An Interview With Mark Gorham Of OpenVMS

Ken Farmer writes "There's already been one press interview with Mark Gorham, but that encounter with HP's VP of the OpenVMS Systems Division omitted some technical details that warrant further attention. Hence, SKHPC thought it appropriate to go on a deep dive with one experienced in OpenVMS and SCUBA diving as well."

OpenVMS on my camera

[Ingolfke]

If your camera was based on open standards you could port OpenVMS to it.

OpenVMS

[Homebrewed]

Is as secure as an attack-trained Rottweiler embedded in a block of black Lucite... ... and about as useful....

Nice quote snippet...

[rjstanford]

"...pretty popular in the low-end market (1-8 CPUs, up to 64GB of memory..."

Yup. Its refreshing to actually see opinions like this acknoledged on /., if even in a linked-to article, where for the longest time a 4 way box was considered xtR3m3 (or whatever the l33t spelling would be these days).

And no, there's not really much of a need for a beowolf cluster of those things. Imagine a life instead. Mmm... isn't that nicer?

Yeah, yeah, flamebait...

the reports of my death ... greatly exaggerated...

[lophophore]

VMS keeps coming back, and appearing on Slashdot like a bad penny. The IA64 has breathed new life into this OS, which is the most secure and stable that I have had the pleasure to use. VMS had a C2 security rating out of the box in 1990 or so, but what this article does not mention is that a variant version (SEVMS) carried a full B2 rating., which is really something.

Mark who? I don't know his name. I worked for DEC VMS Engineering in the VAX and Alpha days, who is this guy?

This article makes it seem like the idea of building unix apps on VMS is a new thing. It's not. VMS Posix was available in 1992, and many Unix/C apps would just compile and run. It was very cool.

The dinosaur is aging very well.

Re:New VMS users?

[VAXcat]

Reliability, scalability, uptime, high performance wide area clustering, no viruses, very few security problems of any kind (and those occur mostly in code migrated from unixland). A few of the reasons people choose VMS for an operating system. Individual VMS systems often have multi year uptimes (even in heavily used environments). VMS clusters have uptimes even longer still. And that's leaving out any of the religious flavored arguments about what OS is easier to administer and use.

Re:New VMS users?

[ReverendLoki]

I spent a few years as an admin on a VMS system. Sure, you had your occasional headache due to some of the OSs oddities, and we ended up writing a lot of code in house for applications that we would have just purchased on any other system, but there were definitely a lot of unique elements that cluster had that I miss. We never had any sort of security breach on that thing, for one. And for the rare instances there was a node crash, the cluster adapted, and the users ever noticed - hell, a few times we wouldn't have either, if it weren't for the logs, due to a clean recovery and automated restart. That system also provided some of the smoothest, most painless rolling reboots.

I don't think it's necessarily more painful than other systems, but it does seem to be pain that is easier to schedule (more work during your day, fewer middle of the night emergencies).

Of course, you can't play a lot of games on it...

OpenVMS, a viable option

[Anonymous+Cowherd+X]

I really enjoyed using OpenVMS and although I no longer use it on a daily basis I do still have an account on a friend's system that I log into from time to time. That interview reminded me of how wonderfully supportive the OpenVMS community is, even if you don't like OpenVMS you have to love the spirit, dedication and willingness to help of these guys. I especially remember the USENET posts by the recently departed John Wisniewski. Here is one of his posts in which he names the top "F" reasons OpenVMS is not going to die.

TOP "F" REASONS OPENVMS ISN'T GOING TO DIE
(Y2K LATE EDITION VERSION)

F)Hey, Free Hobbyist Licenses available on the NET! Just like those guys who don't make any money off their OSes...

E)If OpenVMS was a separate company it would be in the fortune list at 384

D)Xwindows, SAMBA, Apache, Java, COM and all that Open Systems SW On a platform that's always available...

C)DIICOE -- Not just for Unix systems anymore -- Compaq signed a 15 year agreement with the US Government for continuing OpenVMS support and infusion with Open System and Open Source APIs and unlike POSIX, there real applications written to these standards!

B)Shared Everything Clusters with live, redundant datacenters over 540 miles apart... (No Hot Standby here;-)

A)3.9 Billion in OpenVMS Sales World Wide last year
-- One of Compaq's most profitable business units

9)One Word: Wildfire, eh, GS series, eh, Alpha, eh Galaxy, Eh OpenVMS

8)Wanna buy a lottery ticket?

