List of Archived Posts

2008 Newsgroup Postings (12/12 - 12/31)

First successful PC OS?
PCI's Bob Russo: Data loss hurts brand more than a fine
Anyone know much about z/VM?
New machine code
Expanding U.S. Tactical Aviation's "Approved Belief"
Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
Memory Instrumentation - was "largest parallel sysplex around?"
Is anyone interested in starting a CICS specific group?
Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations
Blind-sided, again. Why?
Data leakage - practical measures to improve Information Governance
First successful PC OS?
New machine code
New machine code
New machine code
Orwellian Apple ad celebrates 25th birthday
Orwellian Apple ad celebrates 25th birthday
IBM PC competitors
What do you think needs to happen with the auto makers to make them viable
What next? from where would the Banks be hit?
Nerdy networking kid crashes the party
Five great technological revolutions
IBM PC competitors
IBM PC competitors
Garbage in, garbage out trampled by Moore's law
Garbage in, garbage out trampled by Moore's law
Web Security hasn't moved since 1995
Combining EMV and eID on a payment card?
Garbage in, garbage out trampled by Moore's law
Garbage in, garbage out trampled by Moore's law
Let IT run the company!
How reliable are the credit rating companies? Who is over seeing them?
Dec. 19, 1974: Build Your Own Computer at Home!
How Should The Government Spend The $700 Billion?
Garbage in, garbage out trampled by Moore's law
How do group members think the US payments business will evolve over the next 3 years?
Is American capitalism and greed to blame for our financial troubles in the US?
What is the top security threat prediction of 2009?
Is SUN going to become x86'ed ??
Welcome to Rain Matrix: The Cloud Computing Network
The Internet's 100 Oldest Dot-Com Domains
The Internet's 100 Oldest Dot-Com Domains
Executive pay: time for a trim?
Welcome to Rain Matrix: The Cloud Computing Network
The Internet's 100 Oldest Dot-Com Domains:
Executive pay: time for a trim?
Are blade servers becoming irrelevant with advances in virtualization and multi-core processor technology ?
Globa Warning. was Re: : Is SUN going to become x86'ed ??
Executive pay: time for a trim?
New machine code
Executive pay: time for a trim?
Perfect MITM Attacks With No-Check SSL
Computer History Museum
Computer History Museum
Is SUN going to become x86'ed ??
Computer History Museum
Is this the story behind the crunchy credit stuff?
Computer History Museum
Garbage in, garbage out trampled by Moore's law
DNS flaw is 2008's biggest web blunder
Garbage in, garbage out trampled by Moore's law
Garbage in, garbage out trampled by Moore's law
Is SUN going to become x86'ed ??
Garbage in, garbage out trampled by Moore's law
Garbage in, garbage out trampled by Moore's law
Computer History Museum
Computer History Museum
Computer History Museum
Is SUN going to become x86'ed ??
Happy DEC-20 Day,
Is SUN going to become x86'ed ??
Garbage in, garbage out trampled by Moore's law
Is SUN going to become x86'ed ??
CA issues no-questions asked Mozilla cert
Do you believe Risk Management Practise is on-demand at present?
Is SUN going to become x86'ed ??
Is SUN going to become x86'ed ??
Boffins bust web authentication with game consoles
Is SUN going to become x86'ed ??
Boffins bust web authentication with game consoles

First successful PC OS?

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: First successful PC OS?
Newsgroups: alt.folklore.computers
Date: Fri, 12 Dec 2008 20:05:32
hawk writes:
Anyway, in what way are you calling it the "first successfull PC os"?

First widely multi-vendor? First widely accepted by business?

I think that at least Apple DOS 3.x, and probably TRS-DOS, had a wider installed base for a long period, with a number of profitable third party sellers.


re:
https://www.garlic.com/~lynn/2008r.html#68 New machine code

a popular document formating program on trs80 was port of cms script done by LA branch office (vm370) system engineer ... discussed in this old post
https://www.garlic.com/~lynn/2004l.html#74 Specifying all biz rules in relational data

above also has url references to library of available software for trs80

old email mentioning stopping by to talk to him
https://www.garlic.com/~lynn/2007.html#email801016
in this post
https://www.garlic.com/~lynn/2007.html#1 "The Elements of Programming Style"

and where he talks having a trs80 at home and there should be crash program to get most of the CMS function into a "user's terminal" (aka "personal computer").

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

PCI's Bob Russo: Data loss hurts brand more than a fine

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: PCI's Bob Russo: Data loss hurts brand more than a fine
Date: December 8, 2008
Blog: Payment Systems Network
PCI's Bob Russo: Data loss hurts brand more than a fine
http://www.itpro.co.uk/609192/pcis-bob-russo-data-loss-hurts-brand-more-than-a-fine

from above:
The Payment Card Industry Data Security Standard (PCI DSS) and the global forum formed to administer it, the PCI Security Standards Council (PCI SSC), pre-dated the biggest security breaches that have come to mark a new era of unprecedented cyber criminal activity.

... snip ...

we were tangentially involved in the cal. state data breach notification legislation. we had been brought in to help wordsmith the cal. state electronic signature legislation. several of the involved organizations were also involved in privacy issues and had done in-depth, detailed consumer surveys on privacy. they found that the number one privacy issue was identity theft ... primarily fraudulent financial transactions against existing accounts (account fraud) as the result of data breach. This was an area that little or nothing was being done about, so there was possibly feeling that publicity could prompt action. since then several other states have passed similar legislation.

this possibly corresponds with the article's reference that "data loss hurts brand more than a fine" (which wouldn't have happened w/o notification legislation).

there has been conflicting efforts at the federal level with competing notification legislation, on one side is legislation similar to cal and on the other side is "breach notification" legislation that would eliminate requirement for notification.

the article also points out that the worst breaches have occurred this year after the advent of PCI.

the work in the x9a10 financial standard working group on the x9.59 financial standard took a different approach. rather than attempting to secure the information from skimming, harvesting, breaches, and various other vulnerabilities ... x9.59 slightly tweaked the paradigm, making the information useless to the crooks for fraudulent transactions. misc. references to x9.59
https://www.garlic.com/~lynn/x959.html#x959

related comments about "21 million German bank account details on black market" ... also archived here
https://www.garlic.com/~lynn/2008r.html#53

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Anyone know much about z/VM?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Anyone know much about z/VM?
Newsgroups: bit.listserv.ibm-main
Date: Sat, 13 Dec 2008 13:40:07
loga3870@COMCAST.NET (David Logan) writes:
A systems programmer that had all of the keys to the kingdom suddenly left. I have a z/VM account that is being used for a z/OS operating system. It appears that I have all of the privileges that I need, I just need to figure out how to get into CMS so I can start looking around the z/VM environment. I kill z/OS and try to IPL CMS under that account, and I am having troubles. Can somebody point me in the right direction?

I am pretty sure it's a disk setup thing, but I'm not having much luck finding what I need in the manuals. The manuals all assume that somebody with the right setup has already done things right, and I am essentially trying to get in from an account not directly set up for CMS.


think of a virtual machine as if it was an LPAR specification (in fact, LPAR is very much of subset of virtual machine ... with all the infrastructure moved into the "hardware" of the machine).

the first set of error messages indicate that the (z/OS) environment that you attempt to have ipl cms ... has none of the cms disks defined (akin to attempting to ipl z/OS in an LPAR environment that has none of the z/OS disks defined).

the details are slightly obfuscated by the VM "ipl-by-name" facility ... which allows somebody to ipl the CMS kernel from a CMS disk and then "save" a partially initialized copy of the kernel to VM (for a quick reboot). then this partially initialized kernel image is accessible with the "ipl-by-name" facility ... bypassing part of the "ipl 190" overhead.

the analogy would be to ipl z/OS from a z/OS disk and let it get partially initialized ... and then saving a memory image of the z/OS system to some (new) LPAR facility ... and then attempting to run that z/OS in a different LPAR image that had no z/OS disks defined.

there are still a lot of vestiges of when CMS stood for "Cambridge Monitor System" and could be ipl'ed on a real 360/40. once you get past the part of having the appropriate devices defined in the configuration .. there is still the issue of having knowledge about cp&cms ... possibly not as steep a learning curve as needed for z/OS .. but still there is some fundamental knowledge required.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

New machine code

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New machine code
Newsgroups: alt.folklore.computers
Date: Sun, 14 Dec 2008 08:47:45
Rich Alderson <news@alderson.users.panix.com> writes:
Lynn, did you ever see a paper on porting the TENEX user interface to VM/370, substituting an SVC for the PDP-10 JSYS instruction? Came out around 1983, possibly from someone in southern California.

re:
https://www.garlic.com/~lynn/2008r.html#68 New Machine code
https://www.garlic.com/~lynn/2008r.html#74 New Machine code

I would expect that if anybody, it most likely would have been Tymshare (bay area) ... but I don't remember them mentioning it. Tymshare had extensive experience modifying vm/370 and also ran a pdp-10 ... however, I don't have any recollection of them saying anything about porting tenex to vm370.

Tymshare had adventure running on pdp-10 and ported the fortran source over to vm/cms.

Tymshare had also hired Doug Engelbart
https://www.garlic.com/~lynn/2008r.html#57 PC premiered 40 years ago to awed crowd

above references "PC" ... but as per following NLS/Augment descriptions it was timesharing "personal computing" (as opposed to "personal computer"). lots of past posts mentioning vm/cms ("personal computing") timesharing ... including Tymshare
https://www.garlic.com/~lynn/submain.html#timeshare

Tymshare was offering Augment on the pdp-10. A couple references
http://www.inwap.com/pdp10/index.shtml
http://neil.franklin.ch/Usenet/alt.sys.pdp10/20011202_Pictures_of_Tymshare_s_KI_and_KL_systems_1980
http://www.knowledgerush.com/kr/encyclopedia/On-Line_System/
https://en.wikipedia.org/wiki/Tymshare

and


http://www.bootstrap.org/augdocs/augment-132615.htm

some augment history from above:
In 1978 Tymshare acquired the rights to the software and renamed it AUGMENT. The system entered a phase of commercialization and also became accessible via Tymnet. By the early 80s Tymshare was manufacturing their own mini-computers and on-site installation of complete systems (hardware, software, communications, workstations, training, applications consulting) was being offered. At the peak, there were approximately 15 machines in operation serving a user population of several thousand people.

... snip ...

tymshare pdp-10 & augment also mentioned in this article


http://www.nationmaster.com/encyclopedia/Tymshare

minor topic drift from above:
In 1968, Ann & Norm Hardy, Bill Frantz, Joe Rinde (writer of the original supervisor program) and LaRoy Tymes developed the idea of using remote sites with minicomputers to communicate with the mainframes. This was the beginning of the Tymnet network. During those first years, Tymshare and its direct customers were its only users. When Tymshare started using Interdata 7/32 minicomputers as nodes, they started developing Tymnet on PDP-10. Tymshare sold the Tymnet network software to TRW, who created their own private network (which was not called Tymnet).

... snip ...

The above entry also mentions Tymshare being bought by M/D in 1984. As part of that sale, I was brought in to evaluate GNOSIS (a new 370 operating system) as part of spinning it off into KeyKos. I was also asked if there was someplace for Doug ... and I set up some introductions, interviews, etc (trying to find a match)

from long ago and far away (this is in bldg. 28 before almaden was built):

Date: 07/20/84 12:45:56
To: Distribution

SEMINAR and DEMONSTRATION

Monday, July 23, 1984 9:00 - 12:00 Cafeteria A

Speaker: Doug Engelbart Tymshare, Inc.

Doug Engelbart will give a talk and demonstration of his ideas for interactive software systems. This talk uses three slide projectors and a moire projector. The demonstration uses hardware that attaches to a PC.


... snip ... top of post, old email index

recent post with reference to above:
https://www.garlic.com/~lynn/2008g.html#23 Doug Engelbart's "Mother of All Demos"

a couple other past posts mentioning Augment
https://www.garlic.com/~lynn/2005s.html#12 Flat Query
https://www.garlic.com/~lynn/2006p.html#54 Douglas Engelbart's HyperScope 1.0 Launched

misc. past posts mentioning gnosis &/or keykos:
https://www.garlic.com/~lynn/2000f.html#69 TSS ancient history, was X86 ultimate CISC? designs)
https://www.garlic.com/~lynn/2000g.html#22 No more innovation? Get serious
https://www.garlic.com/~lynn/2001b.html#73 7090 vs. 7094 etc.
https://www.garlic.com/~lynn/2001g.html#33 Did AT&T offer Unix to Digital Equipment in the 70s?
https://www.garlic.com/~lynn/2001g.html#35 Did AT&T offer Unix to Digital Equipment in the 70s?
https://www.garlic.com/~lynn/2001n.html#10 TSS/360
https://www.garlic.com/~lynn/2002f.html#59 Blade architectures
https://www.garlic.com/~lynn/2002g.html#0 Blade architectures
https://www.garlic.com/~lynn/2002g.html#4 markup vs wysiwyg (was: Re: learning how to use a computer)
https://www.garlic.com/~lynn/2002h.html#43 IBM doing anything for 50th Anniv?
https://www.garlic.com/~lynn/2002i.html#63 Hercules and System/390 - do we need it?
https://www.garlic.com/~lynn/2002j.html#75 30th b'day
https://www.garlic.com/~lynn/2003g.html#18 Multiple layers of virtual address translation
https://www.garlic.com/~lynn/2003h.html#41 Segments, capabilities, buffer overrun attacks
https://www.garlic.com/~lynn/2003i.html#15 two pi, four phase, 370 clone
https://www.garlic.com/~lynn/2003j.html#20 A Dark Day
https://www.garlic.com/~lynn/2003k.html#50 Slashdot: O'Reilly On The Importance Of The Mainframe Heritage
https://www.garlic.com/~lynn/2003l.html#19 Secure OS Thoughts
https://www.garlic.com/~lynn/2003l.html#22 Secure OS Thoughts
https://www.garlic.com/~lynn/2003l.html#26 Secure OS Thoughts
https://www.garlic.com/~lynn/2003m.html#24 Intel iAPX 432
https://www.garlic.com/~lynn/2003m.html#54 Thoughts on Utility Computing?
https://www.garlic.com/~lynn/2004c.html#4 OS Partitioning and security
https://www.garlic.com/~lynn/2004e.html#27 NSF interest in Multics security
https://www.garlic.com/~lynn/2004m.html#29 Shipwrecks
https://www.garlic.com/~lynn/2004m.html#49 EAL5
https://www.garlic.com/~lynn/2004n.html#41 Multi-processor timing issue
https://www.garlic.com/~lynn/2004o.html#33 Integer types for 128-bit addressing
https://www.garlic.com/~lynn/2005.html#7 How do you say "gnus"?
https://www.garlic.com/~lynn/2005b.html#6 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005b.html#7 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005b.html#12 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005c.html#67 intel's Vanderpool and virtualization in general
https://www.garlic.com/~lynn/2005d.html#43 Secure design
https://www.garlic.com/~lynn/2005d.html#50 Secure design
https://www.garlic.com/~lynn/2005h.html#13 Today's mainframe--anything to new?
https://www.garlic.com/~lynn/2005k.html#30 Public disclosure of discovered vulnerabilities
https://www.garlic.com/~lynn/2005s.html#12 Flat Query
https://www.garlic.com/~lynn/2006k.html#37 PDP-1
https://www.garlic.com/~lynn/2006m.html#34 PDP-1
https://www.garlic.com/~lynn/2006p.html#13 What part of z/OS is the OS?
https://www.garlic.com/~lynn/2006s.html#7 Very slow booting and running and brain-dead OS's?
https://www.garlic.com/~lynn/2006w.html#42 vmshare
https://www.garlic.com/~lynn/2006y.html#11 Multiple mappings
https://www.garlic.com/~lynn/2006y.html#16 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007k.html#26 user level TCP implementation
https://www.garlic.com/~lynn/2007o.html#25 LAX IT failure: leaps of faith don't work
https://www.garlic.com/~lynn/2007s.html#17 Oddly good news week: Google announces a Caps library for Javascript
https://www.garlic.com/~lynn/2008b.html#24 folklore indeed
https://www.garlic.com/~lynn/2008b.html#50 How does ATTACH pass address of ECB to child?
https://www.garlic.com/~lynn/2008e.html#12 Kernels
https://www.garlic.com/~lynn/2008g.html#7 was: 1975 movie "Three Days of the Condor" tech stuff
https://www.garlic.com/~lynn/2008h.html#14 Two views of Microkernels (Re: Kernels

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Expanding U.S. Tactical Aviation's "Approved Belief"

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Expanding U.S. Tactical Aviation's "Approved Belief"
Date: December 13, 2008
Blog: Boyd Conference 2008
Boyd's briefings in the 80s ... strongly suggested he had a hand in F20/tigershark as the "F16" for the 80s/90s (much cheaper, much easier to maintain, lower skill level to maintain, fewer hrs maintenance per flt hrs, etc) ... although I don't remember John actually saying F20 or tigershark ... he did make reference to visits to Northrup. All the articles from the period seemed to indicate that F20 fell pray to lobbying and US subsidies to foreign govs. explicitly for F16 purchases. wiki page
https://en.wikipedia.org/wiki/F-20_Tigershark

past posts mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html

past posts mentioning tigershark:
https://www.garlic.com/~lynn/94.html#8 scheduling & dynamic adaptive ... long posting warning
https://www.garlic.com/~lynn/2002c.html#14 OS Workloads : Interactive etc
https://www.garlic.com/~lynn/2002d.html#1 OS Workloads : Interactive etc
https://www.garlic.com/~lynn/2005d.html#45 Thou shalt have no other gods before the ANSI C standard
https://www.garlic.com/~lynn/2006g.html#13 News Release
https://www.garlic.com/~lynn/2007i.html#3 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#4 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#6 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#7 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#8 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007i.html#10 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007o.html#40 EZPass: Yes, Big Brother IS Watching You!

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
Date: December 13, 2008
Blog: Organizational Development
There is old saying that a major qualification for such jobs should be not wanting the job ... frequently the desire for such positions is motivated by greed. There is a related quote from Boyd giving career advice:
There are two career paths in front of you, and you have to choose which path you will follow. One path leads to promotions, titles, and positions of distinction.... The other path leads to doing things that are truly significant for the Air Force, but the rewards will quite often be a kick in the stomach because you may have to cross swords with the party line on occasion. You can't go down both paths, you have to choose. Do you want to be a man of distinction or do you want to do things that really influence the shape of the Air Force? To be or to do, that is the question." Colonel John R. Boyd, USAF 1927-1997

... snip ...

misc. post posts mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html

There was a an article a couple months ago that ratio of avg. executive compensation to avg. worker compensation recently had exploded to 400:1 after having been 20:1 for a long time ... and 10:1 in much of the rest of the world.

GAO has been doing database of increasing number of public company financial restatements. Basically, executives fiddle the books in order to boost the bonuses (despite SOX). Then later the financials may be restated but the bonuses aren't forfeited. One of the worst examples was freddie was fined $400m in 2004 for $10b statement fiddling/inflation and the CEO replaced ... but allowed to keep tens (hundred?) of millions.

There was recent published study of 270(?) some public companies that redid their executive compensation plan after having problems with financial statement fiddling and executive bonuses. Supposedly executive compensation has been changed to be much more closely aligned with the health and well being of the corporation ... and as a result the companies are performing much better.

...

Yesterday (Sunday), CSPAN had a panel discussing the situation and then CBS 60 minutes had segment on the meltdown. The industry seems to be torn between claiming to being ignorant and totally incompetent and admitting they just ignored all the indicators.

...

there was a couple billion dollar lawsuit in the early 80s regarding theft of industrial espionage. the court seemed to take the position that given sufficient temptation, all people are naturally crooked. in order to substantiate damages, security proportional to risk had to be demonstrated. the analogy is fences around swimming pools ... it isn't enough to post warnings ... the fences have to be adequate to keep out minors (who can't be held responsible). In the case of financial temptation ... everybody was assumed to be susceptible ... so countermeasures (to theft, fraudulent behavior, etc) had to be demonstrated that were proportional to the temptation.

somewhat related theme from last week:

The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php

from above:
Markets need regulation to stay stable. We have had thirty years of financial deregulation. Now we are seeing chickens coming home to roost. This is the key argument of Professor Nick Bingham, a mathematician at Imperial College London, in an article published today in Significance, the magazine of the Royal Statistical Society.

... snip ...

past posts mentioning industrial espionage case & security proportional to risk
https://www.garlic.com/~lynn/2001d.html#42 IBM was/is: Imitation...
https://www.garlic.com/~lynn/2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2005f.html#60 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005r.html#7 DDJ Article on "Secure" Dongle
https://www.garlic.com/~lynn/2006q.html#36 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006r.html#29 Intel abandons USEnet news
https://www.garlic.com/~lynn/2008.html#25 Tap and faucet and spellcheckers
https://www.garlic.com/~lynn/2008.html#26 Tap and faucet and spellcheckers

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Memory Instrumentation - was "largest parallel sysplex around?"

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Memory Instrumentation - was "largest parallel sysplex around?"
Newsgroups: bit.listserv.ibm-main
Date: Mon, 15 Dec 2008 07:58:27
R.Skorupka@BREMULTIBANK.COM.PL (R.S.) writes:
I'm talking about *practice*. BTDT. Again: well signed cables are the key.

re:
https://www.garlic.com/~lynn/2008r.html#71 Curiousity: largest parallel sysplex around?
https://www.garlic.com/~lynn/2008r.html#72 Curiousity: largest parallel sysplex around?
https://www.garlic.com/~lynn/2008r.html#73 Curiousity: largest parallel sysplex around?

wasn't this lesson learned in the days of 3270 coax cables?

besides the huge numbers (some cases, tens of thousands) ... there was the shear weight ... some installations, the weight of the 3270 coax cables was starting to exceed bldg. loading limits ... one of the reasons for change over to LAN CAT4.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is anyone interested in starting a CICS specific group?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Is anyone interested in starting a CICS specific group?
Date: December 15, 2008
Blog: Mainframe Experts
Been a long time ... I was undergraduate in 60s at univ that was selected for beta-test for (new) CICS product (univ. had ONR grant for digital library project) ... and I got tasked to support it. There were some number of bugs I had to shoot ... in part because the library was using different BDAM options ... than what was used by the customer shop where CICS originated. misc. past posts
https://www.garlic.com/~lynn/submain.html#bdam

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations.
Date: December 15, 2008
Blog: Risk Management
Yesterday, CSPAN had panel discussion on the subject ... the industry appears to be torn between claiming being ignorant and totally incompetent vis-a-vis admitting to ignoring all the indications (and risk management).

Other reports have indicated input was fiddled for the computer models until the desired output was achieved (garbage-in, garbage-out).

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/

In congressional hearings that looked at how the toxic CDOs received triple-A ratings, the word fraud was periodically used (both the toxic CDO issuers and the rating agencies knew the toxic CDOs weren't worth triple-A ratings)

Supposedly SOX required SEC to do something with respect to the rating agencies ... but there doesn't seem to have been anything besides a Jan2003 report.

Report on the Role and Function of Credit Rating Agencies in the Operation of the Securities Markets; As Required by Section 702(b) of the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf

long winded, decade old post discussing some of the current issues
https://www.garlic.com/~lynn/aepay3.htm#riskm

related recent posts:
https://www.garlic.com/~lynn/2008n.html#49 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#65 Whether, in our financial crisis, the prize for being the biggest liar is
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#72 Why was Sarbanes-Oxley not good enough to sent alarms to the regulators about the situation arising today?
https://www.garlic.com/~lynn/2008n.html#78 Isn't it the Federal Reserve role to oversee the banking system??
https://www.garlic.com/~lynn/2008n.html#80 Why did Sox not prevent this financal crisis?
https://www.garlic.com/~lynn/2008n.html#82 Fraud in financial institution
https://www.garlic.com/~lynn/2008o.html#15 Financial Crisis - the result of uncontrolled Innovation?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#19 What's your view of current global financial / economical situation?
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#34 The human plague
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008q.html#49 Have not the following principles been practically disproven, once and for all, by the current global financial meltdown?
https://www.garlic.com/~lynn/2008q.html#50 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008q.html#58 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008r.html#58 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Blind-sided, again. Why?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Blind-sided, again. Why?
Date: December 15, 2008
Blog: Systems Thinking
assumption about "regulated country" may not be valid, related article

The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php

from above:
Markets need regulation to stay stable. We have had thirty years of financial deregulation. Now we are seeing chickens coming home to roost. This is the key argument of Professor Nick Bingham, a mathematician at Imperial College London, in an article published today in Significance, the magazine of the Royal Statistical Society.

There is no such thing as laying off risk if no one is able to insure it. Big new risks were taken in extending mortgages to far more people than could handle them, in the search for new markets and new profits. Attempts to insure these by securitisation -- aptly described in this case as putting good and bad risks into a blender and selling off the results to whoever would buy them -- gave us toxic debt, in vast quantities.


... snip ...

a long-winded, decade old post that included mention needing visibility into the underlying value of securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm

during the congressional hearings into (securitized mortgages) toxic CDOs ... the word "fraud" was used several times referring to toxic CDO issuing organizations paying rating organizations for triple-A ratings (even though both parties knew that the toxic CDOs didn't deserve triple-A ratings). The triple-A rating significantly increased the organizations that would deal with the instruments ... and funds available to the issuers.

Supposedly SOX required SEC to do something with respect to the rating agencies ... but there doesn't seem to have been anything besides a Jan2003 report:

Report on the Role and Function of Credit Rating Agencies in the Operation of the Securities Markets; As Required by Section 702(b) of the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf

In other cases, input was fiddled for the computer models until the desired output was achieved (garbage-in, garbage-out).

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/

GAO has been doing database of increasing number of public company financial restatements. Basically, executives fiddle the books in order to boost the bonuses (despite SOX). Then later the financials may be restated but the bonuses aren't forfeited. One of the worst examples was freddie was fined $400m in 2004 for $10b statement fiddling/inflation and the CEO replaced ... but allowed to keep tens (hundred?) of millions.

I made the assertion at a 2004 European Financial Executive conference that SOX wasn't going to make any significant difference (it was more like window dressing).

there were numerous things wrong with toxic CDOs, another example:

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

from above:
Watsa's only sin was in being a little too early with his prediction that the era of credit expansion would end badly. This is what he said in Fairfax's 2003 annual report: "It seems to us that securitization eliminates the incentive for the originator of [a] loan to be credit sensitive. Prior to securitization, the dealer would be very concerned about who was given credit to buy an automobile. With securitization, the dealer (almost) does not care."

... snip ...

The example of unregulated mortgage originators is even more significant than the auto loans. There has been a lot subprime mortgages in all this ... but it actually was the huge influx of money available to the unregulated mortgage originators (via sales of triple-A rated toxic CDOs. Subprime mortgages was originally suppose to be for low-income, first-time home owners. There was panel discussion yesterday (Sunday) on CSPAN (as well as related segment on CBS 60 minutes). The comment on the CSPAN program was that only 10percent of these loans went to low-income first-time home owners ... a lot of the rest went to speculation (no-down, no-documentation, 1-2percent introductory, interest only payments ... enormously attractive to speculators that were planning on flipping after 15-30% appreciation before rates reset).

The CSPAN panel also seemed to be torn between the industry claiming being ignorant and totally incompetent and admitting they just ignored all the indications.

On CSPAN a couple months there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250m in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.

