Capital Idea
http://www.fool.com/investing/dividends-income/2007/12/17/a-capital-idea.aspx
from above:
The 8% of American's portfolio invested in commercial mortgage-backed
securities (CMBS), collateralized debt obligations (CDOs), and other
structured finance investments also deserves extra scrutiny. These
assets are the same types making headlines every day; no buyers can be
found for them, and their market values are dropping precipitously.
... snip ...
Subprime mortgage crisis far from over, "survivors' conference" hears
http://www.iht.com/articles/2007/11/20/bloomberg/bxprime.php
from above:
The so-called Super SIV, a fund set up by banks at the urging of the
U.S. Treasury to buy the highest-rated securities, will seek to prevent
a meltdown of the 30 investment vehicles globally holding $320 billion
as of Oct. 5.
...
Wall Street profits are also plunging in the fourth quarter. Citigroup,
the second-largest CDO issuer in the first half of 2007, may post a loss
in the final period, according to the average estimate of 23 analysts
compiled by Bloomberg News. That is after the bank reported a write-down
of as much as $11 billion, which cost Citigroup's chief executive,
Charles Prince 3rd, his job.
... snip ...
Citigroup Downgraded to 'Sell' at Goldman Sachs
http://www.bloomberg.com/apps/news?pid=20601213&sid=aQ3tdmOhB_kk
from above:
... the biggest U.S. bank, was lowered to "sell" by a Goldman Sachs
Group Inc. analyst who said the lender's writedowns of collateralized
debt obligations may total $15 billion over the next two quarters.
... snip ...
other recent posts mentioning old Risk Management post
https://www.garlic.com/~lynn/2007b.html#30 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#33 security engineering versus information security
https://www.garlic.com/~lynn/2007c.html#11 Decoding the encryption puzzle
https://www.garlic.com/~lynn/2007e.html#24 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#64 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#66 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007i.html#12 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#0 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#46 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#75 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#51 IBM Unionization
https://www.garlic.com/~lynn/2007n.html#53 Windows Monitor or CUSP? [was ReJohn W. Backus, 82, Fortran developer, dies]
https://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
https://www.garlic.com/~lynn/2007p.html#50 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying
https://www.garlic.com/~lynn/2007r.html#60 Fixing our fraying Internet infrastructure
https://www.garlic.com/~lynn/2007s.html#1 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#25 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#28 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007t.html#12 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007t.html#15 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#27 'Man in the browser' is new threat to online banking
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: 2007 Year in Review on Mainframes - Interesting Newsgroups: bit.listserv.ibm-main Date: Thu, 20 Dec 2007 15:51:14 -0500Mike.Conmackie@COMPUWARE.COM (Conmackie, Mike) writes:
This can drastically tip with baby boomers moving from paying to
collecting. The first baby boomer collects social security
http://abcnews.go.com/WN/LifeStages/story?id=3732745&page=1
there is also some gimmick on how much is paid, it is currently 15.3% ... but for standard salary workers ... the company has to pay half of it over and above the salary ... and then there is the other half deducted from the salary. This is readily seen in tax returns for self-employed workers where they have to pay the full 15.3%. for most purposes, eliminate the facade and have it restructured so the employers paid the full 15.3% before paying salary (theoretically reducing salaries paid correspondingly) ... with it never showing up for individual employees at all.
in past 10-15 yrs there have been some number of companies going under
(and/or declared bankruptcy) because their "pay as you go" retirement
systems sometimes reached their largest single expense
http://www.skeptically.org/curpol/id7.html
... and federal gov. having to assume the payment
https://en.wikipedia.org/wiki/Pension_Benefit_Guaranty_Corporation
some number of posts related to "unfunded" liabilities growing to
largest part of the budget and swamping the federal gov ... even if
everything else in the budget is eliminated.
https://www.garlic.com/~lynn/2007j.html#91 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#93 IBM Unionization
https://www.garlic.com/~lynn/2007s.html#1 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007t.html#13 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007t.html#18 Newsweek article--baby boomers and computers
(federal) comptroller general (appointed in the mid-90s for 15yr term)
has been making references that congress for at least the past 50 yrs
has been incapable of simple middleschool arithmetic; recent reference:
https://www.garlic.com/~lynn/2007q.html#7 what does xp do when system is copying
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Fri, 21 Dec 2007 08:45:48 -0500Lon Stowell <lon.stowell@comcast.net> writes:
when i was an undergraduate in the 60s, i got on the wrong side of the
communication division with building a clone communication controller
https://www.garlic.com/~lynn/submain.html#360pcm
later in the mid-80s, i crossed them again several times ... with
hsdt project and "high-speed"
https://www.garlic.com/~lynn/subnetwork.html#hsdt
... recent mention about their idea of "high-speed" and our
idea
https://www.garlic.com/~lynn/2007p.html#64 Damn
https://www.garlic.com/~lynn/2007q.html#45 Are there tasks that don't play by WLM's rules
however, in that same time-frame we attempted to deploy a replacement
for communication division flagship 37x5 communication controller with
some advanced software running in series/1 ... moving to a 801/risc
system ... reference to that activity
https://www.garlic.com/~lynn/99.html#63 System/1 ?
https://www.garlic.com/~lynn/99.html#66 System/1 ?
https://www.garlic.com/~lynn/99.html#69 System/1 ?
https://www.garlic.com/~lynn/99.html#70 Series/1 as NCP (was: Re: System/1 ?)
this post has reference to standard customer terminal
activity profile from the period
https://www.garlic.com/~lynn/99.html#67 System/1 ?
I then ran the standard customer terminal activity profile thru a
"HONE" configurator to obtain 37x5 controller configuration info
https://www.garlic.com/~lynn/subtopic.html#hone
The infrastructure avg. 2700 terminal "messages" a second ... had avg message size of 500 bytes (although highly bi-model; input message size much shorter than output message size) ... aka 500x2700 = 1,350,000 chars/sec. the flag ship operating system interrupt handler can run 5k instructions ... so nearly 7billion instructions/sec ... versus 13.5mips Also, frequently have to configure for peak ... with peak being possibly 2-4 times avg ... say around 30,000mips just for (full-duplex, char) interrupt processing.
this is on par with recent mention of some of the scaling problems
encountered in the 90s attempting to address the overnight batch
window bottleneck with distributed object oriented implementation:
https://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
https://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
https://www.garlic.com/~lynn/2007t.html#3 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007t.html#5 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#37 folklore indeed
https://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#61 folklore indeed
https://www.garlic.com/~lynn/2007v.html#19 Education ranking
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Fri, 21 Dec 2007 08:59:56 -0500jmfbahciv writes:
there may have been some more recent corruption using the term "process" to refer to programs, applications, and/or tasks ... resulting in multiprocessing referring to multiple processes rather than multiple processors. this may have been much more associated with an environment that has no familiarity with multiple processors and therefor didn't need to differentiate.
misc. past posts mentioning smp (symmetric multiprocessing and/or shared
memory multiprocessing) and/or compare&swap instruction
https://www.garlic.com/~lynn/subtopic.html#smp
back to the 60s we had differentiation between tightly-coupled
multiprocessing and loosely-coupled multiprocessing. tightly-coupled
multiprocessing was SMP ... and loosely-coupled multiprocessing ... is
cluster type stuff. past posts mentioning my wife being con'ed into
going to POK (center of high-end mainframes) to be responsible for
loosely-coupled multiprocessing architecture
https://www.garlic.com/~lynn/submain.html#shareddata
which we later followed up with a High Availability Cluster Multi-Processing product
https://www.garlic.com/~lynn/subtopic.html#hacmp
and work on cluster scale-up
https://www.garlic.com/~lynn/lhwemail.html#medusa
also referenced in these posts
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Fri, 21 Dec 2007 13:43:00 -0500stanb45@dial.pipex.com (Stan Barr) writes:
how 'bout airlines going to "sections" clearly printed on the boarding pass (in large block characters) since quite a few people couldn't figure out what range their seat number was in when the announcement was boarding for all seats greater than some value.
recent posts mentioning functionally illiterate
https://www.garlic.com/~lynn/2007g.html#7 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007i.html#24 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#79 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#31 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#51 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#80 IBM Unionization
https://www.garlic.com/~lynn/2007j.html#85 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#10 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#30 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#34 IBM Unionization
https://www.garlic.com/~lynn/2007k.html#42 IBM Unionization
https://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007o.html#21 U.S. Cedes Top Spot in Global IT Competitiveness
https://www.garlic.com/~lynn/2007o.html#22 U.S. Cedes Top Spot in Global IT Competitiveness
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Apple files patent for WGA-style anti-piracy tech Newsgroups: alt.folklore.computers Date: Fri, 21 Dec 2007 17:17:17 -0500Apple files patent for WGA-style anti-piracy tech
from above:
Patent application 20070288886, titled "Run-Time Code Injection To
Perform Checks" and dated Dec. 13, spells out a "digital rights
management system" that would "restrict execution of that application to
specific hardware platforms."
... snip ...
old email referencing apparent anti-piracy in LISA
https://www.garlic.com/~lynn/2007b.html#email830213
with machine serial number ... in this post
https://www.garlic.com/~lynn/2007b.html#56 old lisa info
current genre is trusted computing module ... couple past posts:
https://www.garlic.com/~lynn/2007c.html#44 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007m.html#20 Patents, Copyrights, Profits, Flex and Hercules
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Faster Chips Are Leaving Programmers in Their Dust Newsgroups: alt.folklore.computers Date: Fri, 21 Dec 2007 17:29:52 -0500Quadibloc <jsavard@ecn.ab.ca> writes:
take all the chips (in addition to the processor proper) for computer
Single-Chip x86 Chipsets Around the Corner?
http://hardware.slashdot.org/hardware/07/12/21/2111234.shtml
from above:
Kontron, a giant among industrial single-board computer vendors,
yesterday revealed a credit-card sized board apparently based on a
single-chip x86 chipset that clocks to 1.5GHz and supports a gig of RAM.
... snip ...
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: MTS memories Newsgroups: comp.arch,alt.folklore.computers Date: Fri, 21 Dec 2007 18:42:01 -0500"Dave Wade" <g8mqw@yahoo.com> writes:
newcastle pictures of 360/67:
https://web.archive.org/web/20030813224124/www.cs.ncl.ac.uk/events/anniversaries/40th/images/ibm360_672/index.html
and 370/168 pictures:
https://web.archive.org/web/20031004111307/www.cs.ncl.ac.uk/events/anniversaries/40th/images/ibm370_1682/index.html
followed by Amdahl 5860 (mislabled as "c. 1957?")
https://web.archive.org/web/20030823044852/www.cs.ncl.ac.uk/events/anniversaries/40th/images/Amdahl2/index.html
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Hitachi, Silver Lake in talks about hard drives, sources say Newsgroups: alt.folklore.computers Date: Sat, 22 Dec 2007 06:49:11 -0500san jose plant site:
Hitachi, Silver Lake in talks about hard drives, sources say
http://www.news.com/Hitachi%2C-Silver-Lake-in-talks-about-hard-drives%2C-sources-say/2100-1015_3-6223853.html?tag=nefd.top
from above:
Hitachi has not posted a profit in its hard-drive business since buying
it from IBM for $2 billion in 2002, as disk drive prices have crumbled.
... snip ...
references older article about the purchase
Hitachi sharpens hard drive efforts
http://www.news.com/Hitachi-sharpens-hard-drive-efforts/2100-1040_3-979196.html?tag=st.nl
from above:
Hitachi Global Storage Technologies was formed at the end of 2002 and is
70 percent owned by Hitachi and 30 percent owned by IBM. The San Jose,
Calif.-based company is a subsidiary of Tokyo-based Hitachi, which will
pay for the remaining 30 percent over the next three years. IBM had lost
more than $500 million over the last two years in the hard drive
business, which is notoriously competitive and yields thin margins
... snip ...
old posts about getting to play disk engineer in bldgs. 14&15
https://www.garlic.com/~lynn/subtopic.html#disk
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: What do YOU call the # sign? Newsgroups: alt.usage.english,alt.folklore.computers Date: Sat, 22 Dec 2007 07:27:55 -0500"Rostyslaw J. Lewyckyj" <urjlew@bellsouth.net> writes:
aka
https://www.garlic.com/~lynn/2007v.html#9 What do YOU call the # sing?
long ago and far away we had a friend who was angling for an assignment
to HK, they had worked out that the difference between living on a boat
in HK and the cost of living allowance was larger than their salary.
....
i.e. difference as in the amount that the two values differed ... not as in explicit order of which value was subtracted.
later (in the states), bought a tugboat and converted to house boat (most everything is thick metal plates ... so remodeling frequently involves a lot of time with blow/cutting toarch).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Inside a Modern Malware Distribution System Newsgroups: alt.folklore.computers Date: Sat, 22 Dec 2007 07:39:22 -0500another application of the new 40+ yr old technlogy:
Inside a Modern Malware Distribution System
http://www.eweek.com/article2/0,1895,2239276,00.asp
from above:
Stewart was baffled by the need to track the hard drive serial number but
suggests this is being done to provide a unique ID for the infected
system and to figure out if a VM (virtual machine) is being used to
analyze the malware. This is significant, Stewart said, because
anti-virus providers use VM to pick apart malware files in controlled
environments.
... snip ...
reference from above:
Pushdo - Analysis of a Modern Malware Distribution System
http://www.secureworks.com/research/threats/pushdo/
from above:
The use of the physical hard drive serial number as a identifier is
interesting - it not only provides a unique ID for the infected system,
but can also reveal information such as whether the code is running in a
virtual machine or not. For instance, a VMware system might return a
serial number of "00000000000000000001" or simply "00", which is very
easily spotted in a list of serial numbers of major hard drive
vendors. This could be a way for the malware author to spy on anti-virus
companies using automated tools to monitor the malware download points.
... snip ...
somewhat related reference:
https://www.garlic.com/~lynn/2007v.html#6 Ironkey
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sat, 22 Dec 2007 09:40:51 -0500Lon Stowell <lon.stowell@comcast.net> writes:
note also that by the time inexpensive high speed transcontinental networks evolved ... things were moving from "dumb" terminals to terminal emulation on PCs ... some past posts on terminal emulation
some of the early commercial timesharing service bureau offerings
were cp67 and/or vm370 spin-offs
https://www.garlic.com/~lynn/submain.html#timeshare
one such commerical timesharing service bureau was Tymshare ... with its
vm370-based offering. Tymshare also had Tymnet ..
https://en.wikipedia.org/wiki/Tymnet
from above:
It soon became apparent that the SDS 940 could not keep up with the
rapid growth of the network. In 1972, Joseph Rinde joined the Tymnet
group and began porting the Supervisor code to the 32-bit Interdata
7/32, as the 8/32 was not yet ready. In 1973, the 8/32 became available,
but the performance was disappointing and a crash-effort was made to
develop a machine that could run Rinde's Supervisor.
... snip ...
for other topic drift ... i had run into some issues/problems with the
standard mainframe telecommunication controller ... which was somewhat
behind the univ deciding to build our own (clone) communication
controller
https://www.garlic.com/~lynn/submain.html#360pcm
which was initially done on Interdata/3 ... which evolved into a combination of Interdata/4 with one or more Interdata/3s (as dedicated line-scanners).
note that the wiki article seems to confuse some of the tymshare/tymnet
details and some of the dates ... a tymshare ref:
http://www.cap-lore.com/Tymshare/
from above:
We had installed several machines in Palo Alto when we opened an office
in Ingelwood, just north of Los Angeles, where we installed another
940. Customers had to place a phone call to our computer to use it and
the long distance charges were significant for some. We developed Tymnet
initially to extend our geographic reach.
... snip ...
with this reference:
The Origins of Tymnet
http://www.cap-lore.com/Tymnet/ETH.html
from above:
At that time the phone company (AT&T) was considered a natural
monopoly. They held that modems were the sole province of the
telco. Tymshare had already produced acoustic couplers that competed
with the telco's 103A data sets (data set = modem), but AT&T's lawyers
were busy fighting what they considered to be more serious encroachments
on their turf.
... snip ...
with this reference
http://www.cap-lore.com/books/Temin.html
The above Tymnet article also references Varian Data Machines.
For other topic drift, Varian was early cp67 installation used internally by engineers. Some of those engineers then moved onto other enterprises in the valley ... propagating virtual machine (by then vm370) use.
back to Tymshare ... Tymshare 2000 Reunion web site
http://www.greentreesystems.com/Tymshare/
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Apple files patent for WGA-style anti-piracy tech Newsgroups: alt.folklore.computers Date: Sat, 22 Dec 2007 11:46:43 -0500Quadibloc <jsavard@ecn.ab.ca> writes:
just get a machine with TPM (trusted platform module)
https://en.wikipedia.org/wiki/Trusted_Platform_Module
from trusted computing group
https://en.wikipedia.org/wiki/Trusted_Computing_Group
trusted computing group home page
http://news.ft.com/servlet/ContentServer?pagename=FT.com/StoryFT/FullStory
https://www.trustedcomputinggroup.org/home
https://www.trustedcomputinggroup.org/home
https://www.trustedcomputinggroup.org/home
i've mentioned before in the days leading up to PC announce ... did some looking at including some sort of cryptographic, tamper-evident module on the motherboard ... but the technology was significantly more expensive in those days.
there has also been investigation into integrating TPM-like function into standard processor chips.
i've also mentioned in the past giving aads chip strawman
talk
https://www.garlic.com/~lynn/x959.html#aads
in the trusted computing track at intel developer's forum ... and needling the trusted computing group (guy running it was in the front row) that over the previous couple yrs that TPM had started to look more like my strawman chip. The quip back from the audience was it was because I didn't have a committee of 200 helping design the chip.
more recent comments about TPM has been that it would be (just) deployed on server machines ... leveraging it to scaffold a secure computing environment.
however here is section for securing mobile devices:
https://www.trustedcomputinggroup.org/groups/mobile
somewhat similar to old aads chip strawman proposal to include chip (and/or build function into processor chip) for PDAs and cellphones.
