Re: EBCDIC and the P-Bit
From: Mike Schwab mike.a.sch...@gmail.com Date: Thu, 20 Jun 2013 12:34:59 -0500 Posted link on http://en.wikipedia.org/wiki/EBCDIC#External_links Thanks, Mike. I did see the EBCDIC article, but I did not notice the link near the bottom. But I think this merits a separate article, and I might just post it. After all, I can copy/paste with the best of them! -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
So, this is going to sound extremely naïve, but I wonder if having EBCDIC instead of ASCII helped make IBM mainframe OS less penetrable to hackers. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
Neither EBCDIC nor ASCII is a very good SBCS, but this is in some considerable measure because no SBCS can be a very good one. 256 code points is not enough. For the usual reasons, talked about here in other contexts in recent days, the industry has been resistant to adopting DBCSs and MBCSs; but their day is coming, ineluctably. Much of the problem stems from the presence of too many monoglot anglophones, francophones, etc., in the world. They project their provincialities onto the functional specifications of the systems they work on. That said, ASCII poses as many problems in an EBCDIC environment as does EBCDIC in an ASCII one; and both sets of them have been much exaggerated. Chomsky is right that translation is not in general possible; but in this special case it almost always is. John Gilmore, Ashland, MA 01721 - USA -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
Actually I would say its that the Operating system has been in 'development'/available for more then 50 years. more time to get it right. Then is the aspect that in the earlier years there was less of a push for getting out the door, because there was not the same level of competition. The aspect of the Character set (codepage) would have little effect. If there was money to be had, Hackers would try to get at it. On 2013-06-21 10:00 AM, Roland Kinsman wrote: So, this is going to sound extremely naïve, but I wonder if having EBCDIC instead of ASCII helped make IBM mainframe OS less penetrable to hackers. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- Robert Galambos CIPP/C, CIPP/IT, IBM DB2 DBA for z/OS Email: rgalam...@gmail.com Blog:http://robertdataprivacytesting.blogspot.ca/ LinkedIn:http://ca.linkedin.com/in/robertgalambos/ Objective: Senior Pre-Sales Technical Professional Consultant delivers Client Satisfaction with Technical Expertise Dynamic Energy Skills: Implemented Data Privacy strategies and processes, product positioning to achieve territory sales and increase market share within managed care markets. Sr. Pre-Sales Consultant with more than $2 MM sales yearly. Serviced, retained, and expanded major accounts Dedicated, Self-Starter, Dependable, 'Go to' person On Fri, Jun 21, 2013 at 9:57 AM, Roland Kinsman rjkins...@hotmail.comwrote: From: Mike Schwab mike.a.sch...@gmail.com Date: Thu, 20 Jun 2013 12:34:59 -0500 Posted link on http://en.wikipedia.org/wiki/EBCDIC#External_links Thanks, Mike. I did see the EBCDIC article, but I did not notice the link near the bottom. But I think this merits a separate article, and I might just post it. After all, I can copy/paste with the best of them! -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
rjkins...@hotmail.com (Roland Kinsman) writes: So, this is going to sound extremely naïve, but I wonder if having EBCDIC instead of ASCII helped make IBM mainframe OS less penetrable to hackers. re: http://www.garlic.com/~lynn/2013i.html#3 Ported Tools - Unix 1) lots of attacks are proportional to number of deployed machines (and public coverage of such attacks tends to be proportional to number of machines). 2) lots of attacks are value of the expected returns making big financial industry mainframes attractive targets. the financial industry is extremely publicity adverse about such attacks ... lots will not be made public. at financial industry critical infrastructure meetings ... one of the biggest issues was insisting that any information sharing would not be subject to FISA. https://www.fsisac.com/about critical infrastructure protection http://en.wikipedia.org/wiki/Critical_infrastructure_protection we were also tangentially involved in the cal. state data breach notification legislation (the original, many other states have passed similar legislation since then). the issue