I don't know the early laws anywhere else in the world but in Europe ( countries I used to support ) there were laws to save every production verion in 70's. So - anytime you made one of the thousands production versions of an application it had to be saved for next 6-7 years, you were required to reproduce the same results later if the auditing required that or lose your business license. The systems did that authomatically - as a systems programmer / contractor I was responsible some of them and it worked. There were many ways to do that ( thanks to home grown or other systems like Pansofic Panvalet/Panexec or IBM file generations, etc.. ) So - nothing new, the toy systems are catching up (IMHO).
When are some manufactures like Dell, IBM, etc. offering a voice IP activated order / support / whatever services from a web site, click this and you will be connected? Might even bring the english speaking connections back! Of course, I already patented this business idea so I will get $0.10 each call - cheap !
"Even if it's not credible, it doesn't mean it's okay to leave networks unsecured." Very insightful ( IMHO ). Also, most of the comments are also insightful. IMHO "cyber terrorism" is real but maybe not in a way most people think. Yes - it is very easy to disrupt the internet and even other, more protected networks but all ( that I know ) important networks are protected with N number of backups, re-routes, other methods, etc.. anything else would be stupid. Unfortunately - we have politicians to make the decissions that belong to professionals. It slows down the process, it costs a lot extra, it makes some necessary procedures impossible, it (IMHO) mixes real and imaginary threats together, and so on. A question - wouldn't you trust your peers ( that you know ) to check your code / design / whatever.. instead of someone who has whatever own goal, not whatever the problems is ? Now - (IMHO again) most of the security people really think security, not how many voters or how much money they can gain. And with security I mean the whole pack - not just encryption, authentication, authorization, security checks, redundant nodes/lines, etc but also how to make things work IF anything happens, how to prevent anybody ( is a mentally ill person a terrorist ? ) causing more than a small local / not permanent problems. If you don't have an army and a lot of firepower - you can't take a nuclear plant down, you can't disrupt a power grid, etc.. assuming they are designed and not built based on some contractor design just for money ( have seen those - unfortunately! ). So - mostly I sleep very well.
One of ( if not the ) most insightful posts I have seen here. The old rule KISS ! Any and all systems should be designed to work with OR without computers. A computer is just a tool - my job, my profession, my paycheck, even my passion BUT anytime I see a system that will not work without computers ( slower, more pain, etc.. ) it is for me a failed design. Once again - this is insightful but unfortunately forgotten too many times. Now - of course, I'm a computer person and will never understand why these things are made so complicated - except maybe for money ??
I would even go a little further - "Thus, my long standing position that there is no such thing as a "good" admin who hasn't also done some development work." - not even admin, they used to be called operators but what do I know, we were called systems programmers not admins managing large installations.. have a nice day.
The (very) good part is that the syntax gets formalized. But the idea itself is old - anybody remember those basic simulation jobs where a ship goes from one harbour to another. The cargo changes, the crew changes, lines in/out, etc. but the base (the ship) was same. No need to code that, just change the properties and no need to know beforehand what for ex. the cargo is. Now - think a message in computer system, starts plain but the payload gets compressed, encrypted, enhanced, some pictures added, and so on - fail the delivery, no need to any clean up or rebuild, just take the base and in retry send it to the same route. Huge savings in coding, no need to hardcode properties, properties can change dynamically at any time, even the destination can change with no coding, etc.. And yes - old idea and coded many times over but this is the first time this type of higher abstraction in language itself. I have seen it done in assembler, Simula, LISP, Prolog, Delphi, C, PL/I, etc.. but always differently.
And a good point (IMHO). Unfortunately that seems to be the way. Some track record, 90% of people I ever (30+ years) have recommended to be hired are still working for same companies ( I moved? ), 99% I didn't recommend have left ( or booted! ). Very little technical questions, no use because technical knowledge is widely available, personality, curiosity, etc.. mean much more for any senior position - juniors should know the basics ( of course you don't even think hiring anybody with 10+ years SOA experience as HR is asking - or would you ? Or someone mixing up HA and clustering after reading MS sales docs ?? ). And tell me what you do if you get stuck with a technical or corporate decision you don't agree - that answer tells me a lot if you are ready or may need some education or there is no way I would work with you.
