2009 Newsgroup postings (02/27 - 03/20) Lynn Wheeler

2009 Newsgroup Postings (02/27 - 03/20)

PNC Financial to pay CEO $3 million stock bonus
ooRexx scripting on Linux
IBM 'pulls out of US'
Congress Set to Approve Pay Cap of $500,000
Why do IBMers think disks are 'Direct Access'?
Why do IBMers think disks are 'Direct Access'?
Heartland Data Breach Update: Now More Than 150 Institutions Impacted
Are Ctibank's services and products so vital to global economy than no other banks can substitute it?
Western Union history--data communications passed it by
HSBC is expected to announce a profit, which is good, what did they do differently?
Who will Survive AIG or Derivative Counterparty Risk?
Congress Set to Approve Pay Cap of $500,000
Language
Typewrite repair?
Legacy clearing threat to OTC derivatives warns State Street
Intel publishes Larrabee paper
The Formula That Killed Wall Street
Null References, the Billion Dollar Mistake
HSBC is expected to announce a profit, which is good, what did they do differently?
Mainframe Hall of Fame: 17 New Members Added
remembering PGP
IBM 'pulls out of US'
Is it time to put banking executives on trial?
Microsoft Windows on a mainframe?
Can TOD (STCKE) be compressed into 12 bytes
Can TOD (STCKE) be compressed into 12 bytes
Return of the Smart Card?
Californa's Data Breach Law May Get an Update
I need insight on the Stock Market
Thanks for the SEL32 Reminder, Al!
I need insight on the Stock Market
Bolt-on security no longer fit for purpose
Architectural Diversity
Architectural Diversity
Future System
Future System
Bernanke Says Regulators Must Protect Against Systemic Risks
NEW SEC (Enforcement) MANUAL, A welcome addition
Internet threat: Hackers swarm bank accounts
1401's in high schools?
Bernanke Says Regulators Must Protect Against Systemic Risks
Return of the Smart Card?
Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
was: Thanks for the SEL32 Reminder, Al!
Future System
Bernanke Says Regulators Must Protect Against Systemic Risks
Bernanke Says Regulators Must Protect Against Systemic Risks
Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
Mainframe Hall of Fame: 17 New Members Added
Mainframe Hall of Fame: 17 New Members Added
Mainframe Hall of Fame: 17 New Members Added
Hurrah Berners-Lee! Web celebrates 20th anniversary
Lack of bit field instructions in x86 instruction set because of patents ?
mainframe performance
mainframe performance
1401's in high schools?
Hurrah Berners-Lee! Web celebrates 20th anniversary
Lack of bit field instructions in x86 instruction set because of patents ?
Banks must wake up to payments challange
Quiz: Evaluate your level of Spreadsheet risk
Lack of bit field instructions in x86 instruction set because of patents ?
Quiz: Evaluate your level of Spreadsheet risk
Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?
Do bonuses foster unethical conduct?
Should AIG executives be allowed to keep the bonuses they were contractually obligated to be paid?
IBM in talks to buy Sun Microsystems? What do you think will be the effect on the industry?
Future System
IBM in talks to acquire Sun Microsystems
Lack of bit field instructions in x86 instruction set because of patents ?
PCI Compliance
Mainframe Hall of Fame: 17 New Members Added
Lack of bit field instructions in x86 instruction set because of patents ?
Why Are CC Numbers Still So Easy To Find?
Should Glass-Steagall be reinstated?
Why is everyone talking about AIG bonuses of millions and keeping their mouth shut on billions sent to foreign banks?
Whistleblowing and reporting fraud
1960 Western Union Facsimile Services
Who first mentioned Credit Crunch?

PNC Financial to pay CEO $3 million stock bonus

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: PNC Financial to pay CEO $3 million stock bonus
Date: Feb 27, 2009
Blog: Greater IBM

The Fed's Too Easy on Wall Street
http://www.businessweek.com/stories/2008-03-19/the-feds-too-easy-on-wall-streetbusinessweek-business-news-stock-market-and-financial-advice

from above:
Here's a staggering figure to contemplate: New York City securities industry firms paid out a total of $137 billion in employee bonuses from 2002 to 2007, according to figures compiled by the New York State Office of the Comptroller. Let's break that down: Wall Street honchos earned a bonus of $9.8 billion in 2002, $15.8 billion in 2003, $18.6 billion in 2004, $25.7 billion in 2005, $33.9 billion in 2006, and $33.2 billion in 2007.

... snip ...

bonuses spiked about 400% in the period. there have been comments about last year, bonuses were down under $20b (significantly less than previous year) and bonuses were good thing. it didn't mention that was still significant spike from before all the fancy dealing (responsible for the current mess) started.

Enron and Worldcom had been laid at the door of deregulation, and Sarbanes-Oxley was suppose to correct a lot of that; placing a lot of responsibility on SEC. However, in the recent congressional Madoff Ponzi scheme hearings, the person that had been trying for a decade to get SEC to something about Madoff, basically said SEC wasn't doing anything. recent references:
https://www.garlic.com/~lynn/2009b.html#65 What can agencies such as the SEC do to insure us that something like Madoff's Ponzi scheme will never happen again?
https://www.garlic.com/~lynn/2009c.html#0 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009c.html#39 'WHO IS RESPONSIBLE FOR THE GLOBAL MELTDOWN'

Also, possibly because SEC hasn't been doing anything, GAO has been doing database of problems in financials of public companies ... and found that problems have increased more than 300% in the period since Sarbanes-Oxley. Basically executives significantly fiddle filings boosting their compensation. Later the statements may be revised, but the bonuses aren't forfeited.
https://www.gao.gov/products/gao-06-1079sp

from above:
The database consists of two files: (1) a file that lists 1,390 restatement announcements that we identified as having been made because of financial reporting fraud and/or accounting errors between July 1, 2002, and September 30, 2005, and (2) a file that lists 396 restatement announcements that we identified as having been made because of financial reporting fraud and/or accounting errors between October 1, 2005, and June 30, 2006.

... snip ...

Fed Loans Guided by Raters Grading Subprime Debt AAA
http://www.bloomberg.com/apps/news?pid=20601109
http://www.bloomberg.com/apps/news?pid=20601109&sid=ahpPBA8vqN2o&refer=home

from above (with reference to relying on three major credit rating companies):
It is foolhardy to rely on the three New York-based companies, said Keith Allman, chief executive officer of Enstruct Corp., which trains investors in financial modeling and asset valuation. The major raters issued top marks to $3.2 trillion in subprime mortgage-backed securities at the root of the financial crisis.

.. snip ...

In the congressional hearings late last fall, it was stated that both the sellers/issuers of toxic CDOs (securitized mortgages) and the rating agencies knew that the toxic CDOs weren't worth triple-A rating, but the sellers were paying for the triple-A ratings. Supposedly the seeds of this was created in the early 70s when the rating agencies switched from the buyers paying for the ratings to the sellers paying for the ratings, misaligning the business process and opening the way for conflict of interest.

Supposedly Sarbanes-Oxley also required SEC to do something about the rating companies, but there doesn't seem to be anything but this report:

Report on the Role and Function of Credit Rating Agencies in the Operation of the Securities Markets; As Required by Section 702(b) of the Sarbanes-Oxley Act of 2002
http://www.sec.gov/news/studies/credratingreport0103.pdf

Part of the problem was the repeal of Glass-Steagall (which had been passed in the wake of the crash of '29 to keep the safety and soundness of regulated financial institutions separate from risky investment banking). After the repeal, there were a lot of large (regulated) financial institutions buying up triple-A rated toxic CDOs and carrying them off-balance:

Stay away from Citigroup
http://www.bloggingstocks.com/2008/11/28/stay-away-from-citigroup-c/

from above:
Using household terms such as "QSPEs" and "VIEs," Pandit revealed that Citi has more than $1.2 trillion dollars in off-balance sheet assets. These off-balance sheet entities are similar in structure to Enron's SPVs (special purpose vehicles)

... snip ...

and discussion that QSPEs had been abused ... to carry lots of things like (triple-A rated) toxic CDOs.

FASB's new QSPE rule implementation delayed
http://marketpipeline.blogspot.com/2008/07/fasbs-new-qspe-rule-implementation.html
FASB Renews Attempts to Amend QSPE Rules
http://www.complianceweek.com/article/5144/fasb-renews-attempts-to-amend-qspe-rules

from above:
That abuse became apparent when regulators provided guidance allowing banks to work out troubled loans held in off-balance-sheet structures without sacrificing off-balance-sheet accounting; that permission was the smoke signal indicating financial institutions were more involved in the assets than the accounting literature would intend to qualify for off-balance-sheet treatment.

... snip ...

Even though it should have never been allowed to begin with, this is another too big to fail scenario ... delaying correctly accounting for the assets. Citi had already won last year's "write-down" sweepsteaks with large tens of billions. If valuation is still 22cents on the dollar ... bringing back $1.2T onto the balance sheet would result in declaring nearly a $1T in losses. Recent comment that toxic assets are trading at 30cents on the dollar, which would only result in $840B loss (for CITI) ... or possibly $2.2T across the industry (for the whole $3.2T in toxic CDOs that had been given triple-A ratings).

some quotes from the Glass-Steagall hearings (in the wake of crash of '29):
Reserve requirements of members banks should be changed so as to be based not solely upon volume of deposits but also upon rapidity of their turn-over, thus checking excessive speculation, say Eugene R. Black and Federal Reserve Board 7434-7435, 7436-7441, 7492-7493, 7495-7516

"Uncontrolled" because even where made indirectly through banks, reserves against such loans were not required and because completely unregulated, said Charles H. E. Scheer 6313

Brokers' loans made by corporations aided to create speculative mania in years prior to 1929, testifies Otto H. Kahn 1010

... snip ...

There is an analogy between the "speculation mania" using "brokers' loans" in the '20s and the current home market speculation bubble fueled by the no-doc, no-down, 1% interest only ARMs (made possible by securitization and triple-A ratings on toxic CDOs).

There is also an analogy between the "Uncontrolled loans made indirectly through banks" in the 20s and the financial institutions that were buying up triple-A rated toxic CDOs and carrying them off-balance.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

ooRexx scripting on Linux

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: ooRexx scripting on Linux
Newsgroups: comp.lang.rexx
Date: Fri, 27 Feb 2009 12:38:41 -0500

Swifty <steve.j.swift@gmail.com> writes:
Of course, with all this in place you can dispose of the ".rex" extension, so then the command is just "script" (a S/360 word processing program from the 70's onwards) :-)

CMS script document formating command was done at the science center in the mid-60s
https://www.garlic.com/~lynn/subtopic.html#545tech

basically follow-on to the CTSS run-off command (with "."/dot formating commands). then in 1969, "G", "M", and "L" invented GML at the science center
https://www.garlic.com/~lynn/submain.html#sgml

and GML tag processing was added to the CMS script command (and some versions were renamed DCF). GML was also standardized as SGML and eventually morphed into HTML, XML, etc.

There were a few CMS script command clones ... like one from univ. of waterloo. This is post about use of that clone at CERN ... and the morph into HTML:
http://infomesh.net/html/history/early/

for a little topic drift, the first webserver outside europe/cern was on the slac vm/cms system:
https://ahro.slac.stanford.edu/wwwslac-exhibit

and some past posts mention (vm370) SE in LA ... doing a CMS script clone for trs80:
https://www.garlic.com/~lynn/2004.html#5 The BASIC Variations
https://www.garlic.com/~lynn/2004l.html#74 Specifying all biz rules in relational data
https://www.garlic.com/~lynn/2004m.html#20 Whatever happened to IBM's VM PC software?
https://www.garlic.com/~lynn/2007.html#1 "The Elements of Programming Style"
https://www.garlic.com/~lynn/2007j.html#24 Newbie question on table design
https://www.garlic.com/~lynn/2008s.html#0 First successful PC OS?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

IBM 'pulls out of US'

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: IBM 'pulls out of US'
Date: Feb 28, 2009
Blog: Greater IBM

Part of the issue is the declining US educational system (which has been going on for the last 30 yrs), now ranks near the bottom of industrial countries.

In the 90s, there was a huge uptick in demand for IT skills. Possibly half the workers that fueled and enabled the Internet bubble in the 90s were from overseas. There were some stats that half the advanced technical degrees from higher educational institutions in Cal. went to students from overseas (and it was these technically skilled graduates that were necessary for the internet bubble). All the "4.0" technical graduates that we interviewed in the early 90s were born overseas.

In the late 90s, with a combination of the internet bubble and Y2K ... going on at the same time ... it further aggravated the demand for scarce IT skills. A combination of demand for scarce resources far exceeded the supply and because the Y2K remediation effort was viewed as short-term effort, it became quite popular to outsource the activity ... even being forced to go overseas to find the resources. That really drove home that the US wasn't producing the necessary qualified resources.

Many organizations (that effectively were forced to outsource and go overseas) ... found the relationships forged during Y2K remediation continued on after Y2K remediation was finished.

oh, recent post in response to similar comment ... with lots of references to past threads with statistics from studies of the issue
https://www.garlic.com/~lynn/2009c.html#66 Why do IBMers think disks are 'Direct Access'?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Congress Set to Approve Pay Cap of $500,000

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Congress Set to Approve Pay Cap of $500,000
Date: Feb 28, 2009
Blog: Greater IBM

The Fed's Too Easy on Wall Street
http://www.businessweek.com/stories/2008-03-19/the-feds-too-easy-on-wall-streetbusinessweek-business-news-stock-market-and-financial-advice

bonuses spiked about 400% in the period. there have been comments last year about bonuses now under $20b (significantly less than previous year) and bonuses were "good thing". it didn't mention that was still significant spike from before all the fancy dealing (responsible for the current mess) started.

Enron and Worldcom had been laid at the door of deregulation, and Sarbanes-Oxley was suppose to correct things; placing a lot of responsibility on SEC. However, in the recent congressional Madoff Ponzi scheme hearings, the person that had been trying for a decade to get SEC to do something about Madoff, basically said SEC wasn't doing anything. recent references:
https://www.garlic.com/~lynn/2009b.html#65 What can agencies such as the SEC do to insure us that something like Madoff's Ponzi scheme will never happen again?
https://www.garlic.com/~lynn/2009c.html#0 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009c.html#39 'WHO IS RESPONSIBLE FOR THE GLOBAL MELTDOWN'

Also, possibly because SEC hasn't been doing anything, GAO has been doing database of problems in financials of public companies ... and found that problems have increased more than 300% in the period since Sarbanes-Oxley. Basically companies significantly fiddle filings boosting executive compensation. Later the statements may be revised, but the bonuses aren't forfeited.
https://www.gao.gov/products/gao-06-1079sp

Again, possibly because SEC hasn't been doing much, Sarbanes-Oxley appears to have little or no effect.

Last fall there was a study of 270 public companies that had significantly redone their executive compensation plan after having problems with fiddled financial statements. The redone plans were to align compensation with the health of the company and remove the motivation to fiddle the financial statements.

somewhat related ...

Article from year ago that estimated 1000 executives are responsible for the majority of the current crisis and it would go a long way to correcting the situation if the gov. could figure out how they lost their jobs.
http://knowledge.wharton.upenn.edu/article.cfm?articleid=1933 (gone 404 and/or requires registration)

Also from last year, there was a report that the ratio of executive compensation to worker compensation had exploded to 400:1 after having been 20:1 for a long time (and 10:1 in much of the rest of the world).

A possible explanation comes from part of a Boyd briefing from the 80s. I had sponsored Boyd's briefing at IBM ... lots of past post mentioning Boyd
https://www.garlic.com/~lynn/subboyd.html#boyd
and some number of URLs from around the web referring to Boyd:
https://www.garlic.com/~lynn/subboyd.html#boyd2

Basically, at entry to WW2, US had to deploy a large number with little or no training ... and so they created a very rigid top-down command&control structure to leverage the few experienced & skilled individuals. Going forward a couple decades, the individuals that were indoctrinated in WW2 (that only the very few at the top know what they are doing), were starting to permeate the rest of the US culture. The cultural attitude that only a very few executives (in an organization) at the very top, actually know what they are doing, could be used as an excuse for the 400:1 compensation ratio

misc. recent (linkedin answer) posts mentioning the 400:1 compensation ratio
https://www.garlic.com/~lynn/2009.html#50 Greed Is
https://www.garlic.com/~lynn/2009.html#80 Are reckless risks a natural fallout of "excessive" executive compensation ?
https://www.garlic.com/~lynn/2009b.html#25 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
https://www.garlic.com/~lynn/2009b.html#41 The subject is authoritarian tendencies in corporate management, and how they are related to political culture

One of the tv busness news shows had a rant this morning that the top 75 financial institutions receiving gov. funds ... were the ones primarily responsible for the current crisis ... and the bail-out is starting to appear like a reward (for incompetence, greed, and corruption).

One of the periodic comments about contributing factors to the current crisis was that (thru deregulation and other gov. measures), these institutions had gotten too big too fail ... however, several of the institutions are using bail-out funds to get even bigger (which theoretically is just making the situation worse).

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Why do IBMers think disks are 'Direct Access'?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Why do IBMers think disks are 'Direct Access'?
Newsgroups: alt.folklore.computers
Date: Sat, 28 Feb 2009 14:23:23 -0500

TrailingEdgeTechnologies <bbreynolds@aol.com> writes:
Problem solved in ancient days by having the tape operators wear roller skates, with tapes threaded on their arms, as done at the Dallas Computer Center of Sun Information Systems, for example.

recent posts mentioning problem in the almaden datacenter with lots of tapes randomly picked for "scratch" mounting:
https://www.garlic.com/~lynn/2009.html#8 Is SUN going to become x86'ed ??
https://www.garlic.com/~lynn/2009.html#13 Is SUN going to become x86'ed ??

i've mentioned before my wife had been con'ed into going to POK to be responsible for loosely-coupled architecture. while there she created/invented Peer-Coupled Shared Data architecture
https://www.garlic.com/~lynn/submain.html#shareddata

but except for IMS hot-standby, saw very little uptake until sysplex (which contributed to her not remaining in the position for long).

However, in the past decade ... we had discussions with one of the large financial transaction networks ... which had attributed their 100% availability over extended number of yrs to:

IMS hot-standby
automated operator

where IMS hot-standby included more than a single physical, geographic location.

automated operator was part of eliminating human "mistakes".

Mentioned in Jim Gray tribute/celebration
https://www.garlic.com/~lynn/2008i.html#50 Microsoft versus Digital Equipment Corporation
https://www.garlic.com/~lynn/2008i.html#51 Microsoft versus Digital Equipment Corporation
https://www.garlic.com/~lynn/2008p.html#27 Father Of Financial Dataprocessing

was that Tandem (a high availability hardware solution) supporting Jim Gray's study that availability had shifted from hardware (as hardware become much more reliable) to environmental, software, and human issues.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Why do IBMers think disks are 'Direct Access'?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Why do IBMers think disks are 'Direct Access'?
Newsgroups: alt.folklore.computers
Date: Sat, 28 Feb 2009 14:58:39 -0500

TrailingEdgeTechnologies <bbreynolds@aol.com> writes:
If I am reading the attribution sequence, it was Walter Bushell who referenced SMF data. The Dallas Computer Center was where Barry Merrill did his original work on using SAS to extract/report SMF data.

I've mentioned before about looking at a >450k statement cobol application that ran on something like 40+ fully tricked-out mainframe systems (something like $30m per)

they had a large staff of people working on thruput optimization using techniques like hot-spot sampling (take large number of application instruction address samples to determine where the application was spending most of its time).

they had also hired consultant to do detailed analysis with an sophisticated execution modeling tool.

long ago and far away, the science center
https://www.garlic.com/~lynn/subtopic.html#545tech

had done extensive work in performance analysis ... including workload profiling ... some of which eventually evolved into "capacity planning".

Basically work fell into three categories

hot-spot monitoring
modeling
multiple regression analysis

An example of hot-spot monitoring is this work done in support of developing ECPS vm assist microcode:
https://www.garlic.com/~lynn/94.html#21 370 ECPS VM microcode assist

One of the modeling efforts was implemented in CMS APL and eventually deployed on the internal world-wide sales & marketing (vm370 based) HONE system
https://www.garlic.com/~lynn/subtopic.html#hone

as the Performance Predictor ... i.e. marketing people could enter profile a customers configuration and workload and ask "what-if" question regarding configuration and/or workload changes. I had used a modified version of the performance predictor to help select configuration and workload specification for automated benchmarks; final part of releasing my "resource manager", i had done 2000 automated benchmarks that took three months elapsed time to run.
https://www.garlic.com/~lynn/submain.html#bench

The performance predictor went through a number of generations ... and then rights were acquired to the application by somebody in Europe. They ran it through a APL->C translator and were going around the world doing high-level, complex throughput consulting (and were brought in to look at this large cobol application).

The combination of hot-spot montoring and modeling had found something like 10 percent improvement (hot-spot analysis had been going on for several yrs and was starting to show diminishing returns).

