Re: TRSMAIN AMATERSE
It is documented in the original patent as far as I can see, but I haven't looked in dept into both the patent and the java example: https://www.freepatentsonline.com/4814746.html But I'm not sure if that will give you enough information. It depends on what you are trying to achieve with the information I guess. On Sun, 13 Aug 2023 01:30:49 +, kekronbekron wrote: >Is the **algorithm** documented... you know, in words, with examples? > > >--- Original Message --- >On Saturday, August 12th, 2023 at 10:21 PM, Erik Janssen > wrote: > > >> See: >> https://github.com/openmainframeproject/tersedecompress >> >> Kind regards, >> Erik. >> >> >> On Sat, 12 Aug 2023 05:19:43 +, kekronbekron kekronbek...@protonmail.com >> wrote: >> >> > By any chance, is the algorithm for tersing/untersing publicly available? >> > >> > -- >> > For IBM-MAIN subscribe / signoff / archive access instructions, >> > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN >> >> >> -- >> For IBM-MAIN subscribe / signoff / archive access instructions, >> send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > >-- >For IBM-MAIN subscribe / signoff / archive access instructions, >send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ransomware on z
Bob, Few days ago a hospital in central Israel got a ransomware attack by a group of hackers named Block Shadow. Two years ago another hospital was attacked. The total cost of recovering (nothing paid to the attacking group afaik) was estimated about 36 million ILS, about $10 Million USD. ITschak *| **Itschak Mugzach | Director | SecuriTeam Software **|** IronSphere Platform* *|* *Information Security Continuous Monitoring for Z/OS, zLinux and IBM I **| * *|* *Email**: i_mugz...@securiteam.co.il **|* *Mob**: +972 522 986404 **|* *Skype**: ItschakMugzach **|* *Web**: www.Securiteam.co.il **|* On Sun, Aug 13, 2023 at 7:24 AM Bob Bridges wrote: > I've a favorite author who points out that criminals mostly are optimists. > They think everyone else is a sucker and they're smarter than everyone > else, > they therefore think they can't get caught, and they risk 12 years in > prison > for a haul they could get with a mere eight months of honest work. > > --- > Bob Bridges, robhbrid...@gmail.com, cell 336 382-7313 > > /* Now if you're destined to have a not very interesting life -- and I was > so destined -- the next best thing, if you're going to be a writer, is to > have a huge family. ...when you're the only pea in the pod, your parents > are likely to get you confused with the Hope Diamond. And that encourages > you to talk too much. -columnist Russell Baker on listening skills */ > > -Original Message- > From: IBM Mainframe Discussion List On Behalf > Of > Phil Smith III > Sent: Saturday, August 12, 2023 16:13 > > This falls into the category of "things I just don't get": if that had been > me, I'd've woken up every single morning wondering if this was the day that > my access would be gone, and whether there was about to be a loud knock on > the door (at least). Yes, I know, this wasn't in the U.S. so the cops would > have been less violent, but still-if I were out committing crimes, I'd want > them to be over as soon as possible so I could continue on with my life, > knowing that there was some chance of evidence leading to me, but not with > a > continuous, live channel leading back to me! > > -- > For IBM-MAIN subscribe / signoff / archive access instructions, > send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN > -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ransomware on z
My father was a journalist, and about twice a decade he would write a feature article on scams. I was shocked at the fact that criminals could successfully use well known ancient scams instead of inventing new ones. I would have naíevely thought that nobody in this day and age would fall for the, e.g., Bank Examiner, Pigeon Drop, but, alas, they do. The same applies to security breaches; I can understand getting caught by a day zero exploit, but why are people getting caught by things we've known about for decades? -- Shmuel (Seymour J.) Metz http://mason.gmu.edu/~smetz3 From: IBM Mainframe Discussion List [IBM-MAIN@LISTSERV.UA.EDU] on behalf of Bob Bridges [robhbrid...@gmail.com] Sent: Sunday, August 13, 2023 12:24 AM To: IBM-MAIN@LISTSERV.UA.EDU Subject: Re: ransomware on z I've a favorite author who points out that criminals mostly are optimists. They think everyone else is a sucker and they're smarter than everyone else, they therefore think they can't get caught, and they risk 12 years in prison for a haul they could get with a mere eight months of honest work. --- Bob Bridges, robhbrid...@gmail.com, cell 336 382-7313 /* Now if you're destined to have a not very interesting life -- and I was so destined -- the next best thing, if you're going to be a writer, is to have a huge family. ...when you're the only pea in the pod, your parents are likely to get you confused with the Hope Diamond. And that encourages you to talk too much. -columnist Russell Baker on listening skills */ -Original Message- From: IBM Mainframe Discussion List On Behalf Of Phil Smith III Sent: Saturday, August 12, 2023 16:13 This falls into the category of "things I just don't get": if that had been me, I'd've woken up every single morning wondering if this was the day that my access would be gone, and whether there was about to be a loud knock on the door (at least). Yes, I know, this wasn't in the U.S. so the cops would have been less violent, but still-if I were out committing crimes, I'd want them to be over as soon as possible so I could continue on with my life, knowing that there was some chance of evidence leading to me, but not with a continuous, live channel leading back to me! -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ransomware on z