My $0.02 ( or even less.. ) but today I have to work with all the people having all kinds of certificates AND to teach them what's behind the button, a command, an API, and so on.. A little frustrating but then - sometimes some learn, sometimes not ( like today - gets you a little tired.. )
Can't actually blame the people, that's the trend. Of course I love more how it was done before - take a course on IBM ( pick your manufacturer ) and get the pass / fail "certificate". Now - it was a long time ago and I think the courses may have changed ( I hope not! ). The courses I'm talking were 24x7 internat courses over two ( or more ) weeks, covering anything from OS internals to how to sell the solution ( to customer or to your own boss ), a wrong / failed answer sent you back to learn it again, the teachers were people from real life ( field ) just teaching what they knew, the problems were real problems from every day life, etc.. Honestly - I can't see my co-workers going through that today - most go to sleep after 12h, some can take even 16h but not over two weeks.
And no course was to learn how the bits and bytes are ( that's your job ) but why they are that way and what are the caveats, strengts and weaknesses and how to use or to avoid those. As you can see, I miss the "old" times but what can you do ??
Play in computers, play with computers. And ( until proven wrong ) I agree to proffesional players ( and other proffesionals ), computers are good but not that good yet. In 80's ( boom on "AI" ) I used to write configuration programs based on "AI??". First, it took years to get most? knowledge to those systems and even then - a seasoned configuration specialist would do better work. The benefit was - the specialists are expensive, not needed in most cases, etc.. 9 out of 10 computer / network configuration is done by some (IMHO) MSEE or CTO or some other less knowledgeable person - and a end up very expensive disaster that someone has to fix later. Isn't it same here - there are no miracles, skills (still) win over any bot ( even in chess I think ). Some day maybe but not yet.
Nice to see some articles of real computers (IMHO). And I don't buy the comment of not enough people, let me explain. In our time ( showing my age ) we had basically zero computer education in schools/universities but for ex. IBM had excellent education and training - as today. And Univac (Unisys), Burroughs, Honeywell, etc. weren't (much) worse. The problem ( as I see it ) is that corporations don't use systems programmers any more so there is no reason for people to get all that knowledge and skills. In 70's / 80's systems programmers had to know how to negotiate next $5 million disk deal with IBM, how to figure out next years resources, HW, SW, personel, telco lines, installation elecricity and cooling, and in their spare time fight the application projects over utilizing the system when not busy doing sysgens, running fixes to the (alive) system, writing user (mostly assembler) exits to the system, debuging weird compiler problems, showing operators how to recover bad tapes with DITTO or how to change the printer chain and having other fun hobbies in their spare time ( and lots of beer!). And these were (are) big on-line systems 7x24 with thousands of users. So - it's not that fun any more ( is it? ), why should anybody even think it ? Much easier to specialize to Java, C# or whatever and to get the same ( or even better ) paycheck until moving to next company ? Where did I hear ?? You get what you pay and you get what you want ( be carefull what you want! ) - this to the companies / corporations, stop whining!
First time I miss that I don't have any points to give ( 5 already but anyway.. ). This is life - and life is risky - after you didn't slip in bathroom try to walk over a street and so on.. I fully agree - let's first do the tasks in hand but not forget to plan for next things to do. This subject is very common - we are just now ( one week from delivery ) stuck with requirements that the management refused even to to think six months ago - go figure ?? Doesn't this sound familiar to all ( most ) developers - space, computers, whatever ??
> Ummm, last time I checked, MOST corporate hacking was done from the INSIDE, NOT the Internet. K. Thanks.
> Really? Where does one "check" this?
No - you don't! Because it is not published anywhere. I lost count on 70's and 80's before I got tired of the whole business - internal fraud is huge but hidden, if you are a smaller player, you are fired and if you high enough you are either promoted or retired but no word ever gets out - bad publishity for company. So - as someoneone already said - old stuff.. And I have to agree on her ( Oracle ) answers - there is much more going on large systems than just some security bug - besides almost all bugs are security bugs if used that way.