I suggested that I could look at the application using mutliple regression analysis ... but I needed large number of activity counters from a large number of different runs. The work in the early 70s used multiple regression analysis from the Fortran scientific subroutine package. It appears that both the Fortran and PLI scientific subroutine package (from the 60s) had been subsumed by SAS(?).

I started out with a "freebee" library that I got off the net ... but it had restrictions on the number of variables that it could handle. Eventually I talked them into providing me with a copy of SAS (that ran on PC) for the analysis. Possibly, in part because the application had never been studied in this way, I was able to find stuff that would account for 14% improvement (part time effort over a couple weeks).

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Heartland Data Breach Update: Now More Than 150 Institutions Impacted

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject:Heartland Data Breach Update: Now More Than 150 Institutions Impacted
Date: Feb 28, 2009
Blog: Financial Crime Risk, Fraud and Security

original article was:

Heartland Data Breach Update: Now More Than 150 Institutions Impacted
http://www.bankinfosecurity.com/articles.php?art_id=1200

but same URL is now:

Heartland Data Breach Update: Now More Than 560 Institutions Impacted

Note, ongoing investigations apparently take a long time ... recent item about the "3rd" breach that hasn't yet been publicly identified:

Visa: New payment-processor data breach not so new after all
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9128743
Visa: New payment-processor data breach not so new after all
http://www.networkworld.com/news/2009/030409-microsoft-windows-mainframe.html

i.e. with respect to this:

Credit unions confirm new processor credit card breach
http://searchfinancialsecurity.techtarget.com/news/article/0,289142,sid185_gci1348856,00.html

we had been called in to consult with a small client/server startup that wanted to do financial transactions on their server and they had this technology called SSL; the result is now frequently referred to as "electronic commerce".

Somewhat because of the "electronic commerce" work, in the mid-90s we were asked to participate in the x9a10 financial standard working group, which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. Part of that effort involved detailed end-to-end, threat & vulnerability studies of a number of different environments ... which eventually resulted in x9.59 financial standard protocol ... some references
https://www.garlic.com/~lynn/x959.html#x959

We've used a few metaphors to describe the current environment (that were addressed by x9.59 financial standard) ... one such:

security proportional to risk.

information from existing transactions can be used by crooks for fraudulent transaction (form of replay attacks). The value of transaction information to merchant is profit off a transaction which can be a few dollars. The value of the transaction information to a processor can be a few cents. The value of the transaction information to a crook can be 100 times greater (than to a merchant) to 1000 times greater (than to a processor) ... which means a crook may be able to spend 100 times more attacking the system than a merchant or a processor can spend defending a system.

recent posts mentioning security proportional to risk (and other) metaphor
https://www.garlic.com/~lynn/2008m.html#71 TJ Maxx - why are they still in business?
https://www.garlic.com/~lynn/2008m.html#72 What are security areas to be addressed before starting an e-commerce transaction or setting up a portal?
https://www.garlic.com/~lynn/2008n.html#75 Should online transactions be allowed on credit cards without adequate safeguards?
https://www.garlic.com/~lynn/2008n.html#90 Credit Card Security
https://www.garlic.com/~lynn/2008o.html#16 Is Information Security driven by compliance??
https://www.garlic.com/~lynn/2008o.html#76 Blinkenlights
https://www.garlic.com/~lynn/2008p.html#5 Privacy, Identity theft, account fraud
https://www.garlic.com/~lynn/2008p.html#7 Dealing with the neew MA ID protection law
https://www.garlic.com/~lynn/2008r.html#53 21 million German bank account details on black market
https://www.garlic.com/~lynn/2008s.html#5 Greed - If greed was the cause of the global meltdown then why does the biz community appoint those who so easily succumb to its temptations?
https://www.garlic.com/~lynn/2008s.html#10 Data leakage - practical measures to improve Information Governance
https://www.garlic.com/~lynn/2008s.html#35 Is American capitalism and greed to blame for our financial troubles in the US?
https://www.garlic.com/~lynn/2009.html#4 Is SUN going to become x86'ed ??
https://www.garlic.com/~lynn/2009.html#10 Swedish police warn of tampered credit card terminals
https://www.garlic.com/~lynn/2009b.html#13 US credit card payment house breaches by sniffing malware
https://www.garlic.com/~lynn/2009b.html#62 Study: Data breaches continue to get more costly for businesses

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Are Ctibank's services and products so vital to global economy than no other banks can substitute it?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Are Ctibank's services and products so vital to global economy than no other banks can substitute it?
Date: Feb 28, 2009
Blog: Corporate Data

This morning one of the TV business news shows had a rant about the bailout money was going to the 75 (larger) financial institutions that played major role in creating the current crisis. The comment was it was beginning to look more & more like a reward (for incompetence, greed, and corruption) ... vis-a-vis the thousands of financial institutions that never participated in such questionable activities.

There was also the observation that one of the excuses has been too big to fail (which were the result of gov. deregulation and other gov. activity) ... but some amount of the bail-out money is being used to make the institutions even larger (in theory making the circumstances worse over the long term).

A lot of the problem is that these institutions bought up triple-A rated toxic CDOs ....

Fed Loans Guided by Raters Grading Subprime Debt AAA
http://www.bloomberg.com/apps/news?pid=20601109
http://www.bloomberg.com/apps/news?pid=20601109&sid=ahpPBA8vqN2o&refer=home

and carrying them off-balance:

With CITI carrying possibly $1.2T (of the $3.2T?)

Stay away from Citigroup
http://www.bloggingstocks.com/2008/11/28/stay-away-from-citigroup-c/

another take on the subject of (triple-A rated, securitized) toxic CDOs:

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=a0jln3.CSS6c

... including "at home"

there was recent comment that they are now trading at 30cents on the dollar.

other recent discussions:
https://www.garlic.com/~lynn/2009c.html#55 Who will give Citigroup the KNOCKOUT blow?
https://www.garlic.com/~lynn/2009c.html#65 is it possible that ALL banks will be nationalized?
https://www.garlic.com/~lynn/2009d.html#0 PNC Financial to pay CEO $3 million stock bonus

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Western Union history--data communications passed it by

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Western Union history--data communications passed it by
Newsgroups: alt.folklore.computers
Date: Sat, 28 Feb 2009 16:24:42 -0500

Jim Haynes <haynes@localhost6.localdomain6> writes:
I'll suggest two reasons: the technology wasn't there, and there was their own corporate culture. If you look at a modern fax machine it's all plastic, and the recording is done (depending on model) by thermal imaging that came out of the semiconductor industry, or by technology that came from the copier industry. And with modern high density electronics it is possible to compress the image data for rapid transmission.

In W.U.'s time frame the machines were all made out of metal, lots of machine work, and the recording technology was their dry Teledeltos paper or the wet electrochemical paper. And the scanning technology was equally primitive at the time - W.U. engineers would have killed for the kind of scanner you can buy at the computer store for less than $50.

Then the corporate culture was that people brought their messages to W.U., the company transmitted them, and the company delivered them to the recipients. W.U. was in no position to take advantage of the post-Carterfone model of fax transceivers with built in modems connected to the switched telephone network. I'll grant that they did see some business need for fax, as they mention drawings and signatures and messages handwritten in Chinese. What they deployed with Desk-Fax was more of a solution to the last-mile problem, getting messages between customers and telegraph offices, with long-distance transmission still being via teleprinter circuits.

And one could argue that the main reason fax took off for business use later was simply its cheapness; if TWX/Telex had been cheaper then they might have held on to the business rather than having it go to fax.

This can also be explained that WU executives looked at business to have a certain profit margin ... for a time that was private/value-added-network ... when connectivity started to become commoditised ... it was time to move on.

An analogy was explained to me about Intel business. Basically chip costs related to production (and yield) of a wafer. For some period, Intel had an objective of producing chips that had a minimum revenue per wafer. That could be some number of large expensive chips (per wafer) or larger number of smaller less expensive chips (per wafer). Possibly arbitrary appearing decisions about what kind of chips Intel did or did not deal in ... was purely based on wafer revenue model.

past posts in thread:
https://www.garlic.com/~lynn/2009c.html#57 Western Union history--data communications passed it by
https://www.garlic.com/~lynn/2009c.html#62 Western Union history--data communications passed it by
https://www.garlic.com/~lynn/2009c.html#64 Western Union history--data communications passed it by

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

HSBC is expected to announce a profit, which is good, what did they do differently?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: HSBC is expected to announce a profit, which is good, what did they do differently?
Date: Mar 2, 2009
Blog: Economics

other related HSBC artcle ... mentioning that they didn't participate in the huge problems:

Goldman, JPMorgan Reap $500 Million Payout From HSBC Stock Sale
http://www.bloomberg.com/apps/news?pid=20601087
http://www.bloomberg.com/apps/news?pid=20601087&sid=at6eXtqdrThY&refer=home

Who will Survive AIG or Derivative Counterparty Risk?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Who will Survive AIG or Derivative Counterparty Risk?
Date: Mar 2, 2009
Blog: Derivatives Markets

At the root of the CDS problem was also implicated in Enron:

25 People to Blame for the Financial Crisis; Phil Gramm
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877330,00.html

from above:
He played a leading role in writing and pushing through Congress the 1999 repeal of the Depression-era Glass-Steagall Act, which separated commercial banks from Wall Street. He also inserted a key provision into the 2000 Commodity Futures Modernization Act that exempted over-the-counter derivatives like credit-default swaps from regulation by the Commodity Futures Trading Commission. Credit-default swaps took down AIG, which has cost the U.S. $150 billion thus far.

... snip ...

Gramm and the 'Enron Loophole'
http://www.nytimes.com/2008/11/17/business/17grammside.html

from above:
Enron was a major contributor to Mr. Gramm's political campaigns, and Mr. Gramm's wife, Wendy, served on the Enron board, which she joined after stepping down as chairwoman of the Commodity Futures Trading Commission.

... snip ...

Phil Gramm's Enron Favor
https://web.archive.org/web/20080711114839/http://www.villagevoice.com/2002-01-15/news/phil-gramm-s-enron-favor/

from above:
A few days after she got the ball rolling on the exemption, Wendy Gramm resigned from the commission. Enron soon appointed her to its board of directors, where she served on the audit committee, which oversees the inner financial workings of the corporation. For this, the company paid her between $915,000 and $1.85 million in stocks and dividends, as much as $50,000 in annual salary, and $176,000 in attendance fees, according to a report by Public Citizen, a group that has relentlessly tracked Enron, which in turn has called the report unfair.

... snip ...

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

from above:
That same year Greenspan, Treasury Secretary Robert Rubin and SEC Chairman Arthur Levitt opposed an attempt by Brooksley Born, head of the Commodity Futures Trading Commission, to study regulating over-the-counter derivatives. In 2000, Congress passed a law keeping them unregulated.

... snip ...

one of the articles from the period mentioned that House passed the bill ... and even before the copy of the bill was distributed in the Senate, the Senate passed it unanimously. Also Born (as chairman) must have been fairly quickly replaced by Gramm's wife (before she resigned the position to join Enron).

Enron, Worldcom, deregulation, & repeal of Glass-Steagall also investigated by PBS:
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet/

which led to Sarbanes-Oxley ... placing lots of responsibility on SEC ... but not a whole lot seems to have been done ... recent discussisons:
https://www.garlic.com/~lynn/2009c.html#0 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009c.html#1 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009c.html#0 PNC Financial to pay CEO $3 million stock bonus
https://www.garlic.com/~lynn/2009d.html#3 Congress Set to Approve Pay Cap of $500,000

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Congress Set to Approve Pay Cap of $500,000

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Congress Set to Approve Pay Cap of $500,000
Date: Mar 2, 2009
Blog: Greater IBM

re:
https://www.garlic.com/~lynn/2009d.html#3 Congress Set to Approve Pay Cap of $500,000

some related comments in this (linkedin) question (mentions tie-in between AIG problem and ENRON ... which involved energy future trading):

Who will Survive AIG or Derivative Counterparty Risk?
https://www.garlic.com/~lynn/2009d.html#10

and this (linkedin) question

HSBC is expected to announce a profit, which is good, what did they do differently?
https://www.garlic.com/~lynn/2009d.html#9

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Language

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Language
Newsgroups: alt.folklore.computers
Date: Tue, 03 Mar 2009 10:41:32 -0500

jmfbahciv <jmfbahciv@aol> writes:
That doc prep group was doing this work when I started at DEC, 1971. The doc prep group in Marlboro, around 1977, had a phototypesetter in MR1-1. And now I cannot remember the name of the program they used which input RUNOFF source files and output a paper tape. This tape was the input to the typesetting machine which produced galleys. those galleys still needed some cut and pasting done by hand. I don't know how the docs were produced in the early 80s. By then, the people who did the work were no longer in Marlboro.

slightly related ... past post going about output going to microfiche printer.
https://www.garlic.com/~lynn/2008s.html#53 Is SUN going to become x86'ed ??

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Typewrite repair?

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Typewrite repair?
Date: Mar 3, 2009
Blog: Derivatives Markets

I started out with "portable" 2741 at home in Mar 1970 (two 40lb suticases) ... which after a couple months was replaced with a "real" 2741. I'm still looking for some old pictures of the 2741 ... but I have found pictures of a cdi miniterm that replaced the 2741 ... then 3101 that replaced the cdi miniterm ... and then ibm/pc.
https://www.garlic.com/~lynn/lhwemail.html#oldpicts

I still have an "APL" ball for the 2741 ... a couple pictures also in the above reference.

I did order a "FE toolkit" (looks like large briefcase on the outside). I got a lot of push back ... apparently they didn't have a process for a non-FE to order an "FE toolkit" ... it finally required an executive authorization. The toolkit has several pieces used for working on selectric/2741. One of the pieces is a little like a crochet hook ... which I've used when dealing with sping loaded "cam" lights.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Legacy clearing threat to OTC derivatives warns State Street

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Legacy clearing threat to OTC derivatives warns State Street
Date: Mar 3, 2009
Blog: Greater IBM

Legacy clearing threat to OTC derivatives warns State Street
http://www.finextra.com/fullstory.asp?id=19705

Several billions were spent in the 90s on failed attempts to re-engineer/replace several of these legacy financial systems. Part of the issue was that many of the systems do settlement in (constrained/shrinking) overnight batch windows ... which were to be addressed by straight-through processing.

This is recent post in a a.f.c thread, regarding "throughput optimization" on one of the overnight batch settlement processes ... a 500k line Cobol program that ran on 40 fully tricked-out mainframes (@$30m per)
https://www.garlic.com/~lynn/2009d.html#5 Why do IBMers think disks are 'Direct Access'?

Also x-posted to "A new role for old geeks" thread
https://www.ibmconnection.com/network/forums/100

as "using SAS to extract/report SMF data".

and a couple other recent posts mentioning the failed straight through processing efforts of the 90s.
https://www.garlic.com/~lynn/2009.html#87 Cleaning Up Spaghetti Code vs. Getting Rid of It
https://www.garlic.com/~lynn/2009c.html#43 Business process re-engineering

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Intel publishes Larrabee paper

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Intel publishes Larrabee paper
Newsgroups: comp.arch
Date: Tue, 03 Mar 2009 12:02:47 -0500

Jan Vorbrüggen <Jan.Vorbrueggen@not-thomson.net> writes:
Recently? Like in the 3081, 18+ years ago?

add another decade?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

The Formula That Killed Wall Street

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: The Formula That Killed Wall Street
Newsgroups: alt.folklore.computers
Date: Tue, 03 Mar 2009 12:01:16 -0500

The Formula That Killed Wall Street
http://news.slashdot.org/article.pl?sid=09/03/03/036223

Recipe for Disaster: The Formula That Killed Wall Street
http://www.wired.com/techbiz/it/magazine/17-03/wp_quant?currentPage=all

past posts with reference to the same subject:
https://www.garlic.com/~lynn/2007v.html#25 Newsweek article--baby boomers and computers
https://www.garlic.com/~lynn/2008.html#66 As Expected, Ford Falls From 2nd Place in U.S. Sales
https://www.garlic.com/~lynn/2008b.html#12 Computer Science Education: Where Are the Software Engineers of Tomorrow?
https://www.garlic.com/~lynn/2008c.html#21 Toyota Sales for 2007 May Surpass GM
https://www.garlic.com/~lynn/2008c.html#87 Toyota Sales for 2007 May Surpass GM
https://www.garlic.com/~lynn/2008g.html#64 independent appraisers
https://www.garlic.com/~lynn/2008n.html#56 VMware Chief Says the OS Is History
https://www.garlic.com/~lynn/2008n.html#69 Another quiet week in finance

however ... there is also the GIGO view ... the business people directed the risk managers to fiddle the inputs until they got the desired output:

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/
and related: Subprime = Triple-A ratings? or 'How to Lie with Statistics' (gone 404 but lives on at the wayback machine)
https://web.archive.org/web/20071111031315/http://www.bloggingstocks.com/2007/07/25/subprime-triple-a-ratings-or-how-to-lie-with-statistics/

but then there is also the whole thing with deregulation:

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

The above implicated in both ENRON as well as AIG CDS ... more here:
https://www.garlic.com/~lynn/2009d.html#10 Who will Survive AIG or Derivative Counterparty Risk?

one view of getting triple-A rating on toxic CDOs:

Fed Loans Guided by Raters Grading Subprime Debt AAA

http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchivehttp://www.bloomberg.com/apps/news?pid=newsarchive&sid=ahpPBA8vqN2o&refer=home

.. and a slightly different view of packaging up mortgages as toxic CDOs and selling them off to the "fools":

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

other recent posts mentioning some of the above:
https://www.garlic.com/~lynn/2009.html#14 What are the challenges in risk analytics post financial crisis?
https://www.garlic.com/~lynn/2009.html#15 What are the challenges in risk analytics post financial crisis?
https://www.garlic.com/~lynn/2009.html#21 Banks to embrace virtualisation in 2009: survey
https://www.garlic.com/~lynn/2009.html#31 Banks to embrace virtualisation in 2009: survey
https://www.garlic.com/~lynn/2009.html#32 What are the challenges in risk analytics post financial crisis?
https://www.garlic.com/~lynn/2009.html#42 Lets play Blame Game...?
https://www.garlic.com/~lynn/2009.html#52 The Credit Crunch: Why it happened?
https://www.garlic.com/~lynn/2009.html#63 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#73 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#74 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#77 CROOKS and NANNIES: what would Boyd do?
https://www.garlic.com/~lynn/2009.html#79 The Credit Crunch: Why it happened?
https://www.garlic.com/~lynn/2009.html#80 Are reckless risks a natural fallout of "excessive" executive compensation ?
https://www.garlic.com/~lynn/2009b.html#1 Are Both The U.S. & UK on the brink of debt disaster?
https://www.garlic.com/~lynn/2009b.html#23 BarCampBank - informal finance rantathon in London
https://www.garlic.com/~lynn/2009b.html#25 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
https://www.garlic.com/~lynn/2009b.html#37 A great article was posted in another BI group: "To H*** with Business Intelligence: 40 Percent of Execs Trust Gut"
https://www.garlic.com/~lynn/2009b.html#49 US disaster, debts and bad financial management
https://www.garlic.com/~lynn/2009b.html#51 Will the Draft Bill floated in Congress yesterday to restrict trading of naked Credit Default Swaps help or aggravate?
https://www.garlic.com/~lynn/2009b.html#52 What has the Global Financial Crisis taught the Nations, it's Governments and Decision Makers, and how should they apply that knowledge to manage risks differently in the future?
https://www.garlic.com/~lynn/2009b.html#53 Credit & Risk Management ... go Simple ?
https://www.garlic.com/~lynn/2009b.html#54 In your opinion, which facts caused the global crise situation?
https://www.garlic.com/~lynn/2009b.html#57 Credit & Risk Management ... go Simple ?
https://www.garlic.com/~lynn/2009b.html#59 As bonuses...why breed greed, when others are in dire need?
https://www.garlic.com/~lynn/2009b.html#73 What can we learn from the meltdown?
https://www.garlic.com/~lynn/2009b.html#78 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009b.html#79 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009b.html#80 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#1 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009c.html#6 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#8 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#16 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#29 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#32 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#38 People to Blame for the Financial Crisis
https://www.garlic.com/~lynn/2009c.html#39 'WHO IS RESPONSIBLE FOR THE GLOBAL MELTDOWN'
https://www.garlic.com/~lynn/2009c.html#51 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#53 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009c.html#55 Who will give Citigroup the KNOCKOUT blow?
https://www.garlic.com/~lynn/2009c.html#61 Accounting for the "greed factor"
https://www.garlic.com/~lynn/2009c.html#65 is it possible that ALL banks will be nationalized?
https://www.garlic.com/~lynn/2009c.html#67 How to defeat new telemarketing tactic
https://www.garlic.com/~lynn/2009d.html#0 PNC Financial to pay CEO $3 million stock bonus
https://www.garlic.com/~lynn/2009d.html#1 ooRexx scripting on Linux
https://www.garlic.com/~lynn/2009d.html#7 Are Ctibank's services and products so vital to global economy than no other banks can substitute it?
https://www.garlic.com/~lynn/2009d.html#9 HSBC is expected to announce a profit, which is good, what did they do differently?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Null References, the Billion Dollar Mistake

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Null References, the Billion Dollar Mistake
Newsgroups: alt.folklore.computers
Date: Tue, 03 Mar 2009 12:25:18 -0500

Null References, the Billion Dollar Mistake
http://developers.slashdot.org/article.pl?sid=09/03/03/1459209

Presentation: "Null References: The Billion Dollar Mistake"; Historically bad ideas
http://qconlondon.com/london-2009/presentation/Null+References:+The+Billion+Dollar+Mistake

from above:
Abstract: I call it my billion-dollar mistake. It was the invention of the null reference in 1965. At that time, I was designing the first comprehensive type system for references in an object oriented language (ALGOL W). My goal was to ensure that all use of references should be absolutely safe, with checking performed automatically by the compiler. But I couldn't resist the temptation to put in a null reference, simply because it was so easy to implement. This has led to innumerable errors, vulnerabilities, and system crashes, which have probably caused a billion dollars of pain and damage in the last forty years.