The drive to use mobile devices for payment transactions would presumably also motivate additional security measures.
recent posts related to the pda/cellphone for secure transactions
https://www.garlic.com/~lynn/2007d.html#12 One Time Identification, a request for comments/testing
https://www.garlic.com/~lynn/2007u.html#11 Public Computers
https://www.garlic.com/~lynn/2007u.html#47 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Sat, 22 Dec 2007 18:45:54 -0500Justa Lurker <JustaLurker@att.net> writes:
see calling & savearea convention
https://www.garlic.com/~lynn/gcard.html#50
the example assumes that R15 is already set to entry point ... allowing moving it to standard base register R12 and setting up using.
BALR/branch and link register ... normal calling convention loads
entry address into R15 and does a
BALR R14,R15
branching to address in R15 .. while setting R14 to the (return) address
following the BALR instruction. Special case is specifying register zero
for branch-to address ... doesn't take the branch. current
description of branch and link instruction:
http://publibz.boulder.ibm.com/cgi-bin/bookmgr_OS390/BOOKS/DZ9ZR003/7.5.8?SHELF=DZ9ZBK03&DT=20040504121320
current hlasm manual
http://publibfp.boulder.ibm.com/cgi-bin/bookmgr/download/asmp1010.pdf
for USING (pg. 80) mentions that the assembler has an implicit
using of
USING 0,0
i.e. register zero is used for addresses within 4k of absolute location
zero. It also mentions that message ASMA302W is issued when R0 is
specified as a base register with a non-zero base address, and message
ASMA306W is issued when any register other than R0 is specified as base
register with an absolute base address whose range overlaps the
assembler's default (0,4095).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Sat, 22 Dec 2007 19:26:37 -0500krw <krw@att.bizzzzz> writes:
seems to be little difficult to find lots of (free) details on the web
(there are some more pointers to studies that cost) ... somewhat
random sample:
http://michiana.marketingpower.com/content25334.php
http://www.bpoindia.org/research/human-issues-in-call-centers.shtml
http://www.ilr.cornell.edu/globalcallcenter/research/india.html
http://www.venturekamloops.com/callcentre/general.htm
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sat, 22 Dec 2007 22:59:41 -0500Stephen Fuld <S.Fuld@PleaseRemove.att.net> writes:
of course ... even if that was corrected ... TSO would still have other significant response issues.
i had done a lot of things as an undergraduate for cp67 dynamic adaptive resource management ... including being able to handle lots of different kinds of mixed-mode operation ... guest virtual machines running batch, cms virtual machines doing various kinds of file & processor intensive operation ... as well as purely interactive ... overall processor operating at 100% utilization and still providing small subsecont trivial interactive response.
a lot of that was dropped in the simplification morph from cp67 to vm370
... but re-introduced when i shipped my "resource manager".
https://www.garlic.com/~lynn/subtopic.html#fairshare
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sat, 22 Dec 2007 23:45:30 -0500"Del Cecchi" <delcecchiofthenorth@gmail.com> writes:
i also did a lot of os360 and hasp work. one of the things I did in hasp
was writing support for interactive terminals and CRJE type environment
... also implementing an interactive editor with CMS edit syntax
(however cms editor was not re-entrant ... so i effectively had to rewrite
from scratch because hasp implementation required re-entrant coding
conventions). all sorts of posts mentioning hasp and/or later
jes2, including jes2 networking
https://www.garlic.com/~lynn/submain.html#hasp
for something a little bit different ... here is description of
somebody converting rochester from mvs/tso environment to vm/cms
environment (i.e. software development tools, 1978-1981):
http://www.hps.com/~tpg/resume/index.php?file=IBM
the above also mentions working on IBM backbone (1983-1987) which
overlaps some of the time of our HSDT project and doing high-speed
backbone
https://www.garlic.com/~lynn/subnetwork.html#hsdt
and we shared some code and strategies ... although they were working with 56kbit links (and came up with a gimmick to make mainframes drive full-duplex operation) and we were doing 1.5mbit (and higher speed) full-duplex ... both terrestrial links and also dealing with (synchronous orbit) satellite links.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Newbie question about db normalization theory: redundant keys OK? Newsgroups: comp.databases.theory Date: Sat, 22 Dec 2007 23:31:29 -0500paul c <toledobythesea@ooyah.ac> writes:
when he left for tandem ... he tried to pawn off some of
the stuff on me ... a couple old email references
https://www.garlic.com/~lynn/2007.html#email801006
https://www.garlic.com/~lynn/2007.html#email801016
in this post
https://www.garlic.com/~lynn/2007.html#1 "The Elements of Programming Style"
and
https://www.garlic.com/~lynn/2007d.html#email800920
in this post:
https://www.garlic.com/~lynn/2007d.html#17 Jim Gray Is Missing
later when we were doing ha/cmp
https://www.garlic.com/~lynn/subtopic.html#hacmp
and i was working on distributed lock manager and cluster scale-up ... we were working with some of the independent RDBMS vendors that also had implementations running on vax/cluster. they wanted a lock manager api that looked and felt similar to what they had been using in vax/cluster, but they also had a list of several things that they felt could be done a lot better. starting from a (almost) completely clean slate ... i had a lot less baggage to worry about.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: distributed lock manager Newsgroups: alt.folklore.computers Date: Sun, 23 Dec 2007 09:25:19 -0500x-post mentioning some archeological locking
paul c <toledobythesea@ooyah.ac> writes:
In those days, most Cics and some IMS programmmers knew the four
necessary conditions for deadlock and avoided at least one of them in
their apps. Nowadays that's considered high science. Jim Gray was a
smart guy and I hope he's still alive but the fact remains that it seems
that he and other concurrency experts chose to ignore the IP. I think
Bob B said something quite profound recently, something like "you can't
manage data without data". A corollary might be that only mystics can
manage without data. Normalization theory started with the IP and
caught a following, no coincidence if you ask me. The concurrency
theorists carried on with the IMS and other physical ways of thinking
and never seemed to get the idea that there might be a logical
concurrency model based on the IP (at least as far as I know).
i had worked with jim back in system/r days
https://www.garlic.com/~lynn/submain.html#systemr
when he left for tandem ... he tried to pawn off some of
the stuff on me ... a couple old email references
https://www.garlic.com/~lynn/2007.html#email801006
https://www.garlic.com/~lynn/2007.html#email801016
in this post
https://www.garlic.com/~lynn/2007.html#1 "The Elements of Programming Style"
and
https://www.garlic.com/~lynn/2007d.html#email800920
in this post:
https://www.garlic.com/~lynn/2007d.html#17 Jim Gray Is Missing
later when we were doing ha/cmp
https://www.garlic.com/~lynn/subtopic.html#hacmp
and i was working on distributed lock manager and cluster scale-up ... we were working with some of the independent RDBMS vendors that also had implementations running on vax/cluster. they wanted a lock manager api that looked and felt similar to what they had been using in vax/cluster, but they also had a list of several things that they felt could be done a lot better. starting from a (almost) completely clean slate ... i had a lot less baggage to worry about.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Sun, 23 Dec 2007 09:51:57 -0500Brian Inglis <Brian.Inglis@SystematicSW.Invalid> writes:
somewhat in support of x9.99 activity, we did a privacy specific
merged taxonomy & glossary
https://www.garlic.com/~lynn/index.html#glosnote
one of the other areas of concern was independent insurance agents ... since there could be some information leakage issues between lines of business like accident insurance and health/life insurance or health insurance and life insurance.
as i've mentioned before, we ran into some of this when we were called
in to help word smith cal state (and later federal) electronic signature
legislation.
https://www.garlic.com/~lynn/subpubkey.html#signature
some of the organizations particpating were also involved in various privacy legislation ... and had done some extensive public surveys and studies ... which found the two issues of highest concern:
• identity theft (mostly in terms of account fraud) • denial of service (by gov, institutions, and/or organizations)
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Sun, 23 Dec 2007 09:59:14 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
one of the problems that I had ran into was that the canadian gov. had put up a lot of privacy stuff on the web. however, it seemed that they had contracted it out to some web design/hosting organization which had put copyright notices on every page. at some meetings that the canadian gov. privacy "czar" attended, i asked about this (and getting permission to copy/include information), they hadn't realized the web pages were copyrighted.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sun, 23 Dec 2007 10:25:34 -0500Lon Stowell <lon.stowell@comcast.net> writes:
for formating by cms script command (originally runoff-like "dot"
commands and then transition to gml tags).
https://www.garlic.com/~lynn/submain.html#sgml
recent reference to being used for the "redbook" architecture and
principles of operation
https://www.garlic.com/~lynn/2007v.html#21 It keeps getting uglier
however, there wasn't a lot of early support for online accessing (modern day html) except in terms of formating the output to the terminal/screen rather than to the printer.
somewhat as an experiement, i had done a replacement for the failure
analysis/forenisic application (IPCS ... nearly all originally
implemented in assembler) ... implementation done in REXX.
https://www.garlic.com/~lynn/submain.html#dumprx
for the dumprx package, I obtained softcopy of the appropriate "messages and codes" files and created a specially formated online version ... which dumprx could search and display pertinent sections (associated with specific failure/problem).
an application developed mostly for "menu" applications was ios3270
... but also could be used for selective information display ...
an example was gcard ios3270 ... which i've done a rough
converstion to html
https://www.garlic.com/~lynn/gcard.html
recent reference to gcard
https://www.garlic.com/~lynn/2007v.html#38 Education ranking
another place that ios3270 was seen was in the service processor for 3090. the 3090 service processor started out as a highly customized version of vm370 release 6 running on a 4331 with the menu screens implemented in ios3270. the 4331s were eventually upgrade to a pair of 4361s.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: MTS memories Newsgroups: comp.arch,alt.folklore.computers Date: Sun, 23 Dec 2007 11:35:45 -0500Quadibloc <jsavard@ecn.ab.ca> writes:
between use of real storage and i/o resources. some of the filesystem
organizations were (flat) single level index located on disk using
multi-track search to find the desired entry (conserving real storage
but really burning up disk i/o resources). recent post in thread
https://www.garlic.com/~lynn/2007v.html#1 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#3 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#4 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#40 IBM mainframe history, was Floating-point myths
isam implemented multi-level indexes (on disk) with complex channel programs that could traverse the index levels ... by reading information from specific index entries ... that became arguments to subsequent seek/search channel commands (in the channel program) ... aka "self-modifying" channel programs. this would create problems in virtual machine environments that had to copy/create a shadow copy of the applications channel program.
the "physical" record pointers characteristic of "60s" dbms ... were one
of the contention points with the system/r (original relational/sql)
group
https://www.garlic.com/~lynn/submain.html#systemr
part of the relational paradigm abstracted away the physical record
pointers ... significantly reducing manual administration and
maintenance (eventually being cached in growing real storage
capacities). a couple recent refs:
https://www.garlic.com/~lynn/2007p.html#20 64 gig memory
https://www.garlic.com/~lynn/2007p.html#58 what does xp do when system is copying
https://www.garlic.com/~lynn/2007u.html#86 IBM mainframe history, was Floating-point myths
for a little topic drift ... recent post about dbms (& cluster)
serialization & locking
https://www.garlic.com/~lynn/2007v.html#42 Newbie question about db normalization theory: redundant keys OK?
https://www.garlic.com/~lynn/2007v.html#43 distributed lock manager
in the above thread there was some reference to vax/cluster lock implementation which included a lock service outboard in the HSC.
mainframes were doing loosely-coupled ... terminalogy reference
https://www.garlic.com/~lynn/2007v.html#28 folklore indeed
but multi-system coordination/serialization was via a (whole) device "reserve/release" channel command ... which didn't scale well for fine-grain locking. an evolving (mainframe) multi-system loosely-coupled system from the 60s was ACP (airline control program) ... which required much finer grain operation. To support this, a special, custom feature was added to 2314 disk controller ... that supported logical/symbolic locks (providing memory in controller for system defined lock names). This feature was later moved to the next generation 3330 disk controller.
in the late 70s, the HONE system was looking at (cluster)
loosely-coupled scale-up and another way of implementing finer-grain
i/o locking/serialization.
https://www.garlic.com/~lynn/subtopic.html#hone
and came up with a channel program that simulated the semantics of the
processor (tightly coupled multiprocessor) compare&swap instruction
https://www.garlic.com/~lynn/subtopic.html#smp
which used a (CKD) search argument of the record data image presumed out on disk ... if the search matched, the channel program would rewrite the record with an update value ... if the search failed, it would read the current record image. I believe that the JES2/MAS group also looked at what HONE had done.
some past posts mentioning issues with ISAM channel program translation
https://www.garlic.com/~lynn/2007e.html#19 Cycles per ASM instruction
https://www.garlic.com/~lynn/2007f.html#4 ISAM and/or self-modifying channel programs
https://www.garlic.com/~lynn/2007f.html#34 Historical curiosity question
https://www.garlic.com/~lynn/2007h.html#3 21st Century ISA goals?
https://www.garlic.com/~lynn/2007h.html#7 The Mainframe in 10 Year
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sun, 23 Dec 2007 14:31:50 -0500Quadibloc <jsavard@ecn.ab.ca> writes:
i claimed that the full workspace swap impacted the design of the storage allocation/management in apl. basically on every assignment, a new location was allocated. when the end of the workspace was reached (and all available storge in the workspace was exhaused), apl would garbage collect ... compacting allocated space to contiguous area and reclaiming unallocated space.
cambridge science center
https://www.garlic.com/~lynn/subtopic.html#545tech
ported apl\360 to (cp67, single user) cms\apl running in virtual memory, paged environment. all the terminal management, dispatching/scheduling, swapping, etc was eliminated from the apl code (instead relying on the underlying cp67 code). the problem was that cms\apl now allowed workspaces as large as the virtual address space (which opened up a whole new class of apl applications rather than the typical toy things that could be implemented in the restricted 16k-32k byte workspaces).
The APL storage allocation & garbage collection strategy would then result in severe (virtual memory) paging characteristics ... since it quickly attempts to use/access the whole virtual memory address space. this implementation had to be changed for cp67/cms implementation to prevent cms\apl from continuously/frequently stomping on every available virtual page as frequently as possible.
as an aside, apl is an interpreted language and the apl\360 implementation could easily store all internal workspace addresses as "displacement" from the workspace origin (dynamically calculating the real address on the fly as needed).
misc. past posts mentioning cms\apl, apl\cms and HONE (an internal,
online virtual machine based interactive timesharing service supporting
sales and marketing world wide ... majority of the applications
implemented in apl)
https://www.garlic.com/~lynn/subtopic.html#hone
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Sun, 23 Dec 2007 19:23:13 -0500Brian Inglis <Brian.Inglis@SystematicSW.Invalid> writes:
when the vm370 development group picked up the shared segment
extensions that i had done ... old email
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
... and released a small, restricted subset as something called DCSS in release 3 ...they propagated the problem mentioned here
Global Offset Tables
http://bottomupcs.sourceforge.net/csbu/x3633.htm
from above
Every time a new library were added to the system it would require
allocation. Someone could potentially be a hog and write a huge
library, not leaving enough space for other libraries! And chances are,
your program doesn't ever want to use that library anyway.
Thus, if you modify the code of a shared library with a relocation, that
code no longer becomes sharable. We've lost the advantage of our shared
library.
... snip ...
in the move from 360/67 virtual memory to 370 virtual memory eliminated 32bit option ... leaving only 24bit/16mbyte virtual address spaces.
The small restricted subset in DCSS, effectively created a situation where each defined shared "library" had to have a predefined, unique virtual address (range). Given the 16mbyte virtual address space limit, the total, possible applications (that could be defined as "shared") was significantly larger. As a result, it quickly ran into virtual address conflicts between different potential shared (segment/memory) applications
lots of past posts about effort to build shared segment/library applications
that were address/location independent
https://www.garlic.com/~lynn/submain.html#adcon
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: IBM mainframe history, was Floating-point myths Newsgroups: comp.arch,alt.folklore.computers Date: Mon, 24 Dec 2007 09:53:40 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
other part of the discussion ... previous page to the above:
http://bottomupcs.sourceforge.net/csbu/x3544.htm
from above:
Position Independence
In an executable file, the code and data segment is given a specified
base address in virtual memory. The executable code is not shared, and
each executable gets its own fresh address space. This means that the
compiler knows exactly where the data section will be, and can reference
it directly.
Libraries have no such guarantee. They can know that their data section
will be a specified offset from the base address; but exactly where that
base address is can only be known at runtime.
Consequently all libraries must be produced with code that can execute
no matter where it is put into memory, known as position independent
code (or PIC for short). Note that the data section is still a fixed
offset from the code section; but to actually find the address of data
the offset needs to be added to the load address.