"You just wrote possibly the most insightful post this story will see. thank you so much." Have to agree to that !! And I like it - " I had thought that it was widely known that OS X won't run on anything not sold by Apple as a Mac." Same with AIX, MVS, NKS ( you may know it as Tandem or Guardian ), etc.. If the manufacturer binds something (SW) to some some HW - I can take or leave. If they pretend to be something else - I'll run !! Linux and maybe BSD are the only ones that don't have those bindings - new platforms coming every day ASSUMING that some of these "IP" rights don't kill that freedom. ( just IMHO )
And people protecting their rights when companies ( corporations, individuals, gov., ) try to make the access to information difficult or even impossible ? And if THEY are mad on pirates why don't THEY go after them ( those terrible pirates, maybe terrorists? ) - why bother all and everyone ? You know - real pirates exist ( even in software world. ) Might that be too difficult or might there be some other reasons ? Where do you think it is easier to get the money - some real crooks or from big public ? This subject is so old..
And more - telcos that charge traffic don't charge ICMP - free !! data ! Actually it is very handy on wireless end to end, simple and more easy to use as your own control / auth mechanism - assuming you encrypt the payload..
My $0.02 - only reference I have is from middle 70s. Many insurance companies had a department that was doing just this - if you bought several insurances they run all kinds of weird statistics what more they (we) could sell them and we made offers, flyers, advertaizing, etc. based on that. It was fun to code those for 4.5 million customers having a lot of insurances. Especially cities, shipping companies, manufacturing - thousands of different kind of insurances but even some persons had up to 50! And an insurance is a product - so ?
Yes - SUN has made some contibutions BUT if you look back 40+ years nothing compares to IBM. IBM was great giving sources ( MFT, MVS, VM, DOS, and so on even earlier I have not much experience.. ) util the they were forced to comply to business process, i.e. you are not allowed to show your code. Yes - they were forced by gov. to hide the source code - unfair competition ?? You know what - since 60's show me one algorithm, method, style, idea, whatever that wasn't aroud then. OO, SOA, tiers, threads ( bad implementation of task ), ??? - old stuff ( WEB is different because there was no world wide network at that time - x.25 networks were too restricted BUT the ideas in WEB - not much new ), very old. Different marketing names, same stuff. How you implement those will always change but the basics are the same.
"It needs to have the software to do things like decision making, analysis, reasoning, evaluating, judging, information-organizing, learning, logic etc. which would normally require a human to perform." - a perfect political animal, sorry, computer. Missing the same qualifications.
The only problem with this kind of feedback is that I want to control when it is given ( by me ). Not when I receive an e-mail ( read confirmation, etc ), not when I read a document, not when I open a WEB site, etc.. I may not have time to deal with feedback - so, if I could select the time I aknowledge the e-mail, document, or whatever - then no problems. BUT feedback is important and very valuable. Wouldn't you like to know if someone is more than a little interested of whatever you delivere ?
Basically you are right - except that some things are much older than people usually know. I had a cell phone -82 - and hate them even today, no privacy, no family life if you are in computer business. Wireless - at that time supporting wireless devices for customs, etc.. So - not so new. What is in news or what is given to public is often old - the gov/mil world is often way ahead - years! It will not change - so, let's hope 2015 is better not worse. By the way - how old is the metric system, 100 years, 1000 years, older ?
Univac, EXEC 8 and TSO terminal, debugger that was able to do this and more - so the time goes.. "Univac 1108, 36-bit SMP.
Good, easy-to-use interactive mainframe OS.
DMA-speed terminals, with local command history.
``Master Catalogue'' on drum.
``Roll-in/Roll-out'' reduced disk-space requirements.
Files ``automatically'' copied from tape to disk on open.
Files automatically copied to tape when space needed, based on file usage.
Most OS code reentrant, shared between CPUs.
Single kernel data structure, work queues."
Seen it, been there.. Those ( the first post ) are the qualifications that make or break a company (IMHO ) Nothing much more to say - yes, lower level management needs some technical skills but asking if a manager can use Project, Excel or Visio or whatever is a wrong question. Besides - the secrataries do that and better than any untrained person can.
If you don't know what MQSeries can do, don't even think about this. MQSeries ( and on limited functionality MSQ ) are very powerfull systems. Now - getting some subsystem that has even a small part of those would be great - it would be a winner (IMHO)! I could use it now for my current project - assuming that our company gets out of this NIH ( not invented here ) mode. I'm good but the time is limited....