... snip ...

and my past rants about even bigger "pointer" problem involving buffer overflows
https://www.garlic.com/~lynn/subintegrity.html#overflow

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

HSBC is expected to announce a profit, which is good, what did they do differently?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: HSBC is expected to announce a profit, which is good, what did they do differently?
Date: Mar 3, 2009
Blog: Economics

re:
https://www.garlic.com/~lynn/2009d.html#9 HSBC is expected to announce a profit, which is good, what did they do differently?

x-posted
https://www.garlic.com/~lynn/2009d.html#16 The Formula That Killed Wall Street

The Formula That Killed Wall Street
http://news.slashdot.org/article.pl?sid=09/03/03/036223

Recipe for Disaster: The Formula That Killed Wall Street
http://www.wired.com/techbiz/it/magazine/17-03/wp_quant?currentPage=all

past posts with reference to the same subject:
https://www.garlic.com/~lynn/2007v.html#25
https://www.garlic.com/~lynn/2008.html#66
https://www.garlic.com/~lynn/2008b.html#12
https://www.garlic.com/~lynn/2008c.html#21
https://www.garlic.com/~lynn/2008c.html#87
https://www.garlic.com/~lynn/2008g.html#64
https://www.garlic.com/~lynn/2008n.html#56
https://www.garlic.com/~lynn/2008n.html#69

however ... there is also the GIGO view ... the business people directed the risk managers to fiddle the inputs until they got the desired output (chairman of goldman-sachs was recently quoted that risk managers need to be given more authority, something about them being ignored during the period).

but then there is also the whole thing with deregulation:

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

The above implicated in both ENRON as well as AIG CDS ... more here:
https://www.garlic.com/~lynn/2009d.html#10 Who will Survive AIG or Derivative Counterparty Risk?

one view of getting triple-A rating on toxic CDOs:

Fed Loans Guided by Raters Grading Subprime Debt AAA
http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchivehttp://www.bloomberg.com/apps/news?pid=newsarchive&sid=ahpPBA8vqN2o&refer=home

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Mainframe Hall of Fame: 17 New Members Added

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Mainframe Hall of Fame: 17 New Members Added
Newsgroups: alt.folklore.computers
Date: Wed, 04 Mar 2009 00:40:01 -0500

Mainframe Hall of Fame: 17 New Members Added
http://www.zjournal.com/redir.cfm?rid=1295

from above page:

 1 Gene Amdahl
 2 John Backus
 3 Bob Bemer
 4 Fred Brooks
 5 Pete Clark
 6 Mike Cowlishaw
 7 Lou Gerstner
 8 Martin (Marty) Goetz
 9 Don Haderle
10 Grace Hopper
11 Watts Humphrey
12 T. Vincent (Vin) Learson
13 Anthony (Tony) Mazzone
14 Ben Riggins
15 Barry Schrager
16 Karl-Heinz Strassemeyer
17 Thomas J. Watson, Jr.
18 Bob Yelavich

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

remembering PGP

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: remembering PGP
Date: Wed, 04 Mar 2009 08:37:28 -0500
Mailing List: The IBM z/VM Operating System

On 03/04/2009 01:02 AM, IBMVM automatic digest system wrote:
Long ago, in a galaxy close to where I am this week, there was a PGP MODULE. It was built by a kind person at MIT (which is NOT close to where I am this week) and worked exactly as one would expect it to work. Maybe some day we will have a PGP for CMS again. Dunno.

Recently, PGP got interesting again (to me). Actually, GPG is what I use instead (for better or worse). So it occurred to me that when there is a face-to-face opportunity, such as that enjoyed by those fortunate souls who made the trek to Central Texas, the subject of key signing should be kept in mind. Therefore, if you happen to be in Austin this week and have a GPG key and want a signature, let me know. At least, let SOMEONE know. (My signature may not be what you need, and I am okay with that. But ... get yer keys signed!)

some old email discussing pgp-like implementation for the internal network
https://www.garlic.com/~lynn/2007d.html#email810506
in this post
https://www.garlic.com/~lynn/2007d.html#49 certificate distribution
and
https://www.garlic.com/~lynn/2006w.html#email810515
in this post
https://www.garlic.com/~lynn/2006w.html#12 more secure communication over the network

misc. old public key &/or crypto email
https://www.garlic.com/~lynn/lhwemail.html#crypto

misc. past posts mentioning the internal network ... which was larger than the arpanet/internet from just about the beginning, until sometime late '85 or possibly early '86
https://www.garlic.com/~lynn/subnetwork.html#internalnet
--
40+yrs virtualization experience (since Jan68), online at home since Mar70

IBM 'pulls out of US'

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: IBM 'pulls out of US'
Date: Mar. 4, 2009
Blog: Greater IBM

Half In U.S. See Another Country Emerging As World's Technological Leader
http://www.sciencedaily.com/releases/2009/03/090303123816.htm

one of the references
https://www.garlic.com/~lynn/2009c.html#66
from above post
https://www.garlic.com/~lynn/2009d.html#2 IBM 'pulls out of US'

mentions a study for the state gov. conference in the early 90s ... if the US could improve the US education system in science & math (vis-a-vis competitors in the world) ... it would improve GDP increase by a couple of percent .. but the observation was that instead of improving ... it actually declined.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is it time to put banking executives on trial?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Is it time to put banking executives on trial?
Date: Mar. 4, 2009
Blog: International Law

Stay away from Citigroup
http://www.bloggingstocks.com/2008/11/28/stay-away-from-citigroup-c/

and discussion that QSPEs had been abused ... to carry lots of things like (triple-A rated) toxic CDOs.

other recent news items:

S&P Calls for Greater Regulation on Credit Ratings
http://www.bloomberg.com/apps/news?pid=20601087
http://www.bloomberg.com/apps/news?pid=20601087&sid=a6vbtRVWxOjc&refer=home

from above
The U.S. Securities and Exchange Commission has criticized the ratings companies for conflicts of interest that may have led to excessively high bond ratings and a failure to warn investors about default risks. Financial institutions worldwide have taken almost $1.2 trillion in writedowns and credit losses since the beginning of 2007 as the subprime mortgage market collapsed, weakening the global economy.

... snip ...

above came up in the congressional hearings last fall ... but SEC didn't seem to be doing anything then ... note that Sarbanes-Oxley had SEC suppose to do something about rating agencies ... but nothing much seemed to have been done; references in these thread/posts:
https://www.garlic.com/~lynn/2009c.html#0
https://www.garlic.com/~lynn/2009c.html#1
https://www.garlic.com/~lynn/2009d.html#0
https://www.garlic.com/~lynn/2009d.html#3

FDIC's Bair Says Insurance Fund Could Be Insolvent This Year
http://www.bmighty.com/blog/main/archives/2008/04/grocery_data_br.html
Why Ken Lewis Destroyed Bank Of America
http://www.forbes.com/2009/03/03/ken-lewis-failure-leadership-governance_bofa.html

and more on the write-down theme:

Bank of America Charges May Surge as Mortgages Marked to Market
http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchive&sid=aoXvQxGD5ChU&refer=home

this post also discusses some of the issues w/problems obfuscated off-balance:
https://www.garlic.com/~lynn/2009d.html#7

Fixing A Failed Financial System
http://www.forbes.com/2009/03/03/obama-geithner-bailout-banks-opinions-columnists_credit_risk.html
Restoring Financial Stability: How to Repair a Failed System
http://www.wiley.com/WileyCDA/Section/id-370278.html

slightly related post on "The Formula That Killed Wall Street"
https://www.garlic.com/~lynn/2009d.html#16

and recent hearing w/Bernanke

Bernanke grilled on fourth AIG bailout
http://seattlepi.nwsource.com/business/402178_bernanke04.html

related/recent post about AIG
https://www.garlic.com/~lynn/2009d.html#10

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Microsoft Windows on a mainframe?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Microsoft Windows on a mainframe?
Newsgroups: bit.listserv.ibm-main
Date: Thu, 05 Mar 2009 10:31:28 -0500

Microsoft Windows on a mainframe?
http://www.networkworld.com/news/2009/041309-pci-security-rules-may-require.html

from above:
The company's z/VOS software is a CMS application that runs on IBM's z/VM and creates a foundation for Intel-based operating systems.

... snip ...

is this a re-incarnation of SAA from the late 80s & early 90s?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Can TOD (STCKE) be compressed into 12 bytes

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Can TOD (STCKE) be compressed into 12 bytes
Newsgroups: bit.listserv.ibm-main
Date: Fri, 06 Mar 2009 09:44:33 -0500

wfarrell@US.IBM.COM (Walt Farrell) writes:
There are many hardware architectural features described in the PoP that z/OS does not consider programming interfaces for programs running on z/OS. Finding and documenting all of them appropriately as "not a programming interface" would require a lot of work, I think.

A lot less than before (360) POP was moved into CMS script file. The original reason was the ease of editing/dealing with the text.

a motivation was that the POP was subset of the architecture "red book" (from it being distributed in a "red" 3-ring binder). As CMS script file, it allowed pertinent information to be kept together (for easy edit & management), but CMS command line option controlled whether the POP subset was printed or the full architecture manual was printed.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Can TOD (STCKE) be compressed into 12 bytes

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Can TOD (STCKE) be compressed into 12 bytes
Newsgroups: bit.listserv.ibm-main
Date: Sun, 08 Mar 2009 09:41:36 -0400

donbwms@GMAIL.COM (Don Williams) writes:
From a practical view point, I disagree. I believe that a usage note in the POP can imply a programming interface is likely to exist. Here's why.

re:
https://www.garlic.com/~lynn/2009d.html#24

the compare&swap notes were somewhat that way. Charlie had invented compare&swap doing fine grain multiprocessing locking work on (virtual machine) cp67 work at the science center (compare&swap was chosen because CAS are charlie's initials)
https://www.garlic.com/~lynn/subtopic.html#545tech

trying to get compare&swp into 370 architecture had lot of push back from the architecture group ... in part because the favorite son operating system in POK said that test&set was more than adequate for multiprocessor support. the architecture group commented that in order to get compare&swap included in 370 architecture ... a non-multiprocessor specific use was required.

Thus was born the compare&swap programming notes for multithreaded/multiprogramming use (still to be found) ... i.e. multithreaded applications ... running enabled for interrupts ... and requiring atomic operation (previously requiring kernel calls to approximate atomic operation).

misc. past posts mentioning multiprocessing and/or compare&swap instruction
https://www.garlic.com/~lynn/subtopic.html#smp

for other topic drift ... another mnemonic from invention at the science center is GML (by "G", "M", and "L") which as since morphed into stuff like SGML, HTML, XML, etc
https://www.garlic.com/~lynn/submain.html#sgml

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Return of the Smart Card?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Return of the Smart Card?
Date: Mar 8, 2009
Blog: Payment Systems Network

In the mid-90s, we had been tasked to design/cost dataprocessing infrastructure to support intro some of the european stored-value smartcards into the US.

The early motivation by operators in Europe seem to have been significantly motivated by the "float" they got. However, at one point, EU central banks stated that operators could retain the float for the 1st couple yrs to cover startup & deployment costs ... but after that, the operators would have to start paying interest on balances in the cards. After that, interest (slight pun) in the programs, seem to dry up

There were a couple smartcard efforts in the US in the early part this decade ... that seem to relatively quickly disappear.

One was POS ... rather large in the northeast. However, this was in the period that they were YES CARDS ... i.e. reference at the end of this article:
https://web.archive.org/web/20030417083810/http://www.smartcard.co.uk/resources/articles/cartes2002.html

which possibly contributed to little or no followup.

The other effort, was a home/personal computer ... including free give-aways of readers for personal computers ... however, these encountered so much customer support problems that it spawned a rapidly spreading opinion that smartcards weren't practical in the consumer/home market ... and the effort was abandoned. It turned out these were "serial port" (smartcard reader) devices ... and there seem to be loss of institutional knowledge in the few years between home banking migration to the internet (off of the proprietary dial-up operations .. which had extensive consumer support costs related to "serial port" modems; one dial-up banking case-study claimed to have a library of over 60 different drivers to handle most common serial-port customer configurations) ... and the failed deployment attempt with "serial port" smartcard readers.

The problems with the early deployments may have contributed to the apparent "wait-and-see" attitude currently.

For other topic drift ... we had done a lot of work more than a decade ago to improve "security chip" (like those typically found in smartcards) integrity (I would facetiously comment that I would take a $500 milspec part, aggresively cost reduce by 2-3 orders of magnitude while improving the integrity). Part of the AADS chip strawman effort involved walking the end-to-end process looking at both integrity issues as well as cost issues.

Part of the effort effectively provided for a fully functional chip which could immediately be available for use ... w/o extensive post-fab processing (in effect, chip was ready as soon as wafer had been sliced and diced). A side effect, was that the changes would also allow a shift from "institutional centric" operation to person centric paradigm for hardware authentication (i.e. same hardware authentication could be used with lots of different institutions).

We have long since moved on ... but patents from that long ago effort continue to roll out
https://www.garlic.com/~lynn/aadssummary.htm

other AADS references
https://www.garlic.com/~lynn/x959.html#aads

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Californa's Data Breach Law May Get an Update

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Californa's Data Breach Law May Get an Update
Date: Mar 8, 2009
Blog: Payment Systems Network

Californa's Data Breach Law May Get an Update
http://www.pcworld.com/article/160871/californias_data_breach_law_may_get_an_update.html

also from the article:
But lawyers working on data breach cases estimate that perhaps only one in 10 breaches are ever made public, according to Fred Cate, a law professor at Indiana University. "We actually have very poor data on data breaches," he told conference attendees.

... snip ...

We were tangentially involved. We had been brought in to help word-smith the cal. state electronic signature legislation
https://www.garlic.com/~lynn/subpubkey.html#signature

and some of the participants were also involved in privacy issues. they had done some indepth customer privacy surveys and found the number one issue was "identity theft" ... a major category which was financial fraud as the result of breaches ... which seemed to be getting no attention.

Do Breach Notification Laws Work? Yes
http://www.informationweek.com/blog/main/archives/2009/03/do_breach_notif.html
California bill spells out what companies have to say about data breaches
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9129267
CA Senator Pushing For Tightened Data Breach Notification
http://yro.slashdot.org/article.pl?sid=09/03/09/2041200

One of the issues originally was that financial fraud from breaches was on the increase ... not only wasn't anything being done about the breaches ... but public was frequently unaware of why the fraud was happening. in the case of lost stolen/card ... the card owner was usually aware that they no longer had their card ... and could take corrective measures (like reported the card as lost/stolen).

In the case of "information compromise" (breaches, skimming, harvesting, etc) the public was totally unaware until they started seeing the fraudulent transactions.

Misc. past posts mentioning crooks "havesting" information (for the purpose of financial fraud):
https://www.garlic.com/~lynn/subintegrity.html#harvest

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

I need insight on the Stock Market

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: I need insight on the Stock Market
Date: Mar 8, 2009
Blog: Economics

for the fun of it .... from Glass-Steagall (senate banking) hearings in the early 30s ... as to what was the root of the '29 crash
BROKERS' LOANS AND INDUSTRIAL DEPRESSION

For the purpose of making it perfectly clear that the present industrial depression was due to the inflation of credit on brokers' loans, as obtained from the Bureau of Research of the Federal Reserve Board, the figures show that the inflation of credit for speculative purposes on stock exchanges were responsible directly for a rise in the average of quotations of the stocks from sixty in 1922 to 225 in 1929 to 35 in 1932 and that the change in the value of such Stocks listed on the New York Stock Exchange went through the same identical changes in almost identical percentages.

... snip ...

This is analogous to securitization and toxic CDOs, but applied to speculation in the unregulated home market, with the additional factor that the rating agencies were giving triple-A rating to the toxic CDOs and they were then being gobbled up by all sort of institutions.

Somewhat split between the bank modernization act and the commodities futures modernization act.

25 People to Blame for the Financial Crisis; Phil Gramm
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877330,00.html

Gramm and the 'Enron Loophole'
http://www.nytimes.com/2008/11/17/business/17grammside.html

Phil Gramm's Enron Favor
https://web.archive.org/web/20080711114839/http://www.villagevoice.com/2002-01-15/news/phil-gramm-s-enron-favor/

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

recent related archived (linkedin answer) posts:
https://www.garlic.com/~lynn/2009d.html#0 PNC Financial to pay CEO $3 million stock bonus
https://www.garlic.com/~lynn/2009d.html#3 Congress Set to Approve Pay Cap of $500,000
https://www.garlic.com/~lynn/2009d.html#7 Are Ctibank's services and products so vital to global economy than no other banks can substitute it?
https://www.garlic.com/~lynn/2009d.html#10 Who will Survive AIG or Derivative Counterparty Risk?
https://www.garlic.com/~lynn/2009d.html#11 Congress Set to Approve Pay Cap of $500,000
https://www.garlic.com/~lynn/2009d.html#16 The Formula That Killed Wall Street
https://www.garlic.com/~lynn/2009d.html#18 HSBC is expected to announce a profit, which is good, what did they do differently?
https://www.garlic.com/~lynn/2009d.html#22Is it time to put banking executives on trial?

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Thanks for the SEL32 Reminder, Al!

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Thanks for the SEL32 Reminder, Al!
Newsgroups: alt.folklore.computers,comp.arch
Date: Mon, 09 Mar 2009 11:26:54 -0400

MitchAlsup <MitchAlsup@aol.com> writes:
The CDC 6600 and 7600 had extended Core Storeage, and could move fairly large amounts of memory to/from the ECS in a single instruction. The entire banked (16 or 32) memory structure was (potentially) concurrently active during this transfer. The smallest transfer was on-the-order of 32-words, the largest transfer was on-the- order of sizeof(Main Memory). Thus, multiprogramming time slicing would be performed by moving all of the task's memory to main memory, giving it a timeslice, and then sending it back (if needed). All at a good fraction of a GigaByte/sec (in 1964!) at a time when disks were good for 1-4 MB/s.

not in that time-frame, but 3090 had expanded storage in the 80s. at the time, issue was physical packaging ... in order to configure additional memory ... it was phisically more distant and therefor had greater latency. to compensate wider bus was created with a 4k page transfer instruction (even tho the actual memory technology was essentially the same). it differentiated from earlier "electronic" paging disks ... in that the move instruction was synchronous (and faster than a 4k-page mvcl insturction). part of the benefit comparison was that asynchronous i/o & interrupt pathlengths were significantly longer than the synchronous move instruction.

later memory technologies overcame the problem ... however, "simulated" expanded storage continued to be configured (using LPAR configuration options) ... where some part of standard storage was configured to emulate "expanded storage". the issue was that having smaller amounts of configured "standard" storage resulted in less disk paging (vis-a-vis having the combined expanded+standard all configured as standard) ... which was an idiosyncrasy of their page replacement implementation (the overhead of shuffling pages back&forth between expanded and standard, because of algorithm implementation problems, was offset by having less disk paging).

when they were trying to add HiPPI ("standards" version of cray channel, 100mbyte/sec) to 3090 ... the standard I/O interface didn't support the transfer rates ... so they cut into the side of the expanded memory bus. Rather than mainframe channel i/o programs ... commands were "peek/poke" to (HiPPI) "reserved" expanded storage addresses.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

I need insight on the Stock Market

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: I need insight on the Stock Market
Date: Mar 10, 2009
Blog: Economics

re:
https://www.garlic.com/~lynn/2009d.html#28 I need insight on the Stock Market

news item from today:

Bernanke Says Must Protect Against Systemic Risks
http://www.informationweek.com/galleries/showImage.jhtml?galleryID=26
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487

from above:
Federal Reserve Chairman Ben Bernanke said Tuesday regulators must find a way to safeguard the entire financial system and not just its parts to prevent future crisis like the one currently engulfing economies around the globe.