... snip ...
and as previously mentioned, these posts mention building solutions for
position independent code in the early 70s
https://www.garlic.com/~lynn/submain.html#adcon
position independent code wiki reference
https://en.wikipedia.org/wiki/Position_independent_code
above also references for discussion of position independent code and
global offset table:
http://www.iecc.com/linker/linker08.html
other references:
Introduction to Position Independent Code
http://www.gentoo.org/proj/en/hardened/pic-guide.xml
Position Independent Code internals
http://www.gentoo.org/proj/en/hardened/pic-internals.xml
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Mon, 24 Dec 2007 11:13:18 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
and for some x-over with this thread on position/location
independent code:
https://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#49 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#50 IBM mainframe history, was Floating-point myths
within assembler code
BALR R12,0
USING *,R12
dynamically obtain current location code (in register) and instructed
the assembler to generate all (intra-module) instructions with relative
displacements to contents of R12.
Location dependency showed up with "relocatable address constants"
for moving between routines ... like
L R15,=A(SUBROUTINE)
BALR R14,R15
where "subroutine" is some external symbol in another routine. As part
of loading the code, the "loader" resolves "subroutine" to an absolute
address (defeating location independency).
So frequently the entry convention was something like
SUBROUTINE DS 0D STM R14,R12,12(R13) LR R12,R15 USING SUBROUTINE,R12above convention frequently could be used w/o having to do a BALR to establish current location (for module addressing).
So one of the things I did in early 70s for location independency was
L R15,=A(SUBROUTINE-MYENTRY) AR R15,R12 ... R12 contains MYENTRY BALR R14,R15the loaders were smart enough to perform address constant resolution involving a number of functions ... like subtraction or displacement between two addresses.
Both SUBROUTINE and MYENTRY would be "loaded" (resolved) into the same shared library code. As the loader was resolving relocation address constants ... it could resolve displacements (which could be either positive or negative ... and would be treated as 32bit signed integer ... even tho actual addressing was explicitly only 24bit). The value "=A(SUBROUTINE-MYENTRY)" then became a relative value and the actual (virtual address space specific) address was obtained by adding the address in register 12.
misc. other postings mentioning dealing with location independent code
in the early 70s and traditional 360/370 system address conventions.
https://www.garlic.com/~lynn/submain.html#adcon
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: vm folklore, new, 40+ yr old technology Date: Tue, 25 Dec 2007 07:52:25 -0500 Newsgroups: bit.listserv.vmesa-lsome recent posts in other venues on the new, 40+ yr old technology
i've only started work on the technology slightly less than 40yrs ago; last week in jan68, three people from the science center had come out and installed cp67 at the univ.
for other recent folklore thread ... this is series of posts of the precursor to DCSS work; that was converted from cp67 to vm370 ... but only a small subset was released (as part of DCSS) ... many of the features being eliminated (from DCSS product release), including location independent code (shared segments).
some related old email
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
recent discussion of location independent code
https://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#49 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#50 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#51 Education ranking
From: lynn@garlic.com Newsgroups: alt.folklore.computers Date: Tue, 25 Dec 2007 09:10:54 -0800 (PST) Subject: Re: folklore indeedOn Dec 25, 11:59 Christian Brunschen wrote:
the problem was that as PCs got more powerful ... you saw departmental servers emerging in local area networks ... w/o cumbersome difficulty of having and/or dealing with mainframe datacenter (as alternative to mainframe terminal emulation model). there was some acceleration of the move to outboard servers ... because of the numerous limitations and difficulties of the terminal emulation interface. It was the difficulty of the terminal emulation interface in the mainframe market that significantly contributed to the emergence of client/server outboard of the mainframes and central datacenter.
the communication division had lots of installed equipment supporting
the terminal emulation infrastructure and went to great lengths trying
to protect/preserve that (customer) install base. We've claimed that
"SAA" was part of that strategy ... and when we were out making
customer executive presentations on multi-tier networking architecture
... encountered a lot of opposition from the communication division
https://www.garlic.com/~lynn/subnetwork.html#3tier
However, an enormous problem came along later when attempting to adapt those local networking operations to the internet. The local departmental server (business) operations were relatively safe environment with little or no hostile activity ... and as such had little or no countermeasures to attacks. It was relatively straight-forward to move these functional network operations to the internet .... however, it totally ignored the wild-west anarchy and hostile environment represented by the internet.
simple example was the DataHub project that was being done out in the san jose disk division. a lot of implementation and design work went on ... and at some point ... some of the implementation was subcontracted to a group (with some number of people associated with university) in provo under a work-for-hire contract. later, when the corporation decided to terminate the project, the group in provo was allowed to retain their implementation. Not too long later, there was corporation formed in provo that marketed a pc networking offering.
misc. past posts mentioning DataHub project
https://www.garlic.com/~lynn/2007f.html#17 Is computer history taught now?
https://www.garlic.com/~lynn/2007j.html#49 How difficult would it be for a SYSPROG ?
https://www.garlic.com/~lynn/2007n.html#21 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007n.html#86 The Unexpected Fact about the First Computer Programmer
https://www.garlic.com/~lynn/2007p.html#35 Newsweek article--baby boomers and computers
i've mentioned that possibly part of our difficulty with the
communication division (and out pitching multi-tier networking to
customer executives while division was attempting to protect/preserve
the terminal emulation market) was that in the early days of SNA
... my wife had co-authored AWP39 ... "peer-to-peer networking
architecture", that the communication group seemed to feel was somewhat
in competition with what they were doing. misc. past posts mentioning
AWP39
https://www.garlic.com/~lynn/2007b.html#9 Mainframe vs. "Server" (Was Just another example of mainframe
https://www.garlic.com/~lynn/2007b.html#48 6400 impact printer
https://www.garlic.com/~lynn/2007d.html#55 Is computer history taugh now?
https://www.garlic.com/~lynn/2007h.html#35 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#39 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007l.html#62 Friday musings on the future of 3270 applications
https://www.garlic.com/~lynn/2007o.html#72 FICON tape drive?
https://www.garlic.com/~lynn/2007p.html#12 JES2 or JES3, Which one is older?
https://www.garlic.com/~lynn/2007p.html#23 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#46 Are there tasks that don't play by WLM's rules
https://www.garlic.com/~lynn/2007r.html#10 IBM System/3 & 3277-1
one of my favorite examples of unanticipated difficulty of moving
stuff to the internet was when we had been called in to consult with
small client/server startup that wanted to do payments on their
server.
https://www.garlic.com/~lynn/subnetwork.html#gateway
among other things they had this technology they called SSL: that they wanted to use. The "circuit-based" message formats had been translated to tcp/ip and some pilots had been deployed. One memorable situation was a merchant reporting a problem ... and after three hrs of investigation ... the trouble ticket was closed as NTF (no trouble found ... i.e. and/or couldn't identify). This was a situation where the nominal first level problem determination would take five minutes elapsed time in the circuit-based environment.
Somewhat as a result, we spent quite awhile developing a whole set of
compensating procedures and corresponding documentation for the
internet environment (this was at a time when business critical
dataprocessing and service level agreements were unheard of in the
internet environment). In this period ... we would periodically preach
that to take a well designed and tested application and move into a
"service" typically took 4-10 times the (original development/test)
effort ... misc. past references
https://www.garlic.com/~lynn/2007f.html#37 Is computer history taught now?
https://www.garlic.com/~lynn/2007g.html#51 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
https://www.garlic.com/~lynn/2007h.html#78 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007n.html#10 The top 10 dead (or dying) computer skills
https://www.garlic.com/~lynn/2007n.html#76 PSI MIPS
https://www.garlic.com/~lynn/2007n.html#77 PSI MIPS
https://www.garlic.com/~lynn/2007o.html#23 Outsourcing loosing steam?
https://www.garlic.com/~lynn/2007p.html#54 Industry Standard Time To Analyze A Line Of Code
Another example of the poor defenses and countermeasures to anarchy
and hostile internet are recent articles claiming possibly one in five
machines (connected to the internet) in the world today are
compromised ... recent posts mentioning compromises
https://www.garlic.com/~lynn/2007u.html#11 Public Computers
https://www.garlic.com/~lynn/2007u.html#15 Public Computers
https://www.garlic.com/~lynn/2007u.html#47 folklore indeed
https://www.garlic.com/~lynn/2007u.html#58 folklore indeed
https://www.garlic.com/~lynn/2007u.html#59 folklore indeed
https://www.garlic.com/~lynn/2007u.html#68 folklore indeed
https://www.garlic.com/~lynn/2007u.html#76 folklore indeed
https://www.garlic.com/~lynn/2007v.html#2 folklore indeed
https://www.garlic.com/~lynn/2007v.html#6 Ironkey
https://www.garlic.com/~lynn/2007v.html#8 Virtualization still hot, death of antivirus software imminent
https://www.garlic.com/~lynn/aadsm27.htm#66 2007: year in review
https://www.garlic.com/~lynn/aadsm28.htm#0 2007: year in review
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: An old fashioned Christmas Newsgroups: alt.folklore.computers Date: Tue, 25 Dec 2007 22:50:13 -0500John Varela <OLDlamps@verizon.net> writes:
msg1 = center("Best wishes for",msglen)
msg2 = center("a",msglen)
msg3 = center("Happy Holiday Season",msglen)
msg4 = center("and a",msglen)
msg5 = center("Happy, Healthy, and Prosperous",msglen)
.....
attempt to reproduce a little of the effect with <blink> (YMMV):
*
***
*****
*******
*********
***********
*************
***************
*****************
*******************
*********************
***********************
*************************
***************************
*****************************
|||
|||
|||
|||
Best wishes for
a
Happy Holiday Season
a
Happy, Healthy, and Prosperous
this wasn't the xmas exec (worm) from dec87, mentioned in this post
i've mentioned before there were some number of issues with PROFS. The PROFS group had taken source of an early, prerelease, limited function VMSG (email client) and wrapped PROFS menus around it ... as the PROFS email function.
When the original VMSG author raised some issues, including offering a much more comprehensive version of VMSG, the PROFS group denied everything (there was even various kinds of threats). It was then pointed out to the PROFS group, that every VMSG email sent (including all sent PROFS email) carried the VMSG author's initials in an email control header field.
misc. past posts mentioning PROFS & VMSG:
https://www.garlic.com/~lynn/2007b.html#14 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007b.html#31 IBMLink 2000 Finding ESO levels
https://www.garlic.com/~lynn/2007b.html#32 IBMLink 2000 Finding ESO levels
https://www.garlic.com/~lynn/2007d.html#17 Jim Gray Is Missing
https://www.garlic.com/~lynn/2007e.html#4 The Genealogy of the IBM PC
https://www.garlic.com/~lynn/2007f.html#13 Why is switch to DSL so traumatic?
https://www.garlic.com/~lynn/2007j.html#50 Using rexx to send an email
https://www.garlic.com/~lynn/2007p.html#29 Newsweek article--baby boomers and computers
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: An old fashioned Christmas Newsgroups: alt.folklore.computers Date: Wed, 26 Dec 2007 06:58:50 -0500Justa Lurker <JustaLurker@att.net> writes:
no, people in the PROFS group had claimed that they had written the VMSG code (even corporate awards based on the claim) and even tried to get the real VMSG author fired (aka the threat reference in the post) ... so that their claim wouldn't be disputed. The real VMSG author's initials in every PROFS email was supporting evidence as to the "real" author and helped blunt the efforts attempting to fire the author (not getting fired was a big deal to the author).
misc past posts mentioning PROFS and VMSG
https://www.garlic.com/~lynn/2000c.html#46 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2001k.html#35 Newbie TOPS-10 7.03 question
https://www.garlic.com/~lynn/2001k.html#39 Newbie TOPS-10 7.03 question
https://www.garlic.com/~lynn/2001k.html#40 Newbie TOPS-10 7.03 question
https://www.garlic.com/~lynn/2002h.html#58 history of CMS
https://www.garlic.com/~lynn/2002h.html#64 history of CMS
https://www.garlic.com/~lynn/2002p.html#34 VSE (Was: Re: Refusal to change was Re: LE and COBOL)
https://www.garlic.com/~lynn/2003b.html#45 hyperblock drift, was filesystem structure (long warning)
https://www.garlic.com/~lynn/2003j.html#56 Goodbye PROFS
https://www.garlic.com/~lynn/2004p.html#13 Mainframe Virus ????
https://www.garlic.com/~lynn/2005t.html#43 FULIST
https://www.garlic.com/~lynn/2006n.html#23 sorting was: The System/360 Model 20 Wasn't As Bad As All That
https://www.garlic.com/~lynn/2007f.html#13 Why is switch to DSL so traumatic?
https://www.garlic.com/~lynn/2007p.html#29 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007v.html#54 An old fashioned Christmas
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: An old fashioned Christmas Newsgroups: alt.folklore.computers Date: Wed, 26 Dec 2007 08:03:53 -0500re:
and now for something a little different, i've modified the archived
copy of the previous post attempting to approx. the effect of the
original exec ... using html blink
https://www.garlic.com/~lynn/2007v.html#54 An old fashioned Christmas
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 26 Dec 2007 08:47:44 -0500jmfbahciv writes:
a little discussion here of virtualization and virtual
machine security in that period:
https://financialcryptography.com/mt/archives/000988.html
https://www.garlic.com/~lynn/aadsm27.htm#66 2007: year in review
https://www.garlic.com/~lynn/aadsm28.htm#0 2007: year in review
the science center
https://www.garlic.com/~lynn/subtopic.html#545tech
had quite a few non-employees accessing the cp67 system from the surrounding colleges/univs in the boston/cambridge area. I've mentioned before this causing some amount of security concerns.
one of the issues was that the science center had ported apl\360 to
cms (cms\apl) and opened up the apl workspace size (from typical
apl\360 of 16k or possibly 32k bytes) to virtual address space size
... recent reference:
https://www.garlic.com/~lynn/2007v.html#0 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#48 IBM mainframe history, was Floating-point myths
allowing something more than simple toy (apl) applications. during this period, apl was frequently used for modeling work and/or business applications that today are implemented using spreadsheets.
the larger workspace sizes attracted some of the business planning people from corporate hdqtrs in armonk. they started doing corporate business modeling ... using the cambridge system by terminals remotely from armonk. they also shipped to cambridge, tapes containing the highest sensitive/valued corporate customer information for processing in their models. having students from local area and the most senstive corporate information on the same system concurrently required some level of security.
another situation was the work on simulating 370 virtual machines (and 370 virtual memory) using the cambridge cp67 system ... before 370 virtual memory had been announced to customers (and was supposedly another closely guarded corporate secret) ... and/or even before there was 370 hardware supporting virtual memory. The 370 virtual machine capability supporting 370 virtual memory was up and operational a year before the first engineering 370 (370/145 in endicott) with virtual memory support was operational. again there was some security issues regarding local students and other non-employees accessing the cambridge cp67 system concurrently while all this other stuff was going on.
... countdown topic drift ... a month to go before it has been 40yrs since three people from the science center came out to install cp67 at the univ (last week in jan68).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 26 Dec 2007 10:55:38 -0500Morten Reistad <first@last.name> writes:
of course, some amount of the loan business is coming into disrepute
with all the problems in various credit instruments
https://www.garlic.com/~lynn/2007v.html#25 Newsweek article--baby boomers and computers
BMW picked up one of the Utah ILCs for their loan business; past
post:
https://www.garlic.com/~lynn/2007i.html#42 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#47 John W. Backus, 82, Fortran developer, dies
a reference ... listing some of utah ILCs (including BMW):
http://www.dfi.state.ut.us/IBSlist.htm
nominally w/o a national bank ... in order to do loans ... a separate
institution would have to be chartered in every state. ILCs opened up
being able to offer loans nationally w/o having to form 50 separate
institutions. some discussion:
http://uba.affiniscape.com/displaycommon.cfm?an=24
http://uba.affiniscape.com/displaycommon.cfm?an=1&subarticlenbr=134
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Researcher: Info overload costs economy Newsgroups: alt.folklore.computers Date: Wed, 26 Dec 2007 11:48:35 -0500Researcher: Info overload costs economy
from above:
Workers get disoriented every time they stop what they are doing to
reply to an e-mail or answer a follow-up phone call because they didn't
reply within minutes. Spira said workers can spend 10 to 20 times the
length of the original interruption trying to get back on track.
... snip ...
in the late 70s and early 80s ... we used the asynchronous interrupt overhead argument (from phone calls) as justification for email ... i.e. email didn't require interrupting what you were doing (way before little things like sound alerts for arriving email) ... of course it was also contributed to working offshift and weekends (again to avoid the various interrupts that typically occur during prime shift).
for more email drift ... various old email mostly from 20-30 yrs ago
https://www.garlic.com/~lynn/lhwemail.html
and old posts referring to cmc (computer mediated communication),
including posts mentioning company paying a researcher to study how i
communicated (they sat in the back of my office for nine months, taking
notes on how i communicated, face-to-face, telephone, email, instant
messages, etc ... they were provided copies of all my incoming/outgoing
email and instant messages) ... material was also used for stanford phd
thesis and some subsequent papers and books:
https://www.garlic.com/~lynn/subnetwork.html#cmc
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Credit Card Details Newsgroups: microsoft.public.security Date: Wed, 26 Dec 2007 12:21:21 -0500"Griff" <griffithsj_520@hotmail.com> writes:
the current situation places diametrically opposing requirements on the credit card information ... 1) it has to be readily available for large number of different business processes (not just the initial transaction) and 2) because the same information can be used by crooks for fraudulent transactions ... the information has to be kept confidential and never divulged. this is source of our periodic comments in the past that even if the planet was buried under miles of encryption ... it still wouldn't prevent information leakage.
we had been called into consult with small client/server startup that
wanted to do payments on their server ... they had this technology
called SSL they wanted to use ... and it is now frequently referred
to as electronic commerce
https://www.garlic.com/~lynn/subnetwork.html#gateway
one of the issues was that the application of SSL was only able to hide the transaction information while it was being transmitted thru the internet ... and didn't do anything to address the major points of exploits.
we were then dragged into working in the x9a10 financial standard working group which in the mid-90s had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Apple files patent for WGA-style anti-piracy tech Newsgroups: alt.folklore.computers Date: Wed, 26 Dec 2007 14:17:39 -0500Apple's Antipiracy Patent Similar To Microsoft's WGA
from above:
The application, titled "Run-Time Code Injection To Perform Checks,"
describes a DRM system that validates the authenticity of the software
maker's products.