Slashdot Mirror
I don't know the early laws anywhere else in the world but in Europe ( countries I used to support ) there were laws to save every production verion in 70's. So - anytime you made one of the thousands production versions of an application it had to be saved for next 6-7 years, you were required to reproduce the same results later if the auditing required that or lose your business license. The systems did that authomatically - as a systems programmer / contractor I was responsible some of them and it worked. There were many ways to do that ( thanks to home grown or other systems like Pansofic Panvalet/Panexec or IBM file generations, etc.. ) So - nothing new, the toy systems are catching up (IMHO).
When are some manufactures like Dell, IBM, etc. offering a voice IP activated order / support / whatever services from a web site, click this and you will be connected? Might even bring the english speaking connections back! Of course, I already patented this business idea so I will get $0.10 each call - cheap !
"Even if it's not credible, it doesn't mean it's okay to leave networks unsecured." Very insightful ( IMHO ). Also, most of the comments are also insightful. IMHO "cyber terrorism" is real but maybe not in a way most people think. Yes - it is very easy to disrupt the internet and even other, more protected networks but all ( that I know ) important networks are protected with N number of backups, re-routes, other methods, etc.. anything else would be stupid. Unfortunately - we have politicians to make the decissions that belong to professionals. It slows down the process, it costs a lot extra, it makes some necessary procedures impossible, it (IMHO) mixes real and imaginary threats together, and so on. A question - wouldn't you trust your peers ( that you know ) to check your code / design / whatever.. instead of someone who has whatever own goal, not whatever the problems is ? Now - (IMHO again) most of the security people really think security, not how many voters or how much money they can gain. And with security I mean the whole pack - not just encryption, authentication, authorization, security checks, redundant nodes/lines, etc but also how to make things work IF anything happens, how to prevent anybody ( is a mentally ill person a terrorist ? ) causing more than a small local / not permanent problems. If you don't have an army and a lot of firepower - you can't take a nuclear plant down, you can't disrupt a power grid, etc.. assuming they are designed and not built based on some contractor design just for money ( have seen those - unfortunately! ). So - mostly I sleep very well.
One of ( if not the ) most insightful posts I have seen here. The old rule KISS ! Any and all systems should be designed to work with OR without computers. A computer is just a tool - my job, my profession, my paycheck, even my passion BUT anytime I see a system that will not work without computers ( slower, more pain, etc.. ) it is for me a failed design. Once again - this is insightful but unfortunately forgotten too many times. Now - of course, I'm a computer person and will never understand why these things are made so complicated - except maybe for money ??
I would even go a little further -
"Thus, my long standing position that there is no such thing as a "good" admin who hasn't also done some development work."
- not even admin, they used to be called operators but what do I know, we were called systems programmers not admins managing large installations.. have a nice day.
The (very) good part is that the syntax gets formalized. But the idea itself is old - anybody remember those basic simulation jobs where a ship goes from one harbour to another. The cargo changes, the crew changes, lines in/out, etc. but the base (the ship) was same. No need to code that, just change the properties and no need to know beforehand what for ex. the cargo is. Now - think a message in computer system, starts plain but the payload gets compressed, encrypted, enhanced, some pictures added, and so on - fail the delivery, no need to any clean up or rebuild, just take the base and in retry send it to the same route. Huge savings in coding, no need to hardcode properties, properties can change dynamically at any time, even the destination can change with no coding, etc.. And yes - old idea and coded many times over but this is the first time this type of higher abstraction in language itself. I have seen it done in assembler, Simula, LISP, Prolog, Delphi, C, PL/I, etc.. but always differently.
And a good point (IMHO). Unfortunately that seems to be the way. Some track record, 90% of people I ever (30+ years) have recommended to be hired are still working for same companies ( I moved? ), 99% I didn't recommend have left ( or booted! ). Very little technical questions, no use because technical knowledge is widely available, personality, curiosity, etc.. mean much more for any senior position - juniors should know the basics ( of course you don't even think hiring anybody with 10+ years SOA experience as HR is asking - or would you ? Or someone mixing up HA and clustering after reading MS sales docs ?? ). And tell me what you do if you get stuck with a technical or corporate decision you don't agree - that answer tells me a lot if you are ready or may need some education or there is no way I would work with you.