... snip ...

Somewhat related to the above:

Recipe for Disaster: The Formula That Killed Wall Street
http://www.wired.com/techbiz/it/magazine/17-03/wp_quant?currentPage=all

however, people have been raising the above issue for some time ... and it all may just be obfuscation. Chairman of goldman-sachs somewhat referred to it a couple weeks ago when making reference to the business people shouldn't be allowed to override the risk managers. another view of that aspect:

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/

basically, the business managers fiddled the input until they got the desired output ... aka much more a case of GIGO (garbage in, garbage out).

And back to the Bernacke comments ... there was no oversight. And another article related to Bernacke's comments

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

from above:
"Securitization was based on the premise that a fool was born every minute," Joseph Stiglitz, a professor of economics at Columbia University in New York, told a congressional committee on Oct. 21. "Globalization meant that there was a global landscape on which they could search for those fools -- and they found them everywhere."
... snip ...

related post
https://www.garlic.com/~lynn/2009d.html#16 The Formula That Killed Wall Street

Another primary Bernanke issue (besides systemic risk) is too big to fail. Trying to "fix" too-big-to-fail ... would seem to put him in opposition to recent remedial activity which have included efforts that resulted in some of the worst offenders becoming even larger.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Bolt-on security no longer fit for purpose

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Bolt-on security no longer fit for purpose
Date: Mar 10, 2009
Blog: Enterprise Security

Bolt-on security no longer fit for purpose; Vendors must embed better security into products or services from the start
http://www.vnunet.com/vnunet/analysis/2238109/current-security-models

Actually this discussion comes up periodically ... sometimes even referring to systems from 60s & 70s that exhibit little or none of the vulnerabilities found in more modern systems. Part of the issue was that many of those earlier systems started with assumption that there had to be countermeasures to deal with hostile environment ... and so security was "designed in".

Many of today's offerings have been produced with no consideration regarding threats & vulnerabilities ... so security is something that attempts to be applied afterward ... attempting to hide all the warts.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Architectural Diversity

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Architectural Diversity
Newsgroups: alt.folklore.computers,comp.arch
Date: Tue, 10 Mar 2009 10:26:52 -0400

Joe Pfeiffer <pfeiffer@cs.nmsu.edu> writes:
The single-chip vs. wire-wrap difference seems like an apples to oranges comparison -- the 801 prototype was a prototype of a research machine; the fact that they didn't make a single-chip computer out of it doesn't mean they couldn't have.

Remember that time was almost exactly when RISC was introduced -- the term RISC was coined in 1980. I'm far from convinced an "8086 RISC" wasn't possible, and wouldn't have had higher performance than the real 8086.

I was at an 801 presentation in mid-70s (internal advanced technology symposium, we were presenting design for 16-way smp). Their theme was somewhat that software could compensate for lots of hardware shortcomings. I've claimed that big motivation for 801 was to go to the opposite extreme of the enormous hardware complexity in the (failed) Future System effort ... misc. past postings mentioning FS
https://www.garlic.com/~lynn/submain.html#futuresys

misc. past posts mentioning 801, fort knox, iliad, romp, rios, power/pc, etc
https://www.garlic.com/~lynn/subtopic.html#801

early 80s, there was large internal effort to converge a wide-variety of internal microprocessors to 801 (4341 follow-on processor engine was supposed to be 801-based, as/400 originally was supposed to be 801-based, etc). When several of those efforts floundered, some number of engineers left ... and started to see risc efforts spouting at other vendors.

romp (research/office products) started out to be a displaywriter follow-on. when that project was canceled, the group looked around for another market and found the unix workstation market. the group that had done the pc/ix port ... was hired to do similar port for romp ... and pc/rt (& AIX) was born.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Architectural Diversity

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Architectural Diversity
Newsgroups: alt.folklore.computers,comp.arch
Date: Tue, 10 Mar 2009 11:18:06 -0400

Anne & Lynn Wheeler <lynn@garlic.com> writes:
I was at an 801 presentation in mid-70s (internal advanced technology symposium, we were presenting design for 16-way smp). Their theme was somewhat that software could compensate for lots of hardware shortcomings. I've claimed that big motivation for 801 was to go to the opposite extreme of the enormous hardware complexity in the (failed) Future System effort ... misc. past postings mentioning FS
https://www.garlic.com/~lynn/submain.html#futuresys

re:
https://www.garlic.com/~lynn/2009d.html#32 Architectural Diversity

one of the final nails in the FS coffin was analysis by houston science center that if a FS machine was built out of 370/195 components and existing typical applications (running on 370/195s) were run on the machine ... they would have the throughput of 370/145 (factor of about 30 times slower).

now lots of the entry & midrange 360s/370s had microcode implementation with a 10:1 slowdown (i.e. avg. of 10 micro instructions per 370 instruction) ... the higher end machines had implementations much closer to the native, underlying hardware.

a big aspect of RISC was there was much closer one-to-one relationship between instruction rate and underlying hardware thruput (and software sophistication could be leveraged to compensate for lack of hardware complexity).

re:
https://www.garlic.com/~lynn/subtopic.html#801

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Future System

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Future System
Newsgroups: alt.folklore.computers,comp.arch
Date: Tue, 10 Mar 2009 11:30:01 -0400

John Byrns <byrnsj@sbcglobal.net> writes:
I remember all the general talk of "Future System" at the time IBM was working on it, but I don't remember ever hearing any actual technical detail on "Future System", yet when the 801 design came along IBM published all the details and nitty gritty.

Was this apparent lack of information on "future System" just the result of my viewpoint on what was going on? Did IBM actually publish any detailed technical information on the design of "Future System"?

re:
https://www.garlic.com/~lynn/2009d.html#32 Architectural Diversity
https://www.garlic.com/~lynn/2009d.html#33 Architectural Diversity

Future System was major product effort ... to replace 360/370 ... all the details were kep strictly corporate confidential.

there were even efforts to make the documentation softcopy and only accessible via dumb terminals ... with lots & lots of security wrapping systems that contained the documentation (making it much more difficult for the documents to walk away).

there was even a scenario where they claimed that even if I was in the same room with machines containing the documentation ... even I wouldn't be able to gain unauthorized access. it was one of the few times i rose to such bait ... and took 5 minutes to demonstrate an exploit giving unlimited access

sort of counter to this recent (linkedin) comment about recent news
https://www.garlic.com/~lynn/2009d.html#31 Bolt-on security no longer fit for purpose

in any case, future system was killed before it was announced or ever saw the light of day. 801 products eventually shipped ... so detailed information was available on announced/shipped products ... as well as some articles about its research history.

part of it was also IBM was coming off of some amount of litegation where it was slapped hard about leaked/public references to unannounced products ... recent references to one such
https://www.garlic.com/~lynn/2009c.html#14 Assembler Question

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Future System

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Future System
Newsgroups: alt.folklore.computers,comp.arch
Date: Tue, 10 Mar 2009 13:32:12 -0400

nmm1 writes:
My jaundiced viewpoint (with the benefit of hindsight) is that the reason that IBM published nothing is that all of the design teams were spending all their time running around like headless chickens trying to keep track of the loose ends that every new change introduced :-)

That was true for a LONG time for the Itanium - Intel and HP didn't want to publish anything that they would have to retract almost immediately afterwards. In the event, they had to retract a fair amount - e.g. 'lazy mode', in my view the most interesting aspect.

re:
https://www.garlic.com/~lynn/submain.html#futuresys

at the time, i used a comparison with a cult film that had been playing continuously for more than a decade down in central sq ... something about the inmates being in charge of the institutions. coming off of 360, the technical community carried quite a bit of weight in the company ... but that pretty much evaporated after FS. Old reference to Fergus&Morris on the subject:
https://www.garlic.com/~lynn/2001f.html#33 IBM's "VM for the PC" c.1984??

my comments at the time ... probably weren't particularly career enhancing. however, all the focus on FS allowed the 370 hardware and software pipelines to go dry. After death of FS, there was mad rush to get stuff back into the 370 product pipelines. Since I had continued to do 370 related stuff all thru the FS period ... having some stuff relatively ready to go ... plus the mad rush in wake of FS demise, helped overcome some of the NIH resistance. some old email about porting a bunch of stuff (that I had been doing on cp67) to vm370 ... and then cutting production system distribution for internal releases (some amount of the stuff eventually leaking out in products)
https://www.garlic.com/~lynn/2006v.html#email731212
https://www.garlic.com/~lynn/2006w.html#email750102
https://www.garlic.com/~lynn/2006w.html#email750430

as an aside ... major HP itanium architect had previously been involved in HP risc ... and before that in 370 Iliad (i.e. 801 processor for low to mid-range 370s).
https://www.garlic.com/~lynn/subtopic.html#801

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Bernanke Says Regulators Must Protect Against Systemic Risks

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Bernanke Says Regulators Must Protect Against Systemic Risks
Date: Mar 10, 2009
Blog: Financial Crime Risk, Fraud and Security

Bernanke Says Regulators Must Protect Against Systemic Risks
http://www.informationweek.com/galleries/showImage.jhtml?galleryID=26
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487

some references in the above:

Recipe for Disaster: The Formula That Killed Wall Street
http://www.wired.com/techbiz/it/magazine/17-03/wp_quant?currentPage=all

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

related discussion (in linkedin question) ... archived here:
https://www.garlic.com/~lynn/2009d.html#28
https://www.garlic.com/~lynn/2009d.html#30

another major topic for Bernanke has been too big to fail ... however that would almost seemed to put him in opposition to recent remedial efforts that have resulted in some of the worst offenders getting even bigger.

a few other recent posts menioning too big to fail
https://www.garlic.com/~lynn/2009c.html#55 Who will give Citigroup the KNOCKOUT blow?
https://www.garlic.com/~lynn/2009c.html#65 is it possible that ALL banks will be nationalized?
https://www.garlic.com/~lynn/2009d.html#0 PNC Financial to pay CEO $3 million stock bonus

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

NEW SEC (Enforcement) MANUAL, A welcome addition

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: NEW SEC (Enforcement) MANUAL, A welcome addition
Date: Mar 10, 2009
Blog: Financial Crime Risk, Fraud and Security

NEW SEC (Enforcement) MANUAL, A welcome addition
http://www.law.com/jsp/nlj/PubArticleNLJ.jsp?id=1202428827579

In the Madoff hearings, the person that had been trying for a decade to get SEC to do something about Madoff ponzi scheme seem to imply SEC wasn't doing anything ... not only about Madoff ... but also about some number of other similar schemes.

Also, in the wake of ENRON, Sarbanes-Oxley supposedly had SEC doing something about public company financial filings ... but possibly because it seemed that SEC wasn't doing anything there ... GAO started databases of problem filings ...
https://www.gao.gov/products/gao-06-1079sp

GAO had found something like 300% increase in problem filings in period after Sarbanes-Oxley compared to filings it looked at for the 90s.

Sarbanes-Oxley also supposedly required SEC to do something about the rating agenices ... but nothing seemed to have happened except this report:

In congressional hearings last fall into CDOs & rating agencies ... testimony was that the rating agencies were giving triple-A ratings to toxic CDOs ... even tho the rating agencies knew they weren't triple-A. This dramatically increase the institutions that would purchase the toxic CDOs ... and dramatically increased the amount of money available to loan originators that were using securitzation as source of funds (further aggravating a problem that was already significant)

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

from above:
Watsa's only sin was in being a little too early with his prediction that the era of credit expansion would end badly. This is what he said in Fairfax's 2003 annual report: "It seems to us that securitization eliminates the incentive for the originator of [a] loan to be credit sensitive. Prior to securitization, the dealer would be very concerned about who was given credit to buy an automobile. With securitization, the dealer (almost) does not care."

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Internet threat: Hackers swarm bank accounts

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Internet threat: Hackers swarm bank accounts
Date: Mar 11, 2009
Blog: Financial Crime Risk, Fraud and Security

Internet threat: Hackers swarm bank accounts
http://www.usatoday.com/money/industries/banking/2009-02-22-bank-accounts-hackers_N.htm

from:
The new trojan programs — which wait on your hard drive for an opportunity to crack your online banking account — are different from traditional "phishing" e-mail scams that try to trick you into typing your login information at fake bank websites.

... snip ...

cross-over reference

Bolt-on security no longer fit for purpose; Vendors must embed better security into products or services from the start
http://www.vnunet.com/vnunet/analysis/2238109/current-security-models

from enterprise security ... archived
https://www.garlic.com/~lynn/2009d.html#31

there are two distinct threats/vulnerabilities

1) existing infrastructure which has large common vulnerability to replay attacks ... sniffing, skimming, harvesting, evesdropping, etc ... information across a wide-range of environments (not just personal computers, but things like data breaches) , which can be used by attackers to perform fraudulent transactions.

we had been called in by small client/server startup because they wanted to do payment transactions on their server ... they had also invented this technology called SSL they wanted to use ... results is frequently now referred to as electronic commerce. somewhat as a result, in the mid-90s, we were asked to participate in the x9a10 financial standard working group ... which had been given the requirement to preserve the integrity of the financial infrastructure for ALL retail payments. the result was x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959

which slightly tweaked the paradigm, including eliminating replay attack vulnerability ... across ALL environments (data breaches, skimming, sniffing, evesdropping, POS, personal computer, etc). Since x9.59 was required to address *ALL* environments ... not only did it have to look at the elapsed time requirement at real *POS*, but also spent a lot of effort to meet transit/metro turnstyle elapsed time requirement (small subsecond operation). this is in contrast to some other internet (payment effort) activities in the same timeframe that had enormous payload size and processing time bloat (overhead increase on the order of 100 times)
https://www.garlic.com/~lynn/subpubkey.html#bloat

2) malicious active code ... were the code running on the personal computer originates a fraudulent transaction ... impersonating the person ... using the resources available on the individual's machine

this has been well recognized problem for more than decade. in the mid-90s, the EU had the FINREAD standard as a countermeasure to this class of attacks. basically an external device requiring human physical action ... that also addressed compromised display (is the transaction that is displayed for approval, the actual transaction being executed).

FINREAD was collateral damange from the problems in the early part of the decade that gave rise to widely held opinion that hardware authentication tokens weren't practical in the consumer market ... see this x-over from payment systems network
https://www.garlic.com/~lynn/2009d.html#26

,,, oh, and misc. past posts referencing EU FINREAD standard
https://www.garlic.com/~lynn/subintegrity.html#finread

for a little other drift ... we had been brought in to do some of the word smithing on the cal. state electronic signature act .... misc. past posts mentioning
https://www.garlic.com/~lynn/subpubkey.html#signature

which got us tangentially involved in the cal. state breach notification legislation since some of the parties involved in the electronic signature work were also behind the breach notification legislation ... recent news item

California's Data Breach Law May Get an Update
http://www.pcworld.com/article/160871/californias_data_breach_law_may_get_an_update.html

mentioned over in payment systems network post
https://www.garlic.com/~lynn/2009d.html#27

and for even more fun ... slightly older SSL and website assurance news article

SSLstrip hacking tool bypasses SSL to trick users, steal passwords
http://searchsecurity.techtarget.com/news/article/0,289142,sid14_gci1348473,00.html

discussed in this post
https://www.garlic.com/~lynn/2009c.html#50

mentioning that as part of deploying this thing that is now frequently referred to as electronic commerce ... we had to do and end-to-end walk thru of SSL related technologies and business processes (including looking at various of the new things calling themselves Certification Authorities) ... as well as security assumptions regarding how SSL was deployed and used. some past posts
https://www.garlic.com/~lynn/subpubkey.html#sslcerts

As i've mentioned several times before ... part of the original requirements for secure SSL deployment was almost immediately bypassed ... which is behind a lot of the current website impersonations.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

1401's in high schools?

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 1401's in high schools?
Newsgroups: alt.folklore.computers
Date: Wed, 11 Mar 2009 20:30:21 -0400

hancock4 writes:
If I remember the IBM history correctly, the 650 was "in production" until 1962. That seems rather late for that particular machine since the 1401 and 1620 would've made it obsolete. Of course, _until_ the 1401s were rolling out the door the 650 was needed, but didn't the 1401 hit the street circa 1960? There's always a lag between announcement and delivery. Further, a new machine is worthless until applications are written for it. The 650, even if obsolete, by 1961 had plenty of software written for it plus IBM added a number of features, such as a little bit of core and peripherals.

But being a tube machine it must have sucked up plenty of power for the tubes and a/c to cool them. The CPU, which I think took up two cabinets, was bigger than the 1401 CPU.

from recent thread:
https://www.garlic.com/~lynn/2009c.html#35 Why do IBMers think disks are 'Direct Access'?

from the above post ...

drums were even used in early systems for processor stored programs. http://www-03.ibm.com/ibm/history/exhibits/650/650_ch1.html

from above:
Some of the early design of components and the development of the concepts which led to the IBM 650 Magnetic Drum Data Processing Machine began in the late-1940s

December 8, 1954

The first 650 delivered to a customer is installed in the controllers department of the John Hancock Mutual Life Insurance Company in Boston. (The company also becomes the first customer to acquire two 650s, when a second system is installed in April 1955.)

September 14, 1956

650 RAMAC (which combines the IBM 650 Magnetic Drum Data Processing Machine and a series of IBM 355 disk memory units) and the 305 RAMAC are announced. The 650 is demonstrated at IBM's Glendale Laboratory in Endicott.

... snip ...

... also from the same (650) URL:
June 1959 A 650 simulates the operation of a complete oil refinery at the Fifth World Petroleum Congress Exposition in New York City.

1962 The final IBM 650 is manufactured.

August 18, 1969 The IBM 650 and its components are withdrawn from marketing.

... snip ...

650 pictures:
http://www-03.ibm.com/ibm/history/exhibits/650/650_album.html

this picture mentions the 655 Power Unit ... which is as big as the processor (and bigger than 1401).
http://www-03.ibm.com/ibm/history/exhibits/650/650_ph03.html

It may be the case that some 650s continued to be produced for customers that had 650 programs that still need to be be converted to newer machines (besides availability of the machines ... there can be time-lag to move existing customers/applications).

this mentions nearly 2000 650s were produced:
http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_intro.html

from above:
In 1959, IBM introduced two of its most important computers. These were the 1401 Data Processing System, widely used for business applications, and the 1620 Data Processing System, a small scientific and engineering computer used for such diverse applications as automatic typesetting, highway design and bridge building.

... snip ...

1401 Data Processing System (announce 5OCT1959, withdrawn 8FEB71):
http://www-03.ibm.com/ibm/history/exhibits/mainframe/mainframe_PP1401.html

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Bernanke Says Regulators Must Protect Against Systemic Risks

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Bernanke Says Regulators Must Protect Against Systemic Risks
Date: Mar 11, 2009
Blog: Financial Crime Risk, Fraud and Security

related discussion (in linkedin question) ... archived here:
https://www.garlic.com/~lynn/2009d.html#30

some references in the above:

Recipe for Disaster: The Formula That Killed Wall Street
http://www.wired.com/techbiz/it/magazine/17-03/wp_quant?currentPage=all

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

about business people lying to computers ... chairman of goldman-sachs a week or so ago came out about some number of things that would have to be different ... including giving the risk managers enough power that they couldn't be overruled by the business people ... but on this issue

the wired article isn't anything new ... item from 2007 ... referring to wall street journal article from 2005

How Conventional CDO Analytics Missed the Mark
http://www.bobsguide.com/guide/news/2007/Dec/20/Kamakura_Releases_Study:_How_Conventional_CDO_Analytics_Missed_the_Mark.html

from above:
"Two years ago the Wall Street Journal in a page 1 story pointed out the dangers in relying on the copula approach for CDO valuation, but investors were slow to realize the magnitude of their model risk"

... snip ...

long winded, decade old post discussing some of the current issues ... including some (similar) analysis about evaluation in the S&L crisis that (ARM) mortgages could take down CITI ... which resulted in them getting out of the mortgage market.
https://www.garlic.com/~lynn/aepay3.htm#riskm Thread Between Risk Management and Information Security.

And effectively they got caught again with ARM mortgages ... but this time in the form of CDOs:
http://www.bobsguide.com/guide/news/2007/Dec/20/Citigroup_sacks_CDO_bankers.html

URL for draft of Kamakura's article from 2007
http://www.kamakuraco.com/Portals/0/doclibrary/KCP26.pdf

As an aside ... Bernanke has too big to fail ranked up there with Systemic Risk ... which on the surface would put him at odds with recent remedial efforts ... where many of the worst offenders are actually getting bigger ... rather than smaller.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Return of the Smart Card?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Return of the Smart Card?
Date: Mar 12, 2009
Blog: Payment Systems Network

re:
https://www.garlic.com/~lynn/2009d.html#26 Return of the Smart Card

then there is discussion in this group from last fall related to paper from kansas city fed ... which also mentions industry x9.59 financial transaction standard
https://www.garlic.com/~lynn/x959.html#x959

"Can Smart Cards Reduce Payments Fraud and Identity Theft"
http://www.linkedin.com/groupAnswers?viewQuestionAndAnswers=&gid=50424&discussionID=342067&sik=1236858420932&trk=ug_qa_q

PDF is at:
http://www.kansascityfed.org/Publicat/ECONREV/PDF/3q08Sullivan.pdf

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
Date: Mar 12, 2009
Blog: Hedge Funds

In Madoff congressional hearings, the person that had been trying for a decade to get the SEC to do something about Madoff said that there were more out there ... and that they would be turning over information to SEC about addtional. other tidbits from their testimony:

could only think of one person at SEC (in some field office, gave their name) that had any understanding of financial transactions ... all the others at the SEC had no understanding (and were mostly lawyers).

only 4% of fraud is turned up by audits ... over 50% from tips; tips are 13 times more effective than audits. SEC has a 1-800 hotline for companies to complain about too vigorous investigation. there is no corresponding "tip" line.

if it wasn't for the current financial crisis, the Madoff ponzi scheme easily could have continued to $100B

... snip ...

In his testimony, there was repeated theme that crooks & fraud thrive where there is lack of visibility and transparency ... and the major recommendation is to change the culture to provide transparency in all aspects of the operations. There is need for new legislation and regulations, but they will always lag behind the crooks. Much more important is creating institutional and infrastructure transparency.

Possibly, in part because SEC didn't seem to be doing anything (even in spite of SOX ... passed in wake of ENRON), GAO started database:
https://www.gao.gov/products/gao-06-1079sp

The reporting problems increased something like >300% in period since SOX (compared to the 90s). In part, executives would fiddle the numbers to boost their bonuses. Later the numbers might be revised, but the bonuses not forfeited. There was study reported a couple months ago about 270 companies that had extensively revised their executive compensation plans because of problems with executive motivation to fiddle financial reports.

Sarbanes-Oxley also supposedly required SEC to do something about the rating agencies .. but there doesn't seem to be anything other than:

In the congressional hearings last fall on the rating agencies, there was repeated testimony that both the rating agencies and the toxic CDO issuers/sellers knew that the toxic CDOs weren't worth triple-A ratings, but the issuers/sellers were paying for the triple-A ratings.

Passage of Commodities Futures Modernization Act has been implicated in both ENRON and the (AIG) CDS mess.

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

Other (linkined) discussion with respect to CDS (& AIG)
https://www.garlic.com/~lynn/2009d.html#10

Note that the Bank Modernization act (repealing the Glass-Steagall act) involved some of the same people as the Commodities Futures Modernation act. There was some note that it was passed in the House, and even before the text was distributed in the Senate, the Senate passed it unaminously.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

was: Thanks for the SEL32 Reminder, Al!

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: was: Thanks for the SEL32 Reminder, Al!
Newsgroups: alt.folklore.computers,comp.arch
Date: Fri, 13 Mar 2009 09:37:57 -0400

Peter Flass <Peter_Flass@Yahoo.com> writes:
Sometimes. If you have a batch of photos that all need to have the same transforms applied to them (cropped, reduced/enlarged, color adjust) it would be noce to feed them into a program and just say "doit." GUI editors usually require the same effort for the 50th photo as the first.

i've used gimp (shell script/command line) to enhance the contrast/readibility on large batch of scanned old letters (that my wife's mother wrote to her mother from nanking, when her father was stationed there in the 40s) ... basically each page was separate file ... a few past references:
https://www.garlic.com/~lynn/2006b.html#27 IBM 610 workstation computer
https://www.garlic.com/~lynn/2006c.html#27 Mount DASD as read-only
https://www.garlic.com/~lynn/2006s.html#44 Universal constants
https://www.garlic.com/~lynn/2007j.html#86 IBM Unionization
https://www.garlic.com/~lynn/2008f.html#58 China overtakes U.S. as top Web market

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Future System

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Future System
Newsgroups: alt.folklore.computers,comp.arch
Date: Fri, 13 Mar 2009 10:23:06 -0400

Quadibloc <jsavard@ecn.ab.ca> writes:
However, I thought it was the original AS/400 the embodied - at a lower performance and price level - IBM's ambitions for the Future System. The idea was a machine that was heavily dependent on specialized microcode, so that it had multiple personalities optimized to different applications. Implications for vendor lock-in are obvious.

note that FS was architecture
https://www.garlic.com/~lynn/submain.html#futuresys

... not the hardware components/technology ... slightly implied by comment doing analysis if FS machine were built from 370/195 technology ... 370/195 applications would have thruput of 370/145 (about 30:1 degradation).
https://www.garlic.com/~lynn/2009d.html#33 Architectural Diversity

folklore is that some number from FS retreated to Rochester and turned out s/38.

as/400 is the s/38 follow-on ... originally was "fort knox" machine ... i.e. part of the corporate strategy starting circa 1980 to converge large range of corporate microprocessors to 801/risc (also included the 4341-follow-on). that effort eventually floundered and as/400 had a rush project to turn out a CISC microprocessor instead. this was revisited in the 90s when as/400 did migrate to flavor of power/pc.

lots of past posts mentioning 801, iliad, fort knox, romp, rios, power, power/pc, etc
https://www.garlic.com/~lynn/subtopic.html#801

in the 60s, when i was undergraduate, i added tty/ascii terminal support to (virtual machine) cp67. i tried to do it in such a way that it did automatic terminal type identification ... so 2741, 1050s, & tty could use same (rotary) dial-in number. there was short-coming in 2702 controller implementation that allowed it to work for dedicated ports/lines, but had problem with actually sharing common pool of modems/ports.

this somewhat motivated the univ. to do a clone controller project, starting out with interdata/3, reverse engineered the channel interface, built channel interface board for the interdata/3. there was write-up that blamed four of us for clone controller market (there were some articles that claimed some of these clone controller manufacturers were as large or larger than some of the other computer vendors in the 70s). misc. past posts mentioning
https://www.garlic.com/~lynn/submain.html#360pcm

the clone controller business was major motivation for the FS effort ... reference:
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm
https://www.ecole.org/en/session/49-the-rise-and-fall-of-ibm

from above:
IBM tried to react by launching a major project called the 'Future System' (FS) in the early 1970's. The idea was to get so far ahead that the competition would never be able to keep up, and to have such a high level of integration that it would be impossible for competitors to follow a compatible niche strategy. However, the project failed because the objectives were too ambitious for the available technology. Many of the ideas that were developed were nevertheless adapted for later generations. Once IBM had acknowledged this failure, it launched its 'box strategy', which called for competitiveness with all the different types of compatible sub-systems. But this proved to be difficult because of IBM's cost structure and its R&D spending, and the strategy only resulted in a partial narrowing of the price gap between IBM and its rivals.

... snip ...

the distraction of the FS effort and letting 370 product pipeline dry up in the mid-70s, (among other things) allowed 370 clone processors to gain foothold in the market.

old quotation from fergus/morris book
https://www.garlic.com/~lynn/2001f.html#33

(somebody else's) fergus/morris quote (cited in above)
... that so much energy went into FS that s370 was neglected, hence Japanese plug-compatibles got a good foothold in the market; after FS's collapse a tribe of technical folks left IBM or when into corporate seclusion; and perhaps most damaging, the old culture under Watson Snr and Jr of free and vigorous debate was replaced with sycophancy and make no waves under Opel and Akers. It's claimed that thereafter, IBM lived in the shadow of defeat (by the FS failure), hence, while still agressive in business practices, IBM faltered at being aggressive in technology.

... snip ...

Amdahl gave presentation at MIT in the early 70s about launching his new (clone) 370. One of the questions from the audience was what justifications did he use to get backing for his company. he said that customer's had already spent something like $200B (development) for 360/370 software ... and even if IBM were to totally walk away from 370 (might be considered veiled reference to FS), there would still be enough customer demand to keep him in business thru the end of the century. There were also statements from the audience about him just being a front company for foreigners (between the direct investment and all the manufacturing)

There is some speculation whether or not the corprate FS detour was motivation for him to leave and start his own processor company (having been working on new hardware technologies for follow-on 370-type machines).

I've also asserted that complexity of failed FS was at least some of the motivation for doing effectively the opposite in 801/risc.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Bernanke Says Regulators Must Protect Against Systemic Risks

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Bernanke Says Regulators Must Protect Against Systemic Risks
Date: Mar 13, 2009
Blog: Financial Crime Risk, Fraud and Security

re:
https://www.garlic.com/~lynn/2009d.html#36 Bernanke Says Regulators Must Protect Against Systemic Risks
https://www.garlic.com/~lynn/2009d.html#40 Bernanke Says Regulators Must Protect Against Systemic Risks

not as old as the long-winded decade old post discussing some of the current problems
https://www.garlic.com/~lynn/aepay3.htm#riskm

but post from 2007 ... mentioning that the problem with CDO analysis was well known
https://www.garlic.com/~lynn/2007v.html#25

the earlier reference referred to detailed analysis of ARMs from different perspective two decades ago ... resulted in CITI getting out of mortgage business. Then nearly two decades later, CITI found itself in very much the same situation with ARMs (but this time packaged as CDOs). The detailed analysis of ARM portfolio two decades ago required looking at all the individual details under large number of different conditions. The same requirement exists when they are packaged as CDOs. For whatever reasons, the business people overruled the risk managers ... even tho the methodologies was well over understood from the early 90s.

bits & pieces from 2007 post:
How Conventional CDO Analytics Missed the Mark
http://www.bobsguide.com/guide/news/2007/Dec/20/Kamakura_Releases_Study:_How_Conventional_CDO_Analytics_Missed_the_Mark.html

from above:
"Two years ago the Wall Street Journal in a page 1 story pointed out the dangers in relying on the copula approach for CDO valuation, but investors were slow to realize the magnitude of their model risk"

... snip ...

U.S. Mortgage Crisis Rivals S&L Meltdown
http://online.wsj.com/article/SB119724657737318810.html?mod=googlenews_wsj

from above:
Indeed, coming up with a value for a CDO entails analyzing more than 100 separate securities, each of which contains several thousand individual loans -- a feat that, if done on any scale, can require millions of dollars in computing power alone.

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Bernanke Says Regulators Must Protect Against Systemic Risks

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Bernanke Says Regulators Must Protect Against Systemic Risks
Date: Mar 13, 2009
Blog: Financial Crime Risk, Fraud and Security

oh ... and a similar situation existed with regard to Lehman and Bear-Stearns ... there were observations that they only had marginal chance of surviving playing long/short mismatch (again a case of the business people overriding the risk managers) .... something that has been known for centuries to take down instituations. This was even independent of whether or not the toxic CDOs (they were dealing in) actually deserved triple-A ratings.

old article on the subject:
http://www2.marketwire.com/mw/mmframe?prid=441535&attachid=850879

another article here:
http://www.forbes.com/2007/11/13/citigroup-suntrust-siv-ent-fin-cx_bh_1113hamiltonmatch.html

and decade old article from san fran fed on problems with long/short mismatch
http://www.frbsf.org/economic-research/publications/economic-letter/2000/september/short-term-international-borrowing-and-financial-fragility/

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
Date: Mar 13, 2009
Blog: Hedge Funds

re:
https://www.garlic.com/~lynn/2009d.html#42 Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?

a repeated theme in testimony from the madoff hearings, was that crooks & fraud thrive where there is lack of visibility and transparency ... and the major recommendation is to change the culture to provide transparency in all aspects of the operations. There is need for new legislation and regulations, but they will always lag behind the crooks. Much more important is creating institutional and infrastructure transparency.

...

we had been called in to consult with small client/server startup because they wanted to do payments on their server ... they also had invented this stuff called SSL they wanted to use; the result is now frequently referred to as electronic commerce. somewhat as a result, in the mid-90s we were invited to participate in the x9a10 financial standard working group (which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments). the result was x9.59 financial standard transaction protocol
https://www.garlic.com/~lynn/x959.html#x959

probably because of the x9a10 standards work, we were asked in to NSCC (since merged with DTC to become DTCC) to look at doing something similar for all trader operations. part way thru working on that effort, it was suspended; in large part because a side-effect was that it would have significantly increased visibility and transparency for all operations (which pretty much runs counter to trading culture).

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Mainframe Hall of Fame: 17 New Members Added

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mainframe Hall of Fame: 17 New Members Added
Newsgroups: alt.folklore.computers
Date: Fri, 13 Mar 2009 14:56:14 -0400

never+mail@panix.com.invalid (Michael Roach) writes:
We programmers (about 10) had PCs that already had more RAM than the 4341 could address. Not sure if that was the case for the other 150 PCs in the division.

and before PCs, possible to configure 4341s with as much memory as 3033 ... and cluster of 4341s was cheaper and had higher aggregate thruput than 3033 ... this was in part responsible for large explosion in midrange machines (not just 434x but also VAXes).

part of the issue was that processors and memory thruput was increasing much faster than disk thruput. i had been preaching this during the 70s and in the early 80s ... it apparently offended some executives in the disk division and their performance modeling department was tasked to refute my statements ... however, after a couple weeks they came back and indicated that i had actually somewhat understated the problem ... old post with reference:
https://www.garlic.com/~lynn/93.html#31 Big I/O or Kicking the Mainframe out the Door

part of that change in relative thruput of various system components was transition to more extensive leveraging real storage as compensation for disk thruput bottlenecks. they then took the analysis and turned it into SHARE presentation recommending configuration & tuning of disk subsystems ... old post with extract from that presentation:
https://www.garlic.com/~lynn/2002i.html#18 AS/400 and MVS - clarification please

the 3033 was faced with problem that 3033 (and 4341) were configured with 16mbyte memories ... limitation for 24bit addressing (and 31-bit wouldn't show up for a few more years with 3081 & 370-xa). 3033 eventually did an addressing hack using page tables for virtual memory.

page table entries were 16bits, 12bit page number (for 4096byte pages, 16mbyte total), 2flag bits & 2 unused bits. the 2 unused bits were concatenated to page number to allow 14bit page number (allowing for specification of up to 64mbyte real storage). real addressing was limited to first 16mbytes of storage and any specific virtual address space was limited to 16mbytes ... but leveraging multiple virtual address spaces could come up with enough (virtual) pages to occupy the additional (real) storage. there were a variety of hacks for this all to work.

then going into the mid-80s ... started to see the mid-range market being taken over by workstations and larger PCs ... can see this in the slicing/dicing by model/year of VAX machines ... that i've posted before:
https://www.garlic.com/~lynn/2002f.html#0 Computers in Science Fiction
https://www.garlic.com/~lynn/2002f.html#5 Blade architectures

it was also seen in 4381 ... which was billed as big successor to 4341 ... but that market segment was already moving (to workstations and larger PCs).

as an aside, 4341 follow-on (4381) started out as one of the (801) Iliad (risc) microprocessors ... but somewhat analogous to what happened with as/400 ... moved to CISC microprocessor instead ... mentioned in these recent posts:
https://www.garlic.com/~lynn/2009b.html#22 Evil weather
https://www.garlic.com/~lynn/2009d.html#32 Architectural Diversity
https://www.garlic.com/~lynn/2009d.html#44 Future System

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Mainframe Hall of Fame: 17 New Members Added

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mainframe Hall of Fame: 17 New Members Added
Newsgroups: alt.folklore.computers
Date: Fri, 13 Mar 2009 15:09:17 -0400

"Charlie Gibbs" <cgibbs@kltpzyxm.invalid> writes:
That's why I gave up trying, and instead looked upon it as a conceptual thing. Mainframe hardware was designed to transfer large blocks of data very rapidly and efficiently, and mainframe OSes were designed for batch processing. Minicomputer hardware was oriented toward byte-at-a-time processing, and their OSes specialized in interactive timesharing. That's not to say that you couldn't do batch on a mini, or interactive work on a mainframe - but to do so was bucking the current and was generally unpleasant. (The nightmares I suffered trying to make serial communications work on mainframes led me to envy minis' simplicity there - and there's no comparison between an interactive program running on a mini and a mainframe application running under CICS or equivalent.)

as referenced in this post
https://www.garlic.com/~lynn/2009d.html#44 Future System

problem i had adding tty/ascii terminal support to cp67 ... wasn't inherently the mainframe ... but the implementation of the terminal controller ... leading to building clone controller in the 60s ... starting out with interdata/3.

there was separate issue with the channel half-duplex architecture ... but could be gotten around by using pairs of subchannel addresses (one dedicated to output and one dedicate to input). I had leveraged this with some of the HSDT work supporting HYPERchannel in the 80s
https://www.garlic.com/~lynn/subnetwork.html#hsdt

the internal network
https://www.garlic.com/~lynn/subnetwork.html#internalnet

when they were migrating from 9.6kbit linkes 56kbit links ... was also starting to experience more & more the half-duplex limitation. they did a custom y-connector for full-duplex 56kbit links with outbound and inbound bits having different subchannel address (and a full-duplex driver). this was all "NOT" sna ... and had additional optimizations that got much higher thruput compared to the drivers shipped to customers ... for instance what bitnet was running
https://www.garlic.com/~lynn/subnetwork.html#bitnet

we also ran into this with 6000 SLA and escon. mainframe fiber-optic channel had been knocking around POK since the 70s ... but was having a difficult time getting announced as product. One of the 6000 engineers, took the escon architecture ... tweaked it hear and there so it was (incompatible and) about 10% faster and setup for full-duplex. This was in the time-frame that escon finally did make it out as a (half-duplex) mainframe channel product.

he went on to become secratary in the FCS standards committee and did much of the work on turning out FCS standards document. There was a lot of flurry in FCS standards activity with the mainframe channel (escon) participants layering half-duplex device protocol on top of full duplex FCS (now sold as FICON).

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Mainframe Hall of Fame: 17 New Members Added

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mainframe Hall of Fame: 17 New Members Added
Newsgroups: alt.folklore.computers
Date: Fri, 13 Mar 2009 15:32:06 -0400

Quadibloc <jsavard@ecn.ab.ca> writes:
In that case, you could almost justify calling the PDP-10 a mini, since it did do timesharing quite well, at least if one believes the advertisements. And I suppose there were mainframe wrinkles that had to be overcome by people who used the 360/67 for timesharing, even if we lowly users had them all solved for us and didn't see them.

re:
https://www.garlic.com/~lynn/2009d.html#19 Mainframe Hall of Fame: 17 New Members Added
https://www.garlic.com/~lynn/2009d.html#48 Mainframe Hall of Fame: 17 New Members Added

a "major" issue for cp67 timesharing ... was using the PREPARE command for terminal I/O. basically 360/67 machines were leased and had a CPU meter ... and monthly leases were based on hrs used ... 8hrs, 5days/week (1 shift) 16hrs, 5days/week (2 shift), 24hrs, 5days/week (3 shift), or 7x24 (four shifts).

The cpu meter ran whenever the processor and/or channel I/O was active. Early off-shift use was sometimes intermittent and might not be able to recover use charges to cover (off-shift) CPU METER lease charges. A big innovation was using the PREPARE command in terminal channel i/o program ... which would leave the line/terminal active ... but not run the CPU METER when no bytes were actually being transferred.

Being able to have service available 7x24 for use ... but CPU METER not running when system was really idle (using PREPARE command in terminal I/O sequences) was big innovation.

The other big innovation (for 7x24 service) was a lot of work on operator-less system operation ... not needing onsite human operator during much of offshift operation.

lots of past posts mentioning (virtual machine) cp67 & vm370 timesharing commercial offerings.
https://www.garlic.com/~lynn/submain.html#timeshare

One of the interesting thing ... sort of analogous to the recent GUI vis-a-vis command line discussion ... is the requirement for human person for care and feeding of the system.

mainframes started out with lots of human feed & care. then there was (long evoluation for some) migrating to "lights out environment" for 7x24 operation.

personal computing also grew up with lots of human feed & care ... except the same human was both the end-user and the "operator". this somewhat ran into culture shock with web where lots of the servers were being built using technologies having personal computing history.

mainframes could demonstrate use as server in "lights out" operation ... but there was quite a steep learning curve for many of the other platforms to meet 7x24 & availability objectives.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Hurrah Berners-Lee! Web celebrates 20th anniversary

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Hurrah Berners-Lee! Web celebrates 20th anniversary
Newsgroups: alt.folklore.computers
Date: Fri, 13 Mar 2009 19:07:11 -0400

Hurrah Berners-Lee! Web celebrates 20th anniversary
http://www.computerworld.com/action/article.do?command=viewArticleBasic&articleId=9129645&intsrc=hm_topic

from above:
Analyst: A single paper written 20 years ago today became a great 20th-century idea

... snip ...

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Lack of bit field instructions in x86 instruction set because of patents ?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Lack of bit field instructions in x86 instruction set because of  patents ?
Newsgroups: alt.lang.asm,comp.arch,sci.electronics.design
Date: Sat, 14 Mar 2009 02:16:29 -0400

John Larkin <jjlarkin@highNOTlandTHIStechnologyPART.com> writes:
It's barbaric. Intel just applied massive amounts of cmos process technology and illegal business tactics to a stupid architecture.

Interestingly, all their attempts at better architectures have been expensive failures. i432, i960, Itanic, ARM.

there was i432 presentation at annual SIGOPS circa 1980. one of the things they mentioned was some complex scheduling stuff had been moved to the hardware ... in theory "hiding" how many physical processors actually existed (i.e. tasks were placed on hardware queue for execution). this and some number of other complex things were "burned" in silicon. because of the complexity ... there were bugs ... and stuff being in silicon resulted in it difficult to distribute fixes (required new chips).

i had done something a few years earlier in an 370 SMP effort ... but it was microcode (however project was canceled before it was announced/shipped). The "scheduler" was in software. the microcode and the software shared a queue structure. the microcode basically looked for first available ... not already executing task ... to hand off to processor. it would also "mask" the number of actual processors ... but microcode part was much simpler ... and being in microcode ... it was about as easy to ship fixes as it was for the kernel software.

I also moved one or two other things into microcode.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

mainframe performance

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: mainframe performance
Newsgroups: alt.folklore.computers
Date: Sat, 14 Mar 2009 01:58:41 -0400

i thot i had an old drystones reference but couldn't find it at the moment. did trip across this cpu price/performance 1944-2003 URL
http://www.jcmit.com/cpu-performance.htm

gives dates, price, a value they calculated for "mips normalized performance" ... and various other benchmark numbers for the machine (if available).

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

mainframe performance

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: mainframe performance
Newsgroups: alt.folklore.computers
Date: Sat, 14 Mar 2009 11:01:30 -0400

Quadibloc <jsavard@ecn.ab.ca> writes:
Yes, I've seen this table before.

A 90 Megahertz Pentium is given a performance of 96 in this table.

And a 1 GHz Pentium III is given a performance of 2500, apparently in a machine which for other reasons gives better than average performance from its CPU.

So even since the Pentium arrived, there were dramatic improvements.

In that table, the IBM 370/195 is given as having performance of 5.72, and a CDC 6600 as 5.36.

Of course, the accuracy of comparing today's PCs to something that long ago may not be perfect.

I'm surprised the performance of the 360/65 is given as 1.06 while that of a 360/75 is given as 0.84, since generally, and in Al's table, the 360/75 is regarded as a more powerful machine.

The Amdahl 470 V/6-II is given as 2.57, while a plain Amdahl 470 V/6 is 2.85.

The Cray-I is shown with a score of 86.

An IBM 709 as 0.00437, the Stretch as 0.48437, and the KA10 version of the PDP-10 (from 1968) as 0.19976. A 370/138 (from 1976) was 0.18871.

re:
https://www.garlic.com/~lynn/2009d.html#53 mainframe performance

yep ... the 360/65 (& 360/67 in "real" addressing) should be about half mip. 360/67 virtual addressing increased memory cycle by 150ns (for translate operation) from 750ns to 900s (20%), making mip rate more like .4mips. there was no cache and there was memory bus contention between processor and i/o operations. timesharing, I could run things at 100% cpu utilization and several hundred I/Os per second (large percentage was paging operations) ... so effective might be closer to 1/3rd mip. ... not part of doing timesharing was very efficiently doing execution pre-emption and paging (quickly getting trivially interactive tasks into memory, executed, and done with) ... somewhat related recent post:
https://www.garlic.com/~lynn/2009d.html#50 Mainframe Hall of Fame: 17 New Members Added

370/195 peak was 10mips ... but most code ran half that because the pipeline drained with branches. this was somewhat the basis of looking at doing two processor emulation (two instruction streams, two sets of registers, but sharing single pipeline) ... somewhat like more recent processor hyperthreads (aka if branch frequency in most code avg. half the pipeline ... then two instruction streams might come closer to keeping pipeline full).

3033 started out being 168-3 wiring diagram mapped to 20% faster chips ... giving 20% improvement over 3mip 168-3 ... or about 3.6mips. 303x was part of the mad rush to get products back into the 370 pipeline after the distraction and then failure of FS
https://www.garlic.com/~lynn/submain.html#futuresys

... the lack of products in the 370 pipeline is also attributed to allowing clone processors to get market foothold ... recent reference:
https://www.garlic.com/~lynn/2009d.html#44 Future System

303x introduced separate channel "director" box. 370/158 had integrated channels (370/158 engine was shared between executing channel microcode and 370 microcode). 303x channel "director" as a 370/158 engine with only channel microcde (and no processor microcode).

3031 was 370/158 engine with 370 processor microcode (and integrated channel microcode to offloaded to 2nd engine)

3032 was 370/168 we configured to work with channel director

3033 was 168-3 remapped to faster chip technology.

the faster chip technology also had 10 times more circuits per chip ... but started out not leveraging additional "on-chip" benefits. during the development cycle ... some critical portions were optimized to leverage higher on-chip circuits ... and 3033 eventually shipped at 50% faster than 168-3 ... around 4.5mips.

looking talking to scientific customers about purchases of large numbers 4341 (some chip shops had orders that were in units of hundreds) ... sort of the leading edge of the big balloon in size of mid-range market ...
https://www.garlic.com/~lynn/2000d.html#0 Is a VAX a mainframe?

old table from above post (also repeated in several other past posts):

                  158               3031              4341

Rain              45.64 secs       37.03 secs         36.21 secs
Rain4             43.90 secs       36.61 secs         36.13 secs

also times approx:
                   145                168-3              91
                   145 secs.          9.1 secs          6.77 secs

rain/rain4 was from Lawrence Radiation lab ... and ran on cdc6600 in
35.77 secs.

.... snip ...

4341 was more compact and a lot cheaper than 3031 ... and clusters of 4341 had higher thruput and a lot less expensive than 3033 ... recent reference:
https://www.garlic.com/~lynn/2009d.html#48 Mainframe Hall of Fame: 17 New Members Added

as a result, 4341 was starting to take over parts of the market that had been projected for 303x ... which resulted in some internal political issues between the mid-range/4341 and the high-end/303x organizations.

even internal organizations were starting to install large numbers of 4341s in place of anticipated 3033 (for engineering/scientific operations). one of the issues was increasing computing requirements based on 3033 ... would have required large expansion of datacenter raised floors and other facility issues. 4341s could be installed in local department locations. there was period where internal facilities started having significant conference room scarcity ... because so many conference rooms were being converted to 4341 rooms.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

1401's in high schools?

Refed: **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 1401's in high schools?
Newsgroups: alt.folklore.computers
Date: Sat, 14 Mar 2009 11:10:15 -0400

ArarghMail903NOSPAM writes:
At a PPOE, they had a similar problem. What they did was: last shift on Saturday would power off the system and leave, first shift Monday would power it on, and call IBM support (something like 3 out of 4 weeks). (This was a 370/165, IIRC.)

Anyway, I instructed them to just hit stop on the CPU, and spin down all the drives, and just leave. First shift Monday just had to spin up the drives, and hit IPL. Pretty much solved the Monday morning blues. :-)

i got a job as undergraduate porting MPIO from 1401 to 360/30. the university had 709 with 1401 front-end doing unit record operations. MPIO was card->tape & tape->printer/punch ... and tapes would be physically moved between 1401 tape drives to 709 tape drives.

the 360/30 could run in 1401 hardware emulation ... but replacing 360/30 was supposedly part of getting familiarity with 360s ... as part of plan that eventually replaced 709/1401 with 360/67 (running tss/360).

in any case, normal univ. operation shutdown machine room at 8am sat. for the weekend (until 8am monday) ... so I got to have the machine room all to myself for 48hrs straight (going to classes monday morning was an issue after not having slept for 48hrs).

709 had large number of tubes ... and the on-site hardware maintenance people were constantly replacing tubes (especially after weekend shutdown). some where in vague fading memory was some comment that the datacenter had "20ton" cooling unit, mainly for all the 709 tubes.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Hurrah Berners-Lee! Web celebrates 20th anniversary

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Hurrah Berners-Lee! Web celebrates 20th anniversary
Newsgroups: alt.folklore.computers
Date: Sat, 14 Mar 2009 11:25:58 -0400

Michael Black <et472@ncf.ca> writes:
The local paper headlined an article about this as "Internet Marks 20th Year".

Not one bit of the article they ran made that mistake, but it is odd given that "web" fits in easier and it's more likely people say "web" when they mean "internet" than the reverse.

re:
https://www.garlic.com/~lynn/2009d.html#51 Hurrah Berners-Lee! Web celebrates 20th anniversary

as opposed to the great switch-over to tcp/ip on 1Jan83.

I've made the comment that tcp/ip was the technology basis for the modern internet (modulo http), NSFNET backbone was the operation basis for the modern internet (backbone internetworking, tieing together different operational networks), and CIX was the business basis for the modern internet. misc. old email related to NSFNET:
https://www.garlic.com/~lynn/lhwemail.html#nsfnet

lots of past posts mentioning internet
https://www.garlic.com/~lynn/subnetwork.html#internet

description of evolution of SGML into HTML at CERN:
http://infomesh.net/html/history/early/

and history of 1st webserver in the US (outside europe/cern):
https://ahro.slac.stanford.edu/wwwslac-exhibit

GML was invented by "G", "M", & "L" in 1969
https://www.garlic.com/~lynn/submain.html#sgml

at the science center
https://www.garlic.com/~lynn/subtopic.html#545tech

which then morphed into SGML (and later HTML, XML, etc)

SLAC was "sister" institution with CERN and would share lots of common computer applications and technology ... note the slac webserver was vm/cms.

for a little topic drift, slightly related recent thread ... about Web Security:
https://www.garlic.com/~lynn/2008p.html#67 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008p.html#78 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008q.html#13 Web Security hasn't moved since 1995
https://www.garlic.com/~lynn/2008s.html#25 Web Security hasn't moved since 1995

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Lack of bit field instructions in x86 instruction set because of patents ?

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Lack of bit field instructions in x86 instruction set because of  patents ?
Newsgroups: comp.arch
Date: Sat, 14 Mar 2009 11:54:19 -0400

nmm1 writes:
Precisely. You said "A bank". I said "the banking system". We had one of the 4 dominant banks in the UK unable to do any transactions for 48 hours; it was propped up by the others, but I doubt that could have been done for longer than a week and it still recover. It would have been a national emergency if it had been the banking system (by which I include the inter-bank transfer system etc.)

If the banking system fails for a month, all commercial transactions halt; gentleman's agreements may delay deadlines for a short while, and most organisations can survive a week on notes of hand and cash. But, within a month, the entire economy is coming down around people's ears. Even martial law might not be enough to handle that.

That would lead to some REALLY strong pressure for more robust programming methodologies (assuming that the economy EVER recovered enough to start rebuilding)! And that would probably be enough to restore reliability as a primary criterion to other sectors, too, which is the point I was making.

the first stored-value (gift, merchant) card pilot here in the US had a problem with a high availability configuration. system configuration had (redundant, mirrored) hardware raid that was masking the fact that there was replicated disks from the software/system. the raid had adapter failure that was correctly handled. maintenance replaced the adapter but failed to correctly update the configuration information to reflect the availability of the replaced adapter. system continued to update database correctly with no error indication (since there was disconnect between what the hardwre raid was handling underneath the covers and all the system configuration management). there was later a disk failure ... but since the replace adapter wasn't recognized ... the raid wasn't actually doing any writes to the mirrored disk. the result was that the balances of all the cards was lost. the early pilots provided with fixed starting balance ... so they chose to reset the whole database and give all cards their original starting balance.

... for little more drift, systemic risk ... recent post
https://www.garlic.com/~lynn/2009d.html#36 Bernanke Says Regulators Must Protect Against Systemic Risks
https://www.garlic.com/~lynn/2009d.html#40 Bernanke Says Regulators Must Protect Against Systemic Risks
https://www.garlic.com/~lynn/2009d.html#45 Bernanke Says Regulators Must Protect Against Systemic Risks
https://www.garlic.com/~lynn/2009d.html#46 Bernanke Says Regulators Must Protect Against Systemic Risks

there are some number of hardware and software fault modes that stops processing and can cascade in complex interrelated operation.

there are also some logical failure modes that can also cascade. one example that is often cited is nightly settelment and case in europe where failure of one (small to medium sized) institution to meet its nightly settlement obligations nearly cascaded into being unable to settle between nearly all institutions involved. resolution was much more complex than replacing failed software/hardware component ... basically fault in logical consistency of how things operate.

there is some attempts to pin part of the blame for the current financial crisis in problems in financial risk modeling software (also mentioned in the above "system risks" thread):
https://www.garlic.com/~lynn/2009d.html#16 The Formula That Killed Wall Street

there is more evidence that the business managers were overriding the risk department and/or directing fiddling the inputs until they got the desired output ... mention part of problem in current financial infrastructure in old comp.arch thread from last fall:
https://www.garlic.com/~lynn/2008s.html#63 Garbage in, garbage out trampled by Moore's law

other posts mentioning the same subject:
https://www.garlic.com/~lynn/2009b.html#35 The recently revealed excesses of John Thain, the former CEO of Merrill Lynch, while the firm was receiving $25 Billion in TARP funds makes me sick
https://www.garlic.com/~lynn/2009b.html#65 What can agencies such as the SEC do to insure us that something like Madoff's Ponzi scheme will never happen again?
https://www.garlic.com/~lynn/2009c.html#1 Audit II: Two more scary words: Sarbanes-Oxley

and other posts in the thread from last fall:
https://www.garlic.com/~lynn/2008s.html#23 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#24 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#27 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#28 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#33 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#57 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#59 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#60 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#62 Garbage in, garbage out trampled by Moore's law
https://www.garlic.com/~lynn/2008s.html#70 Garbage in, garbage out trampled by Moore's law

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Banks must wake up to payments challange

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Banks must wake up to payments challange
Date: Mar 14, 2009
Blog: Payment Systems Network

Banks must wake up to payments challange
http://www.finextra.com/fullstory.asp?id=19709

from above ...
Banks around the world must take forceful steps to protect their payments businesses or risk a further dent in their profits as the financial crisis continues, according to a new report by the Boston Consulting Group.

... snip ...

There was an article a couple yrs ago that nearly 40% of the bottom line of US institutions came from payment transaction fees (compared to less then 10% of EU institutions). There was also reference that the fees represent a major expense for retail establishments ... for some, the largest expense item.

The total amount of money involved is seen as motivation for many of the alternative payment efforts.

...

We were involved in proposal to FSTC to do a payment processing project
http://www.fstc.org

but after some amount of preliminary work ... the member financial institutions decided that payment processing was an individual institution competitive advantage and nix'ed the idea of doing an (shared) industry project

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Quiz: Evaluate your level of Spreadsheet risk

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Quiz: Evaluate your level of Spreadsheet risk
Date: Mar 15, 2009
Blog: Financial Crime Risk, Fraud and Security

a slightly different view ...

Recipe for Disaster: The Formula That Killed Wall Street
http://www.wired.com/techbiz/it/magazine/17-03/wp_quant?currentPage=all

there have been significantly more articles over the past couple yrs that the business people overrode the risk dept. &/or directed them to fiddle the inputs until they got the desired outputs

How Wall Street Lied to Its Computers
http://bits.blogs.nytimes.com/2008/09/18/how-wall-streets-quants-lied-to-their-computers/

and/or this ..

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

from above:
The bundling of consumer loans and home mortgages into packages of securities -- a process known as securitization -- was the biggest U.S. export business of the 21st century. More than $27 trillion of these securities have been sold since 2001, according to the Securities Industry Financial Markets Association, an industry trade group. That's almost twice last year's U.S. gross domestic product of $13.8 trillion

... snip ...

or this

U.S. Mortgage Crisis Rivals S&L Meltdown
http://online.wsj.com/article/SB119724657737318810.html?mod=googlenews_wsj

a related series of articles slightly different take on the matter, basically implied that ARM mortgages could be packaged up into toxic CDOs for operations that had no experience in the mortgage business.

this is long-winded, decade old post from Jan99 discussing some of the current problems
https://www.garlic.com/~lynn/aepay3.htm#riskm

as well as discussion about citi doing such a (valid) analysis (decade earlier, in 1989) of their ARM portfolio, motivating them to unload the portfolio and get out of the mortgage business.

so an issue is what happened to all of that institutional knowledge between 1989 and early part of this decade?

one suggested scenario is that in the insurance company take over of CITI ... discussed here:
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet

might have resulted in the business banking people being replaced. Roll forward to 2007, new CEO and efforts to return CITI to prudent banking organization
http://www.bobsguide.com/guide/news/2007/Dec/20/Citigroup_sacks_CDO_bankers.html

however hangover from earlier period, citi is saddled with over trillion dollars in toxic assets being held off balance:

Stay away from Citigroup
http://www.bloggingstocks.com/2008/11/28/stay-away-from-citigroup-c/

various recent posts discussing some of the things that went on in past decade:
https://www.garlic.com/~lynn/2009d.html#7
https://www.garlic.com/~lynn/2009d.html#16
https://www.garlic.com/~lynn/2009d.html#36
https://www.garlic.com/~lynn/2009d.html#40
https://www.garlic.com/~lynn/2009d.html#45
https://www.garlic.com/~lynn/2009d.html#46

older post from 2007 thread on current crisis
https://www.garlic.com/~lynn/2007v.html#25

for little topic drift, a discussion about evaporating/fleeting institutional knowledge (in the financial industry) ... with regard to different matter:
https://www.garlic.com/~lynn/2009d.html#26
https://www.garlic.com/~lynn/2009d.html#41

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Lack of bit field instructions in x86 instruction set because of patents ?

Refed: **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Lack of bit field instructions in x86 instruction set because of  patents ?
Newsgroups: comp.arch
Date: Sun, 15 Mar 2009 18:30:59 -0400

Stephen Sprunk <stephen@sprunk.org> writes:
The Internet works so well in the face of failures because it was designed with the assumption that failures would be common -- which gave rise to the mistaken claim that it was designed to survive nuclear attack. In practice failures are not as common as expected, but they're common enough to test all the various bits of error-handling code and expose bugs quickly; in many other systems, the error handling code is actually the least reliable part because it's never used and thus never tested (if the error conditions are even known and responses specified).

the arpanet had IMPs and 56kbit links ... and was effectively homogeneous operation. there was problem that as arpanet grew to 100 "nodes" (i.e. IMPS ... with possily 200 hosts connected to the IMPS) ... there is folklore that IMPS could get into situation where majority of the 56kbit bandwidth was being used to exchange routing information (i.e. didn't scale well). However, it was coupled with traditional telco "provisioning" ... i.e. diverse physical routes.

the "great" change-over to intnetworking protocol was 1jan83 ... however, most of the operation tended to be traditional networking. i would claim that the first real operational "internetworking" (i.e. leveraging internetworking protocol to inter-network multiple networks) was the NSFNET backbone. misc. old email related to NSFNET backbone activity
https://www.garlic.com/~lynn/lhwemail.html#nsfnet

the big trasition from NSFNET backbone to modern internet ... from business standpoint was CIX ... and the major interchange locations. In NSFNET backbone, NSFNET put in interconnect centers at different networking locations as well as the interconnecting links between the interconnect centers.

for CIX there were commingly supported interchange centers ... with the different major network putting in their own links and equipment into the interchange centers. CIX was also the business "peering" business agreements.

physically there was some amount of effort to do "telco" provisioning and physical routing. there is the "infamous" case of the new england internet being cut-off. At some time in the distant past, there was work to make sure that nine different telco circuits (carrying internet traffic) were also routing thru physical different routines. However, over a period of years (with nobody paying attention), the telcos did some amount of reorganization until one point all nine "circuits" were being carried on the same fiber-optic cable ... and then one day, a backhoe in connecticut happen to be digging and cut that fiber-optic cable ... and new england was cut off from the rest of the internet.

tcp/ip technology has allowed for advertizing different routes to get to a specific ip-address. starting with the introduction of the domain name system, there was also provisioning to allow mapping of the same host/domain name to multiple different ip-addresses.

as a result there two different ways of providing availability for failures ... updating routing information about ways of getting to ip-addresses ... and having the same machine with multiple ip-addresses that connected to different parts of the internet (and domain name system responding with multiple ip-addresses for the same domain/host).

we had been called in to consult with a small client/server startup that wanted to do payment transactions on the internet ... the startup at also invented this technology called SSL that they wanted to use. The result is now frequently referred to as electronic commerce. As part of that effort required deploying something called a "payment gateway" ... some past posts
https://www.garlic.com/~lynn/subnetwork.html#gateway

basically some (high availability) servers which acted as the interface between merchant e-commerce servers and the bank/payment networks. the boxes were setup with "telco" provisioning ... multiple circuits that traveled over different physical links to different locations in the internet backbone.

part of the early (payment gateway) design included updating/advertising routing information how to get to the ip-address(es) of the gateway. however, during the early deployment period the "internet" transitioned to hierarchical routing. basically allowing everybody to advertise arbitrary routing information was starting to run into scaling problems ... similar to what the arpanet had ran into more than a decade eariler.

as a result the payment gateway had to "fall back" to relying only on DNS multiple A-records for availability (i.e. same host/domain name mapping to multiple different ip-addresses). this was dependent on having the client (in this case merchant e-commerce servers) to attempt to try additional ip-addresses if the it failed to get response for first ip-address in the DNS response.

since we had "sign-off" authority ... we could mandate that the e-commerce webservers support DNS multiple A-record connection (try each ip-address in a list until it was successful with a connection).

we suggested that their browser should also implement multiple A-record connection support (since some number of merchant websites might want to provide for "availability" ... in manner similar to what the payment gateway was doing). initially the browser group responded that multiple A-record support was "too advanced" and they weren't going to do it (we didn't have sign-off approval on browser implementation). We did provide sample multiple A-record code from 4.3tahoe client implementations (telnet, ftp, etc). It took another year to get the browser group to also implement multiple A-record support.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Quiz: Evaluate your level of Spreadsheet risk

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Quiz: Evaluate your level of Spreadsheet risk
Date: Mar 15, 2009
Blog: Financial Crime Risk, Fraud and Security

re:
https://www.garlic.com/~lynn/2009d.html#59 Quiz: Evaluate your level of Spreadsheet risk

there has recently some number of references to blaming various software for financial risk/problems .... but most of them turn out to be the people ... not the software.

several recent articles have laid ENRON at door of deregulation (and current AIG resulted from the same actions) ... a few references:

25 People to Blame for the Financial Crisis; Phil Gramm
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877330,00.html

Gramm and the 'Enron Loophole'
http://www.nytimes.com/2008/11/17/business/17grammside.html

Phil Gramm's Enron Favor
https://web.archive.org/web/20080711114839/http://www.villagevoice.com/2002-01-15/news/phil-gramm-s-enron-favor/

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

there was some story that the house passed the bill and even before it was distributed to the senate, the senate had passed it unanimously. Also, Born must have been fairly quickly replaced by Gramm's wife ... before she turned around and resigned to join ENRON.

in the wake of ENRON ... congress passed Sarbanes-Oxley ... supposedly to address ENRON ... but failed to address the underlying problem that eventually also resulted in AIG.