... snip ...
re:
https://www.garlic.com/~lynn/2007v.html#30 Apple files patent for WGA-style anti-piracy tech
https://www.garlic.com/~lynn/2007v.html#37 Apple files patent for WGA-style anti-piracy tech
i've mentioned before about in the early 80s looking at putting some sort of crypto, tamper-evident chip on PC motherboard as piracy countermeasure.
old email referencing conjecturing that something similar was being
planned for LISA
https://www.garlic.com/~lynn/2007b.html#email830213
in the later 80s, applications (installed on hard disk) would check for specially encoded floppy disk (in drive) as an anti-piracy measure.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Wed, 26 Dec 2007 14:47:58 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
latest round:
EU set to rule MasterCard interchange fees illegal next week - sources
http://money.cnn.com/news/newsfeeds/articles/newstex/AFX-0013-21665460.htm
Regulators about to rule on interchange -watch this closely
http://www.finextra.com/community/fullblog.aspx?id=799
EC orders MasterCard to drop interchange fee structure
http://www.finextra.com/fullstory.asp?id=17879
European Commission Moves Against MasterCard Interchange Fees
http://www.paymentsnews.com/2007/12/european-commis.html
MasterCard Europe to Challenge European Commission Decision
http://www.paymentsnews.com/2007/12/mastercard-euro.html
MasterCard appeals to consumers over interchange ruling
http://www.finextra.com/fullstory.asp?id=17887
NRF Says U.S. Should Follow European Ruling re: Interchange Fees
http://www.paymentsnews.com/2007/12/nrf-says-us-sho.html
and ..
NRF Says U.S. Should Follow European Ruling Ordering MasterCard to
Withdraw Hidden Credit Card Fee
http://www.nrf.com/modules.php?name=News&op=viewlive&sp_id=440
from above ...
"European authorities say MasterCard is double dipping in Europe, and
that's exactly what we think both MasterCard and Visa are doing here
in the U.S.," NRF Senior Vice President and General Counsel Mallory
Duncan said. "Visa and MasterCard are charging billions of dollars
directly to consumers for all the fees that show up on their monthly
statements, then they turn around and charge billions more from the
hidden credit card fees they force merchants to include in the price
of merchandise."
... snip ...
other recent posts mentioning interchange fees:
https://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#56 old lisa info
https://www.garlic.com/~lynn/2007b.html#64 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#24 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#38 IBM System z9
https://www.garlic.com/~lynn/2007g.html#43 Wylbur and CRBE
https://www.garlic.com/~lynn/2007g.html#57 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
https://www.garlic.com/~lynn/2007h.html#28 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007i.html#17 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#32 ANN: Microsoft goes Open Source
https://www.garlic.com/~lynn/2007i.html#47 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#59 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#72 Free Checking
https://www.garlic.com/~lynn/2007j.html#66 Help settle a job title/role debate
https://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007m.html#24 Does socket represent an interface between ... ?
https://www.garlic.com/~lynn/2007n.html#68 Poll: oldest computer thing you still use
https://www.garlic.com/~lynn/2007p.html#43 what does xp do when system is copying
https://www.garlic.com/~lynn/2007r.html#31 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#40 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007s.html#64 Is the media letting banks off the hook on payment card security
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: An old fashioned Christmas Newsgroups: alt.folklore.computers Date: Wed, 26 Dec 2007 18:52:49 -0500re:
they could obfuscate the issue of authorship and complain to his management that the person was interfering with a legitimate product.
a flavor of the situation Jim also mentioned
https://www.garlic.com/~lynn/2007d.html#email800920
referenced in this post
https://www.garlic.com/~lynn/2007d.html#17 Jim Gray Is Missing
as mentioned in numerous of the previously referenced postings regarding
VMSG ... after the sequence of incidents ... the VMSG source was then
restricted to three people (other than the author), including the person
that happened to have sent me the xmas exec (mentioned in the original
post) and me ... limiting people with vmsg source also mentioned here
https://www.garlic.com/~lynn/2002j.html#4 HONE, ****, misc
something similar (but different) happened to Theo Alkema involving
FULIST, BROWSE, and IOS3270 ... some reference here
https://www.garlic.com/~lynn/2001f.html#8 Theo Alkema
https://www.garlic.com/~lynn/2001f.html#9 Theo Alkema
https://www.garlic.com/~lynn/2001f.html#21 Theo Alkema
for some topic drift, above mentions working with FULIST, BROWSE, and
IOS3270, not only to place in shared segment ... but also change the
code so it was location independent ... in this recent thread:
https://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#49 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#50 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#51 Education ranking
https://www.garlic.com/~lynn/2007v.html#52 vm folklore, new, 40+ yr old technology
for even more topic drift, it also mentions CKD CCW sequence used by
HONE
https://www.garlic.com/~lynn/subtopic.html#hone
to implement compare&swap semantics and single system image
... mentioned in this thread:
https://www.garlic.com/~lynn/2007v.html#47 MTS memories
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 27 Dec 2007 13:43:52 -0500Steve O'Hara-Smith <steveo@eircom.net> writes:
when we were called in to consult with small client/server startup
that wanted to do payments on their server
https://www.garlic.com/~lynn/subnetwork.html#gateway
and then later working on x9a10 financial standards working group on
x9.59
https://www.garlic.com/~lynn/x959.html#x959
which in the mid-90s had been given the requirement to preserve the integrity of the financial infrastructure for ALL retail payments
... we actually were required to design speeds&feeds for peak period activity during peak season processing for ALL retail payments ... not just debit, not just credit, not just internet, not just stored-value, and not just atm ... ALL whereever they might originate anywhere in the world ... looking at complete end-to-end provisioning.
now scale-up end-to-end provisioning isn't just speeds&feeds as soemwhat
referenced in this post ... with respect to compensating procedures:
https://www.garlic.com/~lynn/2007v.html#53 folklore indeed
for a little folklore ... we had dealt some with a webhosting
operation who had mentioned that they had ten electronic commerce
sites that all had more hits per month than the number one website
listed in the popular monthly top sites of hits/month (the explanation
was that they had no need to participate in such popularity publicity)
... old reference (mentions a number of things including large
webhosting operation):
https://www.garlic.com/~lynn/aadsm15.htm#2 Is cryptography where security took the wrong branch?
for little more topic drift, these are posts looking at some of the
other efforts from the 90s ... looking at how they were much more toy
demos ... and inability to scale-up to handling ALL world-wide
retail payments
https://www.garlic.com/~lynn/subpubkey.html#bloat
part of this is background from our ha/cmp product
https://www.garlic.com/~lynn/subtopic.html#hacmp
not only being able to address things like five-nines availability
and disaster survivability
https://www.garlic.com/~lynn/submain.html#available
but also massive scale-up ... mentioned in these old emails about scale-up
work in ha/cmp project
https://www.garlic.com/~lynn/lhwemail.html#medusa
or in these referenced posts
https://www.garlic.com/~lynn/95.html#13
https://www.garlic.com/~lynn/96.html#15
the "toy demo" characteristic of much activity in the 90s is also
mentioned in these recent threads regarding straight-through
processing solutions for addressing overnight batch window
bottleneck that is characteristics of numerous financial transaction
infrastructures:
https://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#37 folklore indeed
https://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#61 folklore indeed
https://www.garlic.com/~lynn/2007v.html#19 Education ranking
https://www.garlic.com/~lynn/2007v.html#27 folklore indeed
with respect to internet-specific ... from the view-point of the toy demo crowd ... we tended to seriously over provision ... since they usually didn't have any serious background in commercial, industrial strength dataprocessing and associated speeds&feeds.
we had one instance where a very large operation wanted to put up a large scale internet facility and the executive had directed that it would be done using NT-based platforms. we had done the speeds&feeds and NT didn't even come close to meeting the expected activity. Convincing their employees took a little time ... but then they elected me to make the presentation to their executive. Before I actually had to follow-thru, middle management decided to "manage" the situation by stating that internet activity would be controlled in such a way that it never exceeded the thruput capacity of the NT-platforms (and NT-based technology improvements would be matched by increases in internet activity).
a small topic drift mentioned here ... looking at small contribution
to addressing a particular overnight batch window bottleneck
involving large cobol application running on 40+ max. configured
mainframes (CECs) ... around $30m per.
https://www.garlic.com/~lynn/2007f.html#47 Is computer history taught now?
https://www.garlic.com/~lynn/2007f.html#48 Is computer history taught now?
https://www.garlic.com/~lynn/2007l.html#20 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007n.html#67 least structured statement in a computer language. And the winner
https://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Thu, 27 Dec 2007 16:10:29 -0500John T Maguire <maine.photographerATgmail.com> writes:
we watched some of this because of corporate funding that went on at
both MIT and CMU ... and getting visits to review activities ... misc
past references:
https://www.garlic.com/~lynn/2000e.html#27 OCF, PC/SC and GOP
https://www.garlic.com/~lynn/2001.html#44 Options for Delivering Mainframe Reports to Outside Organizat ions
https://www.garlic.com/~lynn/2001.html#49 Options for Delivering Mainframe Reports to Outside Organizat ions
https://www.garlic.com/~lynn/2001b.html#81 36-bit MIME types, PDP-10 FTP
https://www.garlic.com/~lynn/2001f.html#11 Climate, US, Japan & supers query
https://www.garlic.com/~lynn/2001f.html#22 Early AIX including AIX/370
https://www.garlic.com/~lynn/2001f.html#59 JFSes: are they really needed?
https://www.garlic.com/~lynn/2001g.html#66 [OT] Root Beer (was YKYBHTLW....)
https://www.garlic.com/~lynn/2004n.html#9 RISCs too close to hardware?
https://www.garlic.com/~lynn/2004n.html#19 RISCs too close to hardware?
https://www.garlic.com/~lynn/2005c.html#44 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005d.html#20 shared memory programming on distributed memory model?
https://www.garlic.com/~lynn/2005j.html#13 Performance and Capacity Planning
https://www.garlic.com/~lynn/2005j.html#26 IBM Plugs Big Iron to the College Crowd
https://www.garlic.com/~lynn/2005q.html#14 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005q.html#49 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005r.html#43 Numa-Q Information
https://www.garlic.com/~lynn/2006b.html#8 Free to good home: IBM RT UNIX
https://www.garlic.com/~lynn/2006c.html#11 Mainframe Jobs Going Away
https://www.garlic.com/~lynn/2006c.html#42 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006c.html#43 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006h.html#56 The Pankian Metaphor
https://www.garlic.com/~lynn/2006l.html#43 One or two CPUs - the pros & cons
https://www.garlic.com/~lynn/2006m.html#0 Mainframe Linux Mythbusting
https://www.garlic.com/~lynn/2006m.html#14 The AN/FSQ-31 Did Exist?!
https://www.garlic.com/~lynn/2006q.html#24 "25th Anniversary of the Personal Computer"
https://www.garlic.com/~lynn/2007d.html#14 Unix magic poster
https://www.garlic.com/~lynn/2007d.html#16 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007g.html#70 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007i.html#26 Latest Principles of Operation
https://www.garlic.com/~lynn/2007l.html#1 The top 10 dead (or dying) computer skills
https://www.garlic.com/~lynn/2007q.html#26 Does software life begin at 40? IBM updates IMS database
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Public Computers Newsgroups: alt.folklore.computers Date: Thu, 27 Dec 2007 18:46:24 -0500Morten Reistad <first@last.name> writes:
recent news:
NIST gives nod to on-card biometric matching
http://www.gcn.com/online/vol1_no1/45580-1.html
Match-on-card has gained new interest from NIST for FIPS201 and TWIC
http://www.secureidnews.com/news/2007/12/27/matchoncard-has-gained-new-interest-from-nist-for-fips201-and-twic/
we had done some work on this a couple yrs ago:
https://www.garlic.com/~lynn/2002n.html#25 Help! Good protocol for national ID card?
https://www.garlic.com/~lynn/2002o.html#62 Certificate Authority: Industry vs. Government
https://www.garlic.com/~lynn/2004b.html#28 Methods of Authentication on a Corporate
one of the issues discovered fairly early was that various electronic authentication cards weren't working as well as expected in non-white-collar and external/outside work environments especially harsh weather conditions.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Alexander Graham Bell - Patent Thief? Newsgroups: alt.folklore.computers Date: Fri, 28 Dec 2007 04:34:40 -0500fundamental principles of the American way of life
Alexander Graham Bell, Patent Thief? - Telecom patent fights as old as
the telephone itself...
http://www.dslreports.com/shownews/Alexander-Graham-Bell-Patent-Thief-90521
Alexander Graham Bell - Patent Thief?
http://science.slashdot.org/science/07/12/27/1342258.shtml
Technology: Bell Stole Phone Ideas, New Book Claims
http://www.technewsworld.com/story/60945.html
Book claims Bell copied telephone invention
http://www.zdnetasia.com/news/communications/0,39044192,62035894,00.htm
New Book Accuses Alexander Graham Bell Of Stealing Phone Idea
http://www.allheadlinenews.com/articles/7009553270
"The Telephone Gambit" - Chasing Alexander Graham Bell's Secret
http://www.imperialvalleynews.com/index.php?option=com_content&task=view&id=586&Itemid=1
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: It keeps getting uglier Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Fri, 28 Dec 2007 04:50:01 -0500jbaker314@COMPORIUM.NET (John P. Baker) writes:
it also says that the operation of the diagnose may be model dependent.
less than a month since it has been 40yrs since I was introduced to
(virtual machine) cp67 system ... three people came out to the
university from cambridge science center
https://www.garlic.com/~lynn/subtopic.html#545tech
to install cp67. while an undergraduate I did a lot of rework and
optimization of the cp67 kernel. i had also done a lot of work on os/360
optimization ... for the workload at the univ. i gave a presentation at
the fall68 share meeting in Atlantic City on some of that work ... part of
that presentation
https://www.garlic.com/~lynn/94.html#18 CP/67 & OS MFT14
one of the other things i did was develop a fast-path ccw translation for cms disk i/o when running in a virtual machine (original cms was implemented to be able to run on bare 360/40). I did this by defining a new channel program op-code for disk read/writes ... which acted as an immediate operation ... held the virtual SIO "busy" until the operation had completed and then presented CC=1, CSW STORED.
I got some grief from the people at the science center since i was violating the 360 principles of operation. however, it was a useful performance improvement ... and so it was explained to me that I could "use" the diagnose instruction ... since the diagnose instruction was defined as being model dependent ... and for CP67 ... an artificial virtual machine 360 model could be defined where the diagnose instruction acted as defined by CP67 (w/o violating the principles of operation).
misc. past posts mentioning model dependent diagnose instruction:
https://www.garlic.com/~lynn/96.html#23 Old IBM's
https://www.garlic.com/~lynn/2001b.html#32 z900 and Virtual Machine Theory
https://www.garlic.com/~lynn/2002d.html#31 2 questions: diag 68 and calling convention
https://www.garlic.com/~lynn/2002h.html#62 history of CMS
https://www.garlic.com/~lynn/2003.html#60 MIDAS
https://www.garlic.com/~lynn/2003k.html#52 dissassembled code
https://www.garlic.com/~lynn/2003m.html#36 S/360 undocumented instructions?
https://www.garlic.com/~lynn/2003p.html#9 virtual-machine theory
https://www.garlic.com/~lynn/2004.html#8 virtual-machine theory
https://www.garlic.com/~lynn/2004d.html#66 System/360 40 years old today
https://www.garlic.com/~lynn/2004q.html#72 IUCV in VM/CMS
https://www.garlic.com/~lynn/2005b.html#23 360 DIAGNOSE
https://www.garlic.com/~lynn/2005j.html#54 Q ALLOC PAGE vs. CP Q ALLOC vs ESAMAP
https://www.garlic.com/~lynn/2007f.html#33 Historical curiosity question
https://www.garlic.com/~lynn/2007p.html#72 A question for the Wheelers - Diagnose instruction
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Controlling COBOL DDs named SYSOUT Newsgroups: alt.folklore.computers Date: Fri, 28 Dec 2007 05:04:38 -0500edgould1948@COMCAST.NET (Ed Gould) writes:
there is actually a couple recent threads that have been going on ... frequently touching on experiences improving batch performance in order to stay within the overnight batch window.
recent posts mentioning overnight batch window ...
https://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
https://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#20 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
https://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#37 folklore indeed
https://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#61 folklore indeed
https://www.garlic.com/~lynn/2007v.html#19 Education ranking
https://www.garlic.com/~lynn/2007v.html#27 folklore indeed
https://www.garlic.com/~lynn/2007v.html#64 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Fri, 28 Dec 2007 08:58:25 -0500jmfbahciv writes:
in the x9a10 financial standard working group that in the mid-90s had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments.
sort of our periodic quip that (with the current paradigm), the
planet could be buried under miles of (information hiding)
encryption and still not prevent information leakage.
https://www.garlic.com/~lynn/aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
https://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
https://www.garlic.com/~lynn/aadsm24.htm#38 Interesting bit of a quote
https://www.garlic.com/~lynn/aadsm24.htm#48 more on FBI plans new Net-tapping push
https://www.garlic.com/~lynn/aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
https://www.garlic.com/~lynn/aadsm26.htm#8 What is the point of encrypting information that is publicly visible?
https://www.garlic.com/~lynn/aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
https://www.garlic.com/~lynn/2005u.html#3 PGP Lame question
https://www.garlic.com/~lynn/2005v.html#2 ABN Tape - Found
https://www.garlic.com/~lynn/2006c.html#35 X.509 and ssh
https://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
https://www.garlic.com/~lynn/2006h.html#15 Security
https://www.garlic.com/~lynn/2006o.html#37 the personal data theft pandemic continues
https://www.garlic.com/~lynn/2006p.html#8 SSL, Apache 2 and RSA key sizes
https://www.garlic.com/~lynn/2006t.html#40 Encryption and authentication
https://www.garlic.com/~lynn/2006u.html#43 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006v.html#2 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that increases password security
https://www.garlic.com/~lynn/2006y.html#25 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007b.html#8 Special characters in passwords was Re: RACF - Password rules
https://www.garlic.com/~lynn/2007b.html#20 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#33 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#53 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#34 Mixed Case Password on z/OS 1.7 and ACF 2 Version 8
https://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007i.html#65 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007k.html#76 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007n.html#85 PCI Compliance - Encryption of all non-console administrative access
https://www.garlic.com/~lynn/2007o.html#28 EZPass: Yes, Big Brother IS Watching You!
https://www.garlic.com/~lynn/2007r.html#21 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#24 How to tell a fake SSL certificate from a real one
https://www.garlic.com/~lynn/2007s.html#16 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007v.html#60 Credit Card Details
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Education ranking Newsgroups: alt.folklore.computers Date: Sat, 29 Dec 2007 08:39:21 -0500jmfbahciv writes:
quicky web search turned up numerous news references including:
http://www.msnbc.msn.com/id/22423352/
from above:
Although the provision is not directed at Iraq, the White House said it
feared that the bill would allow plaintiffs seeking redress for Saddam
Hussein-era acts of terrorism to freeze Iraq's assets, potentially tying
up billions of dollars, and allow plaintiffs to refile lawsuits against
Iraq that had already been dismissed. The administration said the
provision would "unacceptably interfere" with the political and economic
progress in Iraq by potentially imposing a "financially devastating
hardship" on the country.