was that little or nothing was being done ... normally entities take security measures in self-protection ... in the case of many of the data breaches, the institutions with the breaches had nothing at risk ... it was individuals. there was some hope that the publicity resulting from the notifications would result in institutions taking corrective actions (as well as allowing individuals to take countermeasures ... like closing account). however, account from long ago and far away (note I didn't learn about these guys until much later) http://web.archive.org/web/20090117083033/http://www.nsa.gov/research/selinux/list-archive/0409/8362.shtml one the installations became quite active in SHARE and their installation code was CAD (cloak-and-dagger) ... also shows up in vmshare archives http://vm.marist.edu/~vmshare misc. other recent posts mentioning P-bit http://www.garlic.com/~lynn/2013.html#56 New HD http://www.garlic.com/~lynn/2013b.html#72 One reason for monocase was Re: Dualcase vs monocase. Was: Article for the boss http://www.garlic.com/~lynn/2013c.html#14 What Makes an Architecture Bizarre? http://www.garlic.com/~lynn/2013e.html#61 32760? -- virtualization experience starting Jan1968, online at home since Mar1970 -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
On Fri, 21 Jun 2013 09:00:36 -0500, Roland Kinsman wrote: I wonder if having EBCDIC instead of ASCII helped make IBM mainframe OS less penetrable to hackers. The character encoding that is used is irrelevant. The thing that makes an operating system less penetrable is a design that is based upon system integrity. From the earliest design of the System/360, there have always been two kinds of instructions: privileged and non-privileged. Storage protection further enhances the ability for an operating system to protect itself. When MVS was first released in 1973, IBM issued a statement of integrity that has been maintained ever since. You can find some information about it at http://www-03.ibm.com/systems/z/os/zos/features/racf/zos_integrity_statement.html -- Tom Marchant -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
re: http://www.garlic.com/~lynn/2013i.html#3 Ported Tools - Unix http://www.garlic.com/~lynn/2013i.html#10 EBCDIC and the P-Bit of course there was also some amount of rivalry between the 5th flr (multics) and 4th flr (cp/67). they (also) had a lot of very security oriented customers. recent reference to IBM research report Thirty Years Later: Lessons from the Multics Security Evaluation: http://www.garlic.com/~lynn/2013h.html#35 Some Things Never Die can now be found here http://www.acsac.org/2002/papers/classic-multics.pdf original evaluation: http://csrc.nist.gov/publications/history/karg74.pdf one of the points was the Multics was implemented in PLI and lacked the common vulnerabilities that are epidemic in C-language based software. http://en.wikipedia.org/wiki/Multics specifically related to exploits in networking ... the original mainframe tcp/ip product had been implemented in vs/pascal ... and also had none of the common vulnerabilities and exploits that are epidemic in C-language based implementations. part of the rivalry was number of sites (list of all Multics installations) http://www.multicians.org/sites.html one of my hobbies was production systems for internal datacenters ... first with cp/67 and then moved to vm370 with csc/vm. It wasn't fair to compare numbers with actual vm370 customers or even total internal vm370 customers ... so the comparison was just the number of csc/vm installations with total Multics customers (with peak csc/vm internal installations possibly 50% larger than total Multics customers). One of Multics premier sites was AFDS (#71 on above list). so it was *fun* when AFDS was looking at 210 vm370 systems ... old email posted in multics discussion group http://www.garlic.com/~lynn/2001m.html#email790404 above mentions that they were original looking for 20 ... but further explanation in this post has it increasing to 210 http://www.garlic.com/~lynn/2001m.html#15 departmental servers -- virtualization experience starting Jan1968, online at home since Mar1970 -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