7)200 Million spent on R&D last year
-- Anyone want to work in VMS engineering?
We got openings and I get a bonus to recruit:-)

6)Healthcare, and Finance, and Telecom! Oh MY!

5)Used VAXen and Alphas are going on E-bay for more than you can get them through brokers!

4)Kevin Mitnick just testified before congress he hasn't been able to get into VMS since version 4 when he stole version 5 with a 1200 baud modem...

3)You want to be able to CHARGE people for their cellphone time?

2)VAX can't die until after I beat the Balrog in Moria 4.81.

1)VMS is Windows 2000 ready even if no-one has deployed the new Windows 2000 security domains yet!

Re:Nothing much to see here.

[Anonymous+Covard]

There going to provide some tools that make porting Unix applications easier to VMS, but they didn't say anything about making VMS Posix complient.

Aside from the fact that VMS has been POSIX "complient" since 1992, that is.

Re:the reports of my death ... greatly exaggerated

[Rorschach1]

I started working on VMS systems in 1997, so I was a relative latecomer to the OS. Still, I quickly learned to appreciate what it's capable of. The ancient hardware I've got in my garage (VAX 6000, VAXstation 3100s, MicroVAX IIs, AlphaStation 200) is capable of more useful and reliable clustering, out of the box, than Windows 2000 AS. Almost undoubtedly better than 2003 as well.

I've had to migrate a legacy VMS application to a Windows 2000 AS cluster, and after 10 years of operation with no more than a few hours' downtime at any given time, the old Alpha cluster is ready to be shut down next week. It's sad to see it go - the Windows version will probably never be as solid and reliable, but what counts to management is that for the price of annual hardware and software maintenance on the old cluster we can buy all new Dell servers with 3-year warranties every year or two.

I did once set up an OpenVMS machine with the intent of taking it to DefCon, but never got around to it. Others did, though, and there's nothing like watching a bunch of hotshot Unix crackers pounding their heads on their keyboards out of frustration.

(And that's just trying to get a volume listing, not breaking in!)

How much of Dave Cutler's OpenVMS is left?

[emil]

Cutler's original kernel was written in assembler. I assume that it was completely replaced with something in C. Was this done for VMS 5, or later (for the Alpha port)?

Was VMS designed with clustering in mind from the start? Did clusters really get going with v5?

Although, for a guy who implemented his kernel in assembler, Cutler's comment that UNIX "is a junk OS designed by a committee of Ph.D.s" is a little shaky, even if he was the project leader for Windows NT.

Re:How much of Dave Cutler's OpenVMS is left?

[isdnip]

I don't know how much of Cutler's original work was in Assembler and how much was in BLISS, since that too was a popular language at DEC. I heard long ago (around the time of VMS v3) that Cutler's original work was really crude -- he was the master of a quick V1, but his code was inefficient, so it had largely been rewritten early on. Maybe he did just use Assembler and leave BLISS to other "wimpier" coders.

Also bear in mind that the original VAX instruction set was really huge, allowing one assembler instruction to do things that were quite long on other systems. It turned out, in most cases, that a macro of small instructions could do it faster than the VAX microcode, so instructions fell out of the ISA over time (mainly when the MicroVAX chips came out), but it didn't hurt performance. The VAX-11 was the apotheosis of CISC, a philosophy that probably was designed to help assembly-language coders.

VMS didn't even have a C complier for years, and it wasn't much good for a long time. But it did have a lot of other strange languages. Those were the "we ain't Unix and we like it that way" days.

Re:How much of Dave Cutler's OpenVMS is left?

[tshannon]

The system implementation language for VMS was BLISS. The MACRO-32 assembly language was based thereon. The VAX hardware architecture and the VMS OS were co-developed and joined at the hip. As VMS evolved, portions of the OS were rewritten in C. When Alpha came along, the microcode that tied VAX to VMS was obsolete... VMS knew nothing of the Alpha architecture. Hence a hardware abstraction layer was used as a go-between. That was PALcode, or Privileged Architecture Library code. PALcode enabled VMS developers to rewrite MACRO routines in C. Not exactly the easiest of architectural ports, and it consumed the resources of the majority of the VMS Development team. Alpha to Itanium wasn't an easy port, but it was accomplished by about 25 developers over the course of 43 months. Far fewer lines of code had to be changed, and there was no code freeze... VAX/VMS V5.4 was the code freeze point for Alpha/VMS; while the Alpha porting team turned VAX/VMS V5.4 into the first Alpha/VMS release, the VAX/VMS developers kept on developing VAX/VMS. So VAX/VMS had more functionality (absent the 64-bit support) than did the initial Alpha/VMS release. It took a number of releases to bring Alpha/VMS up to feature 'n function level of VAX/VMS.