... snip ...
previous post
https://www.garlic.com/~lynn/2007v.html#20 Education ranking
mentioning some report that this congress has had the lowest attendance of any congress on record .... implying some correlation with how much legislation they've been able to come up with (although in some quarters that might be considered quite a good thing).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: whats the world going to do when all the baby boomers retire Newsgroups: alt.folklore.computers Date: Sat, 29 Dec 2007 09:08:15 -0500another article in the theme about what happens when all the baby boomers retire
Avantec Delivers New Solution to Manpower Shortages in the Mining
Industry
http://www.arnnet.com.au/index.php/id;100834834
this is similar to articles on declining oil production in part because
of not starting new oil production projects because they don't figure
that enough baby boomers will be around to finish the projects.
https://www.garlic.com/~lynn/2007q.html#42 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007s.html#32 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007s.html#63 Newsweek article--baby boomers and computers
this also comes up in a lot of the complex legacy systems responsible
for lots of fundamental core processing. when the toy demo projects
repeatedly failed (billions spent in the 90s) to replace these legacy
operations ... there has been increasing concern about the dwindling
supply of baby boomers to maintain and feed them (and ongoing tweaking
needed for all the stuff run in the overnight batch windows). misc.
past posts:
https://www.garlic.com/~lynn/2007e.html#31 Quote from comp.object
https://www.garlic.com/~lynn/2007l.html#15 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007m.html#36 Future of System/360 architecture?
https://www.garlic.com/~lynn/2007u.html#19 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#21 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#37 folklore indeed
https://www.garlic.com/~lynn/2007u.html#44 Distributed Computing
https://www.garlic.com/~lynn/2007u.html#61 folklore indeed
https://www.garlic.com/~lynn/2007v.html#19 Education ranking
https://www.garlic.com/~lynn/2007v.html#27 folklore indeed
https://www.garlic.com/~lynn/2007v.html#64 folklore indeed
https://www.garlic.com/~lynn/2007v.html#69 Controlling COBOL DDs named SYSOUT
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sat, 29 Dec 2007 09:20:46 -0500pechter@pechter.dyndns.org (William Pechter) writes:
big problem was how to handle the large amount of heat being generated by (relatively) high density of electronics in the space.
similar issues showed up in the later (all 801 RISC) high density rack
proposal
https://www.garlic.com/~lynn/lhwemail.html#medusa
and
https://www.garlic.com/~lynn/95.html#13
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sat, 29 Dec 2007 12:05:11 -0500Dave Garland <dave.garland@wizinfo.com> writes:
note a lot of internet-related stuff is about how identity fraud and account fraud are external attackers ... and/or how the defenders missed something.
however, predating wide-spread internet use and continuing thru the current internet period ... the studies have indicated that upwards of 70percent of fraud have involved insiders.
with respect to account fraud, we've frequently pointed out that the fundamental problem isn't the lack of protection for information ... it is that the information has diametrically opposing requirements 1) that it be readily available and widely used for a large number of different business processes and 2) that it must be kept confidential and never divuleged .... aka account numbers are akin to passwords which mean that they never are made public ... including repeatedly pulling a card, with the information on it, out of your wallet in public places.
this is the comment about even if the planet was buried under miles of (information hiding) encryption, there would still be information leakage ... combination of majority of fraud involving insiders and information repeatedly having to be presented and procssed by those insiders. This situation is also characterized as intrinsic in dual-use placed on account number ... being required extensively in numerous standard business processes ... and as a type of something you know shared-secret authentication.
Case studies frequently point out that in dual-use scenarios with diametrically opposing requirements ... that enormous opportunities for fraud can occur.
one of the other conjectures of why the press has focused on the external attackers ... is that there is lots of interests promoting the use of these payment instruments ... however, it would be counter productive to point at that much of the fraud opportunity is proportional to the use of the payment instruments (because of the enormous insider threat and the dual-use characteristic) ... which might result in reduced use by the public.
and as repeatedly pointed out before ... one of the major
characteristics of the work in the x9a10 financial standard working
group ... was for x9.59
https://www.garlic.com/~lynn/x959.html#x959
to eliminate the dual-use characteristic of the current infrastructure.
Dual-use characteristic of the current infrastructure enormously
complicates being able to have effective and adequate end-to-end
countermeasures to the fraud. This is also discussed from slightly
different view point in the threads on the "naked" transaction
metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments
misc. past post mentioning insiders and fraud studies
https://www.garlic.com/~lynn/aadsmore.htm#2527b RFC 2527 Physical Security Controls Question
https://www.garlic.com/~lynn/aadsm5.htm#asrn4 assurance, X9.59, etc
https://www.garlic.com/~lynn/aadsm6.htm#websecure merchant web server security
https://www.garlic.com/~lynn/aadsm6.htm#pcards The end of P-Cards?
https://www.garlic.com/~lynn/aadsm6.htm#pcards2 The end of P-Cards? (addenda)
https://www.garlic.com/~lynn/aepay7.htm#netbank2 net banking, is it safe?? ... security proportional to risk
https://www.garlic.com/~lynn/aadsm7.htm#auth Who or what to authenticate?
https://www.garlic.com/~lynn/aadsm7.htm#auth2 Who or what to authenticate? (addenda)
https://www.garlic.com/~lynn/aadsm7.htm#rhose4 Rubber hose attack
https://www.garlic.com/~lynn/aadsm7.htm#rhose15 when a fraud is a sale, Re: Rubber hose attack
https://www.garlic.com/~lynn/aepay11.htm#37 Who's afraid of Mallory Wolf?
https://www.garlic.com/~lynn/aadsm11.htm#10 Federated Identity Management: Sorting out the possibilities
https://www.garlic.com/~lynn/aadsm12.htm#6 NEWS: 3D-Secure and Passport
https://www.garlic.com/~lynn/aadsm12.htm#58 Time to ID Identity-Theft Solutions
https://www.garlic.com/~lynn/aadsm14.htm#1 Who's afraid of Mallory Wolf?
https://www.garlic.com/~lynn/aadsm14.htm#4 Who's afraid of Mallory Wolf?
https://www.garlic.com/~lynn/aadsm14.htm#28 Maybe It's Snake Oil All the Way Down
https://www.garlic.com/~lynn/aadsm16.htm#13 The PAIN mnemonic
https://www.garlic.com/~lynn/aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
https://www.garlic.com/~lynn/aadsm17.htm#25 Single Identity. Was: PKI International Consortium
https://www.garlic.com/~lynn/aadsm17.htm#38 Study: ID theft usually an inside job
https://www.garlic.com/~lynn/aadsm17.htm#39 The future of security
https://www.garlic.com/~lynn/aadsm17.htm#47 authentication and authorization ... addenda
https://www.garlic.com/~lynn/aadsm17.htm#50 authentication and authorization (was: Question on the state of the security industry)
https://www.garlic.com/~lynn/aadsm17.htm#60 Using crypto against Phishing, Spoofing and Spamming
https://www.garlic.com/~lynn/aadsm18.htm#6 dual-use digital signature vulnerability
https://www.garlic.com/~lynn/aadsm18.htm#18 Any TLS server key compromises?
https://www.garlic.com/~lynn/aadsm18.htm#29 EMV cards as identity cards
https://www.garlic.com/~lynn/aadsm19.htm#17 What happened with the session fixation bug?
https://www.garlic.com/~lynn/aadsm19.htm#19 "SSL stops credit card sniffing" is a correlation/causality myth
https://www.garlic.com/~lynn/aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
https://www.garlic.com/~lynn/aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
https://www.garlic.com/~lynn/aadsm22.htm#26 FraudWatch - Chip&Pin, a new tenner (USD10)
https://www.garlic.com/~lynn/aadsm22.htm#27 Meccano Trojans coming to a desktop near you
https://www.garlic.com/~lynn/aadsm22.htm#33 Meccano Trojans coming to a desktop near you
https://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
https://www.garlic.com/~lynn/aadsm23.htm#0 Separation of Roles - an example
https://www.garlic.com/~lynn/aadsm23.htm#9 PGP "master keys"
https://www.garlic.com/~lynn/aadsm23.htm#10 PGP "master keys"
https://www.garlic.com/~lynn/aadsm24.htm#1 UK Detects Chip-And-PIN Security Flaw
https://www.garlic.com/~lynn/aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
https://www.garlic.com/~lynn/aadsm24.htm#7 Naked Payments IV - let's all go naked
https://www.garlic.com/~lynn/aadsm24.htm#10 Naked Payments IV - let's all go naked
https://www.garlic.com/~lynn/aadsm24.htm#36 Interesting bit of a quote
https://www.garlic.com/~lynn/aadsm24.htm#48 more on FBI plans new Net-tapping push
https://www.garlic.com/~lynn/aadsm25.htm#13 Sarbanes-Oxley is what you get when you don't do FC
https://www.garlic.com/~lynn/aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
https://www.garlic.com/~lynn/aadsm26.htm#7 Citibank e-mail looks phishy
https://www.garlic.com/~lynn/aadsm26.htm#11 What is the point of encrypting information that is publicly visible?
https://www.garlic.com/~lynn/aadsm26.htm#27 man in the middle, SSL ... addenda
https://www.garlic.com/~lynn/aadsm27.htm#31 The bank fraud blame game
https://www.garlic.com/~lynn/aadsm27.htm#52 more on firing your MBA-less CSO
https://www.garlic.com/~lynn/aadsm27.htm#53 Doom and Gloom spreads, security revisionism suggests "H6.5: Be an adept!"
https://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks
https://www.garlic.com/~lynn/2001c.html#45 PKI and Non-repudiation practicalities
https://www.garlic.com/~lynn/2001c.html#54 PKI and Non-repudiation practicalities
https://www.garlic.com/~lynn/2001g.html#38 distributed authentication
https://www.garlic.com/~lynn/2001h.html#61 Net banking, is it safe???
https://www.garlic.com/~lynn/2001i.html#56 E-commerce security????
https://www.garlic.com/~lynn/2001j.html#54 Does "Strong Security" Mean Anything?
https://www.garlic.com/~lynn/2002e.html#18 Opinion on smartcard security requested
https://www.garlic.com/~lynn/2002f.html#35 Security and e-commerce
https://www.garlic.com/~lynn/2002j.html#14 Symmetric-Key Credit Card Protocol on Web Site
https://www.garlic.com/~lynn/2002j.html#40 Beginner question on Security
https://www.garlic.com/~lynn/2002m.html#46 Encryption algorithm for stored data
https://www.garlic.com/~lynn/2003g.html#26 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
https://www.garlic.com/~lynn/2004f.html#31 MITM attacks
https://www.garlic.com/~lynn/2004i.html#5 New Method for Authenticated Public Key Exchange without Digital Certificates
https://www.garlic.com/~lynn/2004i.html#16 New Method for Authenticated Public Key Exchange without Digital Ceritificates
https://www.garlic.com/~lynn/2004j.html#15 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
https://www.garlic.com/~lynn/2004j.html#37 Vintage computers are better than modern crap !
https://www.garlic.com/~lynn/2004k.html#21 Vintage computers are better than modern crap !
https://www.garlic.com/~lynn/2005g.html#33 Good passwords and security priorities
https://www.garlic.com/~lynn/2005g.html#37 MVS secure configuration standard
https://www.garlic.com/~lynn/2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
https://www.garlic.com/~lynn/2005i.html#11 Revoking the Root
https://www.garlic.com/~lynn/2005j.html#52 Banks
https://www.garlic.com/~lynn/2005k.html#1 More on garbage
https://www.garlic.com/~lynn/2005k.html#55 Encryption Everywhere? (Was: Re: Ho boy! Another big one!)
https://www.garlic.com/~lynn/2005l.html#35 More Phishing scams, still no SSL being used
https://www.garlic.com/~lynn/2005l.html#36 More Phishing scams, still no SSL being used
https://www.garlic.com/~lynn/2005o.html#2 X509 digital certificate for offline solution
https://www.garlic.com/~lynn/2005v.html#2 ABN Tape - Found
https://www.garlic.com/~lynn/2006c.html#31 Worried about your online privacy?
https://www.garlic.com/~lynn/2006c.html#35 X.509 and ssh
https://www.garlic.com/~lynn/2006d.html#26 Caller ID "spoofing"
https://www.garlic.com/~lynn/2006d.html#28 Caller ID "spoofing"
https://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
https://www.garlic.com/~lynn/2006e.html#44 Does the Data Protection Act of 2005 Make Sense
https://www.garlic.com/~lynn/2006h.html#15 Security
https://www.garlic.com/~lynn/2006h.html#26 Security
https://www.garlic.com/~lynn/2006k.html#4 Passwords for bank sites - change or not?
https://www.garlic.com/~lynn/2006k.html#16 Value of an old IBM PS/2 CL57 SX Laptop
https://www.garlic.com/~lynn/2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
https://www.garlic.com/~lynn/2006k.html#33 Password Complexity
https://www.garlic.com/~lynn/2006p.html#9 New airline security measures in Europe
https://www.garlic.com/~lynn/2006p.html#18 19,000 Accounts Compromised
https://www.garlic.com/~lynn/2006p.html#32 OT - hand-held security
https://www.garlic.com/~lynn/2006s.html#10 Why not 2048 or 4096 bit RSA key issuance?
https://www.garlic.com/~lynn/2006u.html#40 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006u.html#43 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006v.html#2 New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006v.html#42 On sci.crypt: New attacks on the financial PIN processing
https://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that increases password security
https://www.garlic.com/~lynn/2006w.html#4 Patent buster for a method that increases password security
https://www.garlic.com/~lynn/2006x.html#14 IBM ATM machines
https://www.garlic.com/~lynn/2007.html#42 The logic of privacy
https://www.garlic.com/~lynn/2007b.html#8 Special characters in passwords was Re: RACF - Password rules
https://www.garlic.com/~lynn/2007b.html#13 special characters in passwords
https://www.garlic.com/~lynn/2007b.html#33 security engineering versus information security
https://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#11 Decoding the encryption puzzle
https://www.garlic.com/~lynn/2007c.html#32 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#35 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#43 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#62 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007i.html#28 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#65 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#0 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007n.html#85 PCI Compliance - Encryption of all non-console administrative access
https://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
https://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#72 Value of SSL client certificates?
https://www.garlic.com/~lynn/2007t.html#20 UK Retail Giant Breached by Insider
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: virtual appliance Newsgroups: bit.listserv.ibm-main Date: Sat, 29 Dec 2007 15:34:33 -0500dboyes@SINENOMINE.NET (David Boyes) writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Why Didn't Digital Catch the Wave? Newsgroups: alt.folklore.computers Date: Sat, 29 Dec 2007 16:22:36 -0500jsavard@excxn.aNOSPAMb.cdn.invalid (John Savard) writes:
and therefor it was effectively a no-brainer financial business decision for sales of large number of such machines into commercial market.
a big issue in that market was reaching critical mass ... attracting buyers because their were lots of stuff that could be done with it and a lot of machines attracting software developers to create lots of applications for the machines ... which eventually became snowball effect.
it wasn't just the corporate name that attracted all the application developers ... it was the number of machines. it also wasn't just the corporate name that attracted all the (early) business purchases ... since a separate personal computer purchase would have required incremental financial justification ... while switching from an already financially justified terminal purchase to a personal computer ... was frequently a no-brainer.
recent post with some discussion of number of machines
https://www.garlic.com/~lynn/2007n.html#0 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
the above references a webpage that gave personal computer market share, 1975-2004 ... which appears to have disappeared.
the way back machine still has the webpage ... but w/o images/graphs
https://web.archive.org/web/20070528014237/http://www.wowdailynews.com/pegasus/total_share.html
but there is reference to article at ars technica
Total share: 30 years of personal computer market share figures
https://arstechnica.com/features/2005/12/total-share/
and has graph of personal computer sales 1975-1980
https://arstechnica.com/features/2005/12/total-share/3
and graph from 1980 to 1984 ... with the only serious competitor to PC
in number of sales was commodore 64
https://arstechnica.com/features/2005/12/total-share/4
and then from 1984 to 1987 the ibm pc (and clones) starting to
completely swamp
https://arstechnica.com/features/2005/12/total-share/5
in much the same way that the application developers were producing for the large install base ... the machine clone makers also started to move into the market segment also. conjecture might include larger profit margin in the PC market segment (vis-a-vis commodore 64) as contributing motivation for clone makers (higher premium/value in the commercial business market).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sat, 29 Dec 2007 19:19:58 -0500krw <krw@att.bizzzzz> writes:
PCI compliance costs often underestimated, study finds
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1265353,00.html
PCI Data Security Standard
http://searchsecurity.techtarget.com/topics/0,295493,sid14_tax303586,00.html
Are there any references that discuss the cost of PCI DSS compliance?
http://searchsecurity.techtarget.com/expert/KnowledgebaseAnswer/0,289625,sid14_gci1285601_tax303586,00.html?bucket=ETA&topic=303586
and
Firms seeking PCI compliance face dilemma
http://www.scmagazineus.com/Firms-seeking-PCI-compliance-face-dilemma/article/34709/
from above:
The price for the average quality web application vulnerability assessment ranges from about five thousand to fifteen thousand dollars per website. According to PCI-DSS, assessments need to be performed four times a year. All of the sudden, the same merchant that started out paying a few hundred to thousands of dollars faces tens of thousands per website in additional costs.