The PBS programs/webpages discussing some of the wall street influence on congress, wall street fix (including repeal of Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet

On the institution side buying these (toxic CDO, packaged) mortgages .... the institutions were 1) playing long/short mismatch and 2) heavily leveraging. Playing long/short mismatch (alone) has been known to take down institutions for centuries (in this case, even if the toxic CDOs had been worth their triple-A ratings). Comments were that Bear-Stearn and Lehman had marginal chance of surviving playing long/short mismatch. This was further aggravated with heavy leverage ... in some cases leveraging capital 40-80 times in buying triple-A rated toxic CDOs.

article from year ago about playing long/short mismatch (including transactions being carried offbalance ... and possibly may still be lurking)
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html

decade old article from SanFran FED on problems with long/short mismatch
http://www.frbsf.org/economic-research/publications/economic-letter/2000/september/short-term-international-borrowing-and-financial-fragility/

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Data leakage - practical measures to improve Information Governance

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Data leakage - practical measures to improve Information Governance
Date: December 15, 2008
Blog: Systems Thinking
We have tried to characterize some of this with three metaphors.

We had been involved tangentially in cal state breach notification legislation. We had been called in to help wordsmith the cal electronic signature legislation and some of the parties involved, were also involved in privacy issues and had done extensive consumer surveys on privacy. They found the most important consumer privacy issue was identity theft and its major subtype, account fraud (fraudulent financial transactions against existing accounts) as a result of information leakage from breaches). This aspect was getting little or no notice, so it seemed there was some hope that the publicity associated from breach notification would start to prompt corrective action.

dual-use vulnerability metaphor

account number is required in a large number of different business processes and is required to be readily available. at the same time the account number has to be kept strictly confidential and never divulged to anybody (not even those needing it for business processes, since insiders have repeatedly been shown to be the major source of identity theft). we've claimed that even if the planet was buried under miles of information hiding encryption, that it wouldn't be sufficient to prevent information leakage.

security proportional to risk metaphor

to the merchant, knowledge of the account number is worth some percent of the profit off the transaction; that same knowledge for the crook, is worth the account balance/credit-limit. as a result, the crook may be able to outspend by a factor of 100 times attacking the system (as the merchant can afford to spend protecting/defending the system).

naked transaction metaphor

transactions are vulnerable where ever they exist; misc archived naked transaction metaphor blog activity & posts
https://www.garlic.com/~lynn/subintegrity.html#payments

after having been called in to consult with small client/server startup that wanted to do payments on their server (they had also invented this thing called SSL they wanted to use with it ... that effort now is frequently referred to as electronic commerce), in the mid-90s we were asked to participate in the x9a10 financial working group (which had been given the requirement to preserve the integrity of the financial infrastructure for ALL retail payments) and did some in-depth, end-to-end threat and vulnerability studies ... which resulted in the x959 financial transaction standard ... misc references
https://www.garlic.com/~lynn/x959.html#x959

part of x9.59 financial transaction standard was to slightly change the paradigm and make existing financial transaction information useless to crooks & attackers for performing fraudulent transactions. X9.59 didn't do anything about skimming, harvesting, breaches, leakages, etc ... but it eliminated the fraudulent financial transactions that has been the major threat from such activity.

some other recent posts mentioning the metaphors:
https://www.garlic.com/~lynn/2008o.html#76 Blinkenlights
https://www.garlic.com/~lynn/2008p.html#5 Privacy, Identity theft, account fraud
https://www.garlic.com/~lynn/2008p.html#7 Dealing with the neew MA ID protection law
https://www.garlic.com/~lynn/2008p.html#59 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008r.html#53 21 million German bank account details on black market

past posts mentioning security proportional to risk in industrial espionage court case:
https://www.garlic.com/~lynn/2001d.html#42 IBM was/is: Imitation...
https://www.garlic.com/~lynn/2002d.html#8 Security Proportional to Risk (was: IBM Mainframe at home)
https://www.garlic.com/~lynn/2005f.html#60 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005r.html#7 DDJ Article on "Secure" Dongle
https://www.garlic.com/~lynn/2006q.html#36 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006r.html#29 Intel abandons USEnet news
https://www.garlic.com/~lynn/2008.html#25 Tap and faucet and spellcheckers
https://www.garlic.com/~lynn/2008.html#26 Tap and faucet and spellcheckers

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

First successful PC OS?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: First successful PC OS?
Newsgroups: alt.folklore.computers
Date: Mon, 15 Dec 2008 18:53:25
timcaffrey@aol.com (Tim McCaffrey) writes:
The Altair was created with some of the first 8080 chips (before the borrow bug was fixed). I think the Altair was inspired Kindall to get CP/M working...


https://en.wikipedia.org/wiki/CP/M


above also has reference to "The origin of CP/M's name" ... which i've also recently referenced (as well as several times in the past).
https://www.garlic.com/~lynn/2008r.html#25 What if the computers went back to the '70s too?

but the URL has gone 404

http://www.khet.net/gmc/docs/museum/en_cpmName.html

but there is always the wayback machine
https://web.archive.org/web/20071011100440/http://www.khet.net/gmc/docs/museum/en_cpmName.html

also related recent cp/cms (and personal computing) post:
https://www.garlic.com/~lynn/2008s.html#3 New machine code

and earlier post in this thread:
https://www.garlic.com/~lynn/2008s.html#0 First successful PC OS?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

New machine code

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New machine code
Newsgroups: alt.folklore.computers
Date: Mon, 15 Dec 2008 21:59:41
Rich Alderson <news@alderson.users.panix.com> writes:
Well, since Adventure originated on the PDP-10 (Crowther's cave-exploring program at BB&N which Don Woods morphed [to be anachronistic] into Adventure at SAIL), that's hardly a big leap.

re:
https://www.garlic.com/~lynn/2008r.html#68 New machine code
https://www.garlic.com/~lynn/2008r.html#74 New machine code
https://www.garlic.com/~lynn/2008s.html#3 New machine code

in the 70s and 80s there were monthly vm/cms (baybunch) meetings at SLAC ... where all sort of things were discussed ... including tymshare mentioning games. i was trying to get the vm/cms adventure port shortly after it was done ... but actually got a copy of source from somebody in the UK before i got copy from tymshare.

and some old email related to getting copy of adventure source
https://www.garlic.com/~lynn/2006y.html#email780405
https://www.garlic.com/~lynn/2006y.html#email780405b

in this post
https://www.garlic.com/~lynn/2006y.html#18 The History of Computer Role-Playing Games...

other old email in response to looking for copy of adventure:

Date: 03/21/78 19:36:29
To: wheeler

I don't have or heard of anyone having the 'ADVENTURE' Game. If I find it, I'll be sure to pass it on.

PS: If you're interested in a list of what we have in games or pictures, I'll be glad to send it.


... snip ... top of post, old email index

other topic drift, tymshare had done a vm/cms computering conferencing system and made a free service available to the (corporate user group) share organization
http://www.share.org/

in aug76 ... archived here
http://vm.marist.edu/~vmshare/

and procedure was set up to send me monthly copies on tape ... so i could shadow on internal machines ... some old email related to vmshare:
https://www.garlic.com/~lynn/lhwemail.html#vmshare

recent post mentioning another kind of discussion (after baybunch meeting)
https://www.garlic.com/~lynn/2008r.html#27 CPU time/instruction table

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

New machine code

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New machine code
Newsgroups: alt.folklore.computers
Date: Mon, 15 Dec 2008 22:27:37
Anne & Lynn Wheeler <lynn@garlic.com> writes:
and some old email related to getting copy of adventure source
https://www.garlic.com/~lynn/2006y.html#email780405
https://www.garlic.com/~lynn/2006y.html#email780405b

in this post
https://www.garlic.com/~lynn/2006y.html#18 The History of Computer Role-Playing Games...


re:
https://www.garlic.com/~lynn/2008s.html#12 New machine code

and wiki page:
https://en.wikipedia.org/wiki/Colossal_Cave_Adventure

from above:
The game was also ported to Prime Computer's super-mini running PRIMOS in the late 1970s, utilising Fortran 4, and to IBM mainframes running VM/CMS in late 1978, utilizing PL/1.

... snip ...

i was making copy of the adventure game (cms) executable available internally ... and if somebody demonstrated that they had gotten all the points ... i would email them the fortran source. one such person ... took the fortran source and ported to pl/i as well as adding a bunch of new rooms and points (i think initiall 450).

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

New machine code

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New machine code
Newsgroups: alt.folklore.computers
Date: Mon, 15 Dec 2008 22:45:33
re:
https://www.garlic.com/~lynn/2008s.html#12 New machine code
https://www.garlic.com/~lynn/2008s.html#13 New machine code

oh and email regarding pli verson:
https://www.garlic.com/~lynn/2007m.html#email780517

in this post
https://www.garlic.com/~lynn/2007m.html#6 Zork and Adventure

above also has another old adventure related email
https://www.garlic.com/~lynn/2007m.html#email780414

i still had a reference to this cms executable file ... but not the file itself:
&1 &2 ADVENTUR MODULE D1()V 65535 5 40 4/11/78 19:59

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Orwellian Apple ad celebrates 25th birthday

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Orwellian Apple ad celebrates 25th birthday
Newsgroups: alt.folklore.computers
Date: Tue, 16 Dec 2008 09:29:13
Orwellian Apple ad celebrates 25th birthday
http://www.theregister.co.uk/2008/12/15/1984_ad_anniversary/

from above:
It first hit the small screen little more than a month earlier, when it aired at one o'clock in the morning on KMVT, Channel 11 in Twin Falls, Idaho.

Without a December debut, Apple and its ad agency, Chiat\Day, couldn't qualify for the season's advertising trophies.


... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Orwellian Apple ad celebrates 25th birthday

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Orwellian Apple ad celebrates 25th birthday
Newsgroups: alt.folklore.computers
Date: Tue, 16 Dec 2008 09:48:17
re:
https://www.garlic.com/~lynn/2008s.html#15 Orwellian Apple ad celebrates 25th birthday

After the IBM/PC was announced, Tymshare created a 2nd computer conferencing facility for the SHARE organization
http://www.share.org/

to compliment the vmshare conferencing that had been launced aug76. I started getting monthly tape copies of the vmshare (deploy shadows on internal machines) ... after pcshare was launced, the pcshare files were also added to the tape. recent post regarding vmshare
https://www.garlic.com/~lynn/2008s.html#12 New machine code

I had also gotten some of the information from my brother ... previous mention that he was Apple regional marketing rep:
https://www.garlic.com/~lynn/2008r.html#5 What if the computers went back to the '70s too?

who had been in town getting week class on the new machine.

from long ago and far away:

Date: 22 December 1983, 00:37:08 PST
To: small distribution

This week's interesting tidbit from PCSHARE:

= = = = = = = = = = = = = = = = = = = = = = = = = = =

Lucky me, I got my hands on an illicit copy of an advertising brochure for the new Apple MacIntosh! It is a blow by blow, screen by screen comparison (somewhat unfair) between the IBM PC and the Mac. They even show side by side pictures of the 8088 and 68000 chips. The Mac's is bigger therefor its better?? Anyway, there is lots of interesting technical stuff. No prices tho. Of course, if they are comparing it to the PC, its obviously around $2500. Here's the dope:

MC6800DL8 CPU with 128K RAM and 64K ROM (probably 5 MHZ to support the graphics.) Doesn't look like you can add more RAM. 9 inch 512 x 342 pixel bit-mapped monochrome display. The basic box is 10.9in deep by 9.7in wide by 13.5in high (very small). Comes with carrying handle -- supposed to be lighter than most portables. It looks like a baby 3278 with built-in diskette drive. Built-in 3.5in floppy diskette drive using 400K Sony-style diskettes. Optical track ball mouse with a single button ("So it's extremely difficult to press the wrong button"). No fan -- clever venting. Calendar/clock Connectors in the back: mouse; external disk drive (second diskette drive); RS232 and RS422 DB9 connectors; polyphonic sound port (it talks!). Keyboard is detached with telephone type jack. I count 58 keys. Not as extensive as IBM's. Supposedly you can generate 217 characters, including accented letters and math symbols. Also described are the Apple Imagewriter printer (Epson-like) and a modem.

Software includes:

- Standard LISA pull-down menus and icons (there's the little trash can!) - MacWrite word processor (multiple fonts, proportional spacing, etc.) - MacPaint for making pictures - MacProject for critical path charting - MacTerminal VT100, 3278 emulation, VT52, or TTY. - MacIntosh BASIC and MacIntosh Pascal - MacDraw (whatever that is) - Also, 3rd party offerings including: Lotus 1-2-3, PFS, MultiPlan, and Microsoft Chart, File, and Word.

All software is integrated with windows, icons, pull-down menus, and mouse control. There is also support for Apple's local area network, AppleBus.

The basic unit comes with: computer, display, built-in disk drive, and firmware, a detached keyboard, the mouse, a system disk (Finder and Desk Accessories {eg. calculator, etc.}), a tutorial diskette and audio diskette ("A Guided Tour of Macintosh"), and "one -- count it -- one manual."

I guess I will have to try to find room in my home computer room for yet ANOTHER goodie!

Don Worth - UCLA

*** APPENDED 12/21/83 12:44:37 BY UR ***


... snip ... top of post, old email index

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

IBM PC competitors

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM PC competitors
Newsgroups: alt.folklore.computers
Date: Tue, 16 Dec 2008 15:04:00
hancock4 writes:
This was nothing new.

In the 1960s, other companies copied IBM tape and disk peripherals (often by employing experienced IBM people), and sold them cheaper than IBM did (easy to do since they didn' t have the R&D costs). When IBM improved its products or lowered its price and caught the competitors flatfooted, the competitors complained "anti-trust!", but the courts said the market was working exactly the way it was supposed to.

In the 1970s other companies copied IBM mainframe CPUs.

According to the history, many IBMers left to join other companies because they were burnt out from the System/360 development process, which was extremely intense and required long overtime over a period of years. At the time, it was shocking that people would leave IBM in such a manner; previously that was very rare. One wonders where IBM would've been had it just gone a little slower and announced System/ 360 a year later, allowing a more reasonable time for the very ambitious hardware and software development effort. They ended up delaying their machines and software anyway.


past referencing mentioning doing tty/ascii support at the univ. for cp67 ... and the 2702 terminal controller not doing quite what i wanted ... which was part of the incentive for the univ. to launch clone controller project ... reverse engineering the mainframe channel interface and building channel interface board for interdata/3 that was programmed to emulate the 2702 (and do what i wanted the 2702 to do)
https://www.garlic.com/~lynn/submain.html#360pcm

this then involved into an interdata/4 handling the channel interface and multiple interdata/3s handling the line-scanner/port interface. this became a product from interdata ... and then as perkin/elmer product, after they bought interdata.

this references a major motivation for future system product was clone controllers

reference from "IBM Crisis and Change" article:
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm

quote from the above (i.e. response to clone controllers):
IBM tried to react by launching a major project called the 'Future System' (FS) in the early 1970's. The idea was to get so far ahead that the competition would never be able to keep up, and to have such a high level of integration that it would be impossible for competitors to follow a compatible niche strategy. However, the project failed because the objectives were too ambitious for the available technology. Many of the ideas that were developed were nevertheless adapted for later generations. Once IBM had acknowledged this failure, it launched its 'box strategy', which called for competitiveness with all the different types of compatible sub-systems. But this proved to be difficult because of IBM's cost structure and its R&D spending, and the strategy only resulted in a partial narrowing of the price gap between IBM and its rivals

... snip ...

other past posts mentioning future system
https://www.garlic.com/~lynn/submain.html#futuresys

in early 70s, Amdahl gave a talk on his new (360 processor clone) company at MIT (large auditorium). one of the students asked what justification did Amdahl use with the VCs to back his new company. the response was something about customers had already spent something like $200B on 360 application software development and that even if IBM were to totally walk away from 360 (which might considered a veiled reference to future system project), there would still be enough 360 business to last through the end of the century.

part of 23jun69 "unbundling" announcement (in response to various legal actions) including starting to charge for application software as well as system engineering services. There was a successful argument made that "kernel" software should continue to be "free". misc. past posts mentioning unbundling announcement
https://www.garlic.com/~lynn/submain.html#unbundle

The charging for SE services pretty much put an end to SE support teams at customer sites ... where new SEs learned the trade ... sort of as apprentices (since they couldn't figure out how not to charge for new, inexperienced SEs at customer site). In reaction, HONE (Hands-On Network Environment) was setup ... a number of internal cp67 data centers providing virtual machine access to SEs in the branch office. The concept was that SEs could get hands-on operating experience via remote access running in (CP67) virtual machines. misc. past posts mentioning HONE:
https://www.garlic.com/~lynn/subtopic.html#hone

However, the science center
https://www.garlic.com/~lynn/subtopic.html#545tech

had ported apl\360 to CMS (for cms\apl) and a number of sales & marketing support applications were developed in CMS\APL and (also) deployed on HONE. Relatively quickly the sales&marketing applications came to dominate all HONE activity (personal computing, time-sharing) ... and the original objective of SE training (using other operating systems in virtual machines) withered away.

Later when future system was canceled, there was a mad rush to get products back into the 370 (software and hardware) product pipeline ... which had been neglected with all the focus on future system effort ... and had also contributed to 370 clone processors being able to get a foothold in the market.

Part of that contributed to deciding to pick up some amount of 370 stuff that I had been doing all during the future system period ... some old
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
https://www.garlic.com/~lynn/2006w.html#email750430

part of that was specific, separate "resource manager" project. The appearance of 370 clone processors appeared to contribute to the decision to (reverse earlier decision to not charge for kernel software) start charging for kernel software ... and my "resource manager" was selected for the guinea pig. misc. past posts mentioning resource manager
https://www.garlic.com/~lynn/subtopic.html#fairshare

as a consequences, I got roped into spending time with lawyers and business people regarding policy for kernel software pricing.

I've also mentioned getting to play disk engineer in bldg. 14 & 15 ... misc. past posts
https://www.garlic.com/~lynn/subtopic.html#disk

and periodically getting roped into architecture meetings and/or conference calls with POK channel engineers. I asked why I was getting tasked for this (somebody from research that would wander in & out) ... and the reply was that just about all the senior engineers (that had previously handled high level architecture detail) had departed at one point or another. The departure of these senior engineers hadn't been a case of burn-out ... but new startups being able to lure them away with significantly better offers (equity, stock options, etc).

The big departures were after 360 had gained a large market foothold ... so there was an extremely large customer base for the clone controllers to sell into (and therefor attractive business case for VCs and startups).

For a little topic drift regarding the R&D cost structure ... recent (linkedin) post about greed
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?

mentioning early 80s court case regarding theft of (new disk) industrial information. the couple billion damages mentioned was supposedly six month revenue for a clone disk company ... the difference between having a product ready to ship the same day the first original shipped to customers (by using stolen information) and the (typical) six month delay it would take to acquire one of the new products, reverse engineer the product and develop a clone.

misc. past PC clone posts/threads:
https://www.garlic.com/~lynn/2000.html#6 Computer of the century
https://www.garlic.com/~lynn/2000b.html#35 VMS vs. Unix (was: Why are Suns so slow?)
https://www.garlic.com/~lynn/2004b.html#1 The BASIC Variations
https://www.garlic.com/~lynn/2005f.html#14 Where should the type information be: in tags and descriptors
https://www.garlic.com/~lynn/2005r.html#20 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2005r.html#34 logical block addressing
https://www.garlic.com/~lynn/2007l.html#10 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007n.html#0 The Development of the Vital IBM PC in Spite of the Corporate Culture of IBM
https://www.garlic.com/~lynn/2007r.html#39 Translation of IBM Basic Assembler to C?
https://www.garlic.com/~lynn/2007u.html#12 folklore indeed
https://www.garlic.com/~lynn/2007v.html#76 Why Didn't Digital Catch the Wave?
https://www.garlic.com/~lynn/2008d.html#60 more on (the new 40+ yr old) virtualization

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

What do you think needs to happen with the auto makers to make them viable

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: What do you think needs to happen with the auto makers to make them viable
Date: December 16, 2008
Blog: Equity Markets
there are already examples of auto makers in the US that are already viable ... recent article ... also referenced in other similar questions ...
http://help.linkedin.com/app/answers/detail/a_id/35227

Dumbest People' Industry Image May Cost Wagoner Job
http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchive&sid=ap8pS2oslvn0&refer=home

a couple quotes from above:
"There's the feeling that next to financial services, automotive execs are the dumbest people in the world"

"It's pretty clear that management has made some pretty bad decisions over the last 20 years"

"Toyota generated pretax profit of $922 per vehicle on North American sales in 2007, while GM lost $729"


... snip ...

and

Honda reports record profit
http://www.foxnews.com/story/2008/07/25/honda-reports-record-profit-after-ford-suffers-huge-loss

... also archived here:
https://www.garlic.com/~lynn/2008p.html#77
https://www.garlic.com/~lynn/2008p.html#82
https://www.garlic.com/~lynn/2008q.html#22

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

What next? from where would the Banks be hit?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: What next? from where would the Banks be hit?
Date: December 16, 2008
Blog: Risk Management
One of the TV business news shows had CEO of regional bank on yesterday. Basically the theme was that most of the regional/community banks practiced prudent lending, interviewed the applicants, etc. The claim was that the imprudent lending behavior by several institutions has resulted in change in regulations and policies that will adversely affect all institutions. An example cited is that they expect FDIC to double the assessment (in order to cover troubled institutions) next year which will reduce their ability to make new loans.

one article related to lots of institutions adopting imprudent behavior

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

from above:
Watsa's only sin was in being a little too early with his prediction that the era of credit expansion would end badly. This is what he said in Fairfax's 2003 annual report: "It seems to us that securitization eliminates the incentive for the originator of [a] loan to be credit sensitive. Prior to securitization, the dealer would be very concerned about who was given credit to buy an automobile. With securitization, the dealer (almost) does not care."

... snip ...

On Sunday, CSPAN had panel with several people from industry. One of the comments was that the subprime was supposedly targeted at low-income, first time home owners ... but only something like 10% of subprime loans went to that market.

With huge influx of funds from securitization and no regard who got loans ... they were cycling loans through the mill as fast as possible to all comers (speculator looking at 20%/annum inflation ... a no-down, no-documentation, 1% introductory, interest-only ... flipping after a year ... represents significant ROI). CBS 60mins had segment on some of these speculators in the overheated Florida and California real-estate markets.

There was comment (in the past day or two) ... that only about half the ARMs, written during the securitization lending frenzy, have reset ... and the next wave of ARM resets should be coming soon ... which could really increase downward pressure on the economy.

another article from last week:

The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php

from above:
Markets need regulation to stay stable. We have had thirty years of financial deregulation. Now we are seeing chickens coming home to roost. This is the key argument of Professor Nick Bingham, a mathematician at Imperial College London, in an article published today in Significance, the magazine of the Royal Statistical Society.

... snip ...

Other claims are that the big-3 problem has been 20-30 yrs in the making (some claiming 50yrs). In the early 80s, there was an article that said the import quotas was suppose to provide the big-3 with breathing room and significantly increased profits to completely remake themselves. Since that wasn't happening, there was a call for a 100% unearned profit tax (the import quotas, reducing competition and enabling significant price increases and therefor significant profit increase ... all at the expense of the US consumer). The industry had huge losses in 2007 ... well before the current credit crunch.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Nerdy networking kid crashes the party

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Nerdy networking kid crashes the party
Date: December 17, 2008
Blog: Greater IBM
Nerdy networking kid crashes the party
http://www.theinquirer.net/inquirer/news/1050012/cisco-to-crash-hp-and-ibm-s-data-centre-space

from above:
IT SEEMS THE WORD is out and, even though Cisco is not directly confirming reports about the firm moving into the blade server market, it is widely expected to happen within the next couple of months, throwing the firm into the ring with its former partners, IBM and HP.

... snip ...

We were putting in T1 links as part of HSDT project in the mid-80s
https://www.garlic.com/~lynn/subnetwork.html#hsdt

and working with NSF to have T1 links for the NSFNET backbone (the operational precursor to the modern internet) and constantly running afoul of the communication group.

We were prevented from bidding on NSFNET backbone ... even though the director of the NSF writing the company a letter 3Apr1986, NSF Director to IBM Chief Scientist and IBM Senior VP and director of Research, copying IBM CEO) ... including some reference to what we already had running was at least five years ahead of all bid submissions. misc. old email related to the period
https://www.garlic.com/~lynn/lhwemail.html#nsfnet

In this period there was a corporate communication five year strategic projection that there would only be 200 T1 installed links. A quicky customer survey found over 200 T1 links already in mainframe shops.

The methodology disconnect appeared to be a problem in how the five year projection was made. The standard existing communication product only supported up to 56kbit links ... but had a feature called "fat pipes" that allowed multiple 56kbit links to be grouped together and used to simulate a faster link. There was a survey that looked at fat pipes with 2, 3, 4, 5, 6, etc 56kbit links ... which found little or no fat pipes with six or more 56kbit links. What they apparently didn't realize was telco tariff had x-over about 5-6 56kbit links being about the same as tariff for T1 link. As a result, customers needing more than 300kbit bandwidth found it cheaper to install a full T1 and support it with somebody else's product.

Part of this we've characterized as having trouble making transition from a communication paradigm that was primarily oriented towards supporting dumb terminals ... to (peer-to-peer) networking paradigm.

somewhat related posts regarding (dumb) terminal emulation
https://www.garlic.com/~lynn/subnetwork.html#emulation

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Five great technological revolutions

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Five great technological revolutions
Date: December 17, 2008
Blog: Greater IBM
Note that the current scenario isn't that the environment outgrew the regulations ... but the regulations and regulation enforcement was cut way back. recent article from last week:

The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php

from above:
Markets need regulation to stay stable. We have had thirty years of financial deregulation. Now we are seeing chickens coming home to roost. This is the key argument of Professor Nick Bingham, a mathematician at Imperial College London, in an article published today in Significance, the magazine of the Royal Statistical Society.

... snip ...

CDOs (securitized mortgages) were used two decades ago in the S&L crisis to obfuscate underlying value ... so it wasn't that there wasn't awareness.

CDO use was further aggravated by giving them triple-A ratings (when both the toxic CDO issuers and the rating agencies knew they didn't deserve them). In the recent congressional hearings the word "fraud" was used several times.

the following isn't just applicable to auto loans but all kinds of securitized loans.

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

from above:
Watsa's only sin was in being a little too early with his prediction that the era of credit expansion would end badly. This is what he said in Fairfax's 2003 annual report: "It seems to us that securitization eliminates the incentive for the originator of [a] loan to be credit sensitive. Prior to securitization, the dealer would be very concerned about who was given credit to buy an automobile. With securitization, the dealer (almost) does not care."

... snip ...

long winded, decade old post discussing some of the current problems ... including needing visibility into securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm

A lot of the deregulation and pull back from regulation enforcement falls on the SEC. Supposedly SOX required SEC to do something with respect to the rating agencies ... but there doesn't seem to have been anything besides a Jan2003 report:

Report on the Role and Function of Credit Rating Agencies in the Operation of the Securities Markets; As Required by Section 702(b) of the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf

On CSPAN a couple months ago there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250M in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.

PBS program/webpages discussing some of the wall street influence on congress, wall street fix (including repeal of Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet

Claims are that the big-3 problems have been 20-30 yrs in the making (some claiming 50). In the early 80s, there was an article that said the import quotas were suppose to provide the big-3 with breathing room and significantly increase profits to completely remake themselves. Since that wasn't happening, there was a call for 100% unearned profit tax (the import quotas, reducing competition and enabling significant price increases and therefor significant profit increase ... all at the expense of the US consumer). The industry had huge losses in 2007 ... well before the current credit crunch.

(archived) posts from other recent linkedin discussions
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
https://www.garlic.com/~lynn/2008s.html#8 Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations
https://www.garlic.com/~lynn/2008s.html#18 What next? from where would the Banks be hit?