Haven't a clue if VMS was designed with clustering in mind right from the get-go, but VMS started shipping in ~1988, VAXcluster software materialized around 1983-84. Clustering definitely preceded VMS V5.0, the 5.0 release was all about a modular kernel and SMP support and security enhancements.

Dave Cutler did not write or design VMS, he was responsible for VAXeln, a run-time version of VMS. He then went on to develop MICA, the OS intended to run on the PRISM hardware architecture. PRISM was killed because the hardware existed, MICA was nowhere near ready for prime time, or even initial boot time.

MICA was designed to be a superset of VMS that reduced VMS limitations and expanded its capabilities. Cutler went to Microsoft the day after the PRISM project was cancelled, and he took the MICA code along with him. Cutler went on to develop NT, and DEC discovered that portions of NT were identical to portions of MICA, right down to the comment lines.

I'm not a lawyer, but I know enough about intellectual property to realize that NT contained a lot of DEC IP which DEC did not legally convey to Microsoft. DEC's IP lawyers knew that DEC had been ripped off. DEC knew that filing a theft of intellectual property lawsuit against Microsoft would be an exercise in futility, as DEC had far fewer lawyers and far fewer financial resources than did Microsoft.

The end result: the so-called "Alliance for Enterprise Computing." Big win for Microsoft, massive blunder on DEC's part. DEC's CTO, whose initials were BS, jumped at the first offer Microsoft put on the table. Bill Strecker knew a lot about computer technology and packaging, but he didn't have much in the way of negotiating skills. He jumped at an offer that sealed the fate of Alpha back in ~1994 or so.

Under the terms of the "deal," Microsoft agreed to endow Alpha with Intel parity on the server side, but not on the desktop. VMS minus desktop productivity tools (trivial things like the MS-Office suite) couldn't compete in the high-volume Wintel space. DEC unilaterally ceded a vast addressable market for Alpha and VMS. FX!32 binary code translation and emulation couldn't undo the damage DEC did to itself.

Things may change now that VMS is available on an architecture (Itanium) which has a chance of achieving critical mass. Time will tell...

Those were the days

[Jiggily]

I miss the days when I worked on the old VAX mainframes running VMS.... Then again I also kinda miss my old Commodore VIC-20....

reasons for using VMS

[belmolis]

The people I have known who ran VMS were all physicists and electrical engineers who had large amounts of legacy Fortran code that they didn't want to port, and for which the VMS Fortran compiler was said to be superior to anything available for UNIX at the time. I wonder to what extent eople actually like VMS as an OS and to what extent its survival is due to heritage code?

Re:reasons for using VMS

[not-my-real-name]

Well, I'll admit to liking VMS. It has been a few years since I've used it, but there were definately some nice things about it. It was definately designed to be used in large systems with lots of users, unlike Unix. It had features like privileges for just about everything that you can think of - much finer granularity than all or nothing. It had a fairly well developed system of ACLs that could be attached to operating system objects other than files (unlike Unix, not everything is a file in VMS). One of my favorite things to play with was logical name tables (something that doesn't really have a Unix equivalent).

On the other hand, there were some things about it that were rather clunky. Spawning a sub-process took a while. There was no easy equivalent to piping the output of one command into another.

I guess the thing to do is to learn about other options and use the best too for the job. Don't get locked into a single solution for everything.

Wanna try OpenVMS?

Many, many posts come from people who have _never_ touched OpenVMS. For these people, I invite you to the Deathrow OpenVMS Cluster. This is a OpenVMS cluster (running OpenVMS 7.2) or VAXen and Alphas. It's free for use by the general public. Yes - you get access to the compilers (COBOL, Java, C, FORTRAN, BASIC, MACRO, and much more!). The entire point of the system is for people unfamiliar with OpenVMS to have the change to _play_ with OpenVMS.

Check out http://deathrow.vistech.net for how to open your own account.

Re:New VMS users?

[0racle]

I knew a company that rebooted their VMS boxes once a year when the building did their power test. It was more fear of a power spike then anything elss. Other then that, they never had a need to reboot the systems.