... snip ...
and little drift ... recent repeat of x9.59 financial standard protocol
objectives in crypto mailing list
https://www.garlic.com/~lynn/aadsm28.htm#1
Merchants Not Storing Credit Card Data
http://www.schneier.com/blog/archives/2007/10/merchants_not_s.html
referencing this article:
Retailers look to exorcise credit-card data
http://www.securityfocus.com/news/11491
recent (also crypto mailing list) post also referencing NRF position
https://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks
the x9.59 financial standard approach was to eliminate the usefulness of the information to the crooks ... whereever it might appear and/or be located (complete end-to-end coverage). Eliminating business processes that require merchants to keep the information, is just a piecemeal solution (i.e. the information still represents an attractive target for crooks).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 09:07:46 -0500rpl <plinnane3@yahoo.com.invalid> writes:
a few posts from earlier this year
https://www.garlic.com/~lynn/2007b.html#62 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#27 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#37 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#53 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#5 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#2 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#68 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#10 Record Credit card heist...TJM
https://www.garlic.com/~lynn/2007g.html#15 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007g.html#19 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007g.html#30 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007g.html#53 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007h.html#36 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007h.html#58 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007h.html#63 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007i.html#53 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#64 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#65 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#15 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007l.html#39 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007l.html#48 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007o.html#0 The Unexpected Fact about the First Computer Programmer
https://www.garlic.com/~lynn/2007o.html#5 The Unexpected Fact about the First Computer Programmer
https://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
https://www.garlic.com/~lynn/2007r.html#21 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#26 The new urgency to fix online privacy
https://www.garlic.com/~lynn/2007r.html#31 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007r.html#32 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007s.html#51 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#55 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007s.html#64 Is the media letting banks off the hook on payment card security
https://www.garlic.com/~lynn/2007t.html#6 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007u.html#67 folklore indeed
https://www.garlic.com/~lynn/2007v.html#62 folklore indeed
https://www.garlic.com/~lynn/2007v.html#70 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 09:15:34 -0500Steve O'Hara-Smith <steveo@eircom.net> writes:
as also referred to in the same post ... i.e. quote from the same post:
Firms seeking PCI compliance face dilemma
http://www.scmagazineus.com/Firms-seeking-PCI-compliance-face-dilemma/article/34709/
from above:
The price for the average quality web application vulnerability
assessment ranges from about five thousand to fifteen thousand dollars
per website. According to PCI-DSS, assessments need to be performed four
times a year. All of the sudden, the same merchant that started out
paying a few hundred to thousands of dollars faces tens of thousands per
website in additional costs.
... snip ...
i.e. costs that start out at a few hundred ... now balloon all out of control with compliance costs of tens of thousands.
recent post in crypto mailing list
https://www.garlic.com/~lynn/aadsm28.htm#1
mentioning that part of x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959
effectively eliminates most of the compliance overhead ... by eliminating the need to have all the countermeasures for information leakage and breaches, since the information leak/breach is no longer a threat (information may still leak/breach, but is no longer useful to crooks).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: software preservation volunteers ( was Re: LINC-8 Front Panel Questions) Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 09:23:36 -0500Peter Flass <Peter_Flass@Yahoo.com> writes:
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Tap and faucet and spellcheckers Newsgroups: alt.usage.english,alt.folklore.computers,uk.rec.sheds Date: Sun, 30 Dec 2007 09:48:53 -0500Peter Flass <Peter_Flass@Yahoo.com> writes:
SCRIPT was the CMS document formating developed a few yrs earlier ... but using runoff dot-like commands ... and then gml tag formating support was added.
later CERN adapted a script-clone sgml processing into html
http://infomesh.net/html/history/early/
recent post referencing the some of the failed disasters of the 90s, spending billions attempting to replace some of these legacy systems in part attempting to eliminate the overnight batch window bottlenecks ... with distributed computing straight-through processing.
in any event, there is ongoing tweaking efforts keeping legacy
processing within the overnight batch window ... recent
reference ... a x-over from mainframe mailing list ... this time
mentioning options market doesn't open until
legacy overnight batch window has completed
https://www.garlic.com/~lynn/2007v.html#69 Controllering COBOL DDs named SYSOUT
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 10:48:45 -0500Peter Flass <Peter_Flass@Yahoo.com> writes:
was forward error correcting. part of the issue was all links leaving corporate premises had to be encrypted ... and loss of sync took extra recovery time ... especially with the satellite links (geosync orbit).
we had an engineer on the project, who was claimed to be one of the five
best satellite RF engineers in the world ... and had been grad. student
of Reeds (and undergraduate at MIT ... and claimed my wife's father was
his favorite teacher) ... for other drift, listed as co-author of one of
following papers:
http://commsci.usc.edu/faculty/reed-bio.html
in any case, we were also doing some work with Cyclotomics, which was producing reed-solomon foward-error-correcting hardware. they were also heavily involved in cdrom standard. they were later bought up by kodak ... somewhat related to their effort in optical disks.
oblique reference:
http://viterbi.usc.edu/news/news/2004/2004_11_12_jpl.htm
from above:
And for billions of people, Reed-Solomon codes are part of everyday
life: they are inscribed into every single compact disc and DVD sold in
the world. (A real-world tip here from Reed's graduate student Gregory
Dubney: when you clean your CDs, don't wipe in a circle, as that will
erase the Reed-Solomon codes over time and actually make the skipping
worse. Clean the CDs by wiping towards the center.)
... snip ...
misc. past posts mentioning cyclotomics, berlekamp, and/or
reed-solomon:
https://www.garlic.com/~lynn/2000c.html#38 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2001.html#1 4M pages are a bad idea (was Re: AMD 64bit Hammer CPU and VM)
https://www.garlic.com/~lynn/2001b.html#80 Disks size growing while disk count shrinking = bad performance
https://www.garlic.com/~lynn/2001k.html#71 Encryption + Error Correction
https://www.garlic.com/~lynn/2002p.html#53 Free Desktop Cyber emulation on PC before Christmas
https://www.garlic.com/~lynn/2003e.html#27 shirts
https://www.garlic.com/~lynn/2003h.html#3 Calculations involing very large decimals
https://www.garlic.com/~lynn/2003j.html#73 1950s AT&T/IBM lack of collaboration?
https://www.garlic.com/~lynn/2004f.html#37 Why doesn't Infiniband supports RDMA multicast
https://www.garlic.com/~lynn/2004h.html#11 Mainframes (etc.)
https://www.garlic.com/~lynn/2004o.html#43 360 longevity, was RISCs too close to hardware?
https://www.garlic.com/~lynn/2005k.html#25 The 8008
https://www.garlic.com/~lynn/2005n.html#27 Data communications over telegraph circuits
https://www.garlic.com/~lynn/2005r.html#52 Go-Back-N protocol?
https://www.garlic.com/~lynn/2005t.html#50 non ECC
https://www.garlic.com/~lynn/2006u.html#44 waiting for acknowledgments
https://www.garlic.com/~lynn/2006u.html#45 waiting for acknowledgments
https://www.garlic.com/~lynn/2007.html#29 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007j.html#4 Even worse than UNIX
https://www.garlic.com/~lynn/2007p.html#62 Damn
https://www.garlic.com/~lynn/93.html#28 Log Structured filesystems -- think twice
https://www.garlic.com/~lynn/99.html#115 What is the use of OSI Reference Model?
https://www.garlic.com/~lynn/99.html#210 AES cyphers leak information like sieves
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Alexander Graham Bell - Patent Thief? Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 11:33:59 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
when my wife read Stephenson's Cryptonomicon, she was somewhat surprised that similar theme played such prominent role.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 11:44:12 -0500Frank McCoy <mccoyf@millcomm.com> writes:
posts with recent studies of disk reliabiilty
https://www.garlic.com/~lynn/2007h.html#13 Question on DASD Hardware
https://www.garlic.com/~lynn/2007j.html#40 Disc Drives
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 12:08:23 -0500Steve O'Hara-Smith <steveo@eircom.net> writes:
as mentioned in the above, the costs for operating a ecommerce site can balloon from a couple hundred to tens of thousands (annually just for compliance testing, presumably cost of implementing the compliant processes are over and above).
while x9.59 eliminates almost all of the requirement (having eliminated
the threat from information leak/breach)
https://www.garlic.com/~lynn/x959.html#x959
then NRF is raising the issue that (w/o x9.59) then the paradigm needs to be otherwise changed so that retailers no longer need to retain the information as part of required business processes
such paradigm change would still leave leak/breach vulnerabilities at
other points ... mentioned in this thread on naked transaction metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments
re:
https://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks
referenced in the above:
Customer Service: Consumer Confidence at Stake in Retail, Credit Card
Industry Clash
http://www.ecommercetimes.com/story/59670.html
Retailer PCI Rebellion: 'No More Storing Credit Card Numbers'
http://www.darkreading.com/document.asp?doc_id=135602
Retailers Fighting To No Longer Store Credit Data
http://it.slashdot.org/it/07/10/05/192250.shtml
Retail group takes a swipe at PCI
http://www.infoworld.com/article/07/10/05/Retail-group-takes-a-swipe-at-PCI_1.html
Retailers Challenge the Networks' Card-Data Storage Requirements
http://www.digitaltransactions.net/newsstory.cfm?newsid=1536
NRF to Credit Card Companies: Stop Forcing Retailers to Store Credit Card Data
http://www.nrf.com/modules.php?name=News&op=viewlive&sp_id=380
Retail group takes a swipe at PCI, puts card companies 'on notice'
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9040958&taxonomyId=17
Rethinking the Assumptions Behind PCI-DSS
http://www.paymentsnews.com/2007/10/rethinking-the-.html
PCI Is Here: Keeping the barbarians outside the cyber gates
http://www.practicalecommerce.com/articles/580/Caveat-Vendor-PCI-Is-Here/
Retailers, Credit Card Industry Clash
http://www.physorg.com/news111253284.html
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 14:03:46 -0500Steve O'Hara-Smith <steveo@eircom.net> writes:
the other way we analyzed the problem in the x9a10 financial standard
working group
https://www.garlic.com/~lynn/x959.html
was that the crooks can afford to outspend the merchant possibly 100:1
merchant may clear $2 on each card transaction ... and out of that may be able to afford $.1 (ten cents) on fraud countermeasures.
in the current infrastructure, crooks may be able to take an avg. of $1000 per compromised account.
say a merchant does 1000/transactions a year and can afford to spend $100/year on fraud countermeasures. That is way below the tens of thousands per year.
say a merchant does 10000/transactions a year and can afford to spend $1000/year on fraud countermeasures, that is still way below the tens of thousands of per year.
it isn't until a merchant is doing something like 100,000 transactions/year that it can possibly start to consider some of the required countermeasures. However, the tens of thousands per year is for entry merchants ... by the time they are at 100,000 transactions, compliance has gone up.
so a merchant doing 100,000 transactions a year may be able to afford $10,000/annum on fraud countermeasures. However, crooks may expect to get as much as $10m with a breach ... so they may consider it perfectly worthwhile to spend $1m for the breach.
everybody may consider that larger merchants (in terms of doing large number of transactions) can spend more on countermeasures ... but the fundamental problem in the current paradigm is that the transaction log file is worth possibly 1000 times (three orders of magnitude) more to the crooks than it does to the merchants ... and that regardless of the merchant size ... the crooks can easily justify to completely overwhelm any set of countermeasures (since the objective is worth significantly more to the crooks than to the merchants).
this is related to the oft repeated theme of security proportional to
risk. the actual risk is the cost of the compromise to the account owner
and is somewhat related to the value of the compromise to the crooks.
the current paradigm has the amount of risk represented by the
transaction file ... orders of magnitude larger than the value
of that transaction file to the merchant (and what merchants
can reasonably afford to pay for fraud countermeasures).
https://www.garlic.com/~lynn/aepay7.htm#netbank2 net banking, is it safe?? ... security proportional to risk
https://www.garlic.com/~lynn/aepay10.htm#20 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/aepay12.htm#8 Know your security onions (or security proportional to risk)
https://www.garlic.com/~lynn/2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#9 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#11 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#24 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#25 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#28 Security Proportional to Risk (was: IBM Mainframe at home)
some recent posts mentioning the issue that crooks can easily afford to
outspend merchants by possibly as much as 100:1 with the current paradigm:
https://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
https://www.garlic.com/~lynn/aadsm26.htm#58 Our security sucks. Why can't we change? What's wrong with us?
https://www.garlic.com/~lynn/aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
https://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
https://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007i.html#64 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#15 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#39 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007l.html#48 My Dream PC -- Chip-Based
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Data Breaches Soar In 2007 Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 14:41:51 -0500Data Breaches Soar in 2007
from above:
Another group, Attrition.org, estimates more than 162 million records
compromised through Dec. 21 _ both in the U.S. and overseas, unlike the
other group's U.S.-only list. Attrition reported 49 million last year.
... snip ...