Charles Mills added: >The long periods of bad guy access are typical. You read most of the >breach stories the attack unfolded over weeks or months. The hackers >talk about pwning (owning) a group of servers. Oh, I know. I was just noting that I cannot imagine dealing with that kind of ongoing stress. As noted, I suppose this means I'm not cut out for that life! -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ransomware on z
Seems likely to me that every half-decent scam, without exception, will find gulls in every new generation. Not quite the same thing, but I remember a comment on a bulletin board during one of the wars that sprang up in southern Africa after the white government in South Africa fell and was taken over by the locals. I don't remember her identity, but I pictured her as a young woman just from her comment: "I don't understand. Didn't me learn anything from Viet Nam?!" "Viet Nam?", I asked myself incredulously. Why Viet Nam? Did we learn anything from the Korean conflict, from the American civil war, the 100 Years' war, the Peloponnesian war, from Cain vs Abel? Why does this young thing expect that Viet Nam would finally be the War to End All Wars? Same thing here. Every generation has to learn all over again. --- Bob Bridges, robhbrid...@gmail.com, cell 336 382-7313 /* Times will change and even reverse many of your present opinions. Refrain, therefore, awhile from setting yourself up as a judge of the highest matters. -Plato */ -Original Message- From: IBM Mainframe Discussion List On Behalf Of Seymour J Metz Sent: Sunday, August 13, 2023 07:00 My father was a journalist, and about twice a decade he would write a feature article on scams. I was shocked at the fact that criminals could successfully use well known ancient scams instead of inventing new ones. I would have naíevely thought that nobody in this day and age would fall for the, e.g., Bank Examiner, Pigeon Drop, but, alas, they do. The same applies to security breaches; I can understand getting caught by a day zero exploit, but why are people getting caught by things we've known about for decades? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ransomware on z
Mixing fact & fiction. Interesting. Sent from Yahoo Mail for iPhone On Sunday, August 13, 2023, 2:23 PM, Bob Bridges wrote: Seems likely to me that every half-decent scam, without exception, will find gulls in every new generation. Not quite the same thing, but I remember a comment on a bulletin board during one of the wars that sprang up in southern Africa after the white government in South Africa fell and was taken over by the locals. I don't remember her identity, but I pictured her as a young woman just from her comment: "I don't understand. Didn't me learn anything from Viet Nam?!" "Viet Nam?", I asked myself incredulously. Why Viet Nam? Did we learn anything from the Korean conflict, from the American civil war, the 100 Years' war, the Peloponnesian war, from Cain vs Abel? Why does this young thing expect that Viet Nam would finally be the War to End All Wars? Same thing here. Every generation has to learn all over again. --- Bob Bridges, robhbrid...@gmail.com, cell 336 382-7313 /* Times will change and even reverse many of your present opinions. Refrain, therefore, awhile from setting yourself up as a judge of the highest matters. -Plato */ -Original Message- From: IBM Mainframe Discussion List On Behalf Of Seymour J Metz Sent: Sunday, August 13, 2023 07:00 My father was a journalist, and about twice a decade he would write a feature article on scams. I was shocked at the fact that criminals could successfully use well known ancient scams instead of inventing new ones. I would have naíevely thought that nobody in this day and age would fall for the, e.g., Bank Examiner, Pigeon Drop, but, alas, they do. The same applies to security breaches; I can understand getting caught by a day zero exploit, but why are people getting caught by things we've known about for decades? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: The ultimate (another one!) definition of mainframe
> On Saturday, August 12, 2023 at 05:54:10 PM PDT, Grant Taylor wrote: >>On 8/7/23 12:26 PM, Jon Perryman wrote: >> Was it a smart decision for IBM to sell the software that became Microsoft? > Please clarify what IBM sold to Microsoft. > - Microsoft had (MS-)DOS independent of and without IBM. > - Microsoft had a non-exclusive deal with IBM and therefor was allowed > to sell it to whomever they wanted, including directly as MS-DOS. Stories vary widely but the most prevalent can be seen at https://youtu.be/Qc5khH5gllg?t=339 which I positioned around the relevant time. The story goes that MS-DOS did not exist at that time and IBM could have required exclusive rights but instead intentionally gave up it's exclusive rights to MS-DOS for $0 during negotiations. On Saturday, August 12, 2023 at 05:54:10 PM PDT, Grant Taylor <023065957af1-dmarc-requ...