My $0.02 ( or even less.. ) but today I have to work with all the people having all kinds of certificates AND to teach them what's behind the button, a command, an API, and so on.. A little frustrating but then - sometimes some learn, sometimes not ( like today - gets you a little tired.. )
Can't actually blame the people, that's the trend. Of course I love more how it was done before - take a course on IBM ( pick your manufacturer ) and get the pass / fail "certificate". Now - it was a long time ago and I think the courses may have changed ( I hope not! ). The courses I'm talking were 24x7 internat courses over two ( or more ) weeks, covering anything from OS internals to how to sell the solution ( to customer or to your own boss ), a wrong / failed answer sent you back to learn it again, the teachers were people from real life ( field ) just teaching what they knew, the problems were real problems from every day life, etc.. Honestly - I can't see my co-workers going through that today - most go to sleep after 12h, some can take even 16h but not over two weeks.
And no course was to learn how the bits and bytes are ( that's your job ) but why they are that way and what are the caveats, strengts and weaknesses and how to use or to avoid those. As you can see, I miss the "old" times but what can you do ??
Play in computers, play with computers. And ( until proven wrong ) I agree to proffesional players ( and other proffesionals ), computers are good but not that good yet. In 80's ( boom on "AI" ) I used to write configuration programs based on "AI??". First, it took years to get most? knowledge to those systems and even then - a seasoned configuration specialist would do better work. The benefit was - the specialists are expensive, not needed in most cases, etc.. 9 out of 10 computer / network configuration is done by some (IMHO) MSEE or CTO or some other less knowledgeable person - and a end up very expensive disaster that someone has to fix later. Isn't it same here - there are no miracles, skills (still) win over any bot ( even in chess I think ). Some day maybe but not yet.
Nice to see some articles of real computers (IMHO). And I don't buy the comment of not enough people, let me explain. In our time ( showing my age ) we had basically zero computer education in schools/universities but for ex. IBM had excellent education and training - as today. And Univac (Unisys), Burroughs, Honeywell, etc. weren't (much) worse. The problem ( as I see it ) is that corporations don't use systems programmers any more so there is no reason for people to get all that knowledge and skills. In 70's / 80's systems programmers had to know how to negotiate next $5 million disk deal with IBM, how to figure out next years resources, HW, SW, personel, telco lines, installation elecricity and cooling, and in their spare time fight the application projects over utilizing the system when not busy doing sysgens, running fixes to the (alive) system, writing user (mostly assembler) exits to the system, debuging weird compiler problems, showing operators how to recover bad tapes with DITTO or how to change the printer chain and having other fun hobbies in their spare time ( and lots of beer!). And these were (are) big on-line systems 7x24 with thousands of users. So - it's not that fun any more ( is it? ), why should anybody even think it ? Much easier to specialize to Java, C# or whatever and to get the same ( or even better ) paycheck until moving to next company ? Where did I hear ?? You get what you pay and you get what you want ( be carefull what you want! ) - this to the companies / corporations, stop whining!
First time I miss that I don't have any points to give ( 5 already but anyway.. ). This is life - and life is risky - after you didn't slip in bathroom try to walk over a street and so on.. I fully agree - let's first do the tasks in hand but not forget to plan for next things to do. This subject is very common - we are just now ( one week from delivery ) stuck with requirements that the management refused even to to think six months ago - go figure ?? Doesn't this sound familiar to all ( most ) developers - space, computers, whatever ??
> Ummm, last time I checked, MOST corporate hacking was done from the INSIDE, NOT the Internet. K. Thanks.
> Really? Where does one "check" this?
No - you don't! Because it is not published anywhere. I lost count on 70's and 80's before I got tired of the whole business - internal fraud is huge but hidden, if you are a smaller player, you are fired and if you high enough you are either promoted or retired but no word ever gets out - bad publishity for company. So - as someoneone already said - old stuff.. And I have to agree on her ( Oracle ) answers - there is much more going on large systems than just some security bug - besides almost all bugs are security bugs if used that way.