Current paradigm, crooks can afford to possibly outspend the defenders
by 100:1 .... i.e. in the current paradigm, the value of the records to
the crooks far exceeds the value of the records to the defenders.
https://www.garlic.com/~lynn/2007v.html#86 folklore indeed
The scenario for x9.59 financial standard protocol was to make
the records worthless to the crooks:
https://www.garlic.com/~lynn/x959.html#x959
... past posts mentioning security proportional to risk:
https://www.garlic.com/~lynn/aadsm10.htm#cfppki13 CFP: PKI research workshop
https://www.garlic.com/~lynn/aadsm11.htm#45 Web site exposes credit card fraud
https://www.garlic.com/~lynn/aadsm12.htm#14 Challenge to TCPA/Palladium detractors
https://www.garlic.com/~lynn/aadsm12.htm#15 Challenge to TCPA/Palladium detractors
https://www.garlic.com/~lynn/aadsm12.htm#18 Overcoming the potential downside of TCPA
https://www.garlic.com/~lynn/aadsm14.htm#1 Who's afraid of Mallory Wolf?
https://www.garlic.com/~lynn/aadsm14.htm#4 Who's afraid of Mallory Wolf?
https://www.garlic.com/~lynn/aadsm14.htm#28 Maybe It's Snake Oil All the Way Down
https://www.garlic.com/~lynn/aadsm14.htm#33 An attack on paypal
https://www.garlic.com/~lynn/aadsm15.htm#27 SSL, client certs, and MITM (was WYTM?)
https://www.garlic.com/~lynn/aadsm16.htm#20 Ousourced Trust (was Re: Difference between TCPA-Hardware and a smart card and something else before
https://www.garlic.com/~lynn/aadsm17.htm#2 Difference between TCPA-Hardware and a smart card (was: example: secure computing kernel needed)
https://www.garlic.com/~lynn/aadsm17.htm#32 visa cards violated, BofA reissuing after hack attack
https://www.garlic.com/~lynn/aadsm17.htm#46 authentication and authorization (was: Question on the state of the security industry)
https://www.garlic.com/~lynn/aadsm17.htm#47 authentication and authorization ... addenda
https://www.garlic.com/~lynn/aadsm17.htm#53 Using crypto against Phishing, Spoofing and Spamming
https://www.garlic.com/~lynn/aadsm18.htm#6 dual-use digital signature vulnerability
https://www.garlic.com/~lynn/aadsm18.htm#35 Credit card leaks continue at a furious pace
https://www.garlic.com/~lynn/aadsm18.htm#45 Banks Test ID Device for Online Security
https://www.garlic.com/~lynn/aadsm19.htm#15 Loss Expectancy in NPV calculations
https://www.garlic.com/~lynn/aadsm19.htm#25 Digital signatures have a big problem with meaning
https://www.garlic.com/~lynn/aadsm19.htm#45 payment system fraud, etc
https://www.garlic.com/~lynn/aadsm19.htm#47 the limits of crypto and authentication
https://www.garlic.com/~lynn/aadsm20.htm#12 the limits of crypto and authentication
https://www.garlic.com/~lynn/aadsm21.htm#18 'Virtual Card' Offers Online Security Blanket
https://www.garlic.com/~lynn/aadsm21.htm#27 X.509 / PKI, PGP, and IBE Secure Email Technologies
https://www.garlic.com/~lynn/aadsm22.htm#2 GP4.3 - Growth and Fraud - Case #3 - Phishing
https://www.garlic.com/~lynn/aadsm22.htm#3 GP4.3 - Growth and Fraud - Case #3 - Phishing
https://www.garlic.com/~lynn/aadsm22.htm#25 FraudWatch - Chip&Pin, a new tenner (USD10)
https://www.garlic.com/~lynn/aadsm22.htm#36 Unforgeable Blinded Credentials
https://www.garlic.com/~lynn/aadsm23.htm#9 PGP "master keys"
https://www.garlic.com/~lynn/aadsm23.htm#27 Chip-and-Pin terminals were replaced by "repairworkers"?
https://www.garlic.com/~lynn/aadsm23.htm#31 JIBC April 2006 - "Security Revisionism"
https://www.garlic.com/~lynn/aadsm23.htm#54 Status of SRP
https://www.garlic.com/~lynn/aadsm24.htm#5 New ISO standard aims to ensure the security of financial transactions on the Internet
https://www.garlic.com/~lynn/aadsm24.htm#6 Securely handling credit card transactions earns Blackboard kudos
https://www.garlic.com/~lynn/aadsm24.htm#38 Interesting bit of a quote
https://www.garlic.com/~lynn/aadsm24.htm#46 More Brittle Security -- Agriculture
https://www.garlic.com/~lynn/aadsm25.htm#2 Crypto to defend chip IP: snake oil or good idea?
https://www.garlic.com/~lynn/aadsm25.htm#21 Identity v. anonymity -- that is not the question
https://www.garlic.com/~lynn/aadsm25.htm#24 DDA cards may address the UK Chip&Pin woes
https://www.garlic.com/~lynn/aadsm25.htm#33 Mozilla moves on security
https://www.garlic.com/~lynn/aadsm25.htm#34 Mozilla moves on security
https://www.garlic.com/~lynn/aadsm25.htm#39 How the Classical Scholars dropped security from the canon of Computer Science
https://www.garlic.com/~lynn/aadsm25.htm#41 Why security training is really important (and it ain't anything to do with security!)
https://www.garlic.com/~lynn/aadsm26.htm#6 Citibank e-mail looks phishy
https://www.garlic.com/~lynn/aadsm26.htm#11 What is the point of encrypting information that is publicly visible?
https://www.garlic.com/~lynn/aadsm26.htm#24 News.com: IBM donates new privacy tool to open-source Higgins
https://www.garlic.com/~lynn/aadsm26.htm#25 EV - what was the reason, again?
https://www.garlic.com/~lynn/aadsm26.htm#54 What to do about responsible disclosure?
https://www.garlic.com/~lynn/aadsm27.htm#3 Solution to phishing -- an idea who's time has come?
https://www.garlic.com/~lynn/2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#9 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#11 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#24 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#25 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002d.html#28 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2002f.html#23 Computers in Science Fiction
https://www.garlic.com/~lynn/2002i.html#72 A Lesson In Security
https://www.garlic.com/~lynn/2002j.html#14 Symmetric-Key Credit Card Protocol on Web Site
https://www.garlic.com/~lynn/2002j.html#63 SSL integrity guarantees in abscense of client certificates
https://www.garlic.com/~lynn/2002l.html#11 IEEE article on intelligence and security
https://www.garlic.com/~lynn/2002l.html#12 IEEE article on intelligence and security
https://www.garlic.com/~lynn/2002l.html#35 Cryptography
https://www.garlic.com/~lynn/2002m.html#14 fingerprint authentication
https://www.garlic.com/~lynn/2002m.html#19 A new e-commerce security proposal
https://www.garlic.com/~lynn/2002n.html#20 Help! Good protocol for national ID card?
https://www.garlic.com/~lynn/2002n.html#25 Help! Good protocol for national ID card?
https://www.garlic.com/~lynn/2002n.html#26 Help! Good protocol for national ID card?
https://www.garlic.com/~lynn/2002o.html#67 smartcard+fingerprint
https://www.garlic.com/~lynn/2003l.html#64 Can you use ECC to produce digital signatures? It doesn't see
https://www.garlic.com/~lynn/2003m.html#11 AES-128 good enough for medical data?
https://www.garlic.com/~lynn/2003m.html#51 public key vs passwd authentication?
https://www.garlic.com/~lynn/2003o.html#46 What 'NSA'?
https://www.garlic.com/~lynn/2004.html#29 passwords
https://www.garlic.com/~lynn/2004b.html#39 SSL certificates
https://www.garlic.com/~lynn/2004b.html#48 Automating secure transactions
https://www.garlic.com/~lynn/2004f.html#8 racf
https://www.garlic.com/~lynn/2004f.html#36 MITM attacks
https://www.garlic.com/~lynn/2004j.html#0 New Method for Authenticated Public Key Exchange without Digital Certificates
https://www.garlic.com/~lynn/2004j.html#15 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of ASCII,Invento
https://www.garlic.com/~lynn/2004l.html#40 "Perfect" or "Provable" security both crypto and non-crypto?
https://www.garlic.com/~lynn/2004m.html#9 REVIEW: "Biometrics for Network Security", Paul Reid
https://www.garlic.com/~lynn/2004m.html#28 Shipwrecks
https://www.garlic.com/~lynn/2005f.html#60 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005g.html#51 Security via hardware?
https://www.garlic.com/~lynn/2005g.html#54 Security via hardware?
https://www.garlic.com/~lynn/2005i.html#1 Brit banks introduce delays on interbank xfers due to phishing boom
https://www.garlic.com/~lynn/2005i.html#22 technical question about fingerprint usbkey
https://www.garlic.com/~lynn/2005j.html#53 Banks
https://www.garlic.com/~lynn/2005k.html#23 More on garbage
https://www.garlic.com/~lynn/2005l.html#22 The Worth of Verisign's Brand
https://www.garlic.com/~lynn/2005l.html#35 More Phishing scams, still no SSL being used
https://www.garlic.com/~lynn/2005l.html#36 More Phishing scams, still no SSL being used
https://www.garlic.com/~lynn/2005o.html#2 X509 digital certificate for offline solution
https://www.garlic.com/~lynn/2005p.html#6 Innovative password security
https://www.garlic.com/~lynn/2005p.html#24 Hi-tech no panacea for ID theft woes
https://www.garlic.com/~lynn/2005t.html#32 RSA SecurID product
https://www.garlic.com/~lynn/2005t.html#34 RSA SecurID product
https://www.garlic.com/~lynn/2005u.html#33 PGP Lame question
https://www.garlic.com/~lynn/2005v.html#4 ABN Tape - Found
https://www.garlic.com/~lynn/2006c.html#34 X.509 and ssh
https://www.garlic.com/~lynn/2006d.html#26 Caller ID "spoofing"
https://www.garlic.com/~lynn/2006e.html#26 Debit Cards HACKED now
https://www.garlic.com/~lynn/2006e.html#44 Does the Data Protection Act of 2005 Make Sense
https://www.garlic.com/~lynn/2006h.html#15 Security
https://www.garlic.com/~lynn/2006k.html#4 Passwords for bank sites - change or not?
https://www.garlic.com/~lynn/2006k.html#16 Value of an old IBM PS/2 CL57 SX Laptop
https://www.garlic.com/~lynn/2006k.html#23 Value of an old IBM PS/2 CL57 SX Laptop
https://www.garlic.com/~lynn/2006o.html#20 Gen 2 EPC Protocol Approved as ISO 18000-6C
https://www.garlic.com/~lynn/2006o.html#35 the personal data theft pandemic continues
https://www.garlic.com/~lynn/2006p.html#18 19,000 Accounts Compromised
https://www.garlic.com/~lynn/2006q.html#36 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006s.html#4 Why not 2048 or 4096 bit RSA key issuance?
https://www.garlic.com/~lynn/2006s.html#5 Why not 2048 or 4096 bit RSA key issuance?
https://www.garlic.com/~lynn/2006t.html#5 Are there more stupid people in IT than there used to be?
https://www.garlic.com/~lynn/2006v.html#49 Patent buster for a method that increases password security
https://www.garlic.com/~lynn/2007b.html#33 security engineering versus information security
https://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#9 Decoding the encryption puzzle
https://www.garlic.com/~lynn/2007c.html#11 Decoding the encryption puzzle
https://www.garlic.com/~lynn/2007c.html#37 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#40 Point-of-Sale security
https://www.garlic.com/~lynn/2007c.html#44 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#2 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#31 Is that secure : <form action="https" from a local HTML page ?
https://www.garlic.com/~lynn/2007f.html#36 Silly beginner questions
https://www.garlic.com/~lynn/2007f.html#68 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#20 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007h.html#56 T.J. Maxx data theft worse than first reported
https://www.garlic.com/~lynn/2007j.html#15 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#35 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007l.html#40 My Dream PC -- Chip-Based
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Data Breaches Soar In 2007 Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 14:55:26 -0500re:
some more ...
Reports of data breaches reached new heights in 2007
http://www.usatoday.com/tech/news/computersecurity/2007-12-30-data_N.htm
and Securing financial transactions a high priority for 2007?????:
https://www.garlic.com/~lynn/2006y.html#7 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2006y.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007.html#0 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007.html#5 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007.html#6 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007.html#27 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007.html#28 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#60 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#61 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#62 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007b.html#64 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#6 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#10 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#15 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#17 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#18 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#22 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#27 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#28 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#30 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#31 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#32 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#33 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#35 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#36 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#37 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#38 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#39 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#43 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#44 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#46 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#51 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#52 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007c.html#53 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#0 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#5 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#11 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#68 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007d.html#70 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#2 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#12 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#20 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#23 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#24 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#26 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#28 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#29 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#58 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#61 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#62 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007e.html#65 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#58 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#68 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#72 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007f.html#75 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007g.html#8 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#48 Securing financial transactions a high priority for 2007
https://www.garlic.com/~lynn/2007h.html#51 Securing financial transactions a high priority for 2007
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: 2007 Roundup: The march of the botnets Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 16:00:07 -05002007 Roundup: The march of the botnets
recent posts mentioning botnets:
https://www.garlic.com/~lynn/aadsm27.htm#65 MITM spotted in Tor
https://www.garlic.com/~lynn/aadsm28.htm#2 Death of antivirus software imminent
https://www.garlic.com/~lynn/2007l.html#42 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007o.html#7 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007o.html#16 Hypervisors May Replace Operating Systems As King Of The Data Center
https://www.garlic.com/~lynn/2007q.html#6 what does xp do when system is copying
https://www.garlic.com/~lynn/2007u.html#71 folklore indeed
https://www.garlic.com/~lynn/2007u.html#74 folklore indeed
https://www.garlic.com/~lynn/2007v.html#35 Inside a Modern Malware Distribution System
a couple other recent botnet news items:
Storm, Nugache lead dangerous new botnet barrage
http://searchsecurity.techtarget.com/originalContent/0,289142,sid14_gci1286808,00.html
Botnet-controlled Trojan robbing online bank customers
http://www.networkworld.com/news/2007/121307-zbot-trojan-robbing-banks.htm
Inside a Modern Malware Distribution System
http://www.eweek.com/article2/0,1895,2239276,00.asp
Criminals Using Botnet To Attack iPhone Buyers
http://www.informationweek.com/news/showArticle.jhtml?articleID=201400215
Storm Botnet Driving PDF Spam
http://www.securitypronews.com/news/securitynews/spn-45-20070713StormBotnetDrivingPDFSpam.html
Why we're losing the botnet battle
http://www.networkworld.com/news/2007/072507-why-were-losing-the-botnet.html
ISPs may not be doing enough about botnets
http://arstechnica.com/news.ars/post/20070731-isps-may-not-be-doing-enough-about-botnets.html
Invasion of Botnets, Trojans, Worms Malware - DA issues fraud alert
http://www.thecherrycreeknews.com/content/view/1603/2/
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Sun, 30 Dec 2007 16:06:14 -0500rpl <plinnane3@yahoo.com.invalid> writes:
and the security proportional to risk analysis ... where the crooks
can afford to outspend the merchants by possibly 100:1 ...
https://www.garlic.com/~lynn/2007v.html#86 folklore indeed
and related data breaches
https://www.garlic.com/~lynn/2007v.html#87 Data Breaches Soar In 2007
https://www.garlic.com/~lynn/2007v.html#88 Data Breaches Soar In 2007
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Tap and faucet and spellcheckers Newsgroups: alt.usage.english,alt.folklore.computers Date: Sun, 30 Dec 2007 16:55:21 -0500Peter Moylan <peter@DIESPAMMERSDIEpmoylan.org> writes:
VeriFone Buys Aussie EFTPOS Services Firm
http://www.epaynews.com/index.cgi?survey=&ref=browse&f=view&id=1199047594837043222&block=
from above:
Like their counterparts around the world, Australian acquirers are
facing mandates to comply with global security standards such as PCI DSS
(Payments Cards Industry Data Security Standard) and EMV. They are also
required to comply with local standards from APCA (Australian Payments
Clearing Association). VeriFone says its portfolio of systems and
peripherals has received APCA certification.
... snip ...
some recent posts mentioning PCI
https://www.garlic.com/~lynn/2007v.html#70 folklore indeed
https://www.garlic.com/~lynn/2007v.html#74 folklore indeed
https://www.garlic.com/~lynn/2007v.html#77 folklore indeed
https://www.garlic.com/~lynn/2007v.html#79 folklore indeed
https://www.garlic.com/~lynn/2007v.html#85 folklore indeed
for little more drift, comments about current paradigm where attackers
can outspend defenders by possibly 100:1 (and security proportional to
risk)
https://www.garlic.com/~lynn/2007v.html#86 folklore indeed
https://www.garlic.com/~lynn/2007v.html#87 Data Breaches Soar In 2007
and for other topic drift ... recent post
https://www.garlic.com/~lynn/aadsm28.htm#3 Why Security Modelling doesn't work -- the OODA-loop of today's battle
in financial cryptography blog
https://financialcryptography.com/mt/archives/000991.html
which then drifts even further into OODA-loops and John Boyd
https://www.garlic.com/~lynn/subboyd.html#boyd
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: Tap and faucet and spellcheckers Newsgroups: alt.usage.english,alt.folklore.computers Date: Sun, 30 Dec 2007 20:03:47 -0500krw <krw@att.bizzzzz> writes:
she had a couple other jobs before joining ibm ... but then got
to work for somebody heading up part of FS
https://www.garlic.com/~lynn/submain.html#futuresys
then did a stint in the gburg JES group before being con'ed into going
to pok to be responsible for loosely-coupled architecture
https://www.garlic.com/~lynn/submain.html#shareddata
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Mon, 31 Dec 2007 09:00:23 -0500re:
the issue is that PCI-DSS is requirement by the card associations as part of enabling merchant for accepting payment card transactions (regardless of what computer it runs on) ... moving the processing to a different computer doesn't eliminate the PCI-DSS requirements. PCI-DSS compliance becomes a requirement for merchant being enabled/allowed to accept payment transactions (regardless of where the processing runs).
one of the motivations behind x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959
changing the paradigm was that the current infrastructure ... somewhat
discussed in the *naked transaction metaphor* threads/posts:
https://www.garlic.com/~lynn/subintegrity.html#payments
... can mean that the attackers can afford to outspend the defenders
by possibly 100:1
https://www.garlic.com/~lynn/2007v.html#86 folklore indeed
https://www.garlic.com/~lynn/2007v.html#87 Data Breaches
https://www.garlic.com/~lynn/2007v.html#88 Data Breaches
https://www.garlic.com/~lynn/2007v.html#90 folklore indeed
https://www.garlic.com/~lynn/2007v.html#91 Tap and faucet and spellcheckers
another tactic is changing the required business processes to
eliminate merchants having to retain data for such a long
period
https://www.garlic.com/~lynn/aadsm27.htm#60 Retailers try to push data responsibilities back to banks
this doesn't eliminate the underlying fundamental problem with the current paradigm ... the transactions still remain attractive targets for attackers in numerous other places.
the x9.59 financial standard approach was to totally eliminate the usefullness of the information to the attackers (rather than simply eliminating one of the places that the attackers could harvest the information).