Its not scary, its what an Enterprise Class OS should be.

Re:64 bit x86 open vms version available?

[Nutria]

I looked and looked but could not find whether or not a 64 bit x86 version of open vms is available.

VMS presumes CPU functionality that does not exist in x86. Mainly, this has to do memoy management and "ring" protection.

A VMS engineer told us (at an Oracle Rdb conference in Nashua) that Intel purposfully made certain parts of the Itanium look like the VAX. That made it possible to port VMS to Itaniac.

Re:the reports of my death ... greatly exaggerated

[SunFan]

If VMS also worked on Alpha, what were the barriers for VMS that allowed UNIX to gain more share? UNIX was expensive back then, so unless VMS was really expensive, that couldn't have been a barrier. Was it just DEC's infamous marketing dept.? It seems that other comments make VMS out to be a pretty nice OS.

Re:Hardware compatibility list

[tengu1sd]

See the VMS Software Product Description (SPD) available at from HP Fair sized PDF, scroll down to page 25 or so for a list of supported systems. Disk and tape devices on the pages following.

As a general rule, for older systems, you need SCSI disk and CD, something that supports the full SCSI standard. You a PWS "u" is the same as a PWS with a SCSI controller/disk. Check google groups (comp.os.vms) for advice on these upgrades. Some of the newer Alphas understand IDE now.

The neat thing about OpenVMS and Alpha is that in the rare case when a system does crash you can log a call and HP will have someone do a byte by byte crawl through the crash dump and tell you what happened. If it's an o/s problem, VMS Engineering will fix it. If it's a hardware problem, you get an error log with useful diagnostic information.

My big cluster has 3 downtime incidents in the last 6 years, 2 operating system upgrades and frozen fuel line in the generator during an extended power outage. Individual systems have gone down, but never all at once.

On the bleeding edge

[jhd]

The company I was working for in 1979 put an order in for a VAX/11-780 which we received in 1980. It was VAX serial number 21. The tech guy installing it said that the first 18 were for internal DEC use. It came with two RM80 (80Mb disks), 256K Mem, an expansion cabnet and a vacuum column 9 track tape drive... All for about $320K USD.

The back plane was all wire-wrap and the CPU was contained on four of the cards that plugged into the back-plane. The micro code wad uploaded from an 8" floppy loaded in a PDP-11/03 which resided in the lower portion of the main cabnet.

To make a long story short, this was one of the best systems I ever administered. The DEC people were professional and tech support was excelent.

It was a sad day to see DEC go...

The WINNT KERNEL is not all that bad, folks...

[mosel-saar-ruwer]

Your post: "Plus, if you know the Windows NT kernel, you pretty much know the VMS kernel [wink wink]."

My puzzlement: Windows NT == VMS? Really? Are you serious?

More of a stab at M$FT - I think the gentleman's agreement they reached was that DEC wouldn't sue them over theft of proprietary trade secrets [i.e. theft of "Intellectual Property"] if M$FT agreed to port NT to Alpha hardware.

But as to the underlying question of the NT kernel: Folks, it ain't all that bad. In just about every test anyone ever throws at it, the NT kernel bitch slaps the competition.

Compare e.g.:

RunTime: Context switching, Part 1
High-performance programming techniques on Linux and Windows

RunTime: Context switching, Part 2
High-performance programming techniques on Linux and Windows

COMPARISON BETWEEN QNX RTOS V6.1, VXWORKS AE 1.1 AND WINDOWS CE .NET
PDF DOCUMENT

Now the decision in NT 4.0 to break the pure client/server model, and bring the windows/graphics stuff into "Ring 0", may have contributed to some system instability [particularly if you're using a bleeding-edge video card], and the NT Domain/Active Directory network infrastructure may be a pale imitation of a true directory like what Novell can offer you, but the underlying Windows NT kernel itself ain't nothing to laugh at.

Re:New VMS users?

[Lew+Payne]

You've obviously never had Kevin Mitnick on your OpenVMS system... or attracted the attention
of the Chaos Computer Club (CCC), whose members at one point (in the old days) targeted
VAX/VMS systems. Nor have you had Neill Clift go through the OpenVMS source code and
discover "bugs".

Don't take it for granted -- just because the O/S is (for all intents and purposes) obscure
now doesn't mean its "secure" now.

Re:the reports of my death ... greatly exaggerated

[tshannon]

OK, a few facts for the record. I wrote the the Q's that Mark Gorham provided the A's to in the interview posted on my Web site. So I'm the perpetrator of what has turned into a Fine Mess.