In 8709522170369998.wa.m42tomibmmainyahoo@listserv.ua.edu, on 06/21/2013 at 09:34 AM, Tom Marchant m42tom-ibmm...@yahoo.com said: The character encoding that is used is irrelevant. The thing that makes an operating system less penetrable is a design that is based upon system integrity. From the earliest design of the System/360, there have always been two kinds of instructions: privileged and non-privileged. Storage protection further enhances the ability for an operating system to protect itself. OS/360 was a swiss chees, but, as you noted, not because of the character set. 05F0 0A0C -- Shmuel (Seymour J.) Metz, SysProg and JOAT Atid/2http://patriot.net/~shmuel We don't care. We don't have to care, we're Congress. (S877: The Shut up and Eat Your spam act of 2003) -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
On 6/21/2013 1:07 PM, Shmuel Metz (Seymour J.) wrote: OS/360 was a swiss chees, but, as you noted, not because of the character set. 05F0 0A0C Just 0A0C will do it, but unfortunately it takes (nearly) forever - I tried it once, either on a 360/50 or 65, and it took just over four hours to get the E04. (and the time wasn't wasted - I studied microfiche in the interim, and needed to IPL anyway) Gerhard Postpischil Bradford, Vermont -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
On 6/21/2013 10:00 AM, Roland Kinsman wrote: So, this is going to sound extremely naïve, but I wonder if having EBCDIC instead of ASCII helped make IBM mainframe OS less penetrable to hackers. As Shmuel noted, early S/360 operating systems had very little protection. The earliest lacked storage protection. OS/360 had a PASSWORD mechanism; unfortunately access to a password protected data set required entering the password on an operator's console in clear text, thus making it less than secure. Gerhard Postpischil Bradford, Vermont -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
I remember the 'security paper' CIA published after MVS got B1 rating. There was a tuning paper that came out about the same time. One was green and one was yellow. Anyway, long story short, last paragraph in security report says if it's attached to a network none of this applies In a message dated 6/21/2013 9:00:43 A.M. Central Daylight Time, rjkins...@hotmail.com writes: IBM mainframe OS less penetrable to hackers -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
efinnel...@aol.com (Ed Finnell) writes: I remember the 'security paper' CIA published after MVS got B1 rating. There was a tuning paper that came out about the same time. One was green and one was yellow. Anyway, long story short, last paragraph in security report says if it's attached to a network none of this applies re: http://www.garlic.com/~lynn/2013i.html#3 Ported Tools - Unix http://www.garlic.com/~lynn/2013i.html#10 EBCDIC and the P-Bit http://www.garlic.com/~lynn/2013i.html#11 EBCDIC and the P-Bit the science center did a port of apl\360 to cp/67-cms for cms\apl and made it available on the science center cp/67-cms system (in addition to marketing to customers). cms\apl opened up apl to real-world applications with both virtual memorye sized workspaces (most apl\360 systems limited workspace size to 16kbytes) and system call APIs (being able to do things like file opertaions). remote users in armonk started using it for business modeling and loaded the most valuable and holiest of corporate assets on the science center cp/67-cms system. this required some security considerations since the science center allowed remote dialins and access by staff and students from educational institutions in the boston/cambridge area. -- virtualization experience starting Jan1968, online at home since Mar1970 -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
EBCDIC and the P-Bit
From... Re: Ported Tools - Unix old reference that EBCDIC was one of the biggest goofs for 360 ... was supposed to have been ascii ... EBCDIC and the P-Bit (The Biggest Computer Goof Ever) http://www.bobbemer.com/P-BIT.HTM This is fascinating. Someone should put this on Wikipedia. -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN
Re: EBCDIC and the P-Bit
On Thu, Jun 20, 2013 at 10:28 AM, Roland Kinsman rjkins...@hotmail.com wrote: deleted http://www.bobbemer.com/P-BIT.HTM This is fascinating. Someone should put this on Wikipedia. Posted link on http://en.wikipedia.org/wiki/EBCDIC#External_links -- Mike A Schwab, Springfield IL USA Where do Forest Rangers go to get away from it all? -- For IBM-MAIN subscribe / signoff / archive access instructions, send email to lists...@listserv.ua.edu with the message: INFO IBM-MAIN