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Mon, 31 Dec 2007 10:50:23 -0500rpl <plinnane3@yahoo.com.invalid> writes:
there are institutional regulations regarding how long merchants need to keep information around in order to handle/process things like disputes and charge-backs.
these posts make reference banks becoming responsible for maintaining
all the data (with implication that there is some online mechanism for
merchants to access the information ... creating a different kind of
vulnerability ... since the numbers are that up to seventy percent of
all breaches involve insiders)
https://www.garlic.com/~lynn/aadsm27.htm#60 Retailers push data responsibilities back to banks
https://www.garlic.com/~lynn/2007q.html#11 what does xp do when system is copying
https://www.garlic.com/~lynn/2007v.html#74 folklore indeed
https://www.garlic.com/~lynn/2007v.html#77 folklore indeed
https://www.garlic.com/~lynn/2007v.html#85 folklore indeed
https://www.garlic.com/~lynn/2007v.html#93 folklore indeed
however, that doesn't actually change the fundamental vulnerability
characteristic of the information and it being highly subject to
compromise ... whereever it might occur ... i.e. the naked transaction
metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments
the fundamental issue was that crooks can use the information from
previous transactions for generating new, fraudulent transactions.
this characteristic is also behind the attackers/crooks being able to
outspend the defenders/merchants by possibly 100:1 (the information,
regardless of all the places it may occur and how the crooks come up
with means for skimming/harvesting/breaches, is extremely valuable to
the crooks).
https://www.garlic.com/~lynn/2007v.html#86 folklore indeed
https://www.garlic.com/~lynn/2007v.html#87 Data Breaches Soar In 2007
https://www.garlic.com/~lynn/2007v.html#90 folklore indeed
https://www.garlic.com/~lynn/2007v.html#91 Tap and faucet and spellcheckers
https://www.garlic.com/~lynn/2007v.html#93 folklore indeed
this is also part of what we addressed in the x9a10 financial standard
working group for the x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959
in making the information useless to crooks. it did nothing about countermeasures for crooks accessing the information ... it just eliminated any value of the information to the crooks (meaning that they could no longer use the information for generating fraudulent transactions).
in the mid-90s, the x9a10 financial standard working group was given the requirement to preserve the integrity of the financial infrastructure for ALL retail payments. this required detailed end-to-end investigation ALL threats and vulnerabilities ... for ALL possible kinds of retail payments.
another characteristic of X9.59 was making it privacy agnostic. In
the mid-90s, when the x9a10 financial standard working group effort on
x9.59 was goinng on, the EU had made some reference to the EU-DPD and
making electronic payments at point-of-sale as anonymous as cash. This
was taken as removing the name from payment cards (embossed plastic
and magstripe) ... and eliminating any requirement for cross-checking
that name against other forms of identification. recent post
discussing privacy agnostic characteristic
https://www.garlic.com/~lynn/aadsm28.htm#1
misc. other posts discussing x9.59 privacy issues
https://www.garlic.com/~lynn/subpubkey.html#privacy
for other topic drift ... i had also co-authored financial industry
x9.99 financial privacy standard. somewhat in support of these i had
put together a privacy merged glossary and taxonomy
https://www.garlic.com/~lynn/index.html#glosnotes
as part of x9.99 we had to look at things like HIPAA and GLBA as well as EU-DPD.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Mon, 31 Dec 2007 11:53:10 -0500rpl <plinnane3@yahoo.com.invalid> writes:
there is a funny story 4-5 yrs ago about large national retail merchant, they figured out that keeping all the information for handling disputes/chargeback was costing more than if they automatically paid all disputes/chargebacks ... and was looking at eliminating keeping all the information (i.e. card associates only require that the information be retained if the merchant is planning on doing anything but automatically paying out on dispute/chargeback).
somebody then raised the question of what would the public start doing if it was found out that the merchant was not keeping the information (and automatically paying all disputes/chargebacks).
recent article that significant precentage of public practices fraud.
Self-Service Cheats Cost Retailers GLB200m
http://www.epaynews.com/index.cgi?survey=&ref=browse&f=view&id=1199047308837043222&block=
this particular was grocery chain ... which are notorious for having 1-3 percent profit margins ...
seven percent admitted to failing to scan items at self-service checkout, nine percent admitted to shoplifting and 8 percent admitted to "grazing" (eating food off the shelves while shopping and not paying for it).
another reference here:
http://ukpress.google.com/article/ALeqM5gvcnA3H-lY1QtezHvWBDAKGPkNnQ
lots of posts about fraud, threats, vulnerabilities, exploits and
risks
https://www.garlic.com/~lynn/subintegrity.html#fraud
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: source for VAX programmers Newsgroups: alt.folklore.computers,alt.sys.pdp10 Date: Mon, 31 Dec 2007 15:39:10 -0500Al Kossow <aek@spies.com> writes:
there were mad rush to try and get stuff back into the 370 product pipeline. the favorite son operating system group in POK managed to convince the corporation that it needed all of the vm370/cms developers up in burlington mall ... in order to make the mvs/xa schedule; aka kill/terminate the vm370/cms product and transfer everybody from the burlington development group to POK to support mvs/xa development.
quite a few of the people in the burlington group didn't leave the area ... and got jobs at various places like dec, prime, etc. some number showed up in the vms group.
endicott (mid-range) did manage to salvage the vm370/cms product mission, but effectively had to reconstitute a group from scratch.
... aka, the cp67/cms development group split off from the science
center
https://www.garlic.com/~lynn/subtopic.html#545tech
and growing rapidly (in part working on the morph of cp67 to vm370) took over (absorbed) the boston programming center on the 3rd flr (545 tech sq). it also fairly quickly outgrew the space on the 3rd flr ... and moved out to the old SBC (which had been transferred to cdc) vacant bldg. in burlington mall.
the news about shutting down the burlington group and move to pok was to be sprung at the various last minute (possibly hoping to minimize time people had to find alternatives) ... however the information leaked out a couple months early. there then was a concerted witch hunt attempting to identify the source of the leak.
the future system distraction ... and then mad rush to try and get stuff back into the product pipeline created the opportunity for a lot of stuff that i had been doing to be picked up and shipped in vm370 product (some of which i had even done as undergraduate for cp67 but dropped in the morph from cp67 to vm370).
during the heyday of FS, i continued to do 360/370 work ... and even
made some less than flattering references to FS work ... including
drawing similarties to the effort with a cult film that had been playing
down in central sq). some old email references to moving
lots of work from cp67 to vm370
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
some amount of kernel restructuring and small subset of other work was
picked up for vm370 release 3 (including feature referred to as DCSS)
... some recent posts.
https://www.garlic.com/~lynn/2007u.html#81 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#49 IBM mainframe history, was Floating-point myths
https://www.garlic.com/~lynn/2007v.html#50 IBM mainframe history, was Floating-point myths
then it was decided to package a bunch of my other stuff as an
independent product offering ... and a bunch of other stuff that i had
done as undergraduate for cp67 was released on vm370
https://www.garlic.com/~lynn/subtopic.html#fairshare
https://www.garlic.com/~lynn/subtopic.html#wsclock
misc. past posts mentioning burlington mall group
https://www.garlic.com/~lynn/94.html#2 Schedulers
https://www.garlic.com/~lynn/98.html#7 DOS is Stolen!
https://www.garlic.com/~lynn/99.html#179 S/360 history
https://www.garlic.com/~lynn/2000b.html#54 Multics dual-page-size scheme
https://www.garlic.com/~lynn/2000b.html#55 Multics dual-page-size scheme
https://www.garlic.com/~lynn/2001m.html#47 TSS/360
https://www.garlic.com/~lynn/2001m.html#49 TSS/360
https://www.garlic.com/~lynn/2001n.html#67 Hercules etc. IBM not just missing a great opportunity...
https://www.garlic.com/~lynn/2002e.html#27 moving on
https://www.garlic.com/~lynn/2002h.html#34 Computers in Science Fiction
https://www.garlic.com/~lynn/2002h.html#59 history of CMS
https://www.garlic.com/~lynn/2002j.html#17 CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2002m.html#9 DOS history question
https://www.garlic.com/~lynn/2002o.html#78 Newsgroup cliques?
https://www.garlic.com/~lynn/2002p.html#14 Multics on emulated systems?
https://www.garlic.com/~lynn/2003c.html#0 Wanted: Weird Programming Language
https://www.garlic.com/~lynn/2003d.html#8 IBM says AMD dead in 5yrs ... -- Microsoft Monopoly vs. IBM
https://www.garlic.com/~lynn/2003f.html#53 Alpha performance, why?
https://www.garlic.com/~lynn/2003g.html#22 303x, idals, dat, disk head settle, and other rambling folklore
https://www.garlic.com/~lynn/2003h.html#34 chad... the unknown story
https://www.garlic.com/~lynn/2003k.html#0 VSPC
https://www.garlic.com/~lynn/2003k.html#55 S/360 IPL from 7 track tape
https://www.garlic.com/~lynn/2004.html#20 BASIC Language History?
https://www.garlic.com/~lynn/2004.html#32 BASIC Language History?
https://www.garlic.com/~lynn/2004c.html#47 IBM 360 memory
https://www.garlic.com/~lynn/2004d.html#42 REXX still going strong after 25 years
https://www.garlic.com/~lynn/2004e.html#37 command line switches [Re: [REALLY OT!] Overuse of symbolic
https://www.garlic.com/~lynn/2004g.html#24 |d|i|g|i|t|a|l| questions
https://www.garlic.com/~lynn/2004g.html#35 network history (repeat, google may have gotten confused?)
https://www.garlic.com/~lynn/2004g.html#38 Infiniband - practicalities for small clusters
https://www.garlic.com/~lynn/2004k.html#23 US fiscal policy (Was: Bob Bemer, Computer Pioneer,Father of
https://www.garlic.com/~lynn/2004m.html#6 a history question
https://www.garlic.com/~lynn/2004m.html#54 Shipwrecks
https://www.garlic.com/~lynn/2004n.html#7 RISCs too close to hardware?
https://www.garlic.com/~lynn/2004q.html#72 IUCV in VM/CMS
https://www.garlic.com/~lynn/2005f.html#58 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005h.html#37 Software for IBM 360/30
https://www.garlic.com/~lynn/2005j.html#25 IBM Plugs Big Iron to the College Crowd
https://www.garlic.com/~lynn/2005j.html#54 Q ALLOC PAGE vs. CP Q ALLOC vs ESAMAP
https://www.garlic.com/~lynn/2005p.html#0 Article: The True Value of Mainframe Security
https://www.garlic.com/~lynn/2005q.html#12 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005q.html#14 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005s.html#35 Filemode 7-9?
https://www.garlic.com/~lynn/2005s.html#36 Filemode 7-9?
https://www.garlic.com/~lynn/2006b.html#18 {SPAM?} Re: Expanded Storage
https://www.garlic.com/~lynn/2006j.html#44 virtual memory
https://www.garlic.com/~lynn/2006l.html#25 Mainframe Linux Mythbusting (Was: Using Java in batch on z/OS?)
https://www.garlic.com/~lynn/2006m.html#21 The very first text editor
https://www.garlic.com/~lynn/2006m.html#25 Mainframe Limericks
https://www.garlic.com/~lynn/2006m.html#28 Mainframe Limericks
https://www.garlic.com/~lynn/2006o.html#51 The Fate of VM - was: Re: Baby MVS???
https://www.garlic.com/~lynn/2006r.html#41 Very slow booting and running and brain-dead OS's?
https://www.garlic.com/~lynn/2006s.html#1 Info on Compiler System 1 (Univac, Navy)?
https://www.garlic.com/~lynn/2006u.html#28 Assembler question
https://www.garlic.com/~lynn/2007f.html#25 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007f.html#28 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007g.html#39 Wylbur and Paging
https://www.garlic.com/~lynn/2007l.html#58 Scholars needed to build a computer history bibliography
https://www.garlic.com/~lynn/2007m.html#66 Off Topic But Concept should be Known To All
https://www.garlic.com/~lynn/2007p.html#29 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007p.html#35 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2007q.html#0 A question for the Wheelers - Diagnose instruction
https://www.garlic.com/~lynn/2007s.html#33 Age of IBM VM
https://www.garlic.com/~lynn/2007s.html#36 Oracle Introduces Oracle VM As It Leaps Into Virtualization
https://www.garlic.com/~lynn/2007t.html#68 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007u.html#40 Computer language history
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: folklore indeed Newsgroups: alt.folklore.computers Date: Mon, 31 Dec 2007 15:57:10 -0500re:
it usually wasn't too hard to get across the concept behind security proportional to risk ... however, the frequent kneejerk response was that (in retail payment arena) it was proportional to the size of the merchant business. you can somewhat see that it the rampup related to some of the current payment security procedure requirements.
the enormous disconnect in the current paradigm ... aka naked
transaction metaphor
https://www.garlic.com/~lynn/subintegrity.html#payments
is that the skim/breach risk is only slightly correlated with merchant business. merchant business can be somewhat related to the number of transactions ... and therefor related to the number of payment accounts. however, the actual risk is pretty much independent to the amount of those transactions and especially any merchant profit on the transactions ... the actual risk is related to the credit limit and account balance for the associated accounts ... and has nothing at all to do with the merchant.
every once and awhile, we would see an "aha" moment come across somebodies face ... when somebody realizes the actual size of the risk ... and it can be almost totally unrelated to the merchant.
however, this is behind the claim that the attackers can afford to
outspend as much as 100:1 more than the defenders
https://www.garlic.com/~lynn/2007v.html#86 folklore indeed
https://www.garlic.com/~lynn/2007v.html#87 Data Breaches Soar In 2007
https://www.garlic.com/~lynn/2007v.html#90 folklore indeed
https://www.garlic.com/~lynn/2007v.html#91 Tap and faucet and spellcheckers
https://www.garlic.com/~lynn/2007v.html#93 folklore indeed
https://www.garlic.com/~lynn/2007v.html#94 folklore indeed
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: It keeps getting uglier Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Mon, 31 Dec 2007 16:52:23 -0500edgould1948@COMCAST.NET (Ed Gould) writes:
this web page has some number of ibm product announcements
httpp://ed-thelen.org/comp-hist/IBM-ProdAnn/index.html
including the 360/85
http://ed-thelen.org/comp-hist/IBM-ProdAnn/360-85.pdf
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: It keeps getting uglier Newsgroups: bit.listserv.ibm-main Date: Mon, 31 Dec 2007 16:43:16 -0500edgould1948@COMCAST.NET (Ed Gould) writes:
This has directory for -0, -6, and -7 360 Principles of Operation
http://www.bitsavers.org/pdf/ibm/360/poo/
past posts in thread:
https://www.garlic.com/~lynn/2007v.html#21 It keeps getting uglier
https://www.garlic.com/~lynn/2007v.html#68 It keeps getting uglier
for other drift, directory of some 360 FE manuals
http://www.bitsavers.org/pdf/ibm/360/fe/
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: source for VAX programmers Newsgroups: alt.folklore.computers,alt.sys.pdp10 Date: Mon, 31 Dec 2007 20:26:10 -0500Anne & Lynn Wheeler <lynn@garlic.com> writes:
there was a joke about the head of POK (aka center of ibm mainframe land) being a major contributor to VMS.
From: Anne & Lynn Wheeler <lynn@garlic.com> Subject: Re: It keeps getting uglier Newsgroups: bit.listserv.ibm-main,alt.folklore.computers Date: Mon, 31 Dec 2007 20:57:58 -0500doug@BKASSOCIATES.NET (Doug Fuerst) writes:
i've posted before about being undergraduate and trying to get the 2702
communication controller to do some stuff and it turned out it couldn't
... which was somewhat motivation for the univ. to start a clone
controller project ... reverse engineering the ibm channel interface
and building a channel interface card for Interdata/3 ... programmed
to emulate 2702. this was written up blaming four of us for some
part of the clone controller business
https://www.garlic.com/~lynn/submain.html#360pcm
article from former corporate executive ... including some number of
comments about future system project
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
including the following:
IBM tried to react by launching a major project called the 'Future
System' (FS) in the early 1970's. The idea was to get so far ahead that
the competition would never be able to keep up, and to have such a high
level of integration that it would be impossible for competitors to
follow a compatible niche strategy. However, the project failed because
the objectives were too ambitious for the available technology. Many of
the ideas that were developed were nevertheless adapted for later
generations. Once IBM had acknowledged this failure, it launched its
'box strategy', which called for competitiveness with all the different
types of compatible sub-systems. But this proved to be difficult because
of IBM's cost structure and its R&D spending, and the strategy only
resulted in a partial narrowing of the price gap between IBM and its
rivals
... snip ...
above also referenced here
https://www.garlic.com/~lynn/2007u.html#17 T3 Sues IBM To Break its Mainframe Monopoly
there was recent question about some number of people departing and
going to work on vax/vms ... which led to joke about head of POK having
been a major contributor to VMS ... long winded story involving
termination of Future System project and mad rush to get stuff
back into the 370 product pipeline:
https://www.garlic.com/~lynn/2007v.html#96 source for VAX programmers
https://www.garlic.com/~lynn/2007v.html#100 source for VAX programmers
there is some case to be made that the Future System distraction and letting the 370 product pipeline dry up contributed to giving the processor clones a foothold in the market.
past reference to Amdahl giving a talk at mit in the early 70s that
may be at least partially construed as referring to this ... recent
reference
https://www.garlic.com/~lynn/2007t.html#68 T3 Sues IBM To Break its Mainframe Monopoly
and other parts of postings in that thread:
https://www.garlic.com/~lynn/2007t.html#69 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#71 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#76 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007t.html#77 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007u.html#1 T3 Sues IBM To Break its Mainframe Monopoly
https://www.garlic.com/~lynn/2007u.html#2 T3 Sues IBM To Break its Mainframe Monopoly