"You just wrote possibly the most insightful post this story will see. thank you so much." Have to agree to that !! And I like it - " I had thought that it was widely known that OS X won't run on anything not sold by Apple as a Mac." Same with AIX, MVS, NKS ( you may know it as Tandem or Guardian ), etc.. If the manufacturer binds something (SW) to some some HW - I can take or leave. If they pretend to be something else - I'll run !! Linux and maybe BSD are the only ones that don't have those bindings - new platforms coming every day ASSUMING that some of these "IP" rights don't kill that freedom. ( just IMHO )
And people protecting their rights when companies ( corporations, individuals, gov., ) try to make the access to information difficult or even impossible ? And if THEY are mad on pirates why don't THEY go after them ( those terrible pirates, maybe terrorists? ) - why bother all and everyone ? You know - real pirates exist ( even in software world. ) Might that be too difficult or might there be some other reasons ? Where do you think it is easier to get the money - some real crooks or from big public ? This subject is so old..
And more - telcos that charge traffic don't charge ICMP - free !! data ! Actually it is very handy on wireless end to end, simple and more easy to use as your own control / auth mechanism - assuming you encrypt the payload..
My $0.02 - only reference I have is from middle 70s. Many insurance companies had a department that was doing just this - if you bought several insurances they run all kinds of weird statistics what more they (we) could sell them and we made offers, flyers, advertaizing, etc. based on that. It was fun to code those for 4.5 million customers having a lot of insurances. Especially cities, shipping companies, manufacturing - thousands of different kind of insurances but even some persons had up to 50! And an insurance is a product - so ?
Try this for a Tiger :
/ Corp_A_H_Tiger.asp/
http://www.exxonmobil.com/Corporate/About/History
Yes - SUN has made some contibutions BUT if you look back 40+ years nothing compares to IBM. IBM was great giving sources ( MFT, MVS, VM, DOS, and so on even earlier I have not much experience.. ) util the they were forced to comply to business process, i.e. you are not allowed to show your code. Yes - they were forced by gov. to hide the source code - unfair competition ?? You know what - since 60's show me one algorithm, method, style, idea, whatever that wasn't aroud then. OO, SOA, tiers, threads ( bad implementation of task ), ??? - old stuff ( WEB is different because there was no world wide network at that time - x.25 networks were too restricted BUT the ideas in WEB - not much new ), very old. Different marketing names, same stuff. How you implement those will always change but the basics are the same.
"It needs to have the software to do things like decision making, analysis, reasoning, evaluating, judging, information-organizing, learning, logic etc. which would normally require a human to perform." - a perfect political animal, sorry, computer. Missing the same qualifications.
The only problem with this kind of feedback is that I want to control when it is given ( by me ). Not when I receive an e-mail ( read confirmation, etc ), not when I read a document, not when I open a WEB site, etc.. I may not have time to deal with feedback - so, if I could select the time I aknowledge the e-mail, document, or whatever - then no problems.
BUT feedback is important and very valuable. Wouldn't you like to know if someone is more than a little interested of whatever you delivere ?
Basically you are right - except that some things are much older than people usually know. I had a cell phone -82 - and hate them even today, no privacy, no family life if you are in computer business. Wireless - at that time supporting wireless devices for customs, etc.. So - not so new. What is in news or what is given to public is often old - the gov/mil world is often way ahead - years! It will not change - so, let's hope 2015 is better not worse. By the way - how old is the metric system, 100 years, 1000 years, older ?
Univac, EXEC 8 and TSO terminal, debugger that was able to do this and more - so the time goes..
"Univac 1108, 36-bit SMP.
Good, easy-to-use interactive mainframe OS.
DMA-speed terminals, with local command history.
``Master Catalogue'' on drum.
``Roll-in/Roll-out'' reduced disk-space requirements.
Files ``automatically'' copied from tape to disk on open.
Files automatically copied to tape when space needed, based on file usage.
Most OS code reentrant, shared between CPUs.
Single kernel data structure, work queues."
Seen it, been there.. Those ( the first post ) are the qualifications that make or break a company (IMHO ) Nothing much more to say - yes, lower level management needs some technical skills but asking if a manager can use Project, Excel or Visio or whatever is a wrong question. Besides - the secrataries do that and better than any untrained person can.
If you don't know what MQSeries can do, don't even think about this. MQSeries ( and on limited functionality MSQ ) are very powerfull systems.
Now - getting some subsystem that has even a small part of those would be great - it would be a winner (IMHO)! I could use it now for my current project - assuming that our company gets out of this NIH ( not invented here ) mode. I'm good but the time is limited....
To the head of the nail. Like Enron ? Anyway - isn't that the model of the modern capitalism ?