@listserv.ua.edu> wrote: On 8/7/23 12:26 PM, Jon Perryman wrote: > Was it a smart decision for IBM to sell the software that became > Microsoft? Please clarify what IBM sold to Microsoft. My understanding is that Microsoft, an existing but small company, came to IBM and said "here, we have an operating system for the IBM PC that you are developing, would you like to license copies from us for each unit that you sell?". Specifically: - Microsoft had (MS-)DOS independent of and without IBM. - Microsoft had a non-exclusive deal with IBM and therefor was allowed to sell it to whomever they wanted, including directly as MS-DOS. Given your following statement, I doubt that you are referring to OS/2 in your previous statement. > How about creating OS/2 a few years later to fill the void they sold? My understanding was that IBM and Microsoft co-developed OS/2 ostensibly as a DOS successor. One of the partners decided to end the partnership. I'm not aware of Microsoft purchasing any rights from IBM at the time as Microsoft went on to develop Windows NT partially based on OS/2. IBM went on to develop and enhance OS/2. So I ask again, please clarify what did IBM sell to Microsoft in the context of this thread. Grant. . . . -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: ransomware on z
Responding primarily to Tony, I'll just say that when an adversary (internal or external) gains control over the PC that the privileged storage administrator uses, particularly when there's no true multi-factor authentication in the loop, then it's probably "game over." — Timothy Sipples Senior Architect Digital Assets, Industry Solutions, and Cybersecurity IBM zSystems/LinuxONE, Asia-Pacific sipp...@sg.ibm.com -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: USS Features
> On Monday, August 7, 2023 at 04:33:24 PM PDT, Andrew Rowley > wrote: > It comes back to the question I asked earlier - how much space is it > reasonable to use *to do your job* before you have to get the storage > admin involved? Since you put it that way, I've got to say are you insane. The storage admin based his decision on things called facts. He is responsible for storage and his decision is final until his management tells him otherwise. I suggest you inform your company CEO that all decisions must go through you. On Monday, August 7, 2023 at 04:33:24 PM PDT, Andrew Rowley wrote: On 8/08/2023 12:56 am, Jon Perryman wrote: > It's absurd to allow everyone to do Proof Of Concept on z/OS. Are all POC > vital to the business? Are POCs disruptive to the business? "me" mentality > ignores the impact on everyone else. In this case, you're saying the storage > admin is not impacted when clearly that's not the case. It comes back to the question I asked earlier - how much space is it reasonable to use *to do your job* before you have to get the storage admin involved? There can be good reasons to do it on z/OS, e.g. the source data is already on the system, data security on other platforms etc. There is some irony in the contradiction between "z/OS because of its I/O capabilities" and "100GB! Whoa! Be reasonable!" -- Andrew Rowley Black Hill Software -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: USS Features
> On Saturday, August 12, 2023 at 06:04:55 PM PDT, Grant Taylor wrote: > These statements cause me to pause. They seem somewhat antithetical to > welcoming and encouraging people to use the mainframe / z/OS. > Why is it absurd to allow everyone to do a Proof Of Concept on z/OS? You're confusing z/OS with Unix where all programmers are systems programmers who can do anything they want. z/OS is NOT about be welcoming and encouraging. It's about what's best for the business. Your on a multi-million dollar computer shared by thousands. As a business programmer (not Unix sysprog), you're not qualified nor authorized to make these decisions. Programmers leave z/OS for Unix in order to be in full control. Why do you think it's difficult to get z/OS programmers. On Saturday, August 12, 2023 at 06:04:55 PM PDT, Grant Taylor <023065957af1-dmarc-requ...@listserv.ua.edu> wrote: On 8/7/23 9:56 AM, Jon Perryman wrote: > It's absurd to allow everyone to do Proof Of Concept on z/OS. Are > all POC vital to the business? Are POCs disruptive to the business? These statements cause me to pause. They seem somewhat antithetical to welcoming and encouraging people to use the mainframe / z/OS. Why is it absurd to allow everyone to do a Proof Of Concept on z/OS? Is there anything about z/OS that would cause you to worry about the security and stability of the system? Do you not trust a tiny VM / LPAR running a test instance of z/OS with absolutely minimal resources explicitly for such PoCs? I'd think that it would be a huge win for the platform to try to get more people to do things on it. No, not all PoCs are vital to the business. But I think that it's difficult to tell if any given PoC is vital until /after/ it has been tested. I suspect that there were people that thought that TCP/IP wasn't vital to the system back in SNA's heyday. Yet here we are 20+ years later and the idea of having any system without a TCP/IP stack is unthinkable. How long would TCP/IP for the mainframe have been delayed if someone didn't allow such a PoC until /after/ evidence showed that it was needed. I sincerely doubt that operators /needed/ to create programs that printed interesting things to printers after hours. But I suspect that many learned a thing or two about the system while doing so. I would sincerely hope that VM / LPAR could contain anything running in a tiny z/OS instance such that it couldn't be disruptive to the system. Or, if it was somehow disruptive to the system, that might be a good indicator that something needs to be tuned or a bug needs to be fixed thereby enhancing the larger mainframe z/OS / z/VM community. I think that encouraging people to do things on the mainframe / z/OS is a *GOOD* thing. Grant. . . . -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