I know plenty about SEVMS and its B2 security level rating as well as the circa-1992 VIP (VMS Integrated POSIX). I left this information out of the article because many of its intended readers don't know C2 from B2, and that VIP didn't cut it as a UNIX development environment. Better to keep things simple, the interview was long enough as it was. I didn't have the time to go down so many ratholes that an article became a book. (Been there, done that, didn't want to do it again yesterday.)

If VMS is a dinosaur, what's UNIX? It's an OS created 10 years prior to VMS, making it a Older Dinosaur. Neither of these dinosaurs are extinct, both have evolved. VMS can do things today that I had no clue it would be able to do today. Same goes for UNIX.

I don't know Mark Gorham's position or job title in the VAX and Alpha days, but he's currently the VP of HP's OpenVMS Division.

Cheers,

Terry Shannon

Re:the reports of my death ... greatly exaggerated

[Nefarious+Wheel]

By many reports, VMS was killed by Ken Olson, the founder of DEC. He believed in proprietary hardware, which kept the market closed and proprietary as well -- the competition had cheaper disk available, so down went the VAX and it's closely-locked four-mode operating system. Mind you the standards of the day (or lack thereof) sort of encouraged it, but FUD was alive and well at The Mill in Maynard and had a lot to do with their gradual decline. (I jumped ship when they sold off RDB and AltaVista). DCL was pretty amazing for a command language back then -- especially compared with JCL or the clattering monstrosities that ran GCOS. DCL had elegant lexical functions, if-then-else controls. Batch control was a pig, but worked after a fashion as long as you didn't try to control batch queues with batch queues.

The killer blow was when the architect of VMS, Dave Cutler, moved over to Microsoft.

Security suffered from the transition because Vax/VMS had KESU shells and the Intel platform didn't support the Exec mode. Each shell had specific instructions that could only run in that shell, and it's own discrete address space. A user program couldn't write to the kernel, or to a device driver, or to any structures managed by the Supervisor layer. Since user mode exe's were not able to reach protected address spaces where the other bits lived, exploits were few and far between.

Re:New VMS users?

[Lew+Payne]

|
| Mitnick never broke into a VMS system.

You're absolutely wrong, glenmark. Mitnick broke into many VAX/VMS systems. One of
them happened to be "the Arc" -- DEC's development machine. In addition, he broke into the
VAXes at Leed's University (just ask Neill Clift) and at USC. He also broke into the personal
workstation (a VAX) at Neill Clift's home, where he nabbed the bug reports before they got
to Digital. Not to mention his penetration of VPA (Volunteer Plan Administrators) in Calabasas,
where Lenny DiCicco lead the FBI in a sting operation, leading to Mitnick's apprehension
in VPA's parking lot.

Espousing hearsay as fact only tends to poison the world with ignorance. There's enough
ignorance in this world, as it stands.

So, I'm curious -- upon what factual basis do you conclude that "Mitnick never broke
into a VAX?" I base my statement that he did upon the fact that, as his co-defendant,
I saw the evidence as well as experienced some of it first-hand. You're not one of
those people who just repeats hearsay as if it were fact, are you?

Re:the reports of my death ... greatly exaggerated

[tshannon]

Being a dinosaur isn't necessarily a bad thing. Case in point: the IBM mainframe. IBM launched the System/360 just over 40 years ago, and Big Blue's still making big bucks selling enhanced and renamed variants of THAT dinosaur.

There was a Jurassic Era in which T-Rex was the biggest and baddest. All that remains of T-Rex V1.0 is fossils and a few skeletons in the world's best museums of science.

There was a Jurassic Park, which was a work of fiction by Michael Chricton (and not one of his best, either). All sorts of dinosaurs roamed that fictional evolutionary leap forward into the past. The theatrical verion was worse than the book, and you're more likely to see black helicopters hovering over your house than you are to have a close emcounter of the worst kind with a rabid velicoraptor, or whatever those things were called.

In the IT industry, dinosaurs can evolve. The mainframe did, as did VMS amd UNIX. They aren't new, but they sure are improved and have adapted quite nicely. They are neither obsolete nor extinct. The Commodore VIC-20, which materialized in the 1980s--well after mainframes and VMS and UNIX showed up--is both obsolete and extinct. And nobody's booting any OS on a Convex or PRIME box any more.