With respect to globalization ... we did some interviewing when we were running HA/CMP product ... some past posts
https://www.garlic.com/~lynn/subtopic.html#hacmp

and all the technical 4.0 graduates from cal. higher education were from foreign countries. report from the 1990 census claimed that half the 18yrs olds were functionally illiterate. a report from when the foreign auto makers started building US plants was that they needed to require junior college degree in order to get high school education.

2006 study found that of 39 industrial countries, US ranked 25th in science and 35th in math. another study ranked US 29th in science worldwide. old post on the subject from a year ago
https://www.garlic.com/~lynn/2007u.html#78 Education ranking

another archived post from earlier this year:
https://www.garlic.com/~lynn/2008e.html#61 Study Finds Sharp Match, Science Skills Help Expand Economy

wsj article mentioned

Study Finds Sharp Math, Science Skills Help Expand Economy
http://online.wsj.com/news/articles/SB120452027357807261?mg=reno64-wsj&url=http%3A%2F%2Fonline.wsj.com%2Farticle%2FSB120452027357807261.html

from above:
Nearly two decades ago, the National Governors Association called for U.S. students to sharply improve in math and science by 2000. If the U.S. had managed to achieve the goal, and joined world leaders like Finland, Hong Kong and South Korea, GDP would be two percentage points higher today and 4.5 points higher in 2015, the study calculated. "Had we figured out some way to improve our schools, or do what we could to improve the learning of our students, we would be a lot better off today," said Mr. Hanushek.

... snip ...

note that nothing improved in the US.

Related to report that half 18yr olds being functionally illiterate from 1990 census information ... there was also a report claiming half the US manufacturing jobs (at the time) were "subsidized" (i.e. worker compensation was greater than the value of their labor). There was then a prediction that given existing trends that by 2020, the work of only 3percent of the US work force would be valued more than their compensation.

related economic issues:
https://www.garlic.com/~lynn/2008q.html#55 Can outsourcing be stopped?
https://www.garlic.com/~lynn/2008r.html#8 Can outsourcing be stopped?

I've mentioned before that I sponsored Boyd's briefings at IBM in the 80s ... greater IBM reference
https://www.garlic.com/~lynn/2008q.html#46 The Pattern of Engagement in High Value Sales Campaigns

Related to technology, educational, economic interests ... there is things like "America's Defense Meltdown" ... which can be found in some of the Boyd related blogs and forums.
http://www.cdi.org/friendlyversion/printversion.cfm?documentID=4402

related articles from the press:
http://www.huffingtonpost.com/john-tepper-marlin/experts-slam-dod-waste-in_b_145134.html
http://www.atimes.com/atimes/Middle_East/JK27Ak02.html

one of my archived posts in one of the related threads
https://www.garlic.com/~lynn/2008s.html#4 Expanding U.S. Tactical Aviation's "Approved Belief"

For a different kind of "futures" prediction for 2025:
http://www.dni.gov/nic/NIC_2025_project.html

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

IBM PC competitors

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM PC competitors
Newsgroups: alt.folklore.computers
Date: Wed, 17 Dec 2008 13:08:15
Lars Poulsen <lars@beagle-ears.com> writes:
I am not sure I understand what you mean by this. What is it that should be the job of the BIOS versus the job of the OS ?

The original design intent for input/output under DOS (inherited from CP/M) was that the user should call the operating system, and the operating system should call the BIOS for anything that depended on physical configuration of hardware ports. Of course, in cases where the user needs a service that was provided for the benefit of the OS, but does not need any value added by the OS, he may call the BIOS directly, so long as this does not screw up locks etc that the OS may need to maintain.

For example, the operating system provides a file system, and in turn the file system code calls the BIOS to do physical block I/O. A utility program to do file system maintenance (directory repair or defragmentation) may call the BIOS directly.


another examples is that most of the mainframe unix ports in the 80s were actually to VM (i.e. could provide various kinds of BIOS-like functions to the virtual machine).

a big problem was that the field service people mandated that the mainframes required various RAS, error recovery, and error reporting infrastructure in order for them to maintain and service the machines.

the effort to add such RAS, error recovery and error reporting to UNIX would have been an effort several times larger than the straight-forward porting of UNIX to the mainframe. running unix under VM allowed VM to provide all the RAS, error recovery, and error reporting needed by field service.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

IBM PC competitors

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM PC competitors
Newsgroups: alt.folklore.computers
Date: Wed, 17 Dec 2008 13:44:54
"MC" <for.address.look@www.ai.uga.edu.slash.mc> writes:
If the serial port had been buffered and the console had been a VT-52 or VT-100 or IBM 3101, we would have had a much easier time. My impression was that the IBM PC was designed in some haste and was, in some sense, an unfinished design.

re:
https://www.garlic.com/~lynn/2008s.html#17 IBM PC competitors
https://www.garlic.com/~lynn/2008s.html#21 IBM PC competitors

3101 had 6800 ... some of the following email references having "mod1" 3101s ... and looking to burn "mod2" EEPROMs to "field" upgrade them to mod2s.

some old email about topaz/3101 ("dumb" ascii terminal):
https://www.garlic.com/~lynn/2006y.html#email791011
https://www.garlic.com/~lynn/2006y.html#email791011b
https://www.garlic.com/~lynn/2006y.html#email800301
https://www.garlic.com/~lynn/2006y.html#email800311
https://www.garlic.com/~lynn/2006y.html#email800312
https://www.garlic.com/~lynn/2006y.html#email810820

in these posts
https://www.garlic.com/~lynn/2006y.html#0 Why so little parallelism?
https://www.garlic.com/~lynn/2006y.html#4 Why so little parallelism?
https://www.garlic.com/~lynn/2006y.html#31 "The Elements of Programming Style"

for other topic drift ... these old emails mentioned getting APL character set support on TOPAZ
https://www.garlic.com/~lynn/2006y.html#email791011
https://www.garlic.com/~lynn/2006y.html#email800301

reference to getting 3101 as home terminal in '80 (along with picture of screen):
https://www.garlic.com/~lynn/2008m.html#51 Baudot code direct to computers?

also in this email (along with installation of data jack at home and delivery of 1200baud vadic modem):
https://www.garlic.com/~lynn/2006y.html#email800314

other past posts mentioning topaz/3101 ("dumb" ascii terminal):
https://www.garlic.com/~lynn/99.html#69 System/1 ?
https://www.garlic.com/~lynn/2000g.html#17 IBM's mess (was: Re: What the hell is an MSX?)
https://www.garlic.com/~lynn/2001b.html#12 Now early Arpanet security
https://www.garlic.com/~lynn/2001b.html#13 Now early Arpanet security
https://www.garlic.com/~lynn/2001h.html#32 Wanted: pictures of green-screen text
https://www.garlic.com/~lynn/2001m.html#1 ASR33/35 Controls
https://www.garlic.com/~lynn/2001m.html#54 Author seeks help - net in 1981
https://www.garlic.com/~lynn/2003c.html#34 difference between itanium and alpha
https://www.garlic.com/~lynn/2003c.html#35 difference between itanium and alpha
https://www.garlic.com/~lynn/2003n.html#7 3270 terminal keyboard??
https://www.garlic.com/~lynn/2004e.html#8 were dumb terminals actually so dumb???
https://www.garlic.com/~lynn/2005p.html#28 Canon Cat for Sale
https://www.garlic.com/~lynn/2005r.html#12 Intel strikes back with a parallel x86 design
https://www.garlic.com/~lynn/2006n.html#56 AT&T Labs vs. Google Labs - R&D History
https://www.garlic.com/~lynn/2006y.html#0 Why so little parallelism?
https://www.garlic.com/~lynn/2006y.html#4 Why so little parallelism?
https://www.garlic.com/~lynn/2006y.html#24 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2006y.html#31 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007e.html#15 The Genealogy of the IBM PC
https://www.garlic.com/~lynn/2007h.html#39 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007k.html#40 DEC and news groups
https://www.garlic.com/~lynn/2007s.html#48 ongoing rush to the new, 40+ yr old virtual machine technology
https://www.garlic.com/~lynn/2007t.html#74 What do YOU call the # sign?
https://www.garlic.com/~lynn/2008l.html#79 Book: "Everyone Else Must Fail" --Larry Ellison and Oracle ???
https://www.garlic.com/~lynn/2008m.html#37 Baudot code direct to computers?
https://www.garlic.com/~lynn/2008m.html#38 Baudot code direct to computers?
https://www.garlic.com/~lynn/2008m.html#88 Sustainable Web
https://www.garlic.com/~lynn/2008n.html#51 Baudot code direct to computers?
https://www.garlic.com/~lynn/2008r.html#5 What if the computers went back to the '70s too?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch
Date: Thu, 18 Dec 2008 16:03:58
Robert Myers <rbmyersusa@gmail.com> writes:
In 2005, Alan Greenspan testified before Congress that increased computer power had allowed more aggressive assumption of risk.

Packaging all the weird new securities that have been so much of the problem would not be possible without computers. The labor-intensive nature of the task would have eaten all the profits.

On the surface of it, the securities make sense: any individual component of the pool may be too risky, but, if in the aggregate, components of that kind are "safe enough" then, through various kinds of magic, a garbage loan can become investment grade.

The aggressive assumptions of Long Term Capital Management and of the Collateralized Debt Obligation business as implemented in elaborate computer models do seem to be at the center of some of Wall Street's more spectacular failures this decade.


A lot of reports have indicated that computer model inputs were fiddled until the desired output was achieved (garbage-in, garbage-out).

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
Subprime = Triple-A ratings? or 'How to Lie with Statistics' (gone 404 but lives on at the wayback machine)
https://web.archive.org/web/20071111031315/http://www.bloggingstocks.com/2007/07/25/subprime-triple-a-ratings-or-how-to-lie-with-statistics/

CDOs had been used two decades ago in the S&L crisis to obfuscate underlying values and sell-off for more than they were otherwise worth. Maybe more computer power just met that there were new ways to obfuscate what they were really doing.

long winded, decade old post discussing some of the current issues, including needing better visibility into the underlying values of securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm

recent congressional hearings into CDOs looked at rating agencies giving toxic CDOs triple-A ratings ... even though the toxic CDO issuers and the rating agencies both knew they weren't worth triple-A rating (the word "fraud" was also periodically used in the hearings). The toxic CDO triple-A ratings significantly increased the number of institutions that would deal in these toxic CDO instruments (as well as significantly increasing the amount of money that unregulated institutions had to lend).

related side-effect of (often) unregulated institutions being able to immediately offload loans:

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

from above:
Watsa's only sin was in being a little too early with his prediction that the era of credit expansion would end badly. This is what he said in Fairfax's 2003 annual report: "It seems to us that securitization eliminates the incentive for the originator of [a] loan to be credit sensitive. Prior to securitization, the dealer would be very concerned about who was given credit to buy an automobile. With securitization, the dealer (almost) does not care."

... snip ...

Last Sunday, CSPAN had panel with several people from industry. One of the comments was that the subprime was supposedly targeted at low-income, first time home owners ... but only something like 10% of subprime loans went to that market.

With huge influx of funds from securitization and no regard who got loans ... they were cycling loans through the mill as fast as possible to all comers (speculator looking at 20%/annum inflation ... a no-down, no-documentation, 1% introductory, interest-only ... flipping after a year ... represents significant ROI). CBS 60mins had segment on some of these speculators in the overheated Florida and California real-estate markets.

... and then a article from last week that appeared in a number of places:

The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php

from above:
Markets need regulation to stay stable. We have had thirty years of financial deregulation. Now we are seeing chickens coming home to roost. This is the key argument of Professor Nick Bingham, a mathematician at Imperial College London, in an article published today in Significance, the magazine of the Royal Statistical Society.

... snip ...

The CSPAN panel also seemed to be torn between the industry claiming being ignorant and totally incompetent vis-a-vis admitting they just ignored (and/or manipulated) all the indications.

On CSPAN, a couple months ago there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250m in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.

The PBS programs/webpages discussing some of the wall street influence on congress, wall street fix (including repeal of Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet

On the institution side buying these (triple-A rated toxic CDO, packaged) mortgages .... the institutions were 1) playing long/short mismatch and 2) heavily leveraging. Playing long/short mismatch (alone) has been known to take down institutions for centuries (in this case, even if the toxic CDOs had been worth their triple-A ratings). Comments were that Bear-Stearn and Lehman had marginal chance of surviving playing long/short mismatch. This was further aggravated with heavy leverage ... in some cases leveraging capital 40-80 times in buying triple-A rated toxic CDOs.

article from year ago about playing long/short mismatch (including transactions being carried offbalance ... some possibly are still lurking more than a yr later)
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html

decade old article from SanFran FED on problems with long/short mismatch
http://www.frbsf.org/economic-research/publications/economic-letter/2000/september/short-term-international-borrowing-and-financial-fragility/

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch,comp.sys.intel,comp.sys.ibm.pc.hardware.chips
Date: Thu, 18 Dec 2008 16:58:32
Andrew Reilly <andrew-newspost@areilly.bpc-users.org> writes:
So, you think that the re-regulation of the financial system will involve mandatory error bounds on stock value predictions? ;-)

re:
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law

GAO has been doing database of increasing numbers of financial restatements of public companies (in spite of SOX). Basically executives fiddle statements in order to increase bonuses. Later statements may be restated, but executives don't forfeit bonuses. One of the worst examples was freddie was fined $400m in 2004 for $10b statement fiddling/inflation and the CEO replaced ... but allowed to keep tens (hundred?) of millions. an earlier GAO reference:
http://www.gao.gov/products/GAO-03-138
2006 GAO reference:
http://www.gao.gov/new.items/d06678.pdf

post from earlier this year (with several additional references)
https://www.garlic.com/~lynn/2008f.html#96

with respect to rating agencies giving triple-A ratings to toxic CDOs, supposedly SOX required SEC to do something with respect to the rating agencies ... but there doesn't seem to have been anything besides a Jan2003 report.

Report on the Role and Function of Credit Rating Agencies in the Operation of the Securities Markets; As Required by Section 702(b) of the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf

another reference:
https://www.garlic.com/~lynn/2008s.html#5
and some related items:
https://www.garlic.com/~lynn/2008s.html#9

I would claim that regulation of the financial infrastructure and insider anti-fraud processes are closely related. this recent post mentions an early 80s court case involving (silicon valley, computer) industrial espionage ... and the court effectively required demonstrating that anti-theft/anti-fraud processes (which were proportional to the value of the information, in the particular situation, a couple billion dollars) had to be in place
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?

in the above post, i also mentioned that in a 2004 european financial executive conference, i claimed that SOX was in large part window dressing.

the analogy (in the industrial espionage court case) was akin to requiring fences around swimming pools since minors can't be held responsible for going swimming. given sufficient temptation ... the court basically assumed everybody would steal something valuable ... unless there were countermeasures.

Asking why financial regulation is needed is possibly on par with wondering why banks might use vaults to keep money. The court (in the particular case from the early 80s claiming billions in damages) ... bascially wanted, in additon to showing that the information had been stolen (and used so that there was resulting damages), proof that there had been anti-theft processes in place (and considered adequate to protect something worth billions of dollars, aka security proportional to risk).

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Web Security hasn't moved since 1995

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Web Security hasn't moved since 1995
Date: December 18, 2008
Blog: First Data Networking
re:
https://www.garlic.com/~lynn/2008p.html#67 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008p.html#78 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008q.html#13 Web Security hasn't moved since 1995

... and some ATM & magstripe archeological background ...

wiki page mentioning adding magstripe to plastic card was invented by IBM and that magstripe encoding standards were managed at the IBM Los Gatos lab from 1966 to 1975:
https://en.wikipedia.org/wiki/Magnetic_stripe

wiki ATM page:
https://en.wikipedia.org/wiki/Automated_teller_machine

wiki IBM 3624 page (mentioning a lasting 3624 feature was the 3624 PIN block format used in transmission)
https://en.wikipedia.org/wiki/IBM_3624

past posts mentioning ATM machine work at Los Gatos Lab:
https://www.garlic.com/~lynn/2002m.html#45 Wanted: the SOUNDS of classic computing
https://www.garlic.com/~lynn/2003k.html#3 Ping: Anne & Lynn Wheeler
https://www.garlic.com/~lynn/2004p.html#25 IBM 3614 and 3624 ATM's
https://www.garlic.com/~lynn/2004p.html#26 IBM 3614 and 3624 ATM's
https://www.garlic.com/~lynn/2006q.html#5 Materiel and graft
https://www.garlic.com/~lynn/2006r.html#9 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006x.html#9 Plurals and language confusion
https://www.garlic.com/~lynn/2006x.html#14 IBM ATM machines
https://www.garlic.com/~lynn/2007l.html#47 My Dream PC -- Chip-Based
https://www.garlic.com/~lynn/2007s.html#7 ATMs

recent financial (transaction) dataprocessing post
https://www.garlic.com/~lynn/2008p.html#27 Father Of Financial Dataprocessing

for other topic drift ... references to (AADS) NACHA (debit) trials
https://www.garlic.com/~lynn/x959.html#aadsnacha
AADS NACHA RFI for above:
https://www.garlic.com/~lynn/nacharfi.htm

also mentioned in this recent post
https://www.garlic.com/~lynn/2008p.html#7 Dealing with the neew MA ID protection law

I had part of a wing (half dozen offices and labs) in the Los Gatos lab bldg in the 80s and early 90s ... first for the (internal) HSDT project ... misc. past posts
https://www.garlic.com/~lynn/subnetwork.html#hsdt

and then for the HA/CMP product ... misc. past posts
https://www.garlic.com/~lynn/subtopic.html#hacmp

recent post with picture of piece of HSDT equipment in a Los Gatos lab basement equipment room:
https://www.garlic.com/~lynn/2008m.html#44 IBM-MAIN longevity

recent post references to mid-to-late 70s customer installation regarding an ATM network implementation:
https://www.garlic.com/~lynn/2008j.html#13 What is "timesharing"

and post with several references to recent risk & fraud in ATM infrastructure
https://www.garlic.com/~lynn/2008j.html#55 What is "timesharing"

separate reference to PIN-block vulnerability (from 3624):
https://www.garlic.com/~lynn/2006u.html#40 New attacks on the financial PIN processing
also mentioned in wiki PIN page
https://en.wikipedia.org/wiki/Personal_identification_number

recent post mentioning some x-over between internal HSDT project and T1s for NSFNET backbone:
https://www.garlic.com/~lynn/2008s.html#19 Nerdy networking kid crashes the party

for some x-over between HA/CMP product and electronic commerce ... this post discusses a meeting on distributed database scale-up (as part of ha/cmp scale-up) in Jan92
https://www.garlic.com/~lynn/95.html#13

sometime after the above meeting, two of the people (that were in the referenced meeing) left and joined a small client/server startup where they were responsible for something called a commerce server. We were then called in to consult with the small startup because they wanted to do payment transactions on their server (the startup also had some technology they had invented they wanted to use, called SSL). part of that effort included deploying something called a payment gateway ... misc. past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Combining EMV and eID on a payment card?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Combining EMV and eID on a payment card?
Date: December 18, 2008
Blog: Payments & Cards Network
We looked at this in AADS person-centric (authentication) model ... various AADS references
https://www.garlic.com/~lynn/x959.html#aads
including NACHA trial
https://www.garlic.com/~lynn/x959.html#aadsnacha

basically a hardware token that is something you have authentication that has sufficient (provable) integrity that it would be accepted by large number of institutions (in contrast to the institution-centric model ... requiring institution to issue and possibly personalize the token).

one issue from nearly a decade ago were some (other) kinds of token deployments ... which had some serious consumer usage problems ... resulting in rapidly spreading opinion that (ALL) hardware tokens weren't feasible in the consumer environment. the result was that numerous hardware token projects in process and/or planned effectively evaporated.

another issue that frequently crops up involves confusing authentication and identification. for nearly all the hardware token related operations ... authentication is sufficient ... however there are frequently extraneous efforts to also try and add identification. identification also frequently requires institutional specific personalization ... which complicates a person-centric something you have authentication (usable with a large variety of different institutions)).

Basically, an AADS hardware token ... provided registering of a hardware token unique public key ... analogous to the way a unique fingerprint might be recorded. Then, when that public key is used to validate a "digital signature", ... there was assurance of something you have authentication ... in much the same way verifying a fingerprint provides assurance of something you are authentication. No PKI is required, no personalization is required ... just recording a "public key" (in manner analogous to the way a fingerprint might be recorded in a biometric authentication infrastructure).

The X9.59 financial transaction standard allowed for such an AADS authentication. misc. X9.59 references
https://www.garlic.com/~lynn/x959.html#x959

As part of person-centric paradigm, the AADS chip strawman was defined in such a way that the same chip could operate in multiple different modes, one-factor authentication, two-factor authentication, three-factor authentication, or even larger number of factors ... even dynamically changing in response to different institutional requirements.

parts of old threads from 2004 with similar discussion:
https://www.garlic.com/~lynn/aadsm17.htm#12 A combined EMV and ID card
https://www.garlic.com/~lynn/aadsm17.htm#13 A combined EMV and ID card
https://www.garlic.com/~lynn/aadsm18.htm#27 EMV cards as identity cards
https://www.garlic.com/~lynn/aadsm18.htm#29 EMV cards as identity cards
https://www.garlic.com/~lynn/aadsm18.htm#31 EMV cards as identity cards
https://www.garlic.com/~lynn/aadsm18.htm#32 EMV cards as identity cards

and parts of recent long winded related linkedin thread:
https://www.garlic.com/~lynn/2008p.html#15 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#18 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#19 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#22 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#28 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#32 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#44 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#49 Can Smart Cards Reduce Payments Fruad and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#55 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#59 Can Smart Cards Reduce Payments Fraud and Identity Theft?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch,comp.sys.intel,comp.sys.ibm.pc.hardware.chips
Date: Thu, 18 Dec 2008 20:56:49
re:
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#24 Garbage in, garbage out trampled by Moore's law

and for more of the view requiring regulation:

Corporate Fraud and Misconduct Risks Driven by Pressure to do 'Whatever It Takes'; Fewer episodes reported by companies with ethics and compliance programs
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487

from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said they had personally observed misconduct within their organizations during the prior 12 months, unchanged from the level reported by KPMG survey respondents in 2005. Roughly half (46 percent) of respondents reported that what they observed "could cause a significant loss of public trust if discovered," a figure that rises to 60 percent among employees working in the banking and finance industry.

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch,comp.sys.intel,comp.sys.ibm.pc.hardware.chips
Date: Fri, 19 Dec 2008 06:54:25
Robert Myers <rbmyersusa@gmail.com> writes:
Perhaps the computers and the PhD's in economics are nothing more than window dressing, or perhaps even worse: a cover for garden-variety fraud.

re:
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#24 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#27 Garbage in, garbage out trampled by Moore's law

there is the old line about asking crooks why they rob banks ... and the answer is: that is where the money is. if overall number is 46% ("could cause a significant loss of public trust if discovered") and number for financial is 60%, then the non-financial industry number should be someplace under 40% ... making financial industry at least 50% worse than other industries (possibly twice).

recent/similar thread in some linkedin discussions ... where i commented that SOX (sarbanes-oxley passed in the wake of enron & worldcom) was more like "window dressing" & some amount of the input fiddling was a case of "garbage in, garbage out":
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again, Why?

as implied in the reference to the (silicon valley, computer related) industrial espionage litigation from early 80s, the assumption is that everybody is a crook (given sufficient temptation) and countermeasures are required that are proportional to risk (and/or proportional to temptation).

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Let IT run the company!

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Let IT run the company!
Date: December 18, 2008
Blog: International Association of Software Architects
There have been references in the earlier part of the decade that justification for less regulation in the financial industry was partly based on use of sophisticated computer risk management applications. However, it seems that fiddling the inputs to the risk management applications, to get the desired result, isn't a lot different than fiddling books. recent article in the vein:

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/

and a more recent article along similar lines:

Corporate Fraud and Misconduct Risks Driven by Pressure to do 'Whatever It Takes'; Fewer episodes reported by companies with ethics and compliance programs
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487

from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said they had personally observed misconduct within their organizations during the prior 12 months, unchanged from the level reported by KPMG survey respondents in 2005. Roughly half (46 percent) of respondents reported that what they observed "could cause a significant loss of public trust if discovered," a figure that rises to 60 percent among employees working in the banking and finance industry.

... snip ...

In various financial regulatory scenarios, there seemed to be the belief that sophisticated computer applications would avoid disastrous outcomes ... which given human ingenuity was sadly misplaced. A couple months ago, a commentator on one of the TV business news shows stated that American bankers are the most innovative in the world, being able to totally mess up the infrastructure about once a decade.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

How reliable are the credit rating companies? Who is over seeing them?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: How reliable are the credit rating companies? Who is over seeing them?
Date: December 19, 2008
Blog: Financial Regulation
re:
http://help.linkedin.com/app/answers/detail/a_id/35227

in the congressional hearings looking at toxic CDO issuers paying the rating agencies for triple-A ratings (when both knew that they weren't worth triple-A), the word "fraud" was used several times.

Supposedly SOX (sarbanes-oxley passed in wake of enron and worldcom) required SEC to do something ... but there doesn't seem to be anything but this report:

Report on the Role and Function of Credit Rating Agencies in the Operation of the Securities Markets; As Required by Section 702(b) of the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf

Part of the congressional hearings made a point that the switch in the early 70s from the buyers paying for the ratings ... to the sellers of the instruments ... paying for the ratings ... marked the start of the change.

Last week one of the TV business news shows had on a couple CEOs from smaller rating agencies that are paid by the buyers of the instruments ... and repeatedly made the point that they aren't being influenced by the instrument sellers to give the highest possible rating.

in the case of consumer credit rating, having the "relying party" paying for the rating ... rather than the consumer, is more consistent. In the congressional hearings, there was also the point that having the issuers of the toxic CDOs paying for the (triple-A) ratings ... mis-aligned the business interests (i.e. the rating agencies were no longer performing in the interests of the parties relying on the ratings).

similar discussion from two months ago ... shortly after congressional hearings ... discussing that regulation is significantly easier when there are properly aligned business processes
https://www.garlic.com/~lynn/2008p.html#9 Do you believe a global financial is possible?

and things can really get bollixed up when business processes are mis-aligned.

A semi-related recent article (although the topic was also touched on in the rating agency hearings):

Corporate Fraud and Misconduct Risks Driven by Pressure to do 'Whatever It Takes'; Fewer episodes reported by companies with ethics and compliance programs
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487

from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said they had personally observed misconduct within their organizations during the prior 12 months, unchanged from the level reported by KPMG survey respondents in 2005. Roughly half (46 percent) of respondents reported that what they observed "could cause a significant loss of public trust if discovered," a figure that rises to 60 percent among employees working in the banking and finance industry.

... snip ...

With overall industry avg. of 46% ("could cause a significant loss of public trust if discovered") and the financial industry specific avg. of 60%, which should place the non-financial industry avg. below 40%. That would make the financial industry avg. somewhere between 50% and 100% worse than other industries.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Dec. 19, 1974: Build Your Own Computer at Home!

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Dec. 19, 1974: Build Your Own Computer at Home!
Newsgroups: alt.folklore.computers
Date: Sat, 20 Dec 2008 07:31:20
Dec. 19, 1974: Build Your Own Computer at Home!
http://www.wired.com/science/discoveries/news/2008/12/dayintech_1219

from above:
The Altair 8800 kit sold for just under $400 (about $1,700 in today's money). If you wanted to forgo the case, you could get the kit for under $300. Or you could order the whole deal fully assembled: Old-Computers.com quotes a $595 price.

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

How Should The Government Spend The $700 Billion?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: How Should The Government Spend The $700 Billion?
Date: December 20, 2008
Blog: Government Policy
The Fed's Too Easy on Wall Street
http://www.businessweek.com/stories/2008-03-19/the-feds-too-easy-on-wall-streetbusinessweek-business-news-stock-market-and-financial-advice

from above:
Here's a staggering figure to contemplate: New York City securities industry firms paid out a total of $137 billion in employee bonuses from 2002 to 2007, according to figures compiled by the New York State Office of the Comptroller. Let's break that down: Wall Street honchos earned a bonus of $9.8 billion in 2002, $15.8 billion in 2003, $18.6 billion in 2004, $25.7 billion in 2005, $33.9 billion in 2006, and $33.2 billion in 2007.

... snip ...

some part of the $700B wallstreet bailout possibly goes to replenish the $137B sucked out of the infrastructure (as reward for their part in creating the current situation).

... recent update

Bailed-Out Banks Dole Out Bonuses; Goldman Sachs, CitiGroup, Others Mum on How They Are Using TARP Cash
http://abcnews.go.com/WN/Business/story?id=6498680&page=1

from above:
Goldman Sachs, which accepted $10 billion in government money, and lost $2.1 billion last quarter, announced Tuesday that it handed out $10.93 billion in benefits, bonuses, and compensation for the year.

... snip ...

so in this case ... all of the bailout money.

past references to The Fed's Too Easy on Wall Street article:
https://www.garlic.com/~lynn/2008f.html#76 Bush - place in history
https://www.garlic.com/~lynn/2008g.html#52 IBM CEO's remuneration last year ?
https://www.garlic.com/~lynn/2008g.html#66 independent appraisers
https://www.garlic.com/~lynn/2008h.html#42 The Return of Ada
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#82 Fraud in financial institution
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#32 How much is 700 Billion Dollars??
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch
Date: Sat, 20 Dec 2008 11:22:45
jgd writes:
Yup. My reaction, twenty years ago, when I learned that finance houses were hiring engineers and mathematicians to do financial simulation was "but the stock market is a classical case of chaotic behaviour", in the sense of unpredictable responses to stimuli. Not being respectful of such organisations and their predictions has marked me as even more of an eccentric than ever, but my pension fund is still in fairly good shape.

re:
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#24 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#27 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#28 Garbage in, garbage out trampled by Moore's law

when the FED Reserve had to bail out the hedge funds a decade ago ... my wife kept telling people that they were only doing short horizon, stable, linear periods ... and would never be able to deal with discontinuities ... however, all this is purely from the technical side ... which is starting to look more & more like pure window dressing.

and from last spring:

The Fed's Too Easy on Wall Street
http://www.businessweek.com/stories/2008-03-19/the-feds-too-easy-on-wall-streetbusinessweek-business-news-stock-market-and-financial-advice

from above:
Here's a staggering figure to contemplate: New York City securities industry firms paid out a total of $137 billion in employee bonuses from 2002 to 2007, according to figures compiled by the New York State Office of the Comptroller. Let's break that down: Wall Street honchos earned a bonus of $9.8 billion in 2002, $15.8 billion in 2003, $18.6 billion in 2004, $25.7 billion in 2005, $33.9 billion in 2006, and $33.2 billion in 2007.

... snip ...

some part of the $700B wallstreet bailout possibly goes to replenish the $137B sucked out of the infrastructure (as reward for their part in creating the current situation).

... and recent update

Bailed-Out Banks Dole Out Bonuses; Goldman Sachs, CitiGroup, Others Mum on How They Are Using TARP Cash
http://abcnews.go.com/WN/Business/story?id=6498680&page=1

from above:
Goldman Sachs, which accepted $10 billion in government money, and lost $2.1 billion last quarter, announced Tuesday that it handed out $10.93 billion in benefits, bonuses, and compensation for the year.

... snip ...

so in this case ... all of the bailout money.

misc. past posts mentioning Fed's Too Easy on Wall Street:
https://www.garlic.com/~lynn/2008f.html#76 Bush - place in history
https://www.garlic.com/~lynn/2008g.html#52 IBM CEO's remuneration last year ?
https://www.garlic.com/~lynn/2008g.html#66 independent appraisers
https://www.garlic.com/~lynn/2008h.html#42 The Return of Ada
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#82 Fraud in financial institution
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#32 How much is 700 Billion Dollars??
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008s.html#32 How Should The Government Spend The $700 Billion?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

How do group members think the US payments business will evolve over the next 3 years?

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: How do group members think the US payments business will evolve over the next 3 years?
Date: December 20, 2008
Blog: Payments Leadership Network
re:
https://www.garlic.com/~lynn/2008p.html#25 How do group members think the US payments business will evolve over the next 3 years?
https://www.garlic.com/~lynn/2008p.html#38 How do group members think the US payments business will evolve over the next 3 years?

In the mid-to-late 90s, there was some leaning towards telcos were going to take over the payments industry ... in large part because their transaction processing platforms were significantly more efficient ... and were presumed to be capable of moving into the "micro-payment" market segment. Telcos would then use the volumes from micro-payments to move upstream into more traditional payment market segments. The telco forays into the payment market appeared to flounder ... the usual explanation was that they didn't understand (and weren't prepared to handle) the financial risk issues. Telcos had been accustomed to handling large write-offs related to service usage ... but it is a totally different matter when there are actually out-of-pocket funds being transferred in nightly settlement to merchants.

for slight additional drift ... on some lack of progress ... which is frequently associated with financial transactions:
https://www.garlic.com/~lynn/2008s.html#25 Web Security hasn't moved since 1995

the above makes reference to this discussion about foundation for financial transaction processing (not just payments):
https://www.garlic.com/~lynn/2008p.html#27 Father Of Financial Dataprocessing

now one of the technologies for telco transaction (for things like call records) efficiencies, were the appearance of "in memory" databases ... which continued to support transaction ACID properties. In the past couple yrs there have been some press releases about some of the more traditional payment market players installing some of these more efficient technologies.

another recent thread/discussion on the subject of telco transaction efficiencies being viewed as enabler to enter the payment transaction market:
https://www.garlic.com/~lynn/2008q.html#71 What do you think is holding up the use of cellphone-initiated micro payments in the U.S.?

in the past we had also been asked to design & cost out infrastructures for some potential entries into the US ... as well do some of the business case investigation. Particularly in some of the "stored value" smartcard scenarios (that had been emerging in Europe) ... it turned out that the basic business proposition was based on the infrastructure retaining the float. Then at one point, EU central banks made a statement that these infrastructures would be allowed to retain the float during the startup phase (as mechanism for financing initial deployment) ... but after 2-3 yrs would be required to start paying interests on the unspent balances (in the "stored value" cards). After that there was marked decline in business interests in such infrastructures. Recent related post/thread
https://www.garlic.com/~lynn/2008i.html#53 Digital cash is the future?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is American capitalism and greed to blame for our financial troubles in the US?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Is American capitalism and greed to blame for our financial troubles in the US?
Date: December 20, 2008
Blog: Economics
there have been several recent references to this:

The crash of 2008: A mathematician's view
http://www.eurekalert.org/pub_releases/2008-12/w-tco120808.php

from above:
Markets need regulation to stay stable. We have had thirty years of financial deregulation. Now we are seeing chickens coming home to roost. This is the key argument of Professor Nick Bingham, a mathematician at Imperial College London, in an article published today in Significance, the magazine of the Royal Statistical Society.

... snip ...

and then there is the corollary; effectively, given sufficient temptation, nearly everybody may be a crook ... which then requires fraud countermeasures proportional to the temptation (analogy to security proportional to risk):

Corporate Fraud and Misconduct Risks Driven by Pressure to do 'Whatever It Takes'
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487

from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said they had personally observed misconduct within their organizations during the prior 12 months, unchanged from the level reported by KPMG survey respondents in 2005. Roughly half (46 percent) of respondents reported that what they observed "could cause a significant loss of public trust if discovered," a figure that rises to 60 percent among employees working in the banking and finance industry.

... snip ...

With overall industry avg. of 46% ("could cause a significant loss of public trust if discovered") and the financial industry specific avg. of 60%, which should place the non-financial industries' avg. below 40%. That would make the financial industry avg. somewhere between 50% and 100% worse than other industries.

from last spring:

The Fed's Too Easy on Wall Street
http://www.businessweek.com/stories/2008-03-19/the-feds-too-easy-on-wall-streetbusinessweek-business-news-stock-market-and-financial-advice

from above:
Here's a staggering figure to contemplate: New York City securities industry firms paid out a total of $137 billion in employee bonuses from 2002 to 2007, according to figures compiled by the New York State Office of the Comptroller. Let's break that down: Wall Street honchos earned a bonus of $9.8 billion in 2002, $15.8 billion in 2003, $18.6 billion in 2004, $25.7 billion in 2005, $33.9 billion in 2006, and $33.2 billion in 2007.

... snip ...

some part of the $700B wallstreet bailout possibly goes to replenish the $137B sucked out of the infrastructure (as reward for their part in creating the current situation).

... and more recently

Bailed-Out Banks Dole Out Bonuses; Goldman Sachs, CitiGroup, Others Mum on How They Are Using TARP Cash
http://abcnews.go.com/WN/Business/story?id=6498680&page=1

from above:
Goldman Sachs, which accepted $10 billion in government money, and lost $2.1 billion last quarter, announced Tuesday that it handed out $10.93 billion in benefits, bonuses, and compensation for the year.

... snip ...

Reports have indicated that computer risk model inputs were fiddled until the desired output was achieved (GIGO, garbage-in, garbage-out) ... from earlier this fall:

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
and
Subprime = Triple-A ratings? or 'How to Lie with Statistics' (gone 404 but lives on at the wayback machine)
https://web.archive.org/web/20071111031315/http://www.bloggingstocks.com/2007/07/25/subprime-triple-a-ratings-or-how-to-lie-with-statistics/

CDOs had been used two decades ago in the S&L crisis to obfuscate underlying values and sell-off for more than they were otherwise worth. Maybe more computer power just met that there were new ways to obfuscate what they were really doing.

long winded, decade old post discussing some of the current issues, including needing better visibility into the underlying values of securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm

earlier this fall, the congressional hearings into CDOs looked at rating agencies giving toxic CDOs, triple-A ratings ... even though the toxic CDO issuers and the rating agencies both knew they weren't worth triple-A rating (the word "fraud" was periodically used in the hearings). The toxic CDO triple-A ratings significantly increased the number of institutions that would deal in these toxic CDO instruments (as well as significantly increasing the amount of money that unregulated institutions had to lend).

related side-effect of (often) unregulated institutions being able to immediately offload loans:

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

from above:
Watsa's only sin was in being a little too early with his prediction that the era of credit expansion would end badly. This is what he said in Fairfax's 2003 annual report: "It seems to us that securitization eliminates the incentive for the originator of [a] loan to be credit sensitive. Prior to securitization, the dealer would be very concerned about who was given credit to buy an automobile. With securitization, the dealer (almost) does not care."

... snip ...

Last Sunday, CSPAN had panel with several people from industry. One of the comments was that the subprime was supposedly targeted at low-income, first time home owners ... but only something like 10% of subprime loans went to that market.

With huge influx of funds from securitization and no regard who got loans ... they were cycling loans through the mill as fast as possible to all comers (speculator looking at 20%/annum inflation ... a no-down, no-documentation, 1% introductory, interest-only ... flipping after a year ... represents significant ROI). CBS 60mins had segment on some of these speculators in the overheated Florida and California real-estate markets.

The CSPAN panel also seemed to be torn between the industry claiming being ignorant and totally incompetent vis-a-vis admitting they just ignored (and/or manipulated) all the indications.

On CSPAN, a couple months ago there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250m in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.

PBS programs/webpages discussing some of the wall street influence on congress, wall street fix (including repeal of Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet

On the institution side buying these (triple-A rated toxic CDO, packaged) mortgages .... the institutions were 1) playing long/short mismatch and 2) heavily leveraging. Playing long/short mismatch (alone) has been known to take down institutions for centuries (in this case, even if the toxic CDOs had been worth their triple-A ratings). Comments were that Bear-Stearn and Lehman had marginal chance of surviving playing long/short mismatch. This was further aggravated with heavy leverage ... in some cases leveraging capital 40-80 times in buying triple-A rated toxic CDOs.

article from year ago about playing long/short mismatch (including transactions being carried offbalance ... some possibly are still lurking more than a yr later)
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html

decade old article from SanFran FED on problems with long/short mismatch
http://www.frbsf.org/economic-research/publications/economic-letter/2000/september/short-term-international-borrowing-and-financial-fragility/

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

What is the top security threat prediction of 2009?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: What is the top security threat prediction of 2009?
Date: December 20, 2008
Blog: Information Security
re:
http://help.linkedin.com/app/answers/detail/a_id/35227

Insider threats have nearly always been number one ... although there seems to frequently be various reasons why the information doesn't show up in the public press.

Corporate Fraud and Misconduct Risks Driven by Pressure to do 'Whatever It Takes'
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487

from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said they had personally observed misconduct within their organizations during the prior 12 months, unchanged from the level reported by KPMG survey respondents in 2005. Roughly half (46 percent) of respondents reported that what they observed "could cause a significant loss of public trust if discovered," a figure that rises to 60 percent among employees working in the banking and finance industry.

... snip ...

With overall industry avg. of 46% ("could cause a significant loss of public trust if discovered") and the financial industry specific avg. of 60%, which should place the non-financial industries' avg. below 40%. That would make the financial industry avg. somewhere between 50% and 100% worse than other industries.

then there is this ...

Cybercrime: The 2009 megathreat
http://www.computerworld.com/action/article.do?command=viewArticleBasic&taxonomyName=security&articleId=9123731&taxonomyId=17

and breaches don't seem to have abated (although breaches & identity theft frequently also involve insiders)

Top 10 Security Breaches of 2008
http://www.bankinfosecurity.com/articles.php?art_id=1120

A Chronology of Data Breaches
http://www.privacyrights.org/ar/ChronDataBreaches.htm

... oh and recent posts/threads "Web Security hasn't moved since 1995":
https://www.garlic.com/~lynn/2008p.html#67
https://www.garlic.com/~lynn/2008p.html#78
https://www.garlic.com/~lynn/2008q.html#13
https://www.garlic.com/~lynn/2008s.html#25

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is SUN going to become x86'ed ??

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Is SUN going to become x86'ed ??
Newsgroups: comp.sys.sun.hardware,alt.folklore.computers
Date: Sat, 20 Dec 2008 15:44:02
Eric Sosman <esosman@ieee-dot-org.invalid> writes:
You mean, "The network is the computer?"

before HP used the phrase "Information Utility" ... it was used by one of the (CDC) engineers that went w/Thornton to form Network Systems Corporation (was NSC vp of advanced technologies) ... for referring to extending information operation/access to the WAN environment.

some past refs:
https://www.garlic.com/~lynn/2001.html#20 Disk caching and file systems. Disk history...people forget
https://www.garlic.com/~lynn/2002m.html#61 The next big things that weren't
https://www.garlic.com/~lynn/2003j.html#38 Virtual Cleaning Cartridge
https://www.garlic.com/~lynn/2003o.html#23 Tools -vs- Utility
https://www.garlic.com/~lynn/2007b.html#7 information utility

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Welcome to Rain Matrix: The Cloud Computing Network

Refed: **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Welcome to Rain Matrix: The Cloud Computing Network
Date: December 21, 2008
Blog: Greater IBM Connection
news item from today:

Cloud computing looms larger on corporate horizon

http://tech.yahoo.com/news/ap/20081221/ap_on_hi_te/tec_cloud_computing

from above:
The Internet search and advertising leader will run Genentech's e-mail, as well as some word processing, spreadsheet and calendar applications, and it will do it over an online connectiion -- an unconventional approach called "cloud computing."

... snip ...

Sounds very much like "information utility" ... first time I heard it was from advanced tech VP at network systems corporation (one of the CDC engineers that left with Thornton to found NSC) .... referring to "extending information operation/access to the WAN environment".

As mentioned in this recent post:
https://www.garlic.com/~lynn/2008s.html#37 Is SUN going to become x86'ed?

it predated "The network is the computer".

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

The Internet's 100 Oldest Dot-Com Domains

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: The Internet's 100 Oldest Dot-Com Domains
Newsgroups: alt.folklore.computers
Date: Mon, 22 Dec 2008 09:34:16
The Internet's 100 Oldest Dot-Com Domains:
http://www.pcworld.com/article/155743/oldest_domains.html

from above:

The Internet's been around in some form for decades. It wasn't until the mid-80s, though, that the Web as we know it started coming together -- and those precious dot-com domains started getting snatched up.

... snip ...

the full list:
http://www.pcworld.com/article/155743/oldest_domains.html?page=2

old post looking at RFCs mentioning domain name system:
https://www.garlic.com/~lynn/2004n.html#42

mentioned in the above:

from my rfc index
https://www.garlic.com/~lynn/rfcidx2.htm#881
881
Domain names plan and schedule, Postel J., 1983/11/01 (10pp) (.txt=23490) (Updated by 897, 921) (Ref'ed By 897, 920, 921, 1032)

... above says that initially all the domain names will be ".ARPA" but as soon as practical a second domain name of ".DDN" will be added.

old post with list of domain names from Oct. 1990:
https://www.garlic.com/~lynn/2000e.html#20

and the definitive domain name RFC:
https://www.garlic.com/~lynn/rfcidx3.htm#1032
1035 S
Domain names - implementation and specification, Mockapetris P., 1987/11/01 (55pp) (.txt=122549) (STD-13) (Updated by 1101, 1183, 1876, 1982, 1995, 1996, 2136, 2181, 2308, 2845, 3425, 4033, 4034, 4035, 4343) (See Also 1032, 1033) (Refs 742, 768, 793, 799, 805, 810, 811, 812, 819, 821, 830, 882, 883, 920, 952, 953, 973, 974, 1001, 1002, 1010, 1031) (Ref'ed By 1101, 1123, 1183, 1274, 1279, 1291, 1296, 1348, 1386, 1464, 1480, 1486, 1528, 1530, 1531, 1533, 1535, 1536, 1537, 1541, 1569, 1591, 1609, 1611, 1612, 1637, 1664, 1683, 1700, 1703, 1706, 1712, 1788, 1794, 1798, 1876, 1877, 1886, 1889, 1911, 1912, 1982, 1995, 1996, 2010, 2016, 2052, 2053, 2065, 2074, 2101, 2131, 2132, 2136, 2137, 2142, 2163, 2165, 2181, 2182, 2219, 2230, 2240, 2308, 2352, 2421, 2486, 2505, 2535, 2536, 2537, 2538, 2539, 2540, 2541, 2543, 2548, 2566, 2606, 2671, 2672, 2673, 2694, 2782, 2801, 2806, 2821, 2822, 2826, 2845, 2848, 2870, 2874, 2896, 2911, 2915, 2916, 2929, 2930, 2977, 3002, 3007, 3008, 3027, 3090, 3110, 3111, 3123, 3164, 3172, 3225, 3226, 3315, 3316, 3319, 3361, 3363, 3375, 3397, 3403, 3406, 3425, 3460, 3467, 3490, 3491, 3495, 3550, 3568, 3596, 3597, 3645, 3646, 3650, 3651, 3655, 3658, 3675, 3696, 3707, 3720, 3732, 3743, 3801, 3832, 3833, 3845, 3901, 3920, 3974, 3982, 4025, 4027, 4033, 4034, 4035, 4120, 4151, 4183, 4185, 4192, 4214, 4255, 4279, 4280, 4282, 4290, 4294, 4310, 4322, 4343, 4347, 4398, 4408, 4414, 4471, 4501, 4566, 4592, 4620, 4635, 4641, 4701, 4702, 4703, 4704, 4710, 4725, 4795, 4882, 4892, 4932, 4955, 4956, 4961, 4966, 4969, 4979, 5006, 5113, 5144, 5155, 5178, 5201, 5205, 5214, 5218, 5223, 5321, 5322, 5346, 5395) (DOMAIN)


recent post mentioning the person creating domain name system ... which provides the infrastructure support for domain names ... also worked at the science center in the early 70s
https://www.garlic.com/~lynn/2008r.html#13

and old email with csnet & arpanet address reference in the "signature" line (predates domain name system):

Date: 12/04/82 07:47:17
From: wheeler

re: UNIX; I think that the inclusion of the current CP PAM support would significantly enhance the file access capability of the project. I'm sending a couple documents which cover existing CP/CMS PAM implementation. There are several additional enhancements which are possible to further improve its capability ... and there are several very nice fallouts ... like we are working on a project to place PAM minidisks out on IRONWOOD (and IRONWOOD follow on) ... no additional changes are required to either CP or CMS to place PAM minidisks on IRONWOOD ... a desireable change within the CP support is to guarantee that any DISK writes actually are written to disk (in case of power loss the contents of the cache is lost).

PAM also trivially supports asynchronous I/O access, completely transparent to the virtual machine.

Will also be sending a list of update file size. We are currently going thru a cycle in San Jose to convert all local changes to a area-joint system based on 8209+HPO2+IRONWOOD+>32MEG+CSL24. We will have between 12-30 VM system programmers supporting the system to some degree, & projected to run on more than 50-100 machines in the San Jose area. We also have somebody working on a local newsletter & I will send a copy when the first issue is ready.

.... Lynn Wheeler, K03/282, San Jose Res., 408-256-1783 (8-276)
CSNET: Wheeler@IBM-SJ ARPANET: Wheeler.IBM-SJ@UDel-Relay


... snip ... top of post, old email index

shortly after above, I managed to get new business cards with my various the (internal & external) email addresses on the card.

reference to getting csnet connect earlier in the fall of '82,
https://www.garlic.com/~lynn/98.html#email821022
in this old a.f.c. post
https://www.garlic.com/~lynn/98.html#59 Ok Computer

email also references paged mapped support in vm370 ... some old posts
https://www.garlic.com/~lynn/submain.html#mmap

IRONWOOD refers to the 4k record, 8mbyte of electronic cache in 3880-11 controller (was used for page and/or spool operations). At the same time there was 3880-13, which was 8mbyte of electronic cache ... but was full-track.

also, mentioned is the internal, collabrative sjr/vm ... old post with several old emails (some mentioning sjr/vm)
https://www.garlic.com/~lynn/2006u.html#26 Assembler question

including:
https://www.garlic.com/~lynn/2006u.html#email800429
another old post with several old emails
https://www.garlic.com/~lynn/2007c.html#12 Special characters in passwords was Re: RACF - Password rules

including
https://www.garlic.com/~lynn/2007c.html#email830709
and
https://www.garlic.com/~lynn/2007c.html#email830711

somewhat related to domain name system, old post
https://www.garlic.com/~lynn/2006j.html#53 Arpa address

with old email about getting corporation's class A network number:
https://www.garlic.com/~lynn/2006j.html#email881216

for other topic drift ... recent post mentioning doing my own vm370 system (internal) product distribution:
https://www.garlic.com/~lynn/2008n.html#22

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

The Internet's 100 Oldest Dot-Com Domains

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The Internet's 100 Oldest Dot-Com Domains
Newsgroups: alt.folklore.computers
Date: Mon, 22 Dec 2008 10:10:06
Anne & Lynn Wheeler <lynn@garlic.com> writes:
the full list:
http://www.pcworld.com/article/155743/oldest_domains.html?page=2


re:
https://www.garlic.com/~lynn/2008s.html#39 The Internet's 100 Oldest Dot-Com Domains

first 15 on above (100 oldest) list:
1. symbolics.com: March 15, 1985 2. bbn.com: April 24, 1985 3. think.com: May 24, 1985 4. mcc.com: July 11, 1985 5. dec.com: September 30, 1985 6. northrop.com: November 7, 1985 7. xerox.com: January 9, 1986 8. sri.com: January 17, 1986 9. hp.com: March 3, 1986 10. bellcore.com: March 5, 1986 11. ibm.com: March 19, 1986 12. sun.com: March 19, 1986 13. intel.com: March 25, 1986 14. ti.com: March 25, 1986 15. att.com: April 25, 1986

... snip ...

similar article from 2007
https://www.garlic.com/~lynn/2007t.html#59 The First 100 Dot Coms Ever Registerd

above has distinction between ".edu" and ".com".

symbolics.com was the lisp machine, it appears to be somebody else now.

old email mentioning lisp machine group trying to get 801 chips
https://www.garlic.com/~lynn/2006t.html#email790607

also reference in this recent post
https://www.garlic.com/~lynn/2008k.html#22

mcc.com was the consortium in austin (located across mopac from corporate plant site).

Final bell ringing for MCC
http://www.bizjournals.com/austin/stories/2004/11/01/story3.html

think.com was supercomputer ... one day, I was walking (along charles) from hotel to 101 main street ... and stopped to watch somebody prying the letters off their bldg ... old post mentioning:
https://www.garlic.com/~lynn/2000d.html#65

and there has been lots of discussions regarding dec in this newsgroup

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Executive pay: time for a trim?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Executive pay: time for a trim?
Date: December 22, 2008
Blog: Greater IBM
Executive Pay: Time for a Trim; FedEx's Fred Smith isn't the only CEO taking a haircut. A survey finds at least 40 companies have filed plans to cut executive salaries
http://www.businessweek.com/stories/2008-12-22/executive-pay-time-for-a-trimbusinessweek-business-news-stock-market-and-financial-advice

There was news item that the ratio of avg executive compensation to avg. worker compensation had recently exploded to 400:1 after having been 20:1 for a long time and 10:1 in most of the rest of the world.

Part of the issue is how the executive compensation programs have been structured that incent fiddling of financial reports. The GAO has been doing database of increasing number of financial restatements (in spite of SOX). Basically the financial statements are fiddled in order to boost executive compensation ... and later the financials may be restated but bonuses aren't forfeited. One of the worst examples was freddie was fined $400m in 2004 for $10b fiddled/inflated statement and the CEO replaced ... but allowed to keep tens (hundred?) of millions.

There was recent published study of 270(?) some public companies that redid their executive compensation plan after having problems with financial statement fiddling and executive bonuses. Supposedly executive compensation has been changed to be much more closely aligned with the health and well being of the corporation ... and as a result the companies are performing much better.

some wall street specific:

The Fed's Too Easy on Wall Street
http://www.businessweek.com/stories/2008-03-19/the-feds-too-easy-on-wall-streetbusinessweek-business-news-stock-market-and-financial-advice

from above:
Here's a staggering figure to contemplate: New York City securities industry firms paid out a total of $137 billion in employee bonuses from 2002 to 2007, according to figures compiled by the New York State Office of the Comptroller. Let's break that down: Wall Street honchos earned a bonus of $9.8 billion in 2002, $15.8 billion in 2003, $18.6 billion in 2004, $25.7 billion in 2005, $33.9 billion in 2006, and $33.2 billion in 2007.

... snip ...

some part of the $700B wallstreet bailout possibly goes to replenish the $137B sucked out of the infrastructure (as reward for their part in creating the current situation).

... and more recently

Bailed-Out Banks Dole Out Bonuses; Goldman Sachs, CitiGroup, Others Mum on How They Are Using TARP Cash
http://abcnews.go.com/WN/Business/story?id=6498680&page=1

from above:
Goldman Sachs, which accepted $10 billion in government money, and lost $2.1 billion last quarter, announced Tuesday that it handed out $10.93 billion in benefits, bonuses, and compensation for the year.

... snip ...

misc. recent posts mentioning the 400:1 ratio
https://www.garlic.com/~lynn/2008i.html#73 Should The CEO Have the Lowest Pay In Senior Management?
https://www.garlic.com/~lynn/2008j.html#24 To: Graymouse -- Ireland and the EU, What in the H... is all this about?
https://www.garlic.com/~lynn/2008j.html#76 lack of information accuracy
https://www.garlic.com/~lynn/2008k.html#71 Cormpany sponsored insurance
https://www.garlic.com/~lynn/2008m.html#25 Taxes
https://www.garlic.com/~lynn/2008m.html#33 Taxes
https://www.garlic.com/~lynn/2008m.html#53 Are family businesses unfair competition?
https://www.garlic.com/~lynn/2008m.html#93 What do you think are the top characteristics of a good/effective leader in an organization? Do you feel these characteristics are learned or innate to an individual?
https://www.garlic.com/~lynn/2008n.html#2 Blinkylights
https://www.garlic.com/~lynn/2008n.html#58 Traditional Approach Won't Take Businesses Far Places
https://www.garlic.com/~lynn/2008q.html#14 realtors (and GM, too!)
https://www.garlic.com/~lynn/2008q.html#17 realtors (and GM, too!)
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Welcome to Rain Matrix: The Cloud Computing Network

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Welcome to Rain Matrix: The Cloud Computing Network
Date: December 22, 2008
Blog: Greater IBM Connection
re:
https://www.garlic.com/~lynn/2008s.html#38 Welcome to Rain Matrix: The Cloud Computing Network

The referenced article describes some google apps ... that have been traditionally considered "personal computer" implementations ... but now have a server-based deployment ... accessible via WAN (network "cloud") ... as "cloud computing".

That would make "thin clients" and "netbooks" ... synergistic with what "cloud computing" seems to be referring to.

This would harken back to "personal computing" on the mainframe ... originally accessible via dumb terminals ... from the days of timesharing ... lots of past posts
https://www.garlic.com/~lynn/submain.html#timeshare

One of the major early "personal computing" uptakes was with virtual machine computing based on CMS ... dating back to 1965 ... when "CMS" still stood for "Cambridge Monitor System" ... from the science center ... lots of past posts mentioning Cambridge Science Center (also responsible for virtual machines in 1965):
https://www.garlic.com/~lynn/subtopic.html#545tech

Part of the "personal computer" (as opposed to "personal computing") uptake was combining "terminal emulation" and "personal computing" on single platform ... lots of past posts mentioning "terminal emulation"
https://www.garlic.com/~lynn/subnetwork.html#emulation

Later the corporate "SAA" program appeared to try and stave off emerging client/server, preserving the terminal emulation environment. Part of it was funding porting of numerous popular personal computer applications (spreadsheets, wysiwyg editors, etc) back to the mainframe. It was in this period that we had come up with 3-tier networking architecture (middle-layer, middleware, etc) and out pitching to customer executives. Misc. 3-tier past posts (including some mention of taking arrows from SAA organization):
https://www.garlic.com/~lynn/subnetwork.html#3tier

this is in the period when we were also doing a lot of stuff with our HSDT project as well as NSFNET (operational precursor to the modern internet) and ran into the "information utility" reference (similar to what "cloud computing" seems to be referring to, but two decades earlier). a recent Greater IBM linkedin item on the subject:
https://www.garlic.com/~lynn/2008s.html#19 Nerdy networking kid crashes the party

a couple other recent posts that happen to mention "cloud computing":
https://www.garlic.com/~lynn/2008l.html#43 recent mentions of 40+ yr old technology
https://www.garlic.com/~lynn/2008m.html#94 How important, or not, is virtualization to cloud computing?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

The Internet's 100 Oldest Dot-Com Domains:

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: The Internet's 100 Oldest Dot-Com Domains:
Newsgroups: alt.folklore.computers
Date: Mon, 22 Dec 2008 15:18:46
pltrgyst <pltrgyst@spamlessxhost.org> writes:
Nowhere near that old, but I still have a print copy of the "Internet Manager's Phonebook," created and distributed for the NSF Network Service Center by BBN, in August 1990. It contains the entire Internet domain list as of August 1, 1990, sorted by IP address and domain name, as well as the full contact listing (names, addresses, emails) for each.

re:
https://www.garlic.com/~lynn/2008s.html#39 The Internet's 100 Oldest Dot-Com Domains:
https://www.garlic.com/~lynn/2008s.html#40 The Internet's 100 Oldest Dot-Com Domains:

as per previous references ... i had included the ".com" Oct90 list in this post (from old machine readable copy that I have of all domains "List of domains generated by Internet Domain Survey progam, October 1990")
https://www.garlic.com/~lynn/2000e.html#20

the "full list" isn't limited to just ".com" &/or just top level domains and has 9343 entries.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Executive pay: time for a trim?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Executive pay: time for a trim?
Date: December 22, 2008
Blog: Greater IBM
re:
https://www.garlic.com/~lynn/2008s.html#41 Executive pay: time for a trim?

I've raised before an observation from Boyd's briefings (that I sponsored at IBM in the 80s) about what was happening to corporate America (and might help explain the 400:1 explosion).

In Boyd's briefings, he would mention that at US's entry into WW2 ... there were requirements to rapidly deploy large numbers with little or no experience and training. The approach was to create a rigid, top-down, command&control infrastructure ... that was in large part dependent on managing and deploying overwhelming resources (& inexperienced people) ... as a means of leveraging the limiting experienced resources available. Roll forward to Boyd's briefings in the '80s and he observed that corporate America was starting to feel the coming of age of those young trainees from WW2 .... who were starting to apply their early indoctrination in enormous rigid, top-down, command&control bureaucracies.

A basic premise was that only a very few people at the top, actually know what they are doing and everybody else are low-level, low-skilled workers ... which would go a long ways towards accounting for the explosion of 400:1 in ratio of executive to worker compensation.

Lots of past posts mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html#boyd
as well as numerous URLs from around the WEB mentioning Boyd and/or OODA-loops
https://www.garlic.com/~lynn/subboyd.html#boyd2

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Are blade servers becoming irrelevant with advances in virtualization and multi-core processor technology ?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Are blade servers becoming irrelevant with advances in virtualization and multi-core processor technology ?
Date: December 22, 2008
Blog: Computers and Software
I've repeatedly claimed that blade servers are physical packaging ... putting more and more computing into a rack.

One of the places this started was medusa ... several old emails
https://www.garlic.com/~lynn/lhwemail.html#medusa

which was cluster in a rack project ... major medusa issues were cooling and power requirements with the increasing density. For awhile the rack density increased with components placed horizontal. At some point with further decreases in component size ... the individual rack components switched to vertical orientation (which gave rise to the "blade" terminology ... differentiating from the previous "horizontal" oriented components).

There have been blades with four processors ... however they have tended to be single-core chips. multi-core chips ... allows getting even more processors in the same space (say four four-core processor chips for possibly 16 processors in lieu of four single-core processor chips).

A major virtualization play in the blade/rack server market segment is consolidation. In the 90s, there was a big deal made of hardware being cheaper than people. As a result, it was deemed less expensive to dedicate individual systems to each function as opposed to the scarce & expensive people resource to get multiple different applications to play well on a single system. Roll foward a 10-15 years, and there are huge corporate server farms that have 5-10% utlization.

For these environments, virtualization frequently enables 10:1 server consolidation ... with only a very modest cost in people time/skills (significantly less people time/skills compared to trying to get all the different applications to cooperate on the same server).

Medusa was "cluster in rack" as aspect of cluster scale-up for ha/cmp (no single point of failure) product. This post references ha/cmp cluster scale-up jan92 meeting
https://www.garlic.com/~lynn/95.html#13

that was looking at (no-signle-point-of-failure) DBMS (and distributed lock manager) scale-up ... although we were also doing cluster-scale-up (and no-single-point-of-failure) work in other market segments. although shortly after the above mentioned meeting ... the effort was transferred (announced as supercomputer) and we were told we couldn't work on anything with more than four processors.
https://www.garlic.com/~lynn/subtopic.html#hacmp

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Globa Warning. was Re: : Is SUN going to become x86'ed ??

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Globa Warning. was Re: : Is SUN going to become x86'ed ??
Newsgroups: alt.folklore.computers
Date: Mon, 22 Dec 2008 19:52:58
Peter Flass <Peter_Flass@Yahoo.com> writes:
Then why don't they call it "global cooling?"

there was some recent reports explaining how global warming can result in some areas having colder temperatures and more snow for a period.

basically global warming puts more energy into the system that creates stronger winds. some areas then see the stronger winds blowing more air from colder regions (than normally happened in the past). the issues from the reports isn't specific areas and specific periods having warmer/colder ... but overall avg. temp. also global warming can result in more evaporation so there can be increased moisture (as well as energy) in the air ... leading to overall greater precipitation (both rain &/or snow) ... even when some areas may see decreased precipitation because changes in wind patterns.

midwest then sees stronger winter winds/storms blowing from the arctic (because global warming pumping more energy into the environment). a couple references to the "arctic express"
http://www.wsaz.com/blogs/chrisbaileysblog/36530954.html
http://www.heraldnet.com/article/20081218/SPORTS/712189942/1008/SPORTS02

it isn't that the planet has gotten colder ... it is that the midwest is getting higher transfer of temperatures from the arctic (which on the avg have increased from what they use to be ... but are still colder than what the midwest is use to).

also some parts of west coast may see stronger winds from the pacific (resulting in lower avg. land temperatures) ... where avg pacific water temperature is lower than avg. west coast land temperature. while avg. pacific temperature may be increasing ... it can be still lower than avg. west coast land temperature.

this is analogous but different to air conditioning effect that keeps san francisco cool. hot midday summer temperatures in south santa clara valley (south of san jose) results in air rising. This sucks in air from adjacent areas ... but with ranges on both sides of the valley ... it creates a funnel effect pulling air from the bay ... which in turn creates wind pattern sucking cooler air from the Pacific Ocean thru the gap at the golden gate bridge. the hotter the temperature in south valley ... the stronger the wind pattern sucking cooler air from the pacific ocean (keeping san francisco cooler).

past posts referencing the san francisco air conditioning effect (the hotter the temperature in south valley, the stronger the cooling effect on san francisco):
https://www.garlic.com/~lynn/2001b.html#68 weather biasing where engineers live (was Re: Disk power numbers)
https://www.garlic.com/~lynn/2001i.html#0 YKYGOW...

and recent articles on the overall avg:

Arctic Ice Melting at Alarming Pace as Temperatures Rise; New studies show that the region is warming even faster than many scientists had feared
http://www.usnews.com/articles/news/world/2008/12/16/arctic-ice-melting-at-alarming-pace-as-temperatures-rise
2 trillion tons of ice have melted
http://www.tulsaworld.com/news/article.aspx?subjectid=13&articleid=20081221_11_A16_Aniceb356841

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Executive pay: time for a trim?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Executive pay: time for a trim?
Date: December 22, 2008
Blog: Greater IBM
re:
https://www.garlic.com/~lynn/2008s.html#41 Executive pay: time for a trim?
https://www.garlic.com/~lynn/2008s.html#44 Executive pay: time for a trim?

... and not specifically limited to top executives ... but much of the current crisis is because of such activity at the executive levels ... especially in the financial industry (fiddling financial statements to boost executive bonuses just being one example)

Corporate Fraud and Misconduct Risks Driven by Pressure to do 'Whatever It Takes'
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487

from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said they had personally observed misconduct within their organizations during the prior 12 months, unchanged from the level reported by KPMG survey respondents in 2005. Roughly half (46 percent) of respondents reported that what they observed "could cause a significant loss of public trust if discovered," a figure that rises to 60 percent among employees working in the banking and finance industry.

... snip ...

With overall industry avg. of 46% ("could cause a significant loss of public trust if discovered") and the financial industry specific avg. of 60%, which should place the non-financial industries' avg. below 40%. That would make the financial industry avg. somewhere between 50% and 100% worse than other industries.

A few other recent threads where the above has come up:
https://www.garlic.com/~lynn/2008s.html#27 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#29 Let IT run the company!
https://www.garlic.com/~lynn/2008s.html#30 How reliable are the credit rating companies? Who is over seeing them?
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#36 What is the top security threat prediction of 2009?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

New machine code

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: New machine code
Newsgroups: alt.folklore.computers
Date: Tue, 23 Dec 2008 00:18:55
toby <toby@telegraphics.com.au> writes:
I'm not sure why you have 'supposedly' here. The affinities and talent shared is well attested.

"The Multics project certainly didn't fail in 1969. It suffered a disappointing setback when Bell departed, ... it is fair to remark that some of the more baroque features of the MSPM design and early implementation, say 1966-67, were provided by Bell Labs members of the team ... The Multics Phase One milestone was the first time Multics actually worked. This came in late 1967, years before Unix was started; Ken Thompson and Dennis Ritchie were working on Multics then."*

On the same page, Professor Corbato is more pointedly quoted, "The UNIX system was a reaction to Multics. ... Ken Thompson was part of the Bell Laboratories' Multics effort, and, frustrated with the attempts to bring a large system development under control, decided to start over. His strategy was clear. Start small and build up the ideas one by one as he saw how to implement them well."

https://www.multicians.org/myths.html


past posts in thread:
https://www.garlic.com/~lynn/2008r.html#68 New machine code
https://www.garlic.com/~lynn/2008r.html#74 New machine code
https://www.garlic.com/~lynn/2008s.html#3 New machine code
https://www.garlic.com/~lynn/2008s.html#12 New machine code
https://www.garlic.com/~lynn/2008s.html#13 New machine code
https://www.garlic.com/~lynn/2008s.html#14 New machine code

could be just the way that I chose to phrase it.

could claim that your example is more akin to what happened on the 4th flr (starting really small)
https://www.garlic.com/~lynn/subtopic.html#545tech csc/vm (&/or sjr/vm) posts
https://www.garlic.com/~lynn/submisc.html#cscvm

some of the CTSS people went to the multics project on the 5th flr and some went to the science center on the 4th flr ... where virtual machine cp40 was done (on a specially modified 360/40 with virtual address relocate hardware) ... which then morphed into cp67 when 360/67 (that had virtual address relocate hardware standard) became available. that subsequently morphed into vm370 and eventually the current z/VM.

there was other x-over between cp67 and multics ... example mentioned here:
https://www.multicians.org/thvv/360-67.html

the example story in the above about cp67 crashing 27 times in one day is because of a local mod they/USL had made to the CP67 kernel (this was sometime 1970).

cp67 was delivered to the university where I was undergraduate, the last week in jan68. I got to make lots of kernel modifications which were picked up and shipped in the product. One of these was adding TTY/ASCII terminal support to cp67 (which had 1052 & 2741 standard). I played some game with (tty/ascii) lengths not being more than 255 bytes (aka use one byte length field).

In the "27 crash" story, I think it was somebody at harvard that got some sort of tty terminal compatible device (that was actually a plotter or something) that dialed into the USL machine ... and they changed the max. TTY terminal length field from 80 bytes to 1200 bytes ... which messed up the one byte length field calculations I had implemented.

In any case, the example of cp67 being able to crash and automagically restart 27 times in a single day is then attributed to prompting Multics to do a new filesystem project (since their crash/recovery was taking an hour at the time).

As mentioned in the multics reference ... and some of the others (cited on the above multics page):
http://cap-lore.com/Software/CP.html
https://www.leeandmelindavarian.com/Melinda#VMHist

the "official" corporate system for 360/67 was tss/360.

I've estimated that at one point in 60s when the science center had 10-12 people working on cp67&cms ... the tss/360 project peaked at something like 1000-1200 people (two orders of magnitude greater).

the tss/360 product was eventually decommuted ... but the effort continued to have limited support because of customers like GM research ... and there was small group that then did the tss/360 to tss/370 conversion. Later in the 80s, tss/370 group found some resurgance in special product for AT&T that had a stripped down tss/370 kernel with Unix layered on top.

I've periodically joked about comparing what I was doing on the 4th flr with what the multics group was doing on the 5th flr ... like the number of installed systems.

It wasn't fair to compare number of vm370 customer systems against total multics systems ... it wasn't even fair to compare just (the much smaller number of) internal corporate vm370 systems against total multics systems; however i did claim that at one point I was personally shipping (& supporting) highly modified vm370 systems to a number of internal corporate accounts (small fraction of total internal vm370 accounts) that was about the same as the total number of multics systems (that had ever existed).

minor past references to highly modified csc/vm systems for internal corporate use:
https://www.garlic.com/~lynn/2008.html#29 Need Help filtering out sporge in comp.arch
https://www.garlic.com/~lynn/2008c.html#67 What happened to resumable instructions?
https://www.garlic.com/~lynn/2008c.html#72 No Glory for the PDP-15
https://www.garlic.com/~lynn/2008g.html#33 authoritative IEFBR14 reference
https://www.garlic.com/~lynn/2008g.html#48 How did third-party software companies deal with unbundling being sprung on them?
https://www.garlic.com/~lynn/2008g.html#54 performance of hardware dynamic scheduling
https://www.garlic.com/~lynn/2008g.html#63 Machine-Level Assembly Language
https://www.garlic.com/~lynn/2008h.html#7 Xephon, are they still in business?
https://www.garlic.com/~lynn/2008h.html#76 Microsoft versus Digital Equipment Corporation
https://www.garlic.com/~lynn/2008i.html#14 DASD or TAPE attached via TCP/IP
https://www.garlic.com/~lynn/2008l.html#62 Intel: an expensive many-core future is ahead of us
https://www.garlic.com/~lynn/2008n.html#22 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008o.html#41 The human plague
https://www.garlic.com/~lynn/2008o.html#50 Old XDS Sigma stuff
https://www.garlic.com/~lynn/2008o.html#55 Virtual
https://www.garlic.com/~lynn/2008o.html#56 Virtual
https://www.garlic.com/~lynn/2008o.html#66 Open Source, Unbundling, and Future System
https://www.garlic.com/~lynn/2008p.html#1 My Funniest or Most Memorable Moment at IBM
https://www.garlic.com/~lynn/2008p.html#4 Strings story
https://www.garlic.com/~lynn/2008r.html#21 What if the computers went back to the '70s too?
https://www.garlic.com/~lynn/2008s.html#17 IBM PC competitors

--
40+yrs virtualization experience (since Jan68), online at home since Mar70, at 545 tech sq. 70-77

Executive pay: time for a trim?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Executive pay: time for a trim?
Date: December 23, 2008
Blog: Greater IBM
re:
https://www.garlic.com/~lynn/2008s.html#41 Executive pay: time for a trim?
https://www.garlic.com/~lynn/2008s.html#44 Executive pay: time for a trim?
https://www.garlic.com/~lynn/2008s.html#47 Executive pay: time for a trim?

A couple items from folklore regarding (other) kinds of fiddling that boosts executive bonuses (related to study that 270-some companies redoing their executive bonus plans after having "problems")

1) in the 90s, corporations lobbied to have accounting rules changed so employee retirement funds would be treated as corporate assets ... significantly boosting the corporate financial statements (and therefor executive bonuses). The downside is that such funds, treated as assets, then may be vulnerable in any bankruptcy scenario.

2) a large multinational corporation, somewhat unanticipated, found itself in the red one year. supposedly several hundred executives (in the executive bonus plan) spent the rest of the year moving expenses from the following year into the year with all the losses. business in the following year wasn't any better, but because of shifting of expenses; the following year moved from the red into the black. the claim was that the executive bonuses that year were more than twice as large as any previous executive bonus. the explanation was that the executive bonus plan calculated bonuses based on improvement over the previous year ... in the case of going from "red" to "black" (even only trivially in the black) resulted in large calculated value. As a result, the vagaries of the plan calculations resulted in paying executives more for "taking" the company into the red

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Perfect MITM Attacks With No-Check SSL

Refed: **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Perfect MITM Attacks With No-Check SSL
Date: December 24, 2008
Blog: Financial Crime Risk, Fraud, and Security
Perfect MITM Attacks With No-Check SSL Certs
http://it.slashdot.org/article.pl?sid=08/12/23/0046258

lots of past posts regarding SSL digital certificates
https://www.garlic.com/~lynn/subpubkey.html#sslcert

as well as lots of past posts mentioning MITM-attacks
https://www.garlic.com/~lynn/subintegrity.html#mitmattack

part of original motivation for SSL was perceived weaknesses in the domain name infrastructure. recent reference regarding fixing DNS weaknesses
https://www.garlic.com/~lynn/2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware

as in the "catch22" references ... part of "fixing" DNS ... the fixes could also result in eliminating part of the major motivation for SSL.
https://www.garlic.com/~lynn/subpubkey.html#catch22

we had been working with various groups on high-availability cluster dbms scale-up ... this post mentions a meeting in jan92
https://www.garlic.com/~lynn/95.html#13

a couple of people (mentioned in the referenced meeting) later left and joined a small client/server startup responsible for something called the commerce server. we were brought in to consult because they wanted to do payment transactions on the servers; the startup had also invented something called SSL that they wanted to use with the payment transactions. Part of the effort also included deploying something called a "payment gateway" ... lots of past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway

it is now frequently referred to as "electronic commerce" and is the major use of SSL in the world today.

then in the mid-90s, we were invited to participate in the x9a10 financial standard working group, which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. the result was the x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959

part of x9.59 standard was that it slightly tweaked the paradigm and no longer made it necessary to hide account numbers (&/or transactions information) as a countermeasure to crooks using the information (to perform fraudulent transactions). X9.59 standard didn't do anything about evesdropping, harvesting, skimming, data breaches, and other kinds of exploits ... but it eliminated the threat of fraudulent transactions that typically are the consequence of such exploits (eliminating the need to hide the account number and financial transaction information also eliminates the major use of SSL).

parts of related thread:
https://www.garlic.com/~lynn/2008p.html#67 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008p.html#78 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008q.html#13 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008s.html#25 Web Security hasn't moved since 1995

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Computer History Museum

Refed: **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Computer History Museum
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Wed, 24 Dec 2008 10:04:47
Thomas.Kelman@COMMERCEBANK.COM (Kelman, Tom) writes:
That is interesting. I would like to visit the museum some day. Here's descriptions from a couple of the pictures.

"IBM's System/360 of the mid 1960s came in five different speed and size ranges, starting at 4K of memory and eight 16-bit registers. The architecture dominated business markets and computer science for three decades."

Can you imagine that we once worked with computers with only 4K of memory. Oh, and they successors of these are still very important in the business world. Bill Gates just won't admit it.

"The PDP-8 from DEC was the first mass-produced minicomputer. By 1973 it was the best-selling computer in the world, and over 25 years, DEC produced more than a dozen variations of the PDP-8 architecture."

When I was in college I worked with a professor who was studying brain waves. He had placed probes from a PDP-8 into the brains of mice (I know - poor little mice), and I did the programming to produce analysis reports.


univ. got a 64kbyte, 360/30 as part of planned transition from 709/1401 setup to tss/360 running on 360/67. i got a undergrad student job programming 360/30 in assembler. the univ. was accustomed to shutting down the datacenter from 8am sat until 8am mon ... i would then have the whole place to myself for 48hrs. in that sense, my first personal computer was that 64kbyte 360/30 (upgraded to 768k 360/67).

there were lots of problems with tss/360 ... so when the univ. got 360/67 (and discontinued the 709), it mostly ran os/360 starting with pcp. my undergrad responsibilities expanded to supporting os/360 .. including system generations starting with release 9.5.

along the way, the univ played with (virtual machine) cp67 ... and I got opportunity to rewrite large portions of the code.

this is post from yesterday referencing adding tty/ascii terminal support to cp67:
https://www.garlic.com/~lynn/2008s.html#48 New machine code

part of that exercise was trying to get the 2702 terminal controller to do something ... it turned out it couldn't do. this was at least part of the motivation for the univ. to build a clone replacement ... using an interdata/3, reverse engineering the channel interface ... and building a channel interface board for the interdata/3, programming the interdata/3 to emulate 2702. this was picked up and sold by interdata as standard product ... and later when perkin/elmer bought interdata ... sold under the perkin/elmer logo. the implementation went thru a number of evoluations ... an early upgrade was a "cluster" ... with interdata/4 handling the channel interface, and multiple interdata/3 processors dedicated to linescanner interfaces. this got written up blaming us for (at least parts) clone controller business ... misc. past posts referencing 360 plug-compatible controller market:
https://www.garlic.com/~lynn/submain.html#360pcm

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Computer History Museum

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Computer History Museum
Newsgroups: bit.listserv.ibm-main
Date: Wed, 24 Dec 2008 13:12:51
rfochtman@YNC.NET (Rick Fochtman) writes:
And if you opened the covers of the old 2880 Block Multiplexor Channel box, you found a downsized version of the 360/44 front panel. Fancy that! :-)

the next phase was the 303x channel director ... which was 370/158 engine with just the integrated channel microcode (and w/o the 370 instruction microcode). a 3031 was a 370/158 engine with just the 370 instruction microcode (and w/o the integrated channel micrcode), configured to operate with channel director. 3032 was 370/168 configured to run with channel director (instead of 28x0 channel boxes). 3033 started out as 370/168 wiring diagram mapped to 20% faster chips. the 3033 chips also had ten times the number of circuits (as chips used in 370/168) but started out with the additional circuits not being used. during the development cycle, some critical sections were redesigned to make better use of the additional on-chip circuits ... and the 3033 eventually came out 50% faster than 168 (leveraging higher integrated, on-chip operations).

there use to be some technology laying out data records on 3330 cylinders with "dummy" spacer records that would allow for channel program processing latency to do a head switch operation (on the same cylincer) between the end of a data record (on one track) and the start of the (next) data record (on another track) ... without a rotational miss. Several 370s; 145, 148, & 168, the channel processing was fast enough to execute the head-switch in the time it took a 3330 disk to rotate the dummy spacer record amount.

The problem was that 158 channels had higher latency and would only make the head-switch (w/o a miss & additional revolution) 20-30% of the time (the rest of the time, the head-switch would miss picking the next record and have to may a complete revolution before trying again). The 3330 track size wasn't large enuf to make the dummy record sizes larger (using 4k data records). It turned out that the same rotational miss rates was true for the 303x channel directors (regardless of the machine they were attached to; since they all used the same 158 integrated channel processing).

misc. past posts discussing dummy records & channel program head-switch latency:
https://www.garlic.com/~lynn/2000d.html#7 4341 was "Is a VAX a mainframe?"
https://www.garlic.com/~lynn/2001j.html#3 YKYGOW...
https://www.garlic.com/~lynn/2002b.html#17 index searching
https://www.garlic.com/~lynn/2003g.html#22 303x, idals, dat, disk head settle, and other rambling folklore
https://www.garlic.com/~lynn/2004d.html#64 System/360 40 years old today
https://www.garlic.com/~lynn/2004d.html#65 System/360 40 years old today
https://www.garlic.com/~lynn/2004d.html#66 System/360 40 years old today
https://www.garlic.com/~lynn/2005p.html#38 storage key question
https://www.garlic.com/~lynn/2005s.html#22 MVCIN instruction
https://www.garlic.com/~lynn/2006w.html#8 Why these original FORTRAN quirks?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is SUN going to become x86'ed ??

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: : Is SUN going to become x86'ed ??
Newsgroups: comp.sys.sun.hardware,alt.folklore.computers
Date: Wed, 24 Dec 2008 23:34:28
"COM" ... computer output microfiche ... stromberg datagrphix

there was one (i think in bldg. 26) on san jose plant site ... printer name (from somewhere long ago and far away):
SNJFICHE San Jose, Ca. 8-276-5050 GPD SPOOL MAS

I could print from vm (in bldg. 28) and specify the routing to get it to the microfiche printer (courier would have output back in bldg. usually within a day). I had quite a few microfiche at at home in the 70s ... i had a box someplace in storage that still had maybe 50-60 such microfiche. some old email references that it appeared to take 2-3 minutes per module listing (based on time-stamps on the fiche when a whole batch came back).

recent post with jpg image of home desk in the 70s that included compact microfiche viewer:
https://www.garlic.com/~lynn/2008m.html#38
https://www.garlic.com/~lynn/2008m.html#51

i would do complete vm370 kernel listings (among other things) ... one module per fiche ... it left some fiche mostly empty ... but it made it easy to find ... since large letter readable image could be "printed" across top of fiche (easier than compacting multiple modules per fiche).

wiki page has reference for various standards, including fiche
https://en.wikipedia.org/wiki/Microfilm

this wiki discussion about 8080 mentions it was used in DataGraphiX COM
https://en.wikipedia.org/wiki/Intel_8080

quicky use of search engine didn't turn up a whole lot more about stromberg datagrphix com devices.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Computer History Museum

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Computer History Museum
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 25 Dec 2008 00:20:50
rfochtman@YNC.NET (Rick Fochtman) writes:
We called them "Gap Records" at NCSS and they worked very well for paging on 2305 devices. We'd use the first exposure for the first page, the second exposure for the third page and so on. They were connected to a 370/168 via 2860 Selector Channels. Grant Tegtmeier designed the code and computed the sizes of the Gap Records. He also installed 3330 and 2305 support code, of his own design, in our modified CP67/CMS system. In a long weekend! He was noted for long periods of seeming boredom, punctuated by spurts of sheer genius.

re:
https://www.garlic.com/~lynn/2008s.html#51 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#52 Computer History Museum

there were 3 people that came out from the science center to the univ. to install cp67 the last week in jan68. One of these people left the science center june68 to be part of ncss. He was suppose to teach a cp67 class the following week (after he gave notice) for customers ... and the science center had to really scamble to find people to fill in for him.

the initial cp67 code had fifo single operation processing for 2311, 2314s, and 2301 (drums). It would get about 80page transfers/sec on 2301. I redid the 2301 to do chained processing which increased peak 2301 page transfers to 300/sec. 2301 didn't have multiple request exposure. i also redid the 2311 & 2314 code to implement ordered seek operation (for all queued requests) ... both cp requests and cms requests ... as well as chained request for page operations. On heavily loaded CMS systems, the ordered seek queueing made big difference ... both graceful degradation as load increased ... as well as peak throughput.

i also redid a whole bunch of the kernel pathlengths. This old post:
https://www.garlic.com/~lynn/94.html#18 CP/67 & OS MFT14

contains part of presentation that I made at the '68 SHARE meeting in Boston.

I had been doing heavy optimization of OS MFT system generations ... carefully reordering all the STAGE2 output (from STAGE1) so that the result would optimally place os/360 system files and PDS members on disk (in order to minimize avg. arm seek distance). For the univ. student work load, I would get a factor of about three times thruput improvement. This would degrade over time as PTF maintenance was applied ... affecting high use system components. I would then have to periodically rebuild the system in order to restore the carefully order placement of files and PDS members.

I also got to do some work rewriting cp67 kernel ... besides redoing the i/o stuff ... i also reworked a lot of the pathlengths ... in some cases getting factor of 100 times improvement for some of the stuff.

As mentioned in the presentation, the original unmodified cp67 kernel had 534 cpu seconds overhead for running MFT14 workload that took 322 seconds elapsed time. In the period between Jan68 and fall68, I was able to get that cp67 kernel virtual machine overhead down from 534 cpu seconds to 113 cpu seconds (by rewriting several parts of the cp67 kernel).

I normally had classes during the week ... so much of my maintenance and support work for OS/360 MFT and work on cp67 occurred on weekends. The univ. typically shutdown the datacenter from 8am Sat. until 8am Monday ... during which time I could have the whole place for my personal use. Monday classes were sometimes a problem after having been up for 48hrs straight.

I had also done a dynamic adaptive resource manager and my own page replacement algorithm and thrashing controls for cp67 ... lots of the stuff IBM picked up and shipped in product while I was still undergraduate at the univ (including the TTY/ASCII terminal support mentioned in earlier post in this thread).

This recent post:
https://www.garlic.com/~lynn/2008s.html#17 IBM PC competitors

mentioned that I continued to do various cp67 things ... but much of it was dropped in the product morph from cp67 to vm370. The above has references/pointers to some old email regarding migrating various of the pieces from cp67 to vm370 (after the science center finally replaced their 360/67 with a 370/155-II).

some of the old email
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
https://www.garlic.com/~lynn/2006w.html#email750430

... included these posts from a couple years ago:
https://www.garlic.com/~lynn/2006v.html#36
https://www.garlic.com/~lynn/2006w.html#7
https://www.garlic.com/~lynn/2006w.html#8

Before the decision was made to release some of it in the standard vm370 product ... they let me build, distribute, and support highly modified vm370 (aka csc/vm) systems for large number of internal systems. at one point I would joke with the people on the 5th flr that the number peaked about the same as the total number that they were supporting ... recent reference here:
https://www.garlic.com/~lynn/2008s.html#48 New machines code

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is this the story behind the crunchy credit stuff?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Is this the story behind the crunchy credit stuff?
Date: December 25, 2008
Blog: Equity Markets
CDOs had been used two decades ago in the S&L crisis to obfuscate underlying values and sell-off for more than they were otherwise worth

long winded, decade old post discussing some of the current issues, including needing better visibility into the underlying values of securitized instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm

earlier this fall, the congressional hearings into CDOs looked at rating agencies giving toxic CDOs triple-A ratings ... even though the toxic CDO issuers and the rating agencies both knew they weren't worth triple-A rating (the word "fraud" was periodically used in the hearings). The toxic CDO triple-A ratings significantly increased the number of institutions that would deal in these toxic CDO instruments (as well as significantly increasing the amount of money that unregulated institutions had to lend).

related side-effect of (often) unregulated institutions being able to immediately offload loans:

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

from above:
Watsa's only sin was in being a little too early with his prediction that the era of credit expansion would end badly. This is what he said in Fairfax's 2003 annual report: "It seems to us that securitization eliminates the incentive for the originator of [a] loan to be credit sensitive. Prior to securitization, the dealer would be very concerned about who was given credit to buy an automobile. With securitization, the dealer (almost) does not care."

... snip ...

Week ago Sunday, CSPAN had panel with several people from industry. One of the comments was that the subprime was supposedly targeted at low-income, first time home owners ... but only something like 10% of subprime loans went to that market.

With huge influx of funds from securitization and no regard who got loans ... they were cycling loans through the mill as fast as possible to all comers (speculator looking at 20%/annum inflation ... a no-down, no-documentation, 1% introductory, interest-only ... flipping after a year ... represents significant ROI). CBS 60mins had segment on some of these speculators in the overheated Florida and California real-estate markets.

The CSPAN panel also seemed to be torn between the industry claiming being ignorant and totally incompetent vis-a-vis admitting they just ignored (and/or manipulated) all the indications.

On CSPAN, a couple months ago there was comment that in the congressional session that repealed Glass-Steagall, the financial industry made $250m in congressional contributions. In the recent session that approved the $700B bailout, the financial industry made $2B in congressional contributions.

PBS programs/webpages discussing some of the wall street influence on congress, wall street fix (including repeal of Glass-Steagall)
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet

On the institution side buying these (triple-A rated toxic CDO, packaged) mortgages .... the institutions were 1) playing long/short mismatch and 2) heavily leveraging. Playing long/short mismatch (alone) has been known to take down institutions for centuries (in this case, even if the toxic CDOs had been worth their triple-A ratings). Comments were that Bear-Stearn and Lehman had marginal chance of surviving playing long/short mismatch. This was further aggravated with heavy leverage ... in some cases leveraging capital 40-80 times in buying triple-A rated toxic CDOs.

article from year ago about playing long/short mismatch (including transactions being carried offbalance ... some possibly are still lurking more than a yr later)
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html

decade old article from SanFran FED on problems with long/short mismatch
http://www.frbsf.org/economic-research/publications/economic-letter/2000/september/short-term-international-borrowing-and-financial-fragility/

The value of CDOs were relatively straight-forwardly calculated ... besides the congressional hearings that claimed that both the toxic CDO issuers and the rating agencies (that were being paid to give triple-A ratings to toxic CDOs) knew they weren't worth triple-A ratings

there have been lots of discussions that risk managers "knew" toxic CDOs also weren't worth triple-A ratings (but they were "overruled" by others in the organizations) ... a couple past references:

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/ Subprime = Triple-A ratings? or 'How to Lie with Statistics' (gone 404 but lives on at the wayback machine)
https://web.archive.org/web/20071111031315/http://www.bloggingstocks.com/2007/07/25/subprime-triple-a-ratings-or-how-to-lie-with-statistics/

This on par with everybody knowing that playing long/short mismatch takes down institutions ... but they were doing it anyway. It almost seemed like they thought they were smarter than everybody else ... and would be able to get out before the whole thing collapsed (in some cases, that may turn out to be true with regard to individual compensation).

past references to (computer) GIGO (garbage in, garbage out)
https://www.garlic.com/~lynn/2008s.html#22 IBM PC competitors
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#24 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#26 Combining EMV and eID on a payment card?
https://www.garlic.com/~lynn/2008s.html#27 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#28 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#32 How Should The Government Spend The $700 Billion?
https://www.garlic.com/~lynn/2008s.html#33 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#47 Executive pay: time for a trim?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Computer History Museum

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Computer History Museum
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Thu, 25 Dec 2008 16:16:01
rfochtman@YNC.NET (Rick Fochtman) writes:
I don't remember all the mods we made at NCSS, but one change that made a BIG difference on the simplex and duplex 360/67's was this: in the CP kernel, ALL SVC instructions were modified to a BAL to a specific address in the first 4K of storage, where a "vector table" rerouted the call to a specific CP "subroutine". All those interrupts and PSW swaps took FOREVER on the 360/67, whereas a BAL to low storage SEEMED to fly almost instantaineously. The change also seemed to be beneficial when we switched to 370/168 platforms as well. The CMS kernel used a HVC (in actual fact, a DIAGNOSE) to request services from the CP kernel, including I/O services. We also modified MVT to run in a virtual machine using DIAGNOSE, rather than SIO/TIO/HIO, for I/O services. Made MVT run MUCH FASTER in the virtual machine and freed us from all the related emulation of these I/O instructions. One thing I miss: Grant wrote a program, called IMAGE, that created a complete image of the CP kernel, which would load in record time when bringing up the system. I wish I had a copy of that program now, because of its rather unique processing of the RLD data from the object code. I've never quite understood how RLD data is processed by either the linkage editor or the loader. :-(

re:
https://www.garlic.com/~lynn/2008s.html#51 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#52 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#54 Computer History Museum

as an undergraduate ... before joining the science center ... I first looked at the standard SVC linkage routine (for all kernel calls) and cut the pathlength by about 75%. I then looked at the most frequently called subroutines ... and changed them to BALRs ... leaving the remaining as SVC ... since it no longer represented a significant portion of CP overhead .... i.e. while SVC/LPSW was expensive with regard to BALR ... the actual time spent in the original SVC linkage&return was much, much larger than the SVC/LPSW instruction ... most of the benefit came from reducing the logic. The next was the BALR ... not only replaced the SVC/LPSW instructions but were also "eliminated" the rest of the logic for the linkage/return for high-use routines. When that was done, the remaining SVC/LPSW (and associated linkage/return overhead) was a trivial percentage of overall time spent in the kernel.

Remaining big overhead wasn't so much the SIO instruction ... but the channel program simulation overhead done in "CCWTRANS". CMS turned out to do very stylized disk channel programs. I created a fastpath channel program emulation operation for CMS disk I/O (that was also synchronous ... avoiding all the virtual machine gorp for entering wait state, asynchronous interrupts, etc). This got severely criticized by the people at the science center (mostly bob adair) because it violated the 360 principles of operation. However, it did significantly reduce cp67 kernel overhead for operating CMS virtual machines. This was then redone using "DIAGNOSE" instruction ... since the 360 principles of operation defines the "DIAGNOSE" instruction operation as model-dependent. The facade was that there was a 360 virtual machine machine model which had its own definition for DIAGNOSE instruction operation.

Standard CP67 saved core image of the loaded kernel to disk (routine SAVECP) and a very fast loader sequence that brought back that image back into memory on IPL and then transferred to CP67 startup routine CPINIT. One of the people at the science center modified CP67 kernel failure processing to write a image dump to disk area and then simulate reloaded the disk kernel image from scratch ... basically automagically failure/restart ... this is mentioned in one of the referenced stories at MULTICS websites ... one of the people who supported CP67 system at MIT (and later worked on MULTICS) had modified TTY/ASCII terminal line processing that would cause the system to crash ... and one day CP67 crashed and automagically (fast) restarted 27 times in a single day (which help instigate some MULTICS rewrite because it was taking an hour elapsed time to restart).

The cp67 kernel was undergoing was amount of evolution with new functions being added. On 768k real storage machine ... every little bit hurt. So I did a little slight of hand and created a virtual address space that mapped the cp67 kernel image ... and then flagged the standard portion as fixed ... but created an infrastructure that allowed other portions to be paged in & out. This required enhancing the SVC linkage infrastructure to recognize portions of the kernel that could be pageable (and do page fetch operation before doing the linkage).

The standard CP67 kernel was built up of "card decks" which had the BPS loader slapped on the front and "IPL'ed" (either on the real machine or in a virtual machine). Once the BPS loader had all the routines resolved in real storage ... it would transfer to SAVECP ... which wrote the core image to disk (for later IPL). It turns out that the BPS loader also passed (in registers) the pointer to the resolved (RLD) symbol table. I then changed SAVECP to move the BPS (RLD) symbol table to the end of the (pageable) kernel image ... so that it was also saved to disk (as part of the pageable kernel area).

I ran into a major problem ... the BPS loader only supported up to 256 external symbols. As part of reorg'ing parts of the kernel to make it pageable ... i split modules into 4k-byte "chunks" ... creating a lot of new external symbols. This initially overflowed the BPS loader 256 external symbol limit ... and so I had to resort to all sorts of hacks to keep the number of external symbols within the 256 limit. Much later at the science center ... I found a source copy of the BPS loader in a old card cabinet that was in storage ... I could then modify the BPS loader to extend the external symbol table maximum.

for additional drift ... in the initial work to convert MVT into VS2 ... some virtual address tables and page fault processing was hacked into the side of MVT ... and a copy of CCWTRANS was borrowed from CP67 (i.e. VS2 has the same issue with translating application channel programs passed by EXCP ... as CP67/VM370 has with translating virtual machine channel programs). Past posts with references to CCWTRANS:
https://www.garlic.com/~lynn/2008g.html#45 authoritative IEFBR14 reference
https://www.garlic.com/~lynn/2008i.html#68 EXCP access methos
https://www.garlic.com/~lynn/2008i.html#69 EXCP access methos
https://www.garlic.com/~lynn/2008m.html#7 Future architectures
https://www.garlic.com/~lynn/2008o.html#50 Old XDS Sigma stuff
https://www.garlic.com/~lynn/2008q.html#31 TOPS-10

The thing missing from the automagic fast restart ... was the growing number of service virtual machines that had to be brought up manually ... i.e. performance monitor DUSETIMR machine, the VNET, networking machine, and growing number of others. These service virtual machines are analogous to the current genre of virtual appliances found in the latest incarnation of virtual machine technology.

As part of the performance work on cp67 and then moving to vm370 ... I also did a lot of benchmarking work. One of the things that I wanted to do was automate the benchmarking process ... lots of past posts with references
https://www.garlic.com/~lynn/submain.html#benchmark

For this, I created the AUTOLOG command ... where a virtual machine could automagically logon other virtual machines ... including passing an initial startup command to that virtual machine. Then DMKCPI (the rename CPINIT for vm370) was modified to do a special case execution of the AUTOLOG command for a specific virtual machine (which would then handle all the other AUTOLOGs). As mentioned other places, part of the final sequence for the release of my (vm370) resource manager ... i ran a series of 2000 (automated) benchmarks that took 3months elapsed time (as part of final calibration and verification).

However, the AUTOLOG command was also got a lot of use as part of automating the other parts of automatic bringup (in addition to just getting the bare bones kernel operational). A few past posts mentioning AUTOLOG command:
https://www.garlic.com/~lynn/2002q.html#28 Origin of XAUTOLOG (x-post)
https://www.garlic.com/~lynn/2005.html#59 8086 memory space
https://www.garlic.com/~lynn/2006g.html#34 The Pankian Metaphor
https://www.garlic.com/~lynn/2007d.html#23 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007n.html#10 The top 10 dead (or dying) computer skills
https://www.garlic.com/~lynn/2007r.html#68 High order bit in 31/24 bit address
https://www.garlic.com/~lynn/2007s.html#41 Age of IBM VM
https://www.garlic.com/~lynn/2008m.html#42 APL

As mentioning in previous references ... one of the things I did after joining the science center ... was also doing a pagemapped filesystem for CMS. The diagnose I/O API was specific oriented towards drastically reducing the pathlength overhead associated with CMS I/O. However, there are still some large number of performance issues related to simulating a "real address I/O" paradigm in a virtual address environment. The page map changes retained the high level CMS filesystem paradigm while remapping the underlying implementation to page mapped infrastructure. Misc. past post mentioning doing page mapped infrastructure
https://www.garlic.com/~lynn/submain.html#mmap

There were some benchmark comparisons with the same cms and mix-mode, moderately filesystem intensive operation ... one using underlying traditional CMS filesystem .... and same CMS, workload, and CMS filesystem ... but underlying paged mapped ... where the paged mapped flavor had three times the throughput of the traditional non-paged mapped flavor.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch
Date: Fri, 26 Dec 2008 09:54:29
kenney writes:
Here we have to distinguish between money and wealth. The amount of money in circulation expanded enormously due to leverage. This in turn inflated asset prices which could serve as backing for more borrowing. It was a typical bubble like the South Sea, Law's currency reforms in France, 1929 and the dotcom boom. All of those depended on the belief that the underlying would asset continue to rise.

Wealth on the other hand interpretated as standard of living has risen steadily except when interrupted by war. About the only way we are not living better than our ancestors is in being able to afford servants.

By the way the financial models available would have predicted a crash if the cause had been either option trading or overvaluing of shares. The problem is that when it comes to something new financial modellers are still fighting the last war because it is all they have information on.


re:
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#24 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#27 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#28 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#33 Garbage in, garbage out trampled by Moore's law

a couple decades ago the domestic auto makers got into trouble because of competition with foreign manufacturers. they eventually got gov. to impose import quotas. there supposedly was condition that the domestic auto makers would use the period of the import quotas and the drastically increased profits (reduced competition allowed significant price increase) to remake themselves. A couple yrs later, there was an article that it was still business as usual and the gov. should impose a 100% unearned profit tax (basically the american consumer was underwriting the whole thing with the significantly increased price/profits).

One of the issues (during that period) was that the prices increased significantly faster than avg. domestic wages ... and as a result, the auto loan periods had to be significantly extended. This had a secondary effect of loans having longer life than some of the autos. There was also pressure for the domestic auto makers to extend warranties to be at least as long as the loans (which was a very iffy proposition given the quality of the cars).

role forward to the current situation ... the large increase in funds available for loans & mortgages (that came from securitization) allowed for enormous amount of speculation. unregulated institutions were able to get into the business, using securitization as source of funds ... (mostly) outside traditional financial regulation. A no-down, no-documentation, 1% interest only loan ... would represent significant ROI for speculator anticipating 20%/annum inflation and flipping before the loan reset (basically speculators being able to treat the home owner market like the unregulated 1920s stock market).

plot the avg. home price back to the 70s ... as well as the ratio of the avg. home price to the avg. annual earnings ... and it shows an (unique) enormous ugly pimple/boil starting the early part of the decade ... which hasn't yet completely deflated. Lots of people and institutions got caught up in the inflation/deflation cycle ... and various secondary affects may result in the reset continuing down past the level of where the ugly pimple/boil started.

As previously mentioned ... risk management and models showed what was happening ... but lots of people chose to ignore the indications ... and/or were motivated to manipulate the situation for personal advantage. There had always been lots of isolated hotspots of greed and corruption ... but a combination of deregulation and lack of regulation enforcement allowed the hotspots to combine into a firestorm.

misc. recent posts mentioning the firestorm analogy
https://www.garlic.com/~lynn/2008o.html#78 Who murdered the financial system?
https://www.garlic.com/~lynn/2008o.html#80 Can we blame one person for the financial meltdown?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008q.html#20 How is Subprime crisis impacting other Industries?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

DNS flaw is 2008's biggest web blunder

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: DNS flaw is 2008's biggest web blunder
Date: December 26, 2008
Blog: Financial Crime Risk, Fraud, and Security
DNS flaw is 2008's biggest web blunder
http://www.techradar.com/news/internet/dns-flaw-is-2008-s-biggest-web-blunder-496965

from above:
It centres round Dan Kaminsky, a security consultant who found a major flaw in the internet's Domain Name System (DNS). The flaw essentially meant that anybody could re-route a web address to a bogus site, and phish information from users.

... snip ...

Some recent posts related to domain name infrastructure weaknesses and/or issues with SSL (which was in part, motivated by perceived weaknesses with domain name infrastructure)
https://www.garlic.com/~lynn/2008n.html#75 Should online transactions be allowed on credit cards without adequate safeguards?
https://www.garlic.com/~lynn/2008o.html#70 What happened in security over the last 10 years?
https://www.garlic.com/~lynn/2008p.html#7 Dealing with the neew MA ID protection law
https://www.garlic.com/~lynn/2008p.html#14 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#15 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#19 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#22 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#23 Your views on the increase in phishing crimes such as the recent problem French president Sarkozy faces
https://www.garlic.com/~lynn/2008p.html#29 How were you using the internet 10 years ago and how does that differ from how you use it today?
https://www.garlic.com/~lynn/2008p.html#32 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#35 Automation is still not accepted to streamline the business processes... why organizations are not accepting newer technolgies?
https://www.garlic.com/~lynn/2008p.html#38 How do group members think the US payments business will evolve over the next 3 years?
https://www.garlic.com/~lynn/2008p.html#64 Do you feel secure with your bank's online banking service?
https://www.garlic.com/~lynn/2008p.html#67 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008q.html#13 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008r.html#23 What is the level of security in payment systems (credit and bank cards) nowadays?
https://www.garlic.com/~lynn/2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware
https://www.garlic.com/~lynn/2008r.html#50 Security is a subset of Reliability
https://www.garlic.com/~lynn/2008r.html#52 Cheap Hack - Domain Name Market - Stolen Domains for Sale
https://www.garlic.com/~lynn/2008s.html#10 Data leakage - practical measures to improve Information Governance
https://www.garlic.com/~lynn/2008s.html#25 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008s.html#50 Perfect MITM Attacks With No-Check SSL

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch
Date: Fri, 26 Dec 2008 11:03:34
EricP <ThatWouldBeTelling@thevillage.com> writes:
Perhaps not overt fraud - as as far as I can see there have only been 2 or 3 charges of criminal fraud in the US and certainly not enough to account for what may be $2 trillion lost in the ozone[*].

But the does seem to have been quite a lot of surprisingly un-curious people who received huge annual bonuses, some upwards of $100 million, for their part in this affair.


re:
https://www.garlic.com/~lynn/2008s.html#27 Garbage in, garbage out trampled by Moore's law

a couple weeks ago, there was a business tv news show mentioning that the NY state attorney was serving subpoenas on a number of wall street institutions. they conjectured that it might be part of an attempt to recover the enormous bonuses paid out (as their reward for creating the current crisis). there was then discussion about what standard of fraud that would have to be show in order to recover those bonuses.

as mentioned regarding the congressional hearings into the issuers of toxic CDOs were paying rating agencies to give triple-A ratings to toxic CDOs (even when both knew that the toxic CDOs weren't worth the triple-A rating) ... there were several comments during the hearings mentioning the word "fraud". the triple-A ratings enormously increased the institutions that would deal in the toxic CDOs (and the amount of money available to, often unregulated, mortgage originators). Part of the hearings also mentioned that part of the change came in the 70s with the change from the buyers of instruments paying for ratings ... to issuers of instruments paying for ratings (and the issuers starting to have significantly more leverage regarding what rating was given).

on the mortgage originating side of things (packaging the toxic CDOs and paying for the triple-A ratings) ... being able to immediately unload loans as toxic CDOs ... eliminated motivation to pay any attention to loan quality. offering no-down, no-documentation, 1% interest-only payment ARMs ... was quite attractive to speculators looking at 20%/annum inflation and flipping before loan reset.

on the institution side buying the toxic CDOs ... many were (also) playing long/short mismatch ... this could greatly increase short term profits, commissions and bonuses ... but was known for centuries for taking down institutions (i.e. one of the vendors of a leading, extremely sophisticated financial risk management software, made the comment that neither Bear Stearns nor Lehman had more than a marginal chance of surviving playing long/short mismatch).

misc. past posts mentioning article about $137b in wall street bonuses during the period:
https://www.garlic.com/~lynn/2008g.html#52 IBM CEO's remuneration last year ?
https://www.garlic.com/~lynn/2008g.html#66 independent appraisers
https://www.garlic.com/~lynn/2008h.html#42 The Return of Ada
https://www.garlic.com/~lynn/2008i.html#4 A Merit based system of reward -Does anybody (or any executive) really want to be judged on merit?
https://www.garlic.com/~lynn/2008k.html#11 dollar coins
https://www.garlic.com/~lynn/2008m.html#26 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#83 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#74 Why can't we analyze the risks involved in mortgage-backed securities?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#32 How much is 700 Billion Dollars??
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008q.html#66 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008s.html#32 How Should The Government Spend The $700 Billion?
https://www.garlic.com/~lynn/2008s.html#33 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#41 Executive pay: time for a trim?

misc. past posts mentioning the long/short mismatch quote:
https://www.garlic.com/~lynn/2008o.html#14 Blinkylights
https://www.garlic.com/~lynn/2008o.html#15 Financial Crisis - the result of uncontrolled Innovation?
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#27 Blinkylights
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#35 The human plague
https://www.garlic.com/~lynn/2008o.html#37 The human plague
https://www.garlic.com/~lynn/2008o.html#39 The human plague
https://www.garlic.com/~lynn/2008o.html#42 The human plague
https://www.garlic.com/~lynn/2008o.html#43 The human plague
https://www.garlic.com/~lynn/2008o.html#51 Why are some banks failing, and others aren't?
https://www.garlic.com/~lynn/2008o.html#52 Why is sub-prime crisis of America called the sub-prime crisis?
https://www.garlic.com/~lynn/2008o.html#62 Would anyone like to draw a diagram of effects or similar for the current "credit crisis"?
https://www.garlic.com/~lynn/2008o.html#65 Can the financial meltdown be used to motivate sustainable development in order to achieve sustainable growth and desired sustainability?
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#78 Who murdered the financial system?
https://www.garlic.com/~lynn/2008o.html#80 Can we blame one person for the financial meltdown?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#47 In Modeling Risk, the Human Factor Was Left Out
https://www.garlic.com/~lynn/2008p.html#55 Can Smart Cards Reduce Payments Fraud and Identity Theft?
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008p.html#77 Tell me why the taxpayer should be saving GM and Chrysler (and Ford) managers & shareholders at this stage of the game?
https://www.garlic.com/~lynn/2008q.html#19 Collateralized debt obligations (CDOs)
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch
Date: Fri, 26 Dec 2008 11:17:56
EricP <ThatWouldBeTelling@thevillage.com> writes:
I am thinking what might have happened is this. The people who put together these baskets of mortgages likely assumed that there would be a small fixed percentage of bad loans and based their hedging calculations accordingly. But they don't set up a process to check those assumptions.

This had the side effect of creating a market for bad mortgages while at the same time hiding their quantity and quality inside the basket. So now if the percentage of bad loans shifts from the original assumptions no one might notice.


CDO-like instruments were used two decades ago during the S&L crisis to obfuscate the underlying value and sell-off for more than what they would otherwise get. long-winded, decade old post discussing some of the current problems ... including needing visibility into underlying value of CDO-like instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm

the congressional hearings mentioned the toxic CDO issuers were paying the rating agencies for the triple-A ratings (even when both knew that they weren't worth the triple-A ratings). The triple-A ratings not only significantly increased the perceived value of the toxic CDO ... but opened up the toxic CDO market to much larger number of institutions (for one reason or another only deal in high-grade investments ... like retirement funds that may have it written into the contract). The implication was that the toxic CDO packaging was purely a facade ... I've used the analogy with the emperor's new clothes parable ... a few past posts:
https://www.garlic.com/~lynn/2008j.html#20 dollar coins
https://www.garlic.com/~lynn/2008j.html#40 dollar coins
https://www.garlic.com/~lynn/2008j.html#60 dollar coins
https://www.garlic.com/~lynn/2008j.html#69 lack of information accuracy
https://www.garlic.com/~lynn/2008k.html#10 Why do Banks lend poorly in the sub-prime market? Because they are not in Banking!
https://www.garlic.com/~lynn/2008k.html#16 dollar coins
https://www.garlic.com/~lynn/2008k.html#27 dollar coins
https://www.garlic.com/~lynn/2008l.html#42 dollar coins
https://www.garlic.com/~lynn/2008m.html#4 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#12 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#99 Blinkylights
https://www.garlic.com/~lynn/2008o.html#35 The human plague
https://www.garlic.com/~lynn/2008q.html#58 Obama, ACORN, subprimes (Re: Spiders)

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is SUN going to become x86'ed ??

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: : Is SUN going to become x86'ed ??
Newsgroups: comp.sys.sun.hardware,alt.folklore.computers
Date: Fri, 26 Dec 2008 14:17:39
Cydrome Leader <presence@MUNGEpanix.com> writes:
While the general assumption is that kodak is dead, they've bought a large number of fairly interesting companies, most of which never really get the Kodak name added to them.

in the middle of doing our HSDT project
https://www.garlic.com/~lynn/subnetwork.html#hsdt

and talking to NSF about T1 (and higher speeds) for NSFNET backbone
https://www.garlic.com/~lynn/lhwemail.html#nsfnet

we were also having lots of discussions with Cyclotomics about reed-solomon (ecc) FEC ... when they got bought by Kodak (it seemed motivated because Cyclotomics played a big part in the encoding standard for cdrom).

misc. past posts mentioning cyclotomics:
https://www.garlic.com/~lynn/2001.html#1 4M pages are a bad idea (was Re: AMD 64bit Hammer CPU and VM)
https://www.garlic.com/~lynn/2002p.html#53 Free Desktop Cyber emulation on PC before Christmas
https://www.garlic.com/~lynn/2003e.html#27 shirts
https://www.garlic.com/~lynn/2004f.html#37 Why doesn't Infiniband supports RDMA multicast
https://www.garlic.com/~lynn/2004o.html#43 360 longevity, was RISCs too close to hardware?
https://www.garlic.com/~lynn/2005n.html#27 Data communications over telegraph circuits
https://www.garlic.com/~lynn/2007.html#29 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007j.html#4 Even worse than UNIX
https://www.garlic.com/~lynn/2007v.html#82 folklore indeed
https://www.garlic.com/~lynn/2008l.html#19 IBM-MAIN longevity
https://www.garlic.com/~lynn/2008m.html#23 Blinkylights

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch
Date: Fri, 26 Dec 2008 14:49:31
Robert Myers <rbmyersusa@gmail.com> writes:
To pursue your firestorm analogy, the problem isn't so much that weird, local catastrophes can occur, but the existence of a city (like, say, Los Angeles) that can burn to the ground under the right circumstances. If it's just a city, even a huge city, it's a tragic loss, but still minor compared to the collapse of the global economy.

re:
https://www.garlic.com/~lynn/2008s.html#57 Garbage in, garbage out tampled by Moore's law

however, the issue wasn't a lack of understanding that firestorm countermeasures were needed ... in fact, firestorm countermeasures were in place ... and that many of the firestorm countermeasures were eliminated &/or ignored (with evidence that motivations included personal greed and corruption).

this is also the reference to the industry being torn between claiming to being ignorant and totally incompetent vis-a-vis admitting they ignored/manipulated all the indicators.

there are analogies with executives that see short-term bonuses by eliminating "duplicate expense" ... and after they are gone ... it turns out that the "duplicate expense" were actually required to handle continuity related events (that just weren't happening every day). the individuals were betting that they would have theirs & not held accountable when it came time to face the consequences.

also related to past references to the input was fiddled in order to get the desired output (supporting objective of personal gain):

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/

past posts referencing the above article:
https://www.garlic.com/~lynn/2008n.html#49 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#65 Whether, in our financial crisis, the prize for being the biggest liar is
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#72 Why was Sarbanes-Oxley not good enough to sent alarms to the regulators about the situation arising today?
https://www.garlic.com/~lynn/2008n.html#78 Isn't it the Federal Reserve role to oversee the banking system??
https://www.garlic.com/~lynn/2008n.html#80 Why did Sox not prevent this financal crisis?
https://www.garlic.com/~lynn/2008n.html#82 Fraud in financial institution
https://www.garlic.com/~lynn/2008o.html#15 Financial Crisis - the result of uncontrolled Innovation?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#19 What's your view of current global financial / economical situation?
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#34 The human plague
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008q.html#49 Have not the following principles been practically disproven, once and for all, by the current global financial meltdown?
https://www.garlic.com/~lynn/2008q.html#50 Obama, ACORN, subprimes (Re: Spiders)
https://www.garlic.com/~lynn/2008r.html#58 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008s.html#8 Top financial firms of US are eyeing on bailout. It implies to me that their "Risk Management Department's" assessment was way below expectations
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#29 Let IT run the company!
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch
Date: Fri, 26 Dec 2008 15:19:04
"Del Cecchi" <delcecchiofthenorth@gmail.com> writes:
As Cramer said on CNBC "let the show trials begin"

re:
https://www.garlic.com/~lynn/2008s.html#59 Garbage in, garbage out trampled by Moore's law

Cramer has also periodically been on rant about nothing being done about illegal short sales ... misc. past references:
https://www.garlic.com/~lynn/2008k.html#1 dollar coins
https://www.garlic.com/~lynn/2008k.html#9 dollar coins
https://www.garlic.com/~lynn/2008k.html#25 IBM's 2Q2008 Earnings
https://www.garlic.com/~lynn/2008n.html#23 Michigan industry
https://www.garlic.com/~lynn/2008n.html#25 Blinkylights
https://www.garlic.com/~lynn/2008n.html#26 Blinkylights
https://www.garlic.com/~lynn/2008n.html#28 Blinkylights
https://www.garlic.com/~lynn/2008n.html#31 Blinkylights
https://www.garlic.com/~lynn/2008n.html#101 Blinkylights
https://www.garlic.com/~lynn/2008o.html#0 Blinkylights
https://www.garlic.com/~lynn/2008o.html#1 illegal naked short selling
https://www.garlic.com/~lynn/2008o.html#83 Chip-and-pin card reader supply-chain subversion 'has netted millions from British shoppers'
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008q.html#50 Obama, ACORN, subprimes (Re: Spiders)

this wiki page for DTCC mentions them (also) being sued as part of naked short selling:
https://en.wikipedia.org/wiki/Depository_Trust_&_Clearing_Corporation

previously mentioned long-winded, decade old post about some of the current problems ... including needing better visibility into underlying value of CDO-like instruments
https://www.garlic.com/~lynn/aepay3.htm#riskm

even before above ... somewhat in the wake of having done work on (secure) x9.59 financial transaction standard ... reference:
https://www.garlic.com/~lynn/x959.html#x959

we had several discussions with NSCC (which has since been combined with DTC to become DTCC ... but were all separate business organizations at the time) about doing secure operations for offers and acceptance (which when paired, become a securities trade). we ran afoul of a culture of lots of obscurity and non-transparency ... because a side effect of the proposed offer/acceptance/trade security ... would have also resulted in transparency.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Computer History Museum

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Computer History Museum
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 26 Dec 2008 17:21:36
rfochtman@YNC.NET (Rick Fochtman) writes:
I could sure use a copy of that BPS Loader source code, if anyone has it and is willing to share......

re:
https://www.garlic.com/~lynn/2008s.html#51 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#52 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#54 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#56 Computer History Museum

the vm370 loader source (both dmkld00e and dmsldr) have genesis from similar origins.

here is reference to hercules vm370 release 6 (that has source):
http://osdir.com/ml/emulators.hercules390.vm/2004-06/msg00018.html

the mentioned cp67 pageable kernel modifications weren't picked up and shipped as part of cp67 product ... but something similar did appear with vm370 product.

the hercules reference (CMS) DMSLDR (in release 6) having "255 externals per TEXT file" ... while the original BPS loader had limitation of a total of 255 external symbols.

reference for vm/370 R6 (including base source):
http://www.cbttape.org/vm6.htm

the above has reference to aws file (which is over 4mbytes, compressed, over 32mbytes uncompressed)
http://www.cbttape.org/ftp/vm6/base-source.aws.bz2

reference to awstape utility:
http://www.cbttape.org/awstape.htm

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Computer History Museum

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Computer History Museum
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 26 Dec 2008 17:33:22
rfochtman@YNC.NET (Rick Fochtman) writes:
I could sure use a copy of that BPS Loader source code, if anyone has it and is willing to share......

re:
https://www.garlic.com/~lynn/2008s.html#64 Computer History Museum

double checking, the vm370 R6 "base-source.aws" file contains both (CMS) DMSLDR ASSEMBLE and (CP) DMKLD00E ASSEMBLE files. DMKLD00E ASSEMBLE would be the closest to the original BPS loader source.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Computer History Museum

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Computer History Museum
Newsgroups: bit.listserv.ibm-main,alt.folklore.computers
Date: Fri, 26 Dec 2008 19:09:12
re:
https://www.garlic.com/~lynn/2008s.html#51 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#52 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#54 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#56 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#64 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#65 Computer History Museum

for additional topic drift, mention of NCSS (& nomad) in an old baybunch announcement:
https://www.garlic.com/~lynn/2007c.html#email830711b

in this post
https://www.garlic.com/~lynn/2007c.html#12

the post includes a number of old email ... including discussion of highly modified internal vm370 distribution
https://www.garlic.com/~lynn/2007c.html#email830705
and
https://www.garlic.com/~lynn/2007c.html#email830709
and
https://www.garlic.com/~lynn/2007c.html#email830711

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is SUN going to become x86'ed ??

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is SUN going to become x86'ed ??
Newsgroups: comp.sys.sun.hardware,alt.folklore.computers
Date: Fri, 26 Dec 2008 19:20:41
Barry OGrady <god_free_jones@yahoo.com> writes:
Telephone exchanges have backup batteries and the larger ones have diesel generators. Cell phone bases have backup batteries.

one of the reasons that there have been co-location webservers at central office locations ... but needing 48v.

when we were out doing our ha/cmp product marketing
https://www.garlic.com/~lynn/subtopic.html#hacmp

we coined the terms geographic survivability and disaster survivability (to differentiate from disaster/recovery).

during that period ... we looked at some of the high-availability operations (besides telco central office and telco provisioning).

this post mentions jan92 ha/cmp meeting looking at dbms cluster scale-up
https://www.garlic.com/~lynn/95.html#13

two of the people at the mentioned meeting, later left and joined a small client/server startup responsible for something called a commerce server. we were brought in to consult because they wanted to do payment transactions on the servers (the startup had also invented something called SSL they wanted to use for payments). Part of the deployment included something called a "payment gateway" ... some past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway

... and the result is now frequently called "electronic commerce".

part of deploying "payment gateways" ... we looked at co-locating servers at different telco central office ... including needing 48V servers (this was in addition to having specific deployments as cluster "fall-over").

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Happy DEC-20 Day,

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Happy DEC-20 Day,
Newsgroups: alt.folklore.computers
Date: Sat, 27 Dec 2008 08:59:12
jmfbahciv <jmfbahciv@aol> writes:
Except the grantsmanship games now has to put in propaganda filler to get science grants.

and now for something different ...

Software-Generated Paper Accepted At IEEE Conference
http://entertainment.slashdot.org/article.pl?sid=08/12/23/2321242
SCIgen - An Automatic CS Paper Generator
http://pdos.csail.mit.edu/scigen/

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is SUN going to become x86'ed ??

Refed: **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is SUN going to become x86'ed ??
Newsgroups: comp.sys.sun.hardware,alt.folklore.computers
Date: Sun, 28 Dec 2008 09:45:35
Peter Flass <Peter_Flass@Yahoo.com> writes:
So obviously the shell doesn't have the intelligence to expand this properly. Unix needs to use "=" like CMS, so you'd say: cp *.exe =.bak

cms copyfile was redone for vm370 by one of the people picked from the 3rd flr. ... as part of the transition from the cp67 development group to the vm370 development group ... the group moved into the 3rd flr qtrs of the Boston Programming Center ... and absorbed the Boston Programming Center.

The Boston Programming Center had previously done CPS (conversational programming system) which ran on os/360 and had a conversational PLI and Basic. They had also done a (CPS) microcode enhancement for 360/50 which speeded up a lot of the CPS operations.

for a little topic drift ... this is a "A brief Hisotry of 'Classic' Rexx" which uses example of copyfile command use to illustrate difference between REX and earlier EXEC/EXEC2

http://www.rexxla.org/About_Rexx/mfc/rexxhist.html

misc. past posts mentioning cms copyfile command:
https://www.garlic.com/~lynn/2002i.html#11 CDC6600 - just how powerful a machine was it?
https://www.garlic.com/~lynn/2003b.html#44 filesystem structure, was tape format (long post)
https://www.garlic.com/~lynn/2004d.html#42 REXX still going strong after 25 years
https://www.garlic.com/~lynn/2004e.html#37 command line switches [Re: [REALLY OT!] Overuse of symbolic
https://www.garlic.com/~lynn/2004m.html#54 Shipwrecks
https://www.garlic.com/~lynn/2006r.html#12 Trying to design low level hard disk manipulation program
https://www.garlic.com/~lynn/2006t.html#17 old Gold/UTS reference
https://www.garlic.com/~lynn/2006w.html#25 To RISC or not to RISC

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Garbage in, garbage out trampled by Moore's law

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Garbage in, garbage out trampled by Moore's law
Newsgroups: comp.arch
Date: Sun, 28 Dec 2008 10:08:05
Anne & Lynn Wheeler <lynn@garlic.com> writes:
this is also the reference to the industry being torn between claiming to being ignorant and totally incompetent vis-a-vis admitting they ignored/manipulated all the indicators.

re:
https://www.garlic.com/~lynn/2008s.html#62 Garbage in, garbage out trampled by Moore's law

some recent articles along similar lines:

Biggest Bums Of 2008
http://www.forbes.com/2008/12/24/fannie-goldman-citigroup-pf-ii-in_rl_1224croesus_inl.html
Chief Dunces Of Wealth Destruction, Inc.
http://www.forbes.com/2008/11/22/wamu-dunces-citi--pf-ii-in_rl_1122croesus_inl.html

from above:
Another irritant was the even more flabbergasting take-home pay of the Shadow Banking System--the hedge fund managers and private equity bigwigs getting 2% for sitting on pension fund money and 20% of the profits

... snip ...

some of this might have motivation for things like playing long/short mismatch ... where there could be periods of enormous paper profits ... and associated compensation ... which would be more than sufficient compensation when it fell apart and the whole thing came crashing down (since compensation for the earlier paper profits weren't being forfeited).

misc. posts mentioning industry being torn between claiming to being totally incompetent vis-a-vis admitting they manipulated the infrastructure:
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?

misc. other past posts mentioning that playing long/short mismatch has been known for centuries to take down institutions
https://www.garlic.com/~lynn/2008o.html#37 The human plague
https://www.garlic.com/~lynn/2008o.html#39 The human plague
https://www.garlic.com/~lynn/2008o.html#42 The human plague
https://www.garlic.com/~lynn/2008o.html#43 The human plague
https://www.garlic.com/~lynn/2008o.html#52 Why is sub-prime crisis of America called the sub-prime crisis?
https://www.garlic.com/~lynn/2008o.html#62 Would anyone like to draw a diagram of effects or similar for the current "credit crisis"?
https://www.garlic.com/~lynn/2008o.html#65 Can the financial meltdown be used to motivate sustainable development in order to achieve sustainable growth and desired sustainability?
https://www.garlic.com/~lynn/2008o.html#75 In light of the recent financial crisis, did Sarbanes-Oxley fail to work?
https://www.garlic.com/~lynn/2008o.html#78 Who murdered the financial system?
https://www.garlic.com/~lynn/2008o.html#80 Can we blame one person for the financial meltdown?
https://www.garlic.com/~lynn/2008o.html#82 Greenspan testimony and securization
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#47 In Modeling Risk, the Human Factor Was Left Out
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008p.html#70 Is there any technology that we are severely lacking in the Financial industry?
https://www.garlic.com/~lynn/2008p.html#77 Tell me why the taxpayer should be saving GM and Chrysler (and Ford) managers & shareholders at this stage of the game?
https://www.garlic.com/~lynn/2008q.html#10 realtors (and GM, too!)
https://www.garlic.com/~lynn/2008q.html#19 Collateralized debt obligations (CDOs)
https://www.garlic.com/~lynn/2008q.html#20 How is Subprime crisis impacting other Industries?
https://www.garlic.com/~lynn/2008q.html#26 Blinkenlights
https://www.garlic.com/~lynn/2008s.html#9 Blind-sided, again. Why?
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#55 Is this the story behind the crunchy credit stuff?
https://www.garlic.com/~lynn/2008s.html#59 Garbage in, garbage out trampled by Moore's law

and past posts (also) mentioning the $137B in wallstreet bonuses (effectively reward for their part in creating current situation):
https://www.garlic.com/~lynn/2008k.html#11 dollar coins
https://www.garlic.com/~lynn/2008m.html#26 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008m.html#83 Fraud due to stupid failure to test for negative
https://www.garlic.com/~lynn/2008n.html#52 Technology and the current crisis
https://www.garlic.com/~lynn/2008n.html#53 Your thoughts on the following comprehensive bailout plan please
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance
https://www.garlic.com/~lynn/2008n.html#74 Why can't we analyze the risks involved in mortgage-backed securities?
https://www.garlic.com/~lynn/2008o.html#18 Once the dust settles, do you think Milton Friedman's economic theories will be laid to rest
https://www.garlic.com/~lynn/2008o.html#26 SOX (Sarbanes-Oxley Act), is this really followed and worthful considering current Financial Crisis?
https://www.garlic.com/~lynn/2008o.html#28 Does anyone get the idea that those responsible for containing this finanical crisis are doing too much?
https://www.garlic.com/~lynn/2008o.html#31 The human plague
https://www.garlic.com/~lynn/2008o.html#32 How much is 700 Billion Dollars??
https://www.garlic.com/~lynn/2008p.html#8 Global Melt Down
https://www.garlic.com/~lynn/2008p.html#60 Did sub-prime cause the financial mess we are in?
https://www.garlic.com/~lynn/2008q.html#66 Blinkenlights
https://www.garlic.com/~lynn/2008r.html#61 The vanishing CEO bonus
https://www.garlic.com/~lynn/2008r.html#64 Is This a Different Kind of Financial Crisis?
https://www.garlic.com/~lynn/2008s.html#32 How Should The Government Spend The $700 Billion?
https://www.garlic.com/~lynn/2008s.html#33 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2008s.html#41 Executive pay: time for a trim?
https://www.garlic.com/~lynn/2008s.html#59 Garbage in, garbage out trampled by Moore's law

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is SUN going to become x86'ed ??

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is SUN going to become x86'ed ??
Newsgroups: comp.sys.sun.hardware,alt.folklore.computers
Date: Sun, 28 Dec 2008 13:28:34
Peter Flass <Peter_Flass@Yahoo.com> writes:
I had read Bitsavers (http://www.bitsavers.org/pdf/allen-babcock/cps/CPS_Progress_Report_may66.pdf) to say that Allen-Babcock developed the microcode, but a rereading of the memo doesn't really indicate one way or the other. It does make it sound like they developed the conversational PL/I that Boston then played with.

re:
https://www.garlic.com/~lynn/2008s.html#69 Is SUN going to become x86'ed ??

Nat was at the boston programming center at the time it was absorbed by the vm370 development group. Somewhere in that process ... Nat and Jean Sammet (also at the boston programming center on the 3rd flr) eventually transferred to science center (on the 4th flr)

as per the referenced document ... much of the work (even likely the 360/50 microcode) was done as contract for IBM by allen-babcock.
http://www.bitsavers.org/pdf/allen-babcock/cps/CPS_Progress_Report_may66.pdf

note that for whatever reason ... the CPS project appeared to have more leverage getting 360/50s ... than the science center was able to muster ... which had to settle for 360/40 to do the hardware changes to support virtual memory (as part of the virtual machine cp/40 project). as referenced in melinda's historical document ... science center initially tried to get 360/50 for the virtual machine project ... but wasn't able to get one ... because so many were going for the FAA air traffic control effort.
https://www.leeandmelindavarian.com/Melinda#VMHist

past quotes about not being able to get 360/50s & having to settle for 360/40 for virtual machine project:
https://www.garlic.com/~lynn/2003m.html#4 IBM Manuals from the 1940's and 1950's
https://www.garlic.com/~lynn/2003m.html#36 S/360 undocumented instructions?
https://www.garlic.com/~lynn/2005s.html#21 MVCIN instruction
https://www.garlic.com/~lynn/2007b.html#21 history question
https://www.garlic.com/~lynn/2007d.html#52 CMS (PC Operating Systems)
https://www.garlic.com/~lynn/2007i.html#14 when was MMU virtualization first considered practical?

over the years, the company has outsourced quite a bit. about the time of the cps work ... the university had field upgrade for 2702 telecommunication controller to add tty/ascii linescanner ... and the boxes (containing all the hardware) arrived in Heathkit boxes. for other topic drift ... recent posts mentioning doing cp67 tty/ascii support
https://www.garlic.com/~lynn/2008s.html#51 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#54 Computer History Museum
https://www.garlic.com/~lynn/2008s.html#56 Computer History Museum

more than a decade later, STL (which had been assigned lots of the language missions) outsourced (mainframe) PLI. There was some amount of internal uproar and churn about giving away technology to outsourcers ... not so much the PLI activity per se ... but because various people were being asked to do tech transfer of their ("leading edge") R&D work to the outside company (even when it didn't directly involve PLI).

this was all way before the current uproar with regard to overseas outsourcing.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

CA issues no-questions asked Mozilla cert

Refed: **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: CA issues no-questions asked Mozilla cert
Date: December 29, 2008
Blog: Financial Crime Risk, Fraud, and Security
CA issues no-questions asked Mozilla cert
http://www.theregister.co.uk/2008/12/29/ca_mozzilla_cert_snaf/

There have been a couple recent articles about this subject ... either DNS weaknesses and/or weaknesses in SSL as countermeasure for DNS weaknesses. Recent related articles ... references also archived here:
https://www.garlic.com/~lynn/2008r.html#42 Online Bill Payment Website Hijacked - Users were redirected to a page serving malware
https://www.garlic.com/~lynn/2008r.html#52 Cheap Hack - Domain Name Market - Stolen Domains for Sale
https://www.garlic.com/~lynn/2008s.html#50 Perfect MITM Attacks With No-Check SSL
https://www.garlic.com/~lynn/2008s.html#58 DNS flaw is 2008's biggest web blunder

Weaknesses in the validation processes have been discussed since the appearance of the paradigm ... some of the discussions also archived here
https://www.garlic.com/~lynn/subpubkey.html#catch22

Part of the discussion is sources of information for validation as part of the certification process (where a digital certificate is a representation of the certification process). For certification processes that actually reference the domain name infrastructure (the authoritative agency as to domain name ownership) ... there has been suggestions to improve the integrity of the domain name infrastructure (as part of improving the certification process for SSL certificates). The catch-22 is that improving the integrity of the domain name infrastructure (as part of improving certification process for SSL certificates) can also result in eliminating the requirement for SSL certificates.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Do you believe Risk Management Practise is on-demand at present?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Do you believe Risk Management Practise is on-demand at present?
Date: December 29, 2008
Blog: Project Management
Accounting Standards Wilt Under Pressure
http://www.washingtonpost.com/wp-dyn/content/article/2008/12/26/AR2008122601715.html

from above:
In October, largely hidden from public view, the International Accounting Standards Board changed the rules so European banks could make their balance sheets look better. The action let the banks rewrite history, picking and choosing among their problem investments to essentially claim that some had been on a different set of books before the financial crisis started.

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is SUN going to become x86'ed ??

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is SUN going to become x86'ed ??
Newsgroups: comp.sys.sun.hardware,alt.folklore.computers
Date: Mon, 29 Dec 2008 15:57:08
Dave Garland <dave.garland@wizinfo.com> writes:
When LD first deregulated, I got service from Satellite Business Systems.

It worked fine, but that half-second (or whatever it is) delay was just enough so that it always seemed like the person on the other end of the line was a little... slow.


SBS started off as joint effort between IBM, Aetna and COMSAT. It was supposed to get into corporate high-speed, long-haul data transmission ... one market they looked at was disaster/recovery (copying all data to backup site). Unfortunately, they relied heavily on the corporate communication group ... which didn't have the infrastructure or background for doing either high-speed and/or satellite latency (i.e. their communication was strongly oriented towards dumb terminal support).

from long ago and far away

Date: 07/29/81 10:43:53
To: wheeler
Subject: SBS/HYPERCHannel

Lynn-

Rumors of your wheeling & dealing for SLAs have reached here through xxxx and, most recently, yyyyy of SBS, who wants to get us together (& perhaps someone from NSC?) on Monday, 9/28, for what would probably wind up being 1/2 day meeting. Can you make it? AM or PM?


... snip ... top of post, old email index, HSDT email

"SLA" was a hyperchannel "satellite link adapter" (or A720) ... which had been built specifically for SBS "skunk works" effort (i.e. mainstream SBS was under heavy unfluence of the communcation group) ... for little topic drift, recent post:
https://www.garlic.com/~lynn/2008s.html#19 Nerdy networking kid crashes the party

I had previously done HYPERchannel support for mainframe channel extension over (terrestrial) T1 link (being able to provide local 3270 support for IMS group that was being moved offsite because STL was bursting at the seams ... and then used for IMS field support group in Boulder that were being moved to remote bldg). misc. past posts
https://www.garlic.com/~lynn/subnetwork.html#hsdt

My (terrestrial) support was "dual-simplex" ... i.e. ignoring a lot of latency issues ... which became a natural for dealing with satellite propagation delay (sync orbit is 22,000 miles ... round trip is twice down/up ... or 88,000 miles ... at 187,000miles/sec).

In part because of significant bottlenecks with standard corporate communication products dealing with satellite transmission latency ... SBS migrated into voice phone service.

SBS efforts included a "private" satellite corporate voice network ... that included C-band 10meter dishes at major corporate locations in the states. I've mentioned before comment in mid-80s about the internal corporate network having over half of all link encryptors in the world
https://www.garlic.com/~lynn/subnetwork.html#internalnet

The C-band 10meter dishes ... ran a T3 channel ... and a satellite channel bulk encryption was built for the private corporate satellite (nearly all voice) network ... officially called the "data aggregator" (but sometimes referred to as the "data aggravator") ... some past references:
https://www.garlic.com/~lynn/2000b.html#27 Tysons Corner, Virginia
https://www.garlic.com/~lynn/2006.html#26 IBM microwave application--early data communications
https://www.garlic.com/~lynn/2006.html#30 IBM microwave application--early data communications
https://www.garlic.com/~lynn/2006k.html#55 5963 (computer grade dual triode) production dates?
https://www.garlic.com/~lynn/2006m.html#16 Why I use a Mac, anno 2006
https://www.garlic.com/~lynn/2006n.html#36 The very first text editor

There was also some folklore about dealing with the MIB with regard to turning on the data aggregator.

There is a "disaster" story about SBS's first (consumer) "central office" in Westchester county. That didn't have the wiring and battery wiring adequatly debugged ... and when they threw the switch to connect into Westchester county area phone network ... it took down all phone service in the county.

I had gone on some joint customer calls with SBS for disaster recovery (mostly this skunk works group working with NSC and A720/SLAs) ... including Boeing in Seattle (I've mentioned that as undergraduate, I also did a stint as one of the first boeing computer services employees). Boeing had business case that corporate business impact of loosing the Renton datacenter for a week was greater than the total cost of the Renton datacenter ... one of the Renton datacenter disaster scenarios is a mud slide from Mt. Rainier (in the case of any increase in activity ... doesn't even have to explosion like St Helens ... just warming) ... misc. past posts mentioning Renton datacenter:
https://www.garlic.com/~lynn/2002j.html#43 Killer Hard Drives - Shrapnel?
https://www.garlic.com/~lynn/2003.html#51 Top Gun
https://www.garlic.com/~lynn/2003m.html#32 SR 15,15 was: IEFBR14 Problems
https://www.garlic.com/~lynn/2004.html#53 Mainframe not a good architecture for interactive workloads
https://www.garlic.com/~lynn/2005m.html#22 Old Computers and Moisture don't mix - fairly OT
https://www.garlic.com/~lynn/2005m.html#23 Old Computers and Moisture don't mix - fairly OT
https://www.garlic.com/~lynn/2005m.html#24 Old Computers and Moisture don't mix - fairly OT
https://www.garlic.com/~lynn/2006q.html#37 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006q.html#44 The not-so-little shop of 747s
https://www.garlic.com/~lynn/2006u.html#49 Where can you get a Minor in Mainframe?
https://www.garlic.com/~lynn/2006u.html#50 Where can you get a Minor in Mainframe?
https://www.garlic.com/~lynn/2008b.html#36 windows time service
https://www.garlic.com/~lynn/2008c.html#43 Current Officers

I had thought that Renton datacenter might via for the largest in the world ... that was before encountering Boyd running "spook" base (and $2.5B windfall for IBM) ... misc. past posts mentioning "spook" base:
https://www.garlic.com/~lynn/2005t.html#1 Dangerous Hardware
https://www.garlic.com/~lynn/2006q.html#37 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006q.html#38 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006x.html#18 The Future of CPUs: What's After Multi-Core?
https://www.garlic.com/~lynn/2007g.html#13 The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007i.html#4 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#69 Lean and Mean: 150,000 U.S. layoffs for IBM?
https://www.garlic.com/~lynn/2007m.html#60 Scholars needed to build a computer history bibliography
https://www.garlic.com/~lynn/2008.html#52 Education ranking
https://www.garlic.com/~lynn/2008b.html#36 windows time service
https://www.garlic.com/~lynn/2008c.html#58 Current Officers
https://www.garlic.com/~lynn/2008h.html#38 Boyd again
https://www.garlic.com/~lynn/2008i.html#0 Has anyone got a rule of thumb for calculation data center sizing
https://www.garlic.com/~lynn/2008m.html#49 Taxes
https://www.garlic.com/~lynn/2008q.html#23 Newsgroups dying?

misc. past posts &/or URLs mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is SUN going to become x86'ed ??

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is SUN going to become x86'ed ??
Newsgroups: comp.sys.sun.hardware,alt.folklore.computers
Date: Tue, 30 Dec 2008 14:26:32 -0500
jimp writes:
Where is "somewhere else" in a major disaster?

When everything important becomes ground zero, what do you do, type up an order for redundant machines somewhere else TBD?


when we were out marketing our ha/cmp product
https://www.garlic.com/~lynn/subtopic.html#hacmp

we coined the terms disaster survivability and geographic survivability to differentiate from disaster/recovery
https://www.garlic.com/~lynn/submain.html#available

i've mentioned before that in the middle of doing ha/cmp product, we were asked to write a section of the corporate continuous availability strategy document ... but the section got pulled because a couple of the other corporate organizations complained that (at the time) they couldn't meet the requirements.

a post in a different part of this thread that touches on disaster/recovery subject from the early 80s.
https://www.garlic.com/~lynn/2008s.html#74 Is SUN going to become x86'ed ??

in that period, 40miles was considered sufficient for most disaster/recovery ... modulo other common single-point-of-failure ... like along the bank of the same river (which might flood), common power station, common telco infrastructures. For instance, while it was possible to get different telco central office ... there were portions of the country that might have single telco trunk connecting to the rest of the country (in one or two cases covered a multi-state area).

(after we had moved on) in the mid-90s ... we were brought into a financial outsourcer that had deployed a pilot stored-value card for a couple major national retailers (now you see them almost everywhere ... sometimes referred to as "gift cards"). they were using a major RDBMS for storing account balances ... on a high-availability platform (simple fall-over redundancy, after we had done ha/cmp ... some number of the other vendors appeared to try and emulate, in this particular case, a vendor that might be familar to participants in at least one of these newsgroups).

the account value database had become corrupted and we were brought in to find out what happened. turns out there had been a hardware component failure ... which was appropriately handled ... and vendor maintenance was called to replace the failed component. The problem was after the failed component (disk controller) was replaced ... maintenance failed to include updating the configuration to start using the replaced component. A couple months later there was another failure (disk drive) ... but the system hadn't (actually) been writing to the mirrored drive (because its disk controller hadn't been properly configured).

the first meeting with the vendor as part of reconstructing the sequence of events, started out with their senior vp of marketing given marketing overview of their high availability product. what made it interesting was that it sounded almost word-for-word something i had written a couple yrs earlier for ha/cmp.

in a different area, one of the major financial transaction infrastructures had (last time we check) 100% availability over extended multi-year period ... which they attributed to

1) ims hot-standby (geographic triple-redundant) 2) automated operator

... i.e. as hardware got more reliable ... remaining outages were environmental and human mistakes.

misc. past posts mentioning ims hot-standby:
https://www.garlic.com/~lynn/98.html#40 Comparison Cluster vs SMP?
https://www.garlic.com/~lynn/2000c.html#45 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2000c.html#47 Does the word "mainframe" still have a meaning?
https://www.garlic.com/~lynn/2000f.html#30 OT?
https://www.garlic.com/~lynn/2001c.html#69 Wheeler and Wheeler
https://www.garlic.com/~lynn/2001d.html#70 Pentium 4 Prefetch engine?
https://www.garlic.com/~lynn/2001e.html#2 Block oriented I/O over IP
https://www.garlic.com/~lynn/2001e.html#44 Where are IBM z390 SPECint2000 results?
https://www.garlic.com/~lynn/2001g.html#44 The Alpha/IA64 Hybrid
https://www.garlic.com/~lynn/2001j.html#23 OT - Internet Explorer V6.0
https://www.garlic.com/~lynn/2001l.html#47 five-nines
https://www.garlic.com/~lynn/2001n.html#3 News IBM loses supercomputer crown
https://www.garlic.com/~lynn/2001n.html#47 Sysplex Info
https://www.garlic.com/~lynn/2001n.html#85 The demise of compaq
https://www.garlic.com/~lynn/2002h.html#73 Where did text file line ending characters begin?
https://www.garlic.com/~lynn/2002j.html#45 M$ SMP and old time IBM's LCMP
https://www.garlic.com/~lynn/2002o.html#68 META: Newsgroup cliques?
https://www.garlic.com/~lynn/2003.html#37 Calculating expected reliability for designed system
https://www.garlic.com/~lynn/2003h.html#56 The figures of merit that make mainframes worth the price
https://www.garlic.com/~lynn/2003n.html#22 foundations of relational theory? - some references for the
https://www.garlic.com/~lynn/2003n.html#29 Architect Mainframe system - books/guidenance
https://www.garlic.com/~lynn/2004o.html#5 Integer types for 128-bit addressing
https://www.garlic.com/~lynn/2004p.html#49 History of C
https://www.garlic.com/~lynn/2005.html#11 CAS and LL/SC
https://www.garlic.com/~lynn/2005c.html#7 [Lit.] Buffer overruns
https://www.garlic.com/~lynn/2005d.html#9 intel's Vanderpool and virtualization in general (was Re: Cell press release, redacted.)
https://www.garlic.com/~lynn/2005j.html#60 Ancient history
https://www.garlic.com/~lynn/2005m.html#52 Cluster computing drawbacks
https://www.garlic.com/~lynn/2005n.html#25 Data communications over telegraph circuits
https://www.garlic.com/~lynn/2005o.html#30 auto reIPL
https://www.garlic.com/~lynn/2005o.html#37 What ever happened to Tandem and NonStop OS ?
https://www.garlic.com/~lynn/2005p.html#15 DUMP Datasets and SMS
https://www.garlic.com/~lynn/2005p.html#44 hasp, jes, rasp, aspen, gold
https://www.garlic.com/~lynn/2005u.html#23 Channel Distances
https://www.garlic.com/~lynn/2005u.html#37 Mainframe Applications and Records Keeping?
https://www.garlic.com/~lynn/2005v.html#0 DMV systems?
https://www.garlic.com/~lynn/2006.html#32 UMA vs SMP? Clarification of terminology
https://www.garlic.com/~lynn/2006f.html#19 Over my head in a JES exit
https://www.garlic.com/~lynn/2006h.html#52 Need Help defining an AS400 with an IP address to the mainframe
https://www.garlic.com/~lynn/2006i.html#2 The Pankian Metaphor
https://www.garlic.com/~lynn/2006j.html#31 virtual memory
https://www.garlic.com/~lynn/2006o.html#33 When Does Folklore Begin???
https://www.garlic.com/~lynn/2006r.html#4 Was FORTRAN buggy?
https://www.garlic.com/~lynn/2006u.html#55 What's a mainframe?
https://www.garlic.com/~lynn/2007.html#39 Just another example of mainframe costs
https://www.garlic.com/~lynn/2007b.html#9 Mainframe vs. "Server" (Was Just another example of mainframe
https://www.garlic.com/~lynn/2007d.html#24 How many 36-bit Unix ports in the old days?
https://www.garlic.com/~lynn/2007e.html#16 Attractive Alternatives to Mainframes
https://www.garlic.com/~lynn/2007e.html#41 IBM S/360 series operating systems history
https://www.garlic.com/~lynn/2007f.html#56 Is computer history taught now?
https://www.garlic.com/~lynn/2007g.html#80 IBM to the PCM market(the sky is falling!!!the sky is falling!!)
https://www.garlic.com/~lynn/2007h.html#35 sizeof() was: The Perfect Computer - 36 bits?
https://www.garlic.com/~lynn/2007h.html#76 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007j.html#44 John W. Backus, 82, Fortran developer, dies
https://www.garlic.com/~lynn/2007l.html#62 Friday musings on the future of 3270 applications
https://www.garlic.com/~lynn/2007m.html#55 Capacity and Relational Database
https://www.garlic.com/~lynn/2007n.html#49 VLIW pre-history
https://www.garlic.com/~lynn/2007n.html#77 PSI MIPS
https://www.garlic.com/~lynn/2007o.html#59 ACP/TPF
https://www.garlic.com/~lynn/2007p.html#44 what does xp do when system is copying
https://www.garlic.com/~lynn/2007q.html#14 Does software life begin at 40? IBM updates IMS database
https://www.garlic.com/~lynn/2007q.html#46 Are there tasks that don't play by WLM's rules
https://www.garlic.com/~lynn/2007r.html#10 IBM System/3 & 3277-1
https://www.garlic.com/~lynn/2008b.html#40 windows time service
https://www.garlic.com/~lynn/2008b.html#69 How does ATTACH pass address of ECB to child?
https://www.garlic.com/~lynn/2008d.html#11 Toyota Sales for 2007 May Surpass GM
https://www.garlic.com/~lynn/2008d.html#71 Interesting ibm about the myths of the Mainframe
https://www.garlic.com/~lynn/2008h.html#88 Annoying Processor Pricing
https://www.garlic.com/~lynn/2008i.html#17 Does anyone have any IT data center disaster stories?
https://www.garlic.com/~lynn/2008i.html#94 Lynn - You keep using the term "we" - who is "we"?
https://www.garlic.com/~lynn/2008i.html#97 We're losing the battle
https://www.garlic.com/~lynn/2008i.html#99 We're losing the battle
https://www.garlic.com/~lynn/2008j.html#16 We're losing the battle
https://www.garlic.com/~lynn/2008o.html#56 Virtual
https://www.garlic.com/~lynn/2008o.html#76 Blinkenlights
https://www.garlic.com/~lynn/2008p.html#5 Privacy, Identity theft, account fraud
https://www.garlic.com/~lynn/2008p.html#61 Serial vs. Parallel

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Boffins bust web authentication with game consoles

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Boffins bust web authentication with game consoles
Date: December 30, 2008
Blog: Financial Crime Risk, Fraud, and Security
Boffins bust web authentication with game consoles
http://www.theregister.co.uk/2008/12/30/ssl_spoofing/

from above:
The researchers began their proof-of-concept attack with more than 200 PlayStation 3 consoles running in a Linux cluster, which they used to generate millions of possible certificates. Once they found a pair that had a special collision in the MD5 hash, they requested a legitimate website certificate from one of the authorities that relies only on MD5 to generate signatures.

After copying the signature into a rogue certificate authority credential, they had the ability to generate widely accepted website certificates for any site of their choosing.


... snip ...

another news item on the subject:

Experts uncover weakness in Internet security
http://www.eurekalert.org/pub_releases/2008-12/epfd-euw123008.php

I wasn't at crypto 2004 ... but during the MD5 (crack) presentation mentioned in the article ... one of the people in the audience contacted me in real-time to ask about what were all the internet standards documents that referenced MD5.

I now maintain the list of RFCs that reference MD5 in my internet index
https://www.garlic.com/~lynn/rfcietff.htm

specifically
https://www.garlic.com/~lynn/rfcmd5.htm

Note that the article (also) mentions that rather than creating a counterfeit SSL certificate ... they created a counterfeit Certification Authority digital certificate. The whole PKI infrastructure is literally a case of where the chain is only as strong as the weakest link.

A fraudulent/counterfeit Certification Authority could generate fraudulent SSL certificates for all websites ... and if their Certification Authority digital certificate is accepted ... then all their SSL certificates will also be accepted ... regardless of the Certification Authority that a website may have obtained their original/valid SSL certificate from.

we had been asked to consult with a small client/server startup that wanted to do payment transactions on their server and they had also invented this technology they called SSL that they wanted to use. Part of the deployment was something called the payment gateway ... some past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway

we had authority over the webserver to gateway interface and even though they wanted to use SSL ... we imposed additional operations, including mutual registration (as countermeasure to various kinds of exploits, including fraudulent &/or compromised Certification Authorities) ... which effectively resulted in making (those) digital certificates redundant and superfluous. lots of past posts mentioning SSL digital certificates:
https://www.garlic.com/~lynn/subpubkey.html#sslcerts

other recent references to SSL and/or DNS issues
https://www.garlic.com/~lynn/2008p.html#67 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008p.html#78 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008q.html#13 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008r.html#42 Online Bill Payment Website Hijacked - Users were redirect to a page serving malware
https://www.garlic.com/~lynn/2008r.html#52 Cheap Hack - Domain Name Market - Stolen Domains for Sale
https://www.garlic.com/~lynn/2008s.html#25 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008s.html#50 Perfect MITM Attacks With No-Check SSL
https://www.garlic.com/~lynn/2008s.html#58 DNS flaw is 2008's biggest web blunder
https://www.garlic.com/~lynn/2008s.html#72 CA issues no-questions asked Mozilla cert

and a few more URLs (NOTE several have been added since this was first posted):

VeriSign remedies massive SSL blunder (kinda, sorta)
http://www.theregister.co.uk/2009/01/09/verisign_ssl_remedy/
Survey: One in seven SSL certificates are weak
http://www.securityfocus.com/brief/880
Weak sigs found on one in seven SSL sites
http://www.theregister.co.uk/2009/01/07/ssl_security_survey/
Rogue SSL certificate exploit puts VeriSign on the spot
http://www.networkworld.com/news/2009/010609-verisign-ssl-certificate-exploit.html
The Problem With HTTPS SSL Runs Deeper Than MD5
http://www.circleid.com/posts/20090105_problem_with_https_ssl_md5/
SSL: Really broken this time
http://blogs.techrepublic.com.com/networking/?p=776
The SSL/MD5 Exploit
http://cdslash.net/2008/12/the-ssl-md5-exploit/
MD5 considered harmful today
http://www.win.tue.nl/hashclash/rogue-ca/
Researchers' Web Certificate Hack Highlights Big Internet Flaw
http://www.crn.com/security/212700246
Certificate Flaw May Threaten Secure Web Sites
http://www.internetnews.com/security/article.php/3793816/Certificate+Flaw+May+Threaten+Secure+Web+Sites.htm
Exploits & Vulnerabilities: Security Wonks Find Gaping Hole in Trusted
Site System
http://www.ecommercetimes.com/story/65684.html
Researchers Show How to Forge Site Certificates
http://www.freedom-to-tinker.com/blog/felten/researchers-show-how-forge-site-certificates
25C3: MD5 considered harmful today
http://events.ccc.de/congress/2008/Fahrplan/events/3023.en.html
Researchers Use PlayStation Cluster to Forge a Web Skeleton Key
http://www.wired.com/threatlevel/2008/12/berlin/
SMBlog -- exploited the collision weakness in MD5
http://www.cs.columbia.edu/~smb/blog//2008-12/2008-12-30.html
Weakness In Internet Security Uncovered
http://www.sciencedaily.com/releases/2008/12/081231005357.htm
Rogue MD5 SSL Certificate Vulnerability
http://www.us-cert.gov/current/index.html#md5_hashing_algorithm_vulnerability
Verisign Discontinues Flawed MD5 Certificates
http://www.crn.com/security/212700354
200 Sony PS3s Harnessed To Crack Secure Site Certification
http://www.informationweek.com/security/risk-management/200-sony-ps3s-harnessed-to-crack-secure-site-certification/d/d-id/1075216
SSL certs busted
http://www.gcn.com/online/vol1_no1/47780-1.html
Theoretical attacks yield practical attacks on SSL, PKI
http://arstechnica.com/news/theoretical-attacks-yield-practical-attacks-on-ssl-pki.ars
Weakness In Internet Security Uncovered
http://www.sciencedaily.com/releases/2008/12/081231005357.htm
Researchers Demo Nearly Undetectable Phishing Scheme
http://www.itbusinessedge.com/cm/community/news/sec/blog/researchers-demo-nearly-undetectable-phishing-scheme/?cs=21120
New SSL Hack Imperils Secure Websites
http://www.darkreading.com/security/attacks/showArticle.jhtml?articleID=212700234
Experts uncover weakness in Internet security
http://actualites.epfl.ch/presseinfo-com?id=695
Security Wonks Find Gaping Hole in Trusted Site System
http://www.technewsworld.com/story/65684.html
25C3: MD5 collisions crack CA certificate
http://www.heise-online.co.uk/security/25C3-MD5-collisions-crack-CA-certificate--/news/112327
SSL Security Broken - MD5 weakness exploited to create trusted CA
certificate
http://news.softpedia.com/news/SSL-Security-Broken-101075.shtml
Two Hundred PS3s Used To Hack SSL
http://www.hardocp.com/news.html?news=MzcwMDksLCwsLCwx
Researchers Hack Internet Security Infrastructure
http://www.washingtonpost.com/wp-dyn/content/article/2008/12/30/AR2008123001056.html?wprss=rss_technology
Do the SSL Watchmen Watch Themselves?
http://it.slashdot.org/article.pl?sid=09/01/02/2342249
SSL certificate crack threatens e-commerce sites
http://community.zdnet.co.uk/blog/0,1000000567,10011763o-2000331761b,00.htm
Perfect MITM Attacks With No-Check SSL Certs
http://it.slashdot.org/article.pl?sid=08/12/23/0046258&tid=172
200 PS3's Break VeriSign's SSL - Tom's Guide
http://www.tomsguide.com/us/Sony-PlayStation-PS3-VeriSign-SSL,news-3235.html
SSL Crack Shows You Must Advance Your Security
http://www.eweek.com/c/a/Security/SSL-Crack-Shows-You-Must-Advance-Your-Security/
VeriSign addresses MD5 flaw
http://searchsecurity.techtarget.com/news/1344076/VeriSign-addresses-MD5-flaw
SSL Crisis Averted -- For Now
http://www.darkreading.com/security/vulnerabilities/showArticle.jhtml?articleID=212700640
MD5 Algorithm Cracked Using Gaming Consoles
http://www.itproportal.com/2009/01/05/md5-algorithm-cracked-using-gaming-consoles/
Theoretical attacks yield practical attacks on SSL, PKI
http://arstechnica.com/news/theoretical-attacks-yield-practical-attacks-on-ssl-pki.ars?bub
Rogue SSL certificate exploit puts VeriSign on the spot
http://www.networkworld.com/news/2009/010609-verisign-ssl-certificate-exploit.html?t51hb

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is SUN going to become x86'ed ??

Refed: **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Is SUN going to become x86'ed ??
Newsgroups: comp.sys.sun.hardware,alt.folklore.computers
Date: Tue, 30 Dec 2008 21:15:56 -0500
Morten Reistad <first@last.name> writes:
How was that IMS hot standby organised ? Separate db engines running on the same coordinated queue; or a three-way master-master setup?

re:
https://www.garlic.com/~lynn/2008s.html#74 Is SUN going to become x86'ed ??
https://www.garlic.com/~lynn/2008s.html#75 Is SUN going to become x86'ed ??

IMS hot-standby has gone thru some number of evolution generations.

long ago and far away ... my wife had been con'ed into serving a stint in POK in charge of loosely-coupled architecture (mainframe for cluster) ... she created Peer-Coupled Shared Data architecture ... some past posts:
https://www.garlic.com/~lynn/submain.html#shareddata

... which, except for ims hot-standby, saw very little uptake until parallel sysplex ... which was reason why she didn't stay long in the position.

IMS/ESA Version 5.1 Guide (9mar95)
http://www.redbooks.ibm.com/abstracts/GG244302.html?Open

chapter five discusses availability and remote site recovery ... and states that the implementation is different/replaces implementation in Version 4.1 (quick search didn't turn up copy of 4.1 document).

IMS/ESA Version 6 Guide (30mar98)
http://www.redbooks.ibm.com/abstracts/SG242228.html?Open

which includes description of remote site recovery enhancements (chapter 18).

Part of the issue is that IMS hot-standby predated geographically dispersed parallel sysplex ... so there needed to be some additional evolution.

... current

Geographically Dispersed Parallel Sysplex
http://www-304.ibm.com/jct03004c/systems/z/advantages/gdps/index.html

and discussion of IMS Disaster Recovery with GDPS
http://www-03.ibm.com/support/techdocs/atsmastr.nsf/fe582a1e48331b5585256de50062ae1c/122881f37980249d86257366007a8e8d?OpenDocument

for other topic drift, decade ago:

IMS celebrates thirty years as an IBM product (v37n4 1998)
http://www.research.ibm.com/journal/sj/374/blackman.html

from above:
Today, over 90 percent of the top worldwide companies in the areas of manufacturing, finance, banking, retailing, aerospace, communications, government, insurance, high technology, and health care use IMS to run their daily operations

... snip ...

IMS wiki page:
https://en.wikipedia.org/wiki/Information_Management_System

from above:
IMS provides a straightforward, easy-to-use, reliable, standard environment for high performance transaction execution. In fact, much of the world's banking industry relies on IMS, including the U.S. Federal Reserve. For example, chances are that withdrawing money from an automated teller machine (ATM) will trigger an IMS transaction. Several Chinese banks have recently purchased IMS to support that country's burgeoning financial industry. Reportedly, IMS alone is a US$1 billion per year business for IBM

... snip ...

this recent post mentioning disaster/recovery
https://www.garlic.com/~lynn/2008s.html#74 Is SUN going to become x86'ed ??

mentions initially getting involved with NSC HYPERchannel as part of the relocation of IMS group to off-site bldg ... using HYPERchannel for channel extension supporting local 3270s.

other recent posts discussing hyperchannel use as channel extension for local devices.
https://www.garlic.com/~lynn/2008q.html#33 Startio Question
https://www.garlic.com/~lynn/2008q.html#34 Startio Question
https://www.garlic.com/~lynn/2008q.html#36 Startio Question
https://www.garlic.com/~lynn/2008q.html#44 TOPS-10
https://www.garlic.com/~lynn/2008q.html#60 Mainframe files under AIX etc

for some other IMS related topic drift ... old email regarding having lunch with Jim Gray and the IMS group
https://www.garlic.com/~lynn/2007.html#email801016

in this post
https://www.garlic.com/~lynn/2007.html#1 "The Elements of Programming Style"

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Boffins bust web authentication with game consoles

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **
From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Boffins bust web authentication with game consoles
Date: December 31, 2008
Blog: Financial Crime Risk, Fraud, and Security
re:
https://www.garlic.com/~lynn/2008s.html#76 Boffins bust web authentication with game consoles

from the early days of PKIs and Certification Authorities ... the financial industry labeled them as systemic risk ... i.e. a failure could spread throughout the infrastructure.

as part of working on this stuff that is now frequently referred to as "electronic commerce" ... we had to walk through the operational and business processes of many of these new entities calling themselves Certification Authorities. There was a lot of attention payed to integrity & security (recognizing their position as systemic risk)

In the SSL/Browser variation of PKI ... a browser is loaded with a list of acceptable Certification Authorities ... which at various times has run to fifty or more. Each individual Certification Authority has been treated as equally valid ... a browser effectively treats SSL certificates from all Certification Authority equally. This sets up the analogy with chain links ... with each individual one representing a systemic risk; if one of the links has integrity issue ... it destroys the integrity of the chain ... regardless of the integrity of all the other links in the chain. ... misc. past posts mentioning ssl certificates:
https://www.garlic.com/~lynn/subpubkey.html#sslcert

It makes little difference the highest integrity that a website selects for its SSL certificate ... as long as an imposter can obtain any SSL certificate that is treated as equivalent (the analogy to the chain only being as strong as the weakest link).

there shouldn't be anything that stops a fraudulent Certification Authority (that has an acceptable "md5" Certification Authority digital certificate) from generating SHA1 Extended Validation SSL certificates ... i.e.
http://hecker.org/mozilla/ssl-ui

from above:
First, we can't simply mark a given root CA as issuing extended validation certificates or not. For example, it's perfectly conceivable that a CA might have two different subordinate CAs, one of which issues extended validation certificates and one of which does not. It's also conceivable that a CA might directly issue extended validation certificates and other certificates under the same root CA (just as some CAs today directly issue "domain validated" and "identity validated" certificates using the same root CA.)

... snip ...

a small anecdote from ACM SIGMOD (database) annual conference held in san jose in the early 90s ... during one of the sessions, somebody from the audience asked what all the X.5xx stuff was about ... and somebody on the panel replied that it was a bunch of networking engineers attempting to reinvent 1960s database technology.

couple recent posts with references to financial database technology
https://www.garlic.com/~lynn/2008p.html#27 Father Of Financial Dataprocessing
https://www.garlic.com/~lynn/2008s.html#77 Is SUN going to become x86'ed ??

--
40+yrs virtualization experience (since Jan68), online at home since Mar70




previous, next, index - home