Also, Sarbanes-Oxley put a lot of the enforcement responsibility on SEC ... but as stated in the Madoff congressional hearings (by the person that had been trying for a decade to get SEC to do something about Madoff), SEC didn't seem to be doing anything.

Possibly, GAO also thot SEC wasn't doing anything ... they started a database of problem public filings since SOX was passed (that SEC was suppose to be doing something about)
https://www.gao.gov/products/gao-06-1079sp

GAO even made some statement about the problem filings increased by 300% in period since SOX (compared to filings they examined from the 90s)

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?
Date: Mar 16, 2009
Blog: Equity Markets

The root of the CDS problem was also implicated in Enron:

25 People to Blame for the Financial Crisis; Phil Gramm
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877330,00.html

Gramm and the 'Enron Loophole'
http://www.nytimes.com/2008/11/17/business/17grammside.html

Phil Gramm's Enron Favor
https://web.archive.org/web/20080711114839/http://www.villagevoice.com/2002-01-15/news/phil-gramm-s-enron-favor/

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

Enron, Worldcom, deregulation, & repeal of Glass-Steagall also investigated by PBS:
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet/

In the Madoff hearing testimony, the person that had been trying to get the SEC to do something Madoff for a decade repeatedly referred to problem as being crooks and fraud thrive where there is lack of transparency and visibility ... and while there may be need for new laws and regulations, the most important is changing the industry and institutional culture regarding lack of transparency.

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

in the wake of ENRON ... congress passed Sarbanes-Oxley ... supposedly to address ENRON ... but failed to address the underlying problem that eventually also resulted in AIG.

Also, Sarbanes-Oxley put a lot of the enforcement responsibility on SEC ... but possibly GAO also thot SEC wasn't doing anything ... they started a database of problem public filings since SOX was passed (that SEC was suppose to be doing something about)
https://www.gao.gov/products/gao-06-1079sp

GAO even made some statement about the problem filings increased by 300% in period since SOX (compared to filings they examined from the 90s)

in the congressional hearings last fall ... it was mentioned several times that both the rating agencies and the toxic CDO issuers/sellers knew that the toxic CDOs weren't worth the triple-A ratings ... however, the toxic CDO issuers/sellers were paying the rating agencies for the triple-A ratings on the toxic CDOs. The triple-A ratings on the toxic CDOs enormously increased the institutions that would deal in toxic CDOs. It also enormously increased the amount of money the lenders (that were using securitization as source of funds) had to lend.

So there was the person that had been trying for a decade to get SEC to do something about Madoff, SEC (at least under Sarbanes-Oxley) supposedly doing something about publicly traded company financial filings as well as Sarbenes-Oxley supposedly had SEC doing something about rating agencies ... but there doesn't seem to have been anything other than this report:

so quote from the Glass-Steagall (pecora/senate banking) hearings in the early 30s:
BROKERS' LOANS AND INDUSTRIAL DEPRESSION

For the purpose of making it perfectly clear that the present industrial depression was due to the inflation of credit on brokers' loans, as obtained from the Bureau of Research of the Federal Reserve Board, the figures show that the inflation of credit for speculative purposes on stock exchanges were responsible directly for a rise in the average of quotations of the stocks from sixty in 1922 to 225 in 1929 to 35 in 1932 and that the change in the value of such Stocks listed on the New York Stock Exchange went through the same identical changes in almost identical percentages.

... snip ...

there is direct analogy between the brokers' loans for credit for stock speculation ... and the mortgage money offered by lenders (that were using securitization as source of funding) for real-estate speculation

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

so the current downside effects are the whole real-estate market as well as all the institutions that are holding those (possible $27 trillion, toxic) securitzed instruments (as well as ponzi schemes)

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Do bonuses foster unethical conduct?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Do bonuses foster unethical conduct?
Date: Mar 17, 2009
Blog: Ethics

Possibly because GAO didn't think SEC was doing anything, they started a database of public company financial filings (even 300% increase since SOX, compared to 90s):
https://www.gao.gov/products/gao-06-1079sp

Executives have been fiddling the filing numbers to boost their bonus ... financials might later be refiled, but the bonuses not forfeited.

There was study last fall of 270 corporations that redid their executive compensation plan after having problems with financial filings (to eliminate executive motivation to fiddle the numbers).

The same deregulation was implicated in both ENRON and AIG. Congress passed Sarbanes-Oxley in the wake of enron ... but didn't correct the underlying problem that then resulted in AIG.

25 People to Blame for the Financial Crisis; Phil Gramm
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877330,00.html

Gramm and the 'Enron Loophole'
http://www.nytimes.com/2008/11/17/business/17grammside.html

Phil Gramm's Enron Favor
https://web.archive.org/web/20080711114839/http://www.villagevoice.com/2002-01-15/news/phil-gramm-s-enron-favor/

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

Enron, Worldcom, deregulation, & repeal of Glass-Steagall also investigated by PBS:
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet/

In theory, Sarbanes-Oxley has executives filing fraudulent financial statements going to jail ... if it was being enforced. However, there seems to be little downside for executives to fiddle financial statements to boost bonuses.

One of the people testifying in congressional Madoff hearings claimed that they tried for a decade to get SEC to do something about Madoff ... and Madoff isn't the only Ponzi scheme out there. They mentioned that there is possibly only one person at SEC that even understands financial transactions (naming one person in a regional office).

Cramer has been periodically complaining for a couple years that traders are making huge amount of money off of illegal short sales ... and they effectively have no fear that SEC will prosecute and send them to jail. There is a suit by other interests against DTCC (which has all the records to show illegal short sales) to obtain the records.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Should AIG executives be allowed to keep the bonuses they were contractually obligated to be paid?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Should AIG executives be allowed to keep the bonuses they were contractually obligated to be paid?
Date: Mar 17, 2009
Blog: Compensation and Benefits

TV business news shows are claiming this was the AIG group responsible for CDS ... that took down AIG (and nearly the world economy).

Past references claim that this group was setup to (only) write "insurance" on (real) triple-A rated corporate bonds ... and the group has been called "roque" for writing on nearly everything ... w/o regard to the risk or implication for the corporation. (paper) profits for the group was significant since they were treating fees as 100% profit w/o needing to set aside any reserves for possible latter payout. Treating all fees as 100% profit then boosted the bonus calculations. Some number of people were buying the "insurance" on CDOs they actually owned. Others were effectively playing CDS game like Las Vegas betting (and AIG business unit was selling w/o any regard at all to eventual payouts ... no "risk management" ... no calculating the odds).

Buying CDOs have had similar disastrous effects on some companies (akin to effect the group selling CDS, has had AIG).

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

article referring to Greenspan allowing financial institutions, buying CDOs, to carry them off-balance:

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

like Citi

Stay away from Citigroup
http://www.bloggingstocks.com/2008/11/28/stay-away-from-citigroup-c/

However, at least when Citi brought in the most recent CEO, he fired the group responsible:
http://www.bobsguide.com/guide/news/2007/Dec/20/Citigroup_sacks_CDO_bankers.html

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

IBM in talks to buy Sun Microsystems? What do you think will be the effect on the industry?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: IBM in talks to buy Sun Microsystems? What do you think will be the effect on the industry?
Date: Mar 18, 2009
Blog: Mergers and Acquisitions

I've periodically mentioned before the old meeting at the Palo Alto Science Center to review a proposal to do SUN machine product (by the people that would go on to start SUN). There were (at least) three different internal groups that claimed that they were doing something better ... and so IBM declined to do SUN product

SUN in the past decade or so had acquired STK ... a clone mainframe storage group ... and STK had earlier acquired NETWORK SYSTEMS which had various kinds of interconnect products.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Future System

Refed: **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Future System
Date: Mar 18, 2009
Blog: Greater IBM

There is recent "mainframe" discussion that is being carried in both the comp.arch (computer architecture) and alt.folklore.computers newsgroups where the "Future System" effort was raised.

a couple of my (archived posts) in that thread:
https://www.garlic.com/~lynn/2009d.html#34 Future System
https://www.garlic.com/~lynn/2009d.html#35 Future System
https://www.garlic.com/~lynn/2009d.html#44 Future System

a quote from Fergus/Morris book (from above) was that the internal culture of the company significantly changed after the Future System failure ... from free and vigorous debate (under Watson Sr) to sycophancy and make no waves under Opel and Akers.

As I note ... I had somewhat ridiculed the group as the "inmates being in charge of the institution" ... drawing an analogy with a cult film that had been playing continuously down in central sq. for a decade or more. Also one of the FS sections was resource management ... and I had made some comment that I thot what I already had implemented was more advance than what they had specified.

My wife had worked for the head of the (FS) "interconnect" section ... and although she thoroughly enjoyed the experience ... she thot they there were huge portions of the (rest of the) architecture/specification that was completely missing any substance. Possibly the experience contributed to her later being asked to go to POK to be in charge of loosely-coupled architecture.

After FS was canceled I've claimed that in the mad rush to get products back into the 370 hardware & software product pipeline ... was significantly responsible for releasing a lot of 370 work that I had been doing all during the FS period.

lots of past FS posts
https://www.garlic.com/~lynn/submain.html#futuresys

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

IBM in talks to acquire Sun Microsystems

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: IBM in talks to acquire Sun Microsystems
Newsgroups: bit.listserv.ibm-main
Date: Wed, 18 Mar 2009 10:29:36 -0400

etech@TULSAGRAMMER.COM (Eric Chevalier) writes:
This morning's Wall Street Journal is reporting that IBM is in talks to buy Sun Microsystems for as much as $6.5 billion. A deal could take place as early as this week.

"The deal furthers a recent pattern of consolidation in the tech industry around the services, hardware and software used to run data centers, the big computing rooms that store and process information.

In recent years, the market for servers has shifted from the huge, custom-built 'mainframes' that IBM dominates to vast numbers of standardized computers. By pushing standardized servers, H-P has made inroads on IBM. In the meantime, Sun has suffered, as its strategy of using its own operating system on standardized software has failed to propel new growth."

I periodically mention an old meeting at palo alto science center about proposal to do sun machine product (by the people that would go on to form sun). there were (at least) three different internal groups that claimed that what they were doing was better ... and so IBM declined to do sun product.

note also that in past decade or so, SUN had acquired STK ... mainframe clone storage group.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Lack of bit field instructions in x86 instruction set because of patents ?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Lack of bit field instructions in x86 instruction set because of patents ?
Newsgroups: alt.lang.asm,comp.arch,sci.electronics.design
Date: Wed, 18 Mar 2009 14:49:26 -0400

John Larkin <jjlarkin@highNOTlandTHIStechnologyPART.com> writes:
This CICS?
https://en.wikipedia.org/wiki/CICS

It ought to be fairly well debugged by now; it's been in development for 40 years. Do you think it was bug-free as first shipped?

We don't take that long to write and test our code; a few weeks is more like it. And we do ship the first units bug-free.

in the 60s, the university library got a ONR grant for online library catalogue, and got selected as beta-test site for original CICS product. one of the things i got tasked to do (as undergraduate) was initial support/deployment. I did some debugging related to CICS having been originally developed at a customer shop for specific operation ... and the university library was different kind of operation.

a lot of CICS performance came from initializing the environment at startup ... and running that way for extended period of time. the other was that user/customer written code ran effectively as small library routines as part of the CICS code (in the same address space). this resulted in some integrity issue since a bug in the user/customer code would take down whole CICS system. while CICS did its own multithreading ... multiprocessor support was difficult for it to support.

As systems moved from real storage to virtual memory operation ... and increased in size ... the approach to use all the additional resources was to run multiple CICS in parallel on the same machine.

A few years ago the 3rd party that provided most of the dataprocessing services for the cable TV industry ... not just billing, statementing, accounting ... but also downloading commands to settop boxes ... was running over 120 CICS regions.

Relatively recently, a huge amount of redesign work has gone into changing things so user/customer code wouldn't corrupt CICS ... and also to be able to support multiprocessors

CICS history
https://web.archive.org/web/20080123061613/http://www.yelavich.com/history/toc.htm

Evolution of CICS: CICS and Multiprocessor Exploitation (2004)
https://web.archive.org/web/20041023110006/http://www.yelavich.com/history/ev200402.htm

CICS 35yr site (2004)
http://www-01.ibm.com/software/htp/cics/35/

misc. old posts mentioning CICS and/or BDAM
https://www.garlic.com/~lynn/submain.html#cics

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

PCI Compliance

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: PCI Compliance
Newsgroups: bit.listserv.ibm-main
Date: Wed, 18 Mar 2009 15:20:06 -0400

HMerritt@JACKHENRY.COM (Hal Merritt) writes:
Anyone know of a credible, verifiable source of what went wrong with RBS WorldPay and Heartland Payment Systems?

The Register reports key logging malware, but doesn't say how it came to be.
http://www.theregister.co.uk/2009/03/13/visa_delists_heartland_rbsworldpay/

Lacking a credible, verifiable source, any juicy rumors?

I use a couple different metaphors to describe the current environment (crooks being able to sniff, skim, harvest, evesdropping, data breaches, etc ... related to previous transactions for performing fraudulent transactions). one metapho is security proportional to risk

basically the value of the transaction information to a merchant is profit off typical transaction ... frequently a couple dollars ... and the value of transaction information to a processor is frequently a couple cents. The value of the information to a crook is the credit limit or account balance. As a result, a crook may be able to outspend by a factor of 100 to 1000 times attacking the system as a merchant or processor can spend defending the system.

another metaphor is dual-use vulnerability ... basically the account transaction information is required to be available for dozens of business processes. at the same time (because of the evesdropping/skimming/breach vulnerability) ... the account information has to be kept confidential and never divulged (basically the same rules for a pin or password are applicable to the account number). The dual-use nature of the information creates diametrically opposing demands and potentially provides crooks with dozens or hundreds of attack points.

we had been called in to consult with small client/server startup that wanted to do payment transactions on their server ... and they had invented something called SSL they wanted to use. The result is now frequently referred to as electronic commerce. somewhat as a result, in the mid-90s we were asked to participate in the x9a10 financial standard working group which had been given the requirement to preserve the integrity of the financial infrastructure for ALL retail payments (pos, internet, credit, debit, ach, face-to-face, unattended, stored-value, etc, i.e. ALL). Part of the effort was detailed end-to-end threat and vulnerability studies of the various environments. The x9a10 work resulted in the x9.59 financial transaction standard.
https://www.garlic.com/~lynn/x959.html#x959

one of the things done in x9.59 was to slightly tweak the paradigm so information from existing transactions was useless to crooks (for performing fraudulent transactions) ... eliminating majority of the existing skimming, sniffing, evesdropping, harvesting and data breach vulnerabilities (it didn't eliminate such activities ... just eliminated resulting fraudulent financial transactions as consequence of such activities).

now the major use of SSL in the world today is hiding transaction information as part of this stuff we had worked on now frequently referred to as "electronic commerce". A side-effect of x9.59 financial transaction standard, eliminates that need for SSL.

misc. other recent refs:
https://www.garlic.com/~lynn/2008.html#4 folklore indeed
https://www.garlic.com/~lynn/2008.html#5 folklore indeed
https://www.garlic.com/~lynn/2008o.html#76 Blinkenlights
https://www.garlic.com/~lynn/2008p.html#5 Privacy, Identity theft, account fraud
https://www.garlic.com/~lynn/2008p.html#7 Dealing with the neew MA ID protection law
https://www.garlic.com/~lynn/2008r.html#53 21 million German bank account details on black market
https://www.garlic.com/~lynn/2008s.html#10 Data leakage - practical measures to improve Information Governance

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Mainframe Hall of Fame: 17 New Members Added

Refed: **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Mainframe Hall of Fame: 17 New Members Added
Newsgroups: alt.folklore.computers
Date: Wed, 18 Mar 2009 16:01:53 -0400

Quadibloc <jsavard@ecn.ab.ca> writes:
Advances in circuits, from vacuum tubes to transistors to microchips made it cheaper to build computers.

What's happened now that's unique is that the ceiling on Grosch's Law has moved down so low that Grosch's Law is not noticed. It's still true that a fast quad-core Pentium offers more performance per dollar than a single-core Celeron of current manufacture, let alone a pocket organizer. Just as it was true that you couldn't buy, in 1961, for $130 million dollars, let alone $45 million dollars, a machine with 100 times the performance of a STRETCH.

There's always been an upper limit to practical computer power, beyond which the only option is more throughput from more machines in parallel. What's really different now is that the upper limit is at a price point people tend to think of as the bottom limit.

there was transition circa 80s when software started to dominate the costs ... this has been suggested as one of the rise of unix ... example sun ... in the early 80s. it was possible to develop/build hardware for lot less money than it cost to do something similar for software. as result a lot of hardware vendors from the 80s were moving towards "off-the-shelf" software.

there has been several news stories today about WSJ report regarding IBM buying sun ... a reference here
https://www.garlic.com/~lynn/2009d.html#65

I've mentioned before a meeting long ago and far away at the palo alto science center with the people that later formed sun ... asking ibm to build sun product. there were (at least) three internal groups claiming what they had was better (than sun) ... and ibm declined to do sun product.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Lack of bit field instructions in x86 instruction set because of patents ?

Refed: **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: Lack of bit field instructions in x86 instruction set because of patents ?
Newsgroups: alt.lang.asm,comp.arch,sci.electronics.design
Date: Thu, 19 Mar 2009 08:34:38 -0400

nmm1 writes:
Yes, though "zero-defect" merely means that the probability of a defect is very, very low - there is always a chance of something completely unexpected - such as the established mathematics of a field having an unrecognised flaw (which has been discovered several times in the past 50 years).

And "design and code methodically" is only expensive and slow if you are costing only up to initial shipment - adding in the normal early release "maintenance" costs often makes it a lot CHEAPER. But that's NOT the same as your full "zero-defect" procedure (snipped), which I agree is expensive and I have never been involved with.

when we were doing high availability, ha/cmp product we had to consider some very broad range of failure modes. misc. past posts mentioning ha/cmp
https://www.garlic.com/~lynn/subtopic.html#hacmp

related (internet availability & "electronic commerce") post in this thread
https://www.garlic.com/~lynn/2009d.html#60

in somewhat same period, we would do some evaluation of "security" software ... we would point out relatively trivial and easy compromises. in some cases, we were told that wasn't fair since they had never designed to handle those cases ... we have used the analogy of security vendors telling customers to install a 6' thick bank vault door in the middle of an open field (w/o mentioning the need for a vault) and to pile up all their most valuables behind the door (hoping the crooks won't notice that they don't have to attack the door, just walk around it).

only slightly off-topic ... recent post mentioning skimming, sniffing, evesdropping, data breaches (fraudulent financial transactions & PCI security standard)
https://www.garlic.com/~lynn/2009d.html#69 PCI Compliance

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Why Are CC Numbers Still So Easy To Find?