So being a VMSasaurus Version 8.2 isn't a bad thing to be ;-}

Re:New VMS users?

[glenmark]

So, I'm curious -- upon what factual basis do you conclude that "Mitnick never broke into a VAX?" I base my statement that he did upon the fact that, as his co-defendant, I saw the evidence as well as experienced some of it first-hand. You're not one of those people who just repeats hearsay as if it were fact, are you?

First of all, I never said that Mitnick never broke into a VAX. I said he never broke into a VMS system (some VAXen run Unix). Secondly, I based my statement upon Mitnick's testimony that indicated that he had been unable to break into a VMS system (this according to analyst Terry Shannon). Yes, he was able to ACCESS VMS systems (including one holding VMS source code), but every instance of this of which I have heard involved "social engineering" to steal passwords, not a technical hack. If you have information to the contrary, I would love to hear more about it.

Re:New VMS users?

[Lew+Payne]

| First of all, I never said that Mitnick never broke into a VAX.
| I said he never broke into a VMS system (some VAXen run Unix).

Likewise, when I said "Mitnick broke into many VAX/VMS systems" (the
second sentence in my first paragraph), I qualified it. Unfortunately,
I was ambiguous later when I said "broke into a VAX".

Mitnick did indeed break into VAX/VMS systems, using flaws discovered
by the CCC (Chaos Computer Club) as well as by intercepting PGP email
communications between Neill Clift (of Leed's University) and Digital.

Neill Clift, who had access to the VMS source microfiche, would spend
a lot of his free time combing through it discovering vulnerabilities.
He would then report these vulnerabilities to his engineering contact
at Digital. Unbeknownst to him at the time, DEC's mail relay machine
was compromised (a VMS system) as well as Neill's home workstation.
As a result, his public/private key was compromised. Through a "man
in the middle" attack, Mitnick would decrypt and read Neill's bugs,
then re-PGP them (using a new key-set he had negotiated with Digital
as a result of pretending to be Neill Clift) and forward to Digital.

As for the CCC, Mitnick installed the "show user 0TTO/1TTO/2TTO" bug
in many VAX/VMS systems, so that he could remain invisible while on
as well as bypass the "pre-login" password required of dial-ups. He
also tricked dial-back systems (where the modem calls you back at a
pre-set phone number) by adding call-forwarding to the home phone of
authorized modem users, thus intercepting the call-backs.

Through the availability of source code, technical support (yes, we
had access to DEC technical services - all it took was an entry in
their database of support customers) and systems, we were able to
study several more weaknesses and eventually code a LAT exploit
which, to-date, remains unpublished.

Prior to all this, by the way, Mitnick was breaking into RSTS/E systems
with impunity. If you had dial-up access, there was basically no way
to stop him... no social engineering required! That really irritated
me, because I lived an hour away from work and emergency dial-up was
not an option.

I actually still have LA120 printouts of some of these exploits... and
answering machine tapes of mitnick leaving me messages about the latest
systems he was able to compromise. In the early days, he'd even steal
other peoples' RSTS/E cracking programs... Like Dave Kompel's tangled
syscalls to spin the kernel into giving you system privilege. I think
I still have a copy of that in storage somewhere.

By the way, all this is just the proverbial "tip of the iceberg."
There are a lot of other things from Mitnick on those answering
machine tapes that never made it beyond me... some of his other
"hobbies" involved the DEA, the MDC (Metropolitan Detention Center),
Magic Mountain's debit card terminals, and oh... the issuing of
"patches" to select VAX/VMS customers on upgrade support contracts.
The patches were delivered in the geniune DEC patches box, on the
correct media for those particular customers. Needless to say,
all those customers had dial-up (or network) access available.

None of that even covers the period of time when Lenny DiCicco worked
at (what was once) PacTel Cellular as their database administrator (in
Orange County, CA). Once Mitnick found out, hundreds of thousands of
ESN's, MIN's and the associated customer names, billing info and social
security numbers were compromised. Since we had the assembler code
(complete with comments) to the Novatel PTR-825 as well as the compiler,
Mitnick was able to remain "invisible" and "untraceable" for years until
he pissed off Tsutomu Shimomura. After all, he had an endless supply
of ESN/MIN combos, and could enter them into the PTR-825 directly
thanks to some custom firmware hacks.

Perhaps I should write a book on what really took place "on the inside"
complete with printouts and WAV files. Maybe in another five years,
after I retire, I might.