Refed: **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Why Are CC Numbers Still So Easy To Find?
Date: Mar 20, 2009
Blog: Financial Crime Risk, Fraud and Security

Why Are CC Numbers Still So Easy To Find?
http://it.slashdot.org/article.pl?sid=07/05/24/136207&tid=172

We've used a number of metaphors to describe current paradigm including security proportional to risk and dual-use vulnerability. recent discussion of dual-use vulnerabiilty from this thread about "PCI Compliance" in a mainframe discussion group:
https://www.garlic.com/~lynn/2009d.html#69

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Should Glass-Steagall be reinstated?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Should Glass-Steagall be reinstated?
Date: Mar 20, 2009
Blog: Equity Markets

different legislation. bank modernization act repealed Glass-Steagall, commodity futures modernization act kept futures unregulated.

25 People to Blame for the Financial Crisis; Phil Gramm
http://content.time.com/time/specials/packages/article/0,28804,1877351_1877350_1877330,00.html

Gramm and the 'Enron Loophole'
http://www.nytimes.com/2008/11/17/business/17grammside.html

Phil Gramm's Enron Favor
https://web.archive.org/web/20080711114839/http://www.villagevoice.com/2002-01-15/news/phil-gramm-s-enron-favor/

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

Enron, Worldcom, deregulation, & repeal of Glass-Steagall also investigated by PBS:
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet/

Sarbanes-Oxley was passed in the wake of ENRON ... but the underlying problem wasn't addressed. SOX put most of the responsibility on SEC ... which doesn't seem to have been doing a lot. In the Madoff hearings, the person that had been trying to get SEC to do something about Madoff for a decade wasn't very complimentary. They also mentioned that there are some number of other similar ponzi schemes out there. The repeated refrain that crooks and fraud thrive where there is lack of transparency and visibility.

Possibly because GAO didn't think SEC was doing much ... they started a database of public financial filings with problems (there was some reference that problems had increased over 300% in period after SOX vis-a-vis the 90s)
https://www.gao.gov/products/gao-06-1079sp

big problem with CDS was that they started being written on triple-A rated toxic CDOs. Some amount of the big problems with CDOs are laid at the door of repeal of Glass-Steagall and lax regulatory environment. some of it was written essentially as insurance to people that owned toxic CDOs (with no provisions for reserves to actually cover payouts) ... however a large percentage went to people placing "bets" (akin to gambling in las vegas)

Buying CDOs have had similar disastrous effects on some companies (akin to effect the group selling CDS, has had AIG).

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

article referring to Greenspan allowing financial institutions, buying CDOs, to carry them off-balance:

Greenspan Slept as Off-Books Debt Escaped Scrutiny
http://www.bloomberg.com/apps/news?pid=newsarchive&refer=home&sid=aYJZOB_gZi0I

like Citi

Stay away from Citigroup
http://www.bloggingstocks.com/2008/11/28/stay-away-from-citigroup-c/

However, at least when Citi brought in the most recent CEO, he fired the group responsible:
http://www.bobsguide.com/guide/news/2007/Dec/20/Citigroup_sacks_CDO_bankers.html

quote from early 30s, Glass-Steagall (Pecora, senate banking) hearings:
BROKERS' LOANS AND INDUSTRIAL DEPRESSION

For the purpose of making it perfectly clear that the present industrial depression was due to the inflation of credit on brokers' loans, as obtained from the Bureau of Research of the Federal Reserve Board, the figures show that the inflation of credit for speculative purposes on stock exchanges were responsible directly for a rise in the average of quotations of the stocks from sixty in 1922 to 225 in 1929 to 35 in 1932 and that the change in the value of such Stocks listed on the New York Stock Exchange went through the same identical changes in almost identical percentages.

... snip ...

there is relationship between CDOs enabling fueling speculation in real-estate market to Brokers' loans in the 20s and the stock market.

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

Note that earlier, loans were made by regulated financial institutions using deposits. With securitization, lots of institutions could get into loan origination ... and didn't have to be regulated institution. Big part of Glass-Steagall was keeping safety&soundness of regulated financial institutions separate from risky unregulated investment banking.

In congressional hearings last fall on rating agencies and CDOs, several times it was referenced that both the rating agencies and the toxic CDO issuer/sellers knew that the toxic CDOs weren't worth the triple-A rating ... but the issuers were paying the rating agencies for the triple-A rating. The triple-A rating enormously increased the institutions that would deal in toxic CDOs and enormously increased the funds for institutions using toxic CDOs for fueling loan origination. Speculators found 1% interest only payment ARMs very attractive since the carrying cost was less than the real-estate inflation in many parts of the country (and the loan originators didn't care, they were unloading them nearly as fast as they could write them ... and the speculators were anticipating flipping before the rates adjusted).

In theory, SOX had SEC also doing something about rating agencies ... but there doesn't seem to have been anything other than:

Last fall, CSPAN had a program where they mentioned that the financial industry had made $250M in congressional contributions the session that Glass-Steagall was repealed and $2B in congressional contributions in the last session that approved the TARP funds. This afternoon, one of the business news shows said that in total, the financial industry made $5B in congressional contributions between the session that repealed Glass-Steagall and the last session.

As mentioned, Commodities Futures modernazation act is implicated as the root of both ENRON and AIG CDS. In the wake of ENRON, Sarbanes-Oxley was passed (putting lots of responsibilities on SEC) but left the fundamental problem alone ... resulting in AIG CDS.

Watch AIG's payouts, not the bonuses
http://www.cnn.com/2009/POLITICS/03/19/aig.spitzer/index.html

from above:
"Virtually all" of the $80 billion-plus in the initial AIG bailout went to the company's counterparties, including nearly $13 billion to investment bank Goldman Sachs alone, Spitzer said. "Why did that happen? What questions were asked? Why did we need to pay 100 cents on the dollar on those transactions if we had to pay anything?" he asked. "What would have happened to the financial system had it not been paid?"

... snip ...

one of the issues is differentiating the "insurance policies" by owners of (triple-A rated) toxic CDOs ... and those just gambling (placing bets on whether it goes up or down). This is akin to the mortgage bail-outs ... attempting to differentiate between owner-occupied homes and pure speculation.

basically Glass-Steagall would have made it much more difficult for large commercial banks to buy up triple-A rated toxic CDOs and carry them off-balance.

as federally regulated depository financial institution, their mortgage business ... using deposits for lending had lots of oversight. however, non-depository lending institutions used securitization for lending ... and sold off it off as triple-A rated toxic CDOs.

w/o Glass-Steagall, large commercial banks could have their investment banking parts buy up large amounts of these triple-A rated toxic CDOs and carry them off-balance (which, in turn, enormously increased the source of funds to non-depository lending institutions).

The result is the us gov. is having to bail out these large commercial banks that are holding huge amounts of off-balance toxic CDOs.

Current real-estate wouldn't be in such a state w/o huge amounts of (non-depository) lending for speculation. The amount available for such lending was enormously increased by being able to unload toxic CDOs with triple-A rating. A major market for all these toxic CDOs (and major source of funds) was investment arms of commercial banks (enabled by the repeal of Glass-Steagall).

PBS program indicating CITI primary driver behind repeal of Glass-Steagall
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet/

this has CITI with possibly the largest portfolio ($1.2T) of off-balance toxic assets (triple-A rated toxic CDOs)
http://www.bloggingstocks.com/2008/11/28/stay-away-from-citigroup-c/

articles about CITI on the road to returning to days before it pushed thru repeal of Glass-Steagall:
http://www.bloomberg.com/apps/news?pid=20601087&sid=aaJyWTgJRSBs&refer=home
http://www.iht.com/articles/2009/01/16/business/15citi-409167.php
with citigroup "holdings"
http://www.google.com/hostednews/ap/article/ALeqM5haU80OuiDFQKB5S9WBH3KGFv4CuQD9720L080

and references related to gov. having to clean up commercial banks toxic assets
http://www.bloomberg.com/apps/news?pid=20601087&sid=a5z1.VcMZHBM&refer=home
http://www.reuters.com/article/CHMMFG/idUSN2048782420090320

this is a long-winded, decade old post discussing some of the current problems
https://www.garlic.com/~lynn/aepay3.htm#riskm

including discussion of citi realizing in 1989 that adjustable rate mortgage portfolio could take down the bank ... and unloaded the portfolio and got out of that business.

now, a good part of off-balance toxic assets are composed of (securitized) adjustable rate mortgages. one might asked what happened to all citi's instititional knowledge regarding dangers of ARM portfolios between 1989 and this decade

misc. recent archived posts mentioning Glass-Steagall
https://www.garlic.com/~lynn/2009.html#84 what was the idea behind Citigroup's splitting up into two different divisions? what does this do for citigroup?
https://www.garlic.com/~lynn/2009b.html#48 The blame game is on : A blow to the Audit/Accounting Industry or a lesson learned ???
https://www.garlic.com/~lynn/2009b.html#49 US disaster, debts and bad financial management
https://www.garlic.com/~lynn/2009b.html#52 What has the Global Financial Crisis taught the Nations, it's Governments and Decision Makers, and how should they apply that knowledge to manage risks differently in the future?
https://www.garlic.com/~lynn/2009b.html#53 Credit & Risk Management ... go Simple ?
https://www.garlic.com/~lynn/2009b.html#54 In your opinion, which facts caused the global crise situation?
https://www.garlic.com/~lynn/2009b.html#58 OCR scans of old documents
https://www.garlic.com/~lynn/2009b.html#59 As bonuses...why breed greed, when others are in dire need?
https://www.garlic.com/~lynn/2009b.html#60 OCR scans of old documents
https://www.garlic.com/~lynn/2009b.html#73 What can we learn from the meltdown?
https://www.garlic.com/~lynn/2009c.html#0 Audit II: Two more scary words: Sarbanes-Oxley
https://www.garlic.com/~lynn/2009c.html#20 Decision Making or Instinctive Steering?
https://www.garlic.com/~lynn/2009c.html#39 'WHO IS RESPONSIBLE FOR THE GLOBAL MELTDOWN'
https://www.garlic.com/~lynn/2009c.html#55 Who will give Citigroup the KNOCKOUT blow?
https://www.garlic.com/~lynn/2009c.html#61 Accounting for the "greed factor"
https://www.garlic.com/~lynn/2009c.html#65 is it possible that ALL banks will be nationalized?
https://www.garlic.com/~lynn/2009d.html#0 PNC Financial to pay CEO $3 million stock bonus
https://www.garlic.com/~lynn/2009d.html#10 Who will Survive AIG or Derivative Counterparty Risk?
https://www.garlic.com/~lynn/2009d.html#28 I need insight on the Stock Market
https://www.garlic.com/~lynn/2009d.html#42 Bernard Madoff Is Jailed After Pleading Guilty -- are there more "Madoff's" out there?
https://www.garlic.com/~lynn/2009d.html#61 Quiz: Evaluate your level of Spreadsheet risk
https://www.garlic.com/~lynn/2009d.html#62 Is Wall Street World's Largest Ponzi Scheme where Madoff is Just a Poster Child?
https://www.garlic.com/~lynn/2009d.html#63 Do bonuses foster unethical conduct? --
40+yrs virtualization experience (since Jan68), online at home since Mar70

Why is everyone talking about AIG bonuses of millions and keeping their mouth shut on billions sent to foreign banks?

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Why is everyone talking about AIG bonuses of millions and keeping their mouth shut on billions sent to foreign banks?
Date: Mar 20, 2009
Blog: Government Policy

Watch AIG's payouts, not the bonuses
http://www.cnn.com/2009/POLITICS/03/19/aig.spitzer/index.html

one of the possible issues is differentiating the "insurance policies" by owners of (triple-A rated) toxic CDOs ... and those just gambling (placing bets on whether it goes up or down). This is akin to the mortgage bail-outs ... attempting to differentiate between owner-occupied homes and pure speculation.

last fall, CSPAN had a program that mentioned financial industry made $250m in congressional contributions the session that repealed Glass-Steagall and $2B in contributions in the recent session that passed TARP. Yesterday it was mentioned that financial industry made total of $5B in congressional contributions between the session that repealed Glass-Steagall and the session that passed TARP.

related answer
https://www.garlic.com/~lynn/2009d.html#73 Should Glass-Steagall be reinstated?

in this question
http://www.linkedin.com/answers/financial-markets/equity-markets/MKT_EQU/440817-29709708

and this ...

The Kabuki Theater of AIG Outrage
http://michellemalkin.com/2009/03/18/the-kabuki-theater-of-aig-outrage/

... from above:
Over the weekend, cloaked in their finest populist costumes, the Beltway's hair-sprayed and powdered politicians and White House aides took to the airwaves to inveigh against $165 million in employee retention payments paid out by the government-backed insurance giant.

... snip ...

At least Goldman at one point had been bragging about how they played it smart and hadn't got hurt by (triple-A rated) toxic CDOs ... but then managed to get both TARP money as well as CDS payoffs anyway.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Whistleblowing and reporting fraud

Refed: **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **, - **

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Whistleblowing and reporting fraud
Date: Mar 20, 2009
Blog: Risk Management

In the congressional hearing about Madoff ponzi scheme ... the person that had been trying for a decade to get SEC to do something about the ponzi scheme made some number of observations:

• crooks & fraud thrive where there is no transparency or visibility. there is some need for new laws and regulations ... but by far, the most important is to change the existing infrastructure to be much more transparent and visible.

• audits turn up only 4% of fraud, while tips turn up over 50%. tips are 13 times more effective than audits. the SEC has 1-800 number for operations to complain about too vigorous investigations but doesn't have a TIP-line.

in the past ... there were claims that the only truly significant part of Sarbanes-Oxley was the part about protecting whistle-blowers ... not all of the audit stuff.

there are SOX jokes about it being the full employment program for auditors

from yesterday:

Naked Short Sales Hint Fraud in Bringing Down Lehman
http://www.bloomberg.com/apps/news?pid=newsarchive
http://www.bloomberg.com/apps/news?pid=newsarchive&sid=aB1jlqmFOTCA&refer=home

from above:
Kotz, the commission's inspector general, said the enforcement division "is reluctant to expend additional resources to investigate" complaints. He recommended in his report yesterday that the division step up analysis of tips, designating an office or person to provide oversight of complaints.

... snip ...

Cramer has had periodic rants for past two yrs (or more) about why wasn't SEC doing anything about illegal naked short sales.

Possibly because GAO also thot SEC wasn't doing anything ... they started database of problems with public company financial filings (which many appear to fall under Sarbanes-Oxley violations).

possibly because SEC wasn't doing anything and DTCC has the records that could be used to show illegal naked short sales ... there is suit against DTCC to try and get the records
https://en.wikipedia.org/wiki/Depository_Trust_&_Clearing_Corporation

Corporate Fraud and Misconduct Risks Driven by Pressure to do 'Whatever It Takes'; Fewer episodes reported by companies with ethics and compliance programs
http://www.informationweek.com/financialservices/news/showArticle.jhtml?articleID=215801487

from above:
Of more than 5,000 U.S. workers polled this summer, 74 percent said they had personally observed misconduct within their organizations during the prior 12 months, unchanged from the level reported by KPMG survey respondents in 2005. Roughly half (46 percent) of respondents reported that what they observed "could cause a significant loss of public trust if discovered," a figure that rises to 60 percent among employees working in the banking and finance industry.

... snip ...

If the overall avg. is 46percent and the financial industry is 60 percent, then the non-financial avg may be as low as 30percent ... making the financial industry twice as bad as other industries.

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

1960 Western Union Facsimile Services

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Re: 1960 Western Union Facsimile Services
Newsgroups: alt.folklore.computers
Date: Fri, 20 Mar 2009 12:08:14 -0400

Tim Shoppa <shoppa@trailing-edge.com> writes:
Implemented today in XML, you would go through 250K before finding the first piece of actual data :-).

It's astounding to be in a room filled with people who work with actual data AND with people who work with XML, seeing them unable to find common ground. Each camp runs ahead with what they do but neither camp talks to the other.

one of the issues with some of the "internet" secure payment definitions was that they tried to wrap ever payment transaction with ASN.1 and appended certificates ... possibly done by people that had no actual experience with real live payment operation.

in the mid-90s, we had been called in to work in x9a10 financial standard working group which had been given the requirement to preserve the integrity of the financial infrastructure for all retail payments. this required doing end-to-end threat & vulnerability studies for a number of the environments (not just internet). the result was the x9.59 financial standard
https://www.garlic.com/~lynn/x959.html#x959

standard (iso8583/x9.9) transaction run around 60-80 bytes ... those other "wrapper" techniques were adding a factor of 100 times bloat in payload size (and even up to 100 times bloat in payload processing overhead)
https://www.garlic.com/~lynn/subpubkey.html#bloat

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

Who first mentioned Credit Crunch?

From: Anne & Lynn Wheeler <lynn@garlic.com>
Subject: Who first mentioned Credit Crunch?
Date: Mar 20, 2009
Blog: Economics

the part about it was going to end badly

The Man Who Beat The Shorts
http://www.forbes.com/forbes/2008/1117/114.html

they are calling them "non-depository loan originators" (i.e. non-regulated financial institutions that don't rely on deposits for loans). great for speculators in the real-estate market ... no-down, no-documentation, 1% interest payment only ARMs ... (1%) carrying cost lower than inflation in many markets around the country, planning on flipping before the rates adjusted. Loan originators didn't care, planning on immediately unloading as triple-A rated toxic CDOs (so whatever problems became somebody elses) ... with a little assistance from their friends ...

Evil Wall Street Exports Boomed With 'Fools' Born to Buy Debt
https://www.bloomberg.com/news/articles/2008-10-27/evil-wall-street-exports-boomed-with-fools-born-to-buy-debt

as above became generally known ... it not only froze the toxic CDO market ... but the FUD (fear, uncertainty and doubt) about all ratings started to freeze up other markets (where ratings play a factor) ... like a year ago when Warren Buffett stepped in to insure (rated) muni-bonds (to unfreeze that market)

congressional hearing last fall into rating agencies & toxic CDOs several times mentioned that both the toxic CDO sellers/issuers and the rating agencies knew that the toxic CDOs weren't worth triple-A ratings ... but the issuers/sellers were paying for triple-A ratings.

basically Glass-Steagall would have made it much more difficult for large commercial banks to buy up triple-A rated toxic CDOs and carry them off-balance.

as federally regulated depository financial institution, their mortgage business (using deposits for lending) had lots of oversight. however, non-depository lending institutions used securitization for lending ... and sold off it off as (triple-A rated) toxic CDOs.

The result is the us gov. is having to bail out these large commercial banks that are holding huge amounts of off-balance toxic CDOs.

Current real-state wouldn't be in such a state w/o huge amounts of (non-depository) lending enabling speculation. The amount available for such lending was enormously increased by being able to unload toxic CDOs with triple-A rating. A major market for all these toxic CDOs (and major source of funds) was investment arms of commercial banks (enabled by the repeal of Glass-Steagall).

non-depository lending institutions, using securitization, didn't have to worry about loan quality, just write/loan to all comers and unload as (triple-A rated) toxic CDOs.

PBS program indicating CITI primary driver behind repeal of Glass-Steagall
http://www.pbs.org/wgbh/pages/frontline/shows/wallstreet/

this has CITI with possibly the largest portfolio ($1.2T) of off-balance toxic assets (triple-A rated toxic CDOs)
http://www.bloggingstocks.com/2008/11/28/stay-away-from-citigroup-c/

articles about CITI on the road to returning to days before it pushed thru repeal of Glass-Steagall:
http://www.bloomberg.com/apps/news?pid=20601087
http://www.bloomberg.com/apps/news?pid=20601087&sid=aaJyWTgJRSBs&refer=home
http://www.iht.com/articles/2009/01/16/business/15citi-409167.php
with citigroup "holdings"
http://www.google.com/hostednews/ap/article/ALeqM5haU80OuiDFQKB5S9WBH3KGFv4CuQD9720L080

and references related to gov. having to clean up commercial banks toxic assets
http://www.bloomberg.com/apps/news?pid=20601087
http://www.bloomberg.com/apps/news?pid=20601087
http://www.bloomberg.com/apps/news?pid=20601087
http://www.bloomberg.com/apps/news?pid=20601087http://www.bloomberg.com/apps/news?pid=20601087&sid=a5z1.VcMZHBM&refer=home
http://www.reuters.com/article/CHMMFG/idUSN2048782420090320

this is a long-winded, decade old post discussing some of the current problems
https://www.garlic.com/~lynn/aepay3.htm#riskm

including discussion of citi realizing in 1989 that adjustable rate mortgage portfolio could take down the bank ... and unloaded the portfolio and got out of that business.

now, a major portion of off-balance toxic assets are composed of (securitized) adjustable rate mortgages. one might ask what happened to all citi's institutional knowledge regarding dangers of ARM portfolios between 1989 and this decade

--
40+yrs virtualization experience (since Jan68), online at home since Mar70

previous